5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {r7}, {}, {}, {0x0, r8}, {r6}, {0x0, r8}, {0x0, r8}, {}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:33 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
recvfrom$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

[  963.312920][ T5107] FAULT_INJECTION: forcing a failure.
[  963.312920][ T5107] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  963.326007][ T5107] CPU: 0 PID: 5107 Comm: syz-executor.1 Not tainted 5.15.0-rc2-syzkaller #0
[  963.334673][ T5107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  963.344719][ T5107] Call Trace:
[  963.347993][ T5107]  dump_stack_lvl+0xd6/0x122
[  963.352670][ T5107]  dump_stack+0x11/0x1b
[  963.356808][ T5107]  should_fail+0x23c/0x250
[  963.361276][ T5107]  should_fail_usercopy+0x16/0x20
[  963.365253][ T5105] 9pnet: Insufficient options for proto=fd
[  963.366292][ T5107]  copy_page_from_iter_atomic+0x2c1/0xbb0
[  963.377802][ T5107]  generic_perform_write+0x201/0x3e0
[  963.383134][ T5107]  ? ext4_da_write_begin+0x7f0/0x7f0
[  963.388414][ T5107]  ext4_buffered_write_iter+0x305/0x400
[  963.394057][ T5107]  ext4_file_write_iter+0xe79/0x11f0
[  963.399372][ T5107]  aio_write+0x2b4/0x390
[  963.403617][ T5107]  io_submit_one+0x86f/0x13b0
[  963.408295][ T5107]  __se_sys_io_submit+0x105/0x270
[  963.413322][ T5107]  __x64_sys_io_submit+0x3f/0x50
[  963.418261][ T5107]  do_syscall_64+0x44/0xa0
[  963.422679][ T5107]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  963.428663][ T5107] RIP: 0033:0x7f2c6ce8a709
[  963.433073][ T5107] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  963.435311][    C1] sd 0:0:1:0: tag#5080 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  963.452716][ T5107] RSP: 002b:00007f2c6ac02188 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  963.452736][ T5107] RAX: ffffffffffffffda RBX: 00007f2c6cf8ef60 RCX: 00007f2c6ce8a709
[  963.452747][ T5107] RDX: 0000000020000540 RSI: 000000000000003b RDI: 00007f2c6abd9000
[  963.452759][ T5107] RBP: 00007f2c6ac021d0 R08: 0000000000000000 R09: 0000000000000000
[  963.462550][    C1] sd 0:0:1:0: tag#5080 CDB: opcode=0xe5 (vendor)
[  963.470911][ T5107] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
02:27:33 executing program 5:
r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x107600, 0x0)
r1 = openat(r0, &(0x7f0000000040)='./file0\x00', 0x47a680, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
fcntl$setlease(r1, 0x400, 0x2)
recvfrom$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

02:27:33 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:33 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',dfltgid=', @ANYRESHEX=0x0])

02:27:33 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  963.478884][    C1] sd 0:0:1:0: tag#5080 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  963.486819][ T5107] R13: 00007ffe6923ec8f R14: 00007f2c6ac02300 R15: 0000000000022000
[  963.488530][ T5112] loop4: detected capacity change from 0 to 87
[  963.494828][    C1] sd 0:0:1:0: tag#5080 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  963.541268][    C1] sd 0:0:1:0: tag#5080 CDB[20]: ba
02:27:33 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
setsockopt$packet_int(r0, 0x107, 0x11, &(0x7f0000000040), 0x4)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r0, r0, &(0x7f0000000080)=0x9, 0x3024784c)
lsetxattr$trusted_overlay_redirect(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), &(0x7f0000000140)='./file0\x00', 0x8, 0x1)
fcntl$setlease(r0, 0x400, 0x2)
recvfrom$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

02:27:33 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:33 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',dfltgid=', @ANYRESHEX=0x0])

02:27:33 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}]) (fail_nth: 35)

02:27:33 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:33 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
fcntl$setlease(r0, 0x400, 0x2)

[  963.737996][ T5144] FAULT_INJECTION: forcing a failure.
[  963.737996][ T5144] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  963.751247][ T5144] CPU: 0 PID: 5144 Comm: syz-executor.1 Not tainted 5.15.0-rc2-syzkaller #0
[  963.759915][ T5144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  963.769960][ T5144] Call Trace:
[  963.773235][ T5144]  dump_stack_lvl+0xd6/0x122
[  963.777829][ T5144]  dump_stack+0x11/0x1b
[  963.782028][ T5144]  should_fail+0x23c/0x250
[  963.786450][ T5144]  __alloc_pages+0x102/0x320
[  963.791117][ T5144]  alloc_pages+0x382/0x3d0
[  963.795596][ T5144]  __page_cache_alloc+0x4d/0xf0
[  963.800448][ T5144]  pagecache_get_page+0x5fe/0x910
[  963.805477][ T5144]  grab_cache_page_write_begin+0x3f/0x70
[  963.811182][ T5144]  ext4_da_write_begin+0x2f9/0x7f0
[  963.816303][ T5144]  ? iov_iter_fault_in_readable+0x244/0x290
[  963.822260][ T5144]  generic_perform_write+0x1b8/0x3e0
[  963.827552][ T5144]  ? ext4_da_write_begin+0x7f0/0x7f0
[  963.832843][ T5144]  ext4_buffered_write_iter+0x305/0x400
[  963.838394][ T5144]  ext4_file_write_iter+0xe79/0x11f0
[  963.843735][ T5144]  aio_write+0x2b4/0x390
[  963.847979][ T5144]  io_submit_one+0x86f/0x13b0
[  963.852658][ T5144]  __se_sys_io_submit+0x105/0x270
[  963.857767][ T5144]  __x64_sys_io_submit+0x3f/0x50
[  963.862705][ T5144]  do_syscall_64+0x44/0xa0
[  963.867123][ T5144]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  963.873025][ T5144] RIP: 0033:0x7f2c6ce8a709
[  963.877440][ T5144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  963.897049][ T5144] RSP: 002b:00007f2c6ac02188 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  963.905460][ T5144] RAX: ffffffffffffffda RBX: 00007f2c6cf8ef60 RCX: 00007f2c6ce8a709
[  963.913425][ T5144] RDX: 0000000020000540 RSI: 000000000000003b RDI: 00007f2c6abd9000
[  963.921466][ T5144] RBP: 00007f2c6ac021d0 R08: 0000000000000000 R09: 0000000000000000
[  963.929452][ T5144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  963.937416][ T5144] R13: 00007ffe6923ec8f R14: 00007f2c6ac02300 R15: 0000000000022000
02:27:34 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {r7}, {}, {}, {0x0, r8}, {r6}, {0x0, r8}, {0x0, r8}, {}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:34 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',dfltgid=', @ANYRESHEX=0x0])

02:27:34 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:34 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x125)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
fcntl$setlease(r0, 0x400, 0x2)
recvfrom$inet(r0, 0x0, 0x0, 0x2001, 0x0, 0x0)

02:27:34 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',dfltgid=', @ANYRESHEX=0x0])

02:27:34 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
r1 = syz_mount_image$msdos(&(0x7f0000000100), &(0x7f0000000140)='./file0\x00', 0x2, 0x5, &(0x7f0000000480)=[{&(0x7f0000000180)="78fc91eedb3ab475e2b15567f93e2ea8ec2f4868a6df1e59", 0x18, 0xfffffffffffffffb}, {&(0x7f00000001c0)="ab4d0eb88e907f0c15c22876688e851dbcb203ca94d40e0009495be340617425e930d8501315173a65607f2ce4f7e34b3ff5657f504c93a878764e958c9e35a80b74e72f88e1dc66a49e204d3adf7c0d9ac4243be6fc757670941919719c48cf8231860eaa871c", 0x67, 0x8000}, {&(0x7f0000000240)="c88fc20b5af5ac504a535f555baed0907d7d78dac457f782dcbc746b47a46041dc0845360a9a4176f5d687cb15e80f350388a383e24a5a40df38b3b26803477c2b1a29924aaa42deb66743f834464f1f7fb29fe6f491e84322a79ccfb30f4d9f399e8f38e445c69013f8a823a33f72bfce7844d97c37f64bf10a9b20387766d18be839e625bcfb9f0f1cdfc57f84e2ca1a0c12fe8e17433678b123cb20d279468bfcbc288a8028cfc37312ff23a3745160436aaded76afd440687e6df513ac18890ac75b90ee22f855d8ee2cb7d07b2cd4a74da4dc0ad6b61408339afc5ef75363f8f7f7d99021906244514f177321ae2232eab08f", 0xf5, 0xfff}, {&(0x7f0000000340)="3a88556dc9b43ae4ea8611fb56c5f632595e4b2c5c05a99ab0bddd7f4f6f6cfa4f7ef1826de384fb26892370c8e426b0acf369bfc093ea2b439b905e51fbfcc5c3c64f5c2b57c58f2bec44d29ac612dcd940297200b2e3d2ae4f9c08c37d646b54ea88afa0262a9f956b9d6dd7b00658234f6ccfadd35812d936670c4b9fff49e506eba3f85ad9cde1991929e951b13fe7a658edc501ca593228e11ba17b30389693b2a256", 0xa5, 0x602d}, {&(0x7f0000000400)="7703156c0af6fb11092059b6b3ae5c6291042b77e7d0b108ff479470b82e75c42c25151af9a395456405a9ab3fe76be579685c1c0ff383fb63324b6fb7cec520c5a2a172b18687599c37528abbb9dd9d90de6125fd7e849ec17b365a8fe4b0e7ca24b92dbdddca521f4fe791283abcd97d9953b1ac", 0x75, 0xb8}], 0x8a75d6148008616f, &(0x7f0000000500)={[{@dots}, {@nodots}, {@nodots}, {@fat=@sys_immutable}, {@nodots}, {@fat=@dos1xfloppy}, {@nodots}], [{@subj_type={'subj_type', 0x3d, '\\{'}}, {@permit_directio}, {@obj_user={'obj_user', 0x3d, '$#^'}}, {@euid_gt={'euid>', 0xffffffffffffffff}}, {@subj_user={'subj_user', 0x3d, ',\xa8'}}, {@euid_gt={'euid>', 0xee00}}, {@seclabel}, {@fsname}, {@obj_user={'obj_user', 0x3d, '\"-\\){,\'-'}}, {@subj_role}]})
vmsplice(r1, &(0x7f00000008c0)=[{&(0x7f0000000600)}, {&(0x7f0000000640)="5155f9bc12c1817f10ac0c38e8902414d5c27f57154652884b5f11f696e72d26c7b0ca14b0a2a5a5ee3bc1a11c1902da57eecf215f7c6f506407a753f0512f91f1a6dc95b70d4f001e5f90e573228970bf6c4db094746e1b9d0bc631dce36e3ad8a13e66519e5d9a3b07af2860aa658ade5c51eef121cbd2eaf5347302e3b5c884f85c00542f81884ecced4b7527d5bddf0b38065241a05588b728f2573167c7103b05f50653ead08c86e6f1c40f7893d675e550e07aa23e8b67024da05fd4f8eb68d3cdeab2c28aa5bac969b937276247260fc31dce2bf227f559", 0xdb}, {&(0x7f0000000740)="f26cca197bb3ed55d5e40e60a3ab46e2f0f6fecf025a04bf1845f0e3b135182c5eead5254bd5ce45bae7ec69cf2052936c93ed2e2e3ae685c13463e35a5cd4f153a179411769dfc4e678b3ebf57c9404bede2d20d41a81804f78fe0114f8092864a1d9a1d3d50d0374c92932e8406d193b8143318e82eea4", 0x78}, {&(0x7f00000007c0)="7791b9c68fc405a1f703e06236cb3c44517f06c233f70fb74d18417cbea954954c10d082175d13e641ed561968099b83f3f47b07729ce43e482482156e28241e9431f3f52067bd29c585a0626f5094d8841b5a3ec6e9368c3101a79678047058e5221d444fca31707406c4b1057821c229287e84faeeb9a9d333f78617709f55f8da19504a5f621f21a4a916ce7bd844643882812c8cce7a6cbcd5a6c707cba970c26ed28aa1f3baa08d4a1291bbbed550846466c2a420821abb90cda3b190c6cf110bf2f0e4604853ffd0", 0xcb}], 0x4, 0x1)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
fcntl$setsig(r0, 0xa, 0x16)
fcntl$setlease(r0, 0x400, 0x2)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
getdents(r2, &(0x7f0000000080)=""/51, 0x33)
recvfrom$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

02:27:34 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:34 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}]) (fail_nth: 36)

02:27:34 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',dfltgid=', @ANYRESHEX=0x0])

02:27:34 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r1, 0x0)
preadv(r1, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x800, 0x0, 0x0)
fcntl$setlease(r0, 0x400, 0x2)
recvfrom$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

[  964.324090][ T5173] loop4: detected capacity change from 0 to 87
[  964.341003][ T5176] 9pnet: Could not find request transport: fd0x0000000000000003
[  964.363938][ T5178] FAULT_INJECTION: forcing a failure.
[  964.363938][ T5178] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  964.364432][    C0] sd 0:0:1:0: tag#5085 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  964.376993][ T5178] CPU: 1 PID: 5178 Comm: syz-executor.1 Not tainted 5.15.0-rc2-syzkaller #0
[  964.386797][    C0] sd 0:0:1:0: tag#5085 CDB: opcode=0xe5 (vendor)
[  964.395409][ T5178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  964.401746][    C0] sd 0:0:1:0: tag#5085 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  964.411766][ T5178] Call Trace:
[  964.411774][ T5178]  dump_stack_lvl+0xd6/0x122
[  964.420784][    C0] sd 0:0:1:0: tag#5085 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  964.424026][ T5178]  dump_stack+0x11/0x1b
[  964.428601][    C0] sd 0:0:1:0: tag#5085 CDB[20]: ba
[  964.437597][ T5178]  should_fail+0x23c/0x250
[  964.437616][ T5178]  should_fail_usercopy+0x16/0x20
[  964.456286][ T5178]  copy_page_from_iter_atomic+0x2c1/0xbb0
[  964.462007][ T5178]  generic_perform_write+0x201/0x3e0
[  964.467290][ T5178]  ? ext4_da_write_begin+0x7f0/0x7f0
[  964.472574][ T5178]  ext4_buffered_write_iter+0x305/0x400
[  964.478120][ T5178]  ext4_file_write_iter+0xe79/0x11f0
[  964.483402][ T5178]  aio_write+0x2b4/0x390
[  964.487670][ T5178]  io_submit_one+0x86f/0x13b0
[  964.492421][ T5178]  __se_sys_io_submit+0x105/0x270
[  964.497448][ T5178]  __x64_sys_io_submit+0x3f/0x50
[  964.502436][ T5178]  do_syscall_64+0x44/0xa0
[  964.506853][ T5178]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  964.512753][ T5178] RIP: 0033:0x7f2c6ce8a709
[  964.517197][ T5178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  964.536799][ T5178] RSP: 002b:00007f2c6ac02188 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  964.545208][ T5178] RAX: ffffffffffffffda RBX: 00007f2c6cf8ef60 RCX: 00007f2c6ce8a709
[  964.553174][ T5178] RDX: 0000000020000540 RSI: 000000000000003b RDI: 00007f2c6abd9000
[  964.561142][ T5178] RBP: 00007f2c6ac021d0 R08: 0000000000000000 R09: 0000000000000000
02:27:34 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',dfltgid=', @ANYRESHEX=0x0])

02:27:34 executing program 2:
pipe(&(0x7f0000000840))
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, 0x0)

02:27:34 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {r7}, {}, {}, {0x0, r8}, {r6}, {0x0, r8}, {}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:34 executing program 2:
pipe(&(0x7f0000000840))
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, 0x0)

02:27:34 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
shutdown(r0, 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000140), 0x305140, 0x0)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e23, 0x3f, @ipv4={'\x00', '\xff\xff', @remote}, 0x6fe03f5b}, 0x1c)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x640a00, 0x147)
r3 = accept4$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @local}, &(0x7f0000000080)=0x1c, 0x800)
setsockopt$inet6_tcp_int(r3, 0x6, 0x1b, &(0x7f00000000c0)=0x7, 0x4)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r2, 0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r4, &(0x7f0000000100)={0xa, 0x4e20, 0x9, @remote, 0xa0000000}, 0x1c)
recvfrom$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x20000000)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r5, 0x0)
ioctl$sock_inet6_tcp_SIOCINQ(r5, 0x541b, &(0x7f00000001c0))
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {r7}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {}, {}, {r6}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {r7}, {0x0, r8}, {r6}, {}, {}, {}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {}, {r6}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {r6}, {}, {}, {0x0, r8}, {}, {r7}, {}, {}, {}, {}, {0x0, r8}, {r7}, {}, {}, {0x0, r8}, {r6}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6, r8}, {}, {}, {0x0, r8}, {}, {r6}, {0x0, r8}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {r6, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {r6, r8}, {r6}, {r7, r8}, {}, {r6}, {r6, r8}, {<r9=>0x0}, {}, {}, {0x0, r8}, {0x0, r8}, {r7, r8}, {}, {}, {r6, r8}, {}, {r7, r8}, {r6, r8}, {r7, r8}, {0x0, r8}, {}, {}, {r7}, {}, {0x0, r8}, {r6}, {}, {r7, r8}, {r6}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {r6}, {r7, r8}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {}, {r6}, {r6}, {}, {r6, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {r6}, {}, {}, {r6, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {}, {r7, r8}, {}, {}, {r6}, {}, {r6}, {}, {}, {r6, r8}, {}, {}, {}, {r7}, {0x0, r8}, {r6}, {r7}, {r7}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {}, {}, {r7}, {r6}, {0x0, r8}, {r6}, {r7}, {0x0, r8}, {r7}, {r7}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {r6, r8}, {}, {r7}, {r7}, {r6}, {}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {0x0, r8}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r2, 0xd000943e, &(0x7f000004a0c0)={<r10=>0x0, 0x0, "2d13e18e6096a9686197e35ee4ac37cee287adc797abf5dee2bfcff926087ff5e62ed8d59922fd69065417fa9923b645aaf0dcc389f4b268bb86f133c6398c83d5020b0496638e2153c5d9531a607bcf5867585db1cc92fa9fd5ac505e213d6707779ec476ca9c143f6880ce6b3293d2300309cb95aa50b47acdcde593ee37d6dc9eb88ab4e0c2f9120de9d3701688df3b90320ae43bb854c1ce3dba1e12941ac457e6b03524638ea23c5c7500129a2a3393c463b6f2dc79eefb008f3df051e243485248871333bdc65d02cc95b81d3baf42119fff28da900bf851ea523ec1f5d183fe9a9322886a2bcc2004d113df0f52c25b8e27b2995a4c3b61e19b0e3898", "fee5c18143d3004669b7321ee526b9f746b18c6ae0ccc6ff64e4cdbbb8972e1c8608e83087d729e14f029306b827983d32382af77a2e590b9a9e8621dd34bfe9c96e51f586e9ffac46b3b431f503116964e4fd1a98638364b347eac02fb419ca817bc1f54a2d02b9bcd705402f9d67b52bc88f271e26ea9e689c44db8f4bd4ea4e338965f852c3d17b95579f5ba98f427ebe1d33a86ce94d96fb8f15fb0c447f3941aeaac115c09d7fcdb1520020075ea992475df431cf456d94638d2678d7708723231869b18f54cdbe7aca481e90732e2945c9350833a6a9431fcf09a2e3265d5282d810a369ee44fc36e16d1f7679e54eaf5535de7c903d658b853569a628e5046ab35632e86675bd25b370f5b2e53a0da422571d3a5d346ee0b2d23a3e8016bda5cf2f15534c5fe7e6cab5c947ca212fe374b16347afe04c1f56e1a2bd3eb1f951e7b731c7ccdb9dab56ff0cacdf7aa23c34df454f434588b2925e09e5a0c9fb8e667c3047e2495f7eb9a3b661e0612c709fd80afcfce0c556fb265e763c4f4ec6f82e723de5378c5289858027977443e5f1217f44f798b421da755db494d9e14c3e876d453c68f6765f6e6265a13006d4a94997c210fca10a195a77becbd5732e5b9d5cb29eb0a02735be2982a2053274d892367e75e8bbf551a6e7d61a270feb3fdc42f20616c0cbff0b9ad4ed0a990ad69adfe0230c569151a5c40626ae09b13ef7713bf2904fffb6b9c92d0aded8e0e3a1523377a3660f08f6b948fb6d4e4162e9b42006f2ec8c1b62154cdd7f3e9836db27673d9f9ea9db9c39c7e15e43b84da07e844c80f32c2fa8a4fd4c666393ac33f292a868e9d644a19d92aac43b247f07df8bb9fa78a697b818002c5155666e33432fabc7161b3650d1d2e8e94a5df87602eb4cfe73cb0f22bf9ca87579454027877dd783beae2fbd456af006c5386bdb202b8aaa4ce517de86c71979d6fce4a10bd1f88452b7a613872de71cf1fb1ed74c507ee801e13ab7c12ce993659b4d8288fa1b3af57bb7819214d1d58e976c2a5608fa0a3f5b51fa352a55d8444393abc6908802a6d6c70b4f1a0d2fb944ccec5a7d60f0bea89171ad23afb8f567a66fc6b6a886f4dd252e9039b52d02f14a9431a700361e305826872c7624b317766a1c5ac94a12bb95bd453baa300117a8d94415ab3ad57f16fb12b2ad300d98ed2c1d0ec1b10c7961984fcce350d117e9de1c5908668d9c473a5383ccb7695e7b9c413cbf28db2b79d2f79817e9f7259584868f8f93ade1d100989cf318ccbf0e5cbdb1cb991dc9adb2e0fe4da2c760fd72ee5459752f15ad3c6a25e49342f918b02a6371125cdf4420c3279015083c7915e9ed1b58030b5a5c75688f138d91d429d44830443ffc08982efe7b37595ec9bfc06e32a88c7e0038a82a8915ba80b8eb6e4da1ae2b19d0aeafca03372583ca01f103f97f7906442a71f04b1303638d63ae6a7902fbd802082f78f922e751050222646748ad299b4fb1333fe7a1da838013a68fbc2c70d63ffda154860ff2f4b95c2371891511c630913346443bd8b187ba682101cb2625db013961b6e24b8f5f670f9e11b1c2322ac659abbc31b4b93c1294fd6e75959301824ef01af8cc472fbd482fabb4f68d8f1fd51756812d00bdebc42e2d3c887d0ac779fb36d01a608ce00a32bfc54d7251b02d64b0357394f00497bc424b73b64bce14ea1fb7c201f73ce45ee9b9f4985c21f078e57c766fbc4594b431743a5c2c2f5d51da708607d6142047a3104e1fc734d673f57d9a85503d97f2f156bc3c46a299304e4e265bd917f8f8ed9443f85775c943d9340a24d5d3ea874b361f1acb57580d3c0f223adab32d537ae3358fc435190b5ebe34d38efd3d9e5cc465ab2e648208cd7f0e05da890db1cf177d6a0c69527a99c9a29eba4ae425175fdd1d164a9f63008807c40b041b59dfaa5c98d2feb0f2571e88bb56150f9592eed7f1c2647c87aead7b49ebe312ca1c9ecdbc1a2ef972a3326f36638a869242674ab4d3cac905196d2a0745d296fe04ad538390bd74a909cfbe467d9ba2bc3f3827e6c11e937d35c81f52b1490dfd4adf93ad09cf9bcc537d325f4334fb0d391432c690f538d96f0b11fbf64cd4286212453af4c922751e997fe2c588e0b9656dbd0000c581783b567b0c74a4960d210604f8a76b872c734866d6863d890b55cdd863bc7e06de4b16ad1f0dc3ee438a57917b8f34e76c9bcee44b0f23e4719277eccebdc2b15165bc87f494fc30e52bdbc59d5358ed97c34e38fa73282abcdce9e82c1ad66c8a9f1c94a48fbd43649e1ea4078f0795b36663166a72767e1d54b8ad64c84bf7d3daa8238bdeba7d5843bc8926a2f5a364288831fc5d9273cef68c750db9bc827f829626299386fb10a8542e7a4607110d41f21eb1c2aef498ca2bd32e85ca1e2b8c555e1dad8c39b36d026b52ac1bc94fafea815b6445467b73df72942f58bfb5c520c4621c8b64a7c130a2c1e5650c8f5b9d0ccfe6ba7a0265ea9050026ec4594639fa0cc2d0bb9f7fb2df0fb02d2a32aeaeeb6b110c61d95994bd4fc7bc55a6e435495d126a9c73c449663485acf7ec5ac2866a64a2781fb8c4b4bdabec86c1dd21d5ba602f6a8881e097b4029436a6cf0042d8322cee213ce7180b40ed883ce5eaa911126c20175020e13fa2e31a46bea9416a777a448f9abd386f5fe814d2c3889ef01e9fc9f80189477299e15656920f7cb2881b59d91da867b78b25fe71e3378d0b856a4342e674f781760c361c492434e07378ac1370857244c4e56a119548b729b6dd07d44326c3a62d36bc76491410b533bd22cca144f32db629a277fc2b336c3f770f631a419c8dc228cb63e7345728eca21ea60e0be4758caf6b26fc85a451a17cb97eb0b96e200d7618cd28047f77a7648cfad8a798a02e44aa60facd019cb51f0aabb8ec42c71e6288a92416958c920e77d588f710f629be8667f76cbd7cb639cbda32fdffa987cd62a45b5d039b4340e9d0f53fe19779840d71fc4a0db67dc939102840e0bf76c71afc844cc0304f9b7876e528839dbea8c2665d6bc84f2d65bdcfe72b39c7a44654afa0a7d4ad1303115b70ee5705344a33bc13190410afb90185b5e246bb1078bdc2bf1c320134af26202bcfa01158e396d539ddc8c49eb7dc4a31148d014b5a98d074abb32aa034fb5b8cf08b8bf12509971e6d9fef70b01665892b6b96235a8dca002d2890feb34506ef8f4e564945a84dfa0e5eeaafe8b3c7fb3d862b7d9ebdac191b3766ff961583aa83e7f3ea2ca2a42287222d04e118f9fc43f945bbf7935a4a7c2965e1fc9b7d8b2b81721fde184dc9e979b118f6b539062ab9f65b364de104033ba437303b30c5c24e01174c27a8dd556ac66bfee06982d44f92c4a4b7bb20e7b61fc3dea292a5e590a77bcc6dfe32cea9d39beb0f3dc04b5d0949b5941c29e3d62df2a68575949ce9e4b42a0832d0766234dd7e8b933c07a25a9a6bf103bd55f1363c9dda3e6dceee86a999b5a3ac692d446e55c777400d0e43f57229557e7a48403fe34776086984ece9602c5b59139cd1ca692dfde4d462246d487b9ba69b20280bc98a330ef1e3f6bc22cb71028e39adfb41f62c7be611c5638061f2722eefd2625bfb234d6d824a10e7af52f4d045ee44076a58aa6d2a152aa7a2ecb9333c55ea26aeb93df071b06e5d6f90867ee869dcf15fb5bf27b9439bea42ff8220116654379cc445eba045a6c65d4a67a954dd21f1afebe934e25c77301a50ad5dcd122bf7f8b9101b757dd66f04b28821846b3ecd895b7fe7acaf0a04759215c75b3be112c19734d04287c8cf1c8b89e7608c66bd80b773934570b217ce648fd412a575c74e80d21e9f1cdfa7dced4dca0c6f0076ad037e4d8d654dc39539ef6d997de0e6cbad9fc4aacdecb7d986c147ca75a5fcb22ea2413128333e10cd022dc1afd4dbc59eeb3cda976fa1058fb5aaaccfe20c4f401654acf36f79e48a8d34906d5d226121fb1bf769a8fa559acf3af38d893fa62d38da6ecda4a8b724fea8fae5234062f74935f91b3a333ec15a5822ac06018c37e5a886950afc2870beae0fe61c22f84e450d7e038843383c0ee00bc14e07ff9701cb161de3637376659e1054733675596fd127cd881ad43dd7cf8ad1f343f1f4fd0a6031756ac94f2eb2866567d94a1486005acc8e22523f7b8e787432974cc7c2edc79dbd15b1218fc48b98bda1ed457ac2945cbcdac0acbaf99a7da35630d15521b163c09663fcd504e9cf4da20952e80ef50931bbc1c80898403468ef238bf9fdcdf48380d3026a9774bc1c2b7247ca8b26e5533c70e04364629e2d606e02a58d97740261a4c2e5a7e1e96cbd4bbc0e04da568c241c91f4bb79fec22599a22e0a5fecdcd24fd415177b3270d0b6af96bdc6582ed10410379b7ac44f503d47cbac5a6664b6cfe45d7a812d7690349a28c89e42b7d56d2bfef85c0b28124f733456d3e183ea35aa6bfdb36e1d4a2b4c048416260493b66847ab8d545bde8f1fc799e651742b068d70142575f8a1fd2ee46ebacf8fe4fb50ce161b6357c68f0a3c3f44f5b7d022d5608df4ccabce5c91b262336d641b6018cae3a1ac896c8dd7795d1e0c8dd72a6d09880bc5759c0f41eccb9e87d2c548ec1e596f279dd6fd883a95beff0ea74dd68f63d422472987585b3b8495c4a00c5ce9ca23da799ce2e6db0ffcd9fd21a100b5550ad7657ce1412144a9761cdf4ff28cf116e1601ac0c90a9b6a2819225e0bfe8d3859e58ed33966d9d84ba4b559101bdf8d202f23ff58f1c8e5fa963e9e063ef84a4ea014ee2984a544ca086946858f0a49633ac6d04befd5bc0ebb9c60fa608f66ba2d8a344a8f2cc07bdbd88505e55e8a3cadc47763267351bbcfbcb7b4104290b095bed5d954c0b52185b2ed60e693c12b7685d9e2d76b03c4cbb855bafeddfd37864f15d418ba42cd39ef0d30b66b4f43d4ab665e5dc98017d0d792c6b7da3815e3fec6fda8a12aa7276114023d945aff0966910c4b4dfc13f29c15779ea4bfd701e7ea848994624c2160e6c96508d806ba93f0494623d942ab75c19c217562e17c66e25da8706cb9b3bdce5cf94fd3ad2e954d3663d2a86a0d80db24f676c16384696da9d800a59ce3daea67a43fc1a0490919cc3734cd5bcc77b7c3a8909ca94ba16bcae417ae3836071fe26ba09778af0f1794b61b1a462bac2b2b2d71f4b6208583df50c92b4932d82d54b5d98d29dfc72c6254ee199c4d2aad9b1d6091fb0d63730e20edcb808dd3cdef508a07df00d205a085af271ad855974adb68c138bcab2001ab76aebb9a39e354b25ae9264ad5c2492beb9bc6b86f99782d69d96c8dfff76be274ef85aa863fd971442f94f3731e8d968ff39ed22eef84"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r1, 0xd000943d, &(0x7f000004b0c0)={0x1000, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r7, r10}], 0x7, "c4ce89191c4335"})

02:27:34 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  964.569166][ T5178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  964.577215][ T5178] R13: 00007ffe6923ec8f R14: 00007f2c6ac02300 R15: 0000000000022000
02:27:34 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x1)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000001b80)={'syztnl0\x00', &(0x7f0000001b00)={'syztnl0\x00', <r1=>0x0, 0x4, 0x3, 0x8, 0x6756, 0x10, @private2={0xfc, 0x2, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0xe}, 0x700, 0x40, 0xa0, 0x10001}})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket(0x11, 0x800000003, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'sit0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_COALESCE_GET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)={0x20, r3, 0x1, 0x0, 0x0, {0x16}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x20}}, 0x0)
sendmmsg$inet(r0, &(0x7f0000005e80)=[{{&(0x7f0000000400)={0x2, 0x4e24, @multicast1}, 0x10, &(0x7f0000000700)=[{&(0x7f0000000440)}, {&(0x7f0000000480)="46495ab8bff3dba46a67c076d78c8400a542964524a72331b1e280f2f7b90123dadfcd3d1ef4a4f7dd7f9f8f7deca0a304e9a3faecd4bbb06a4c2931b0ff432db68a8d68ccfbd6e95c9538c96e5dbf8b2c23d2de1b920bf6012db8bd5ec5122d8561f364049dd23ed4924640c0b8b424b9a32051eae23e337a50d42f7c0f5897d0b34ca99755afa5d0955a17a4276b2d6b3b25600b880e825f529e6d9d68b31c36ef7b0bf1385bd824ae38eb3d94aecaa63eb931def6a6dbf880a224b1185798108bc54acb3174c2282d144f0f571ac7", 0xd0}, {&(0x7f0000000580)="97823686d3796b8e67fa3cb63274239e2ccf8a02db282cbc92fb791064daf2823d16c717d23d5e41bf7667f6d36a9de5a4255a08f0fbf4401773da640c15071f9ebe1698bb6417ed761e00fb94754ec6dd028a0fc6c256f9c4c608cb08d5444edeaef67bda3b0fb7bca725c6bf3e151ea08fa326e83992629924397b51ba8703905d3130093e82", 0x87}, {&(0x7f0000000640)="6ad5faa83ce0811c956b88794fedd13f57597737f796cf527854aa03aa3811e19e9ff4d8e1ba300c0c74886fe1227c2908725aee94073d0083aeceb5495b393c44a342d632a89db4211e6cf8a1d04762451fb4abe7fa44e6a42118373d7c0c81869acc2d5a40f9c83b21de4644ccc778", 0x70}, {&(0x7f00000006c0)="16dc088ab8584c6c950bb76879c09d230be710d1a436253cac1c028c92ee0966909fc38d8aca8e4aef923ecbc64ad618bf69acb9df", 0x35}], 0x5, &(0x7f0000000780)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x5}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x9}}], 0x30}}, {{&(0x7f00000007c0)={0x2, 0x4e21, @rand_addr=0x64010101}, 0x10, &(0x7f0000001a80)=[{&(0x7f0000000800)="2839289938052cf0", 0x8}, {&(0x7f0000000840)="04814ee7c7a91c2404d5a646dfed6efcc664ef8a63f428743a7130b2651e8ba8bad03f4ae734745d8230", 0x2a}, {&(0x7f0000000880)="9a1440c28438d69b70fef889b8f56b7b3d3e8204283fc61d6bf941e58a417b33570535b5c4f76f3129a23ab6fd8142a4de7cdba704c7bdded49912d27c6c3629e57cfdd438d76d0a63ed13ca97fccfd066a811c430c0181f9ab05e2f0d7473a4169e4cffe2b9e2f5aa7e7d3cc535aa546f4eab2adb076f9b2f1a7448d6d017efe962869fdf68fd1d01f0235b90e4ee095f31471b5ab2b8858f4a89a0f4460b40550babb4c5e5a2b2f8277d7b5f74157c56799a8baf8545ba19a7652ae8306cde88", 0xc1}, {&(0x7f0000000980)="064677fbd6b3576666d69a3a658f6f84efac47db73b6a123d5ee38a113eec0f98e83290ff366af207ee50b21d26fab138e7cc2c8c136e8eaa168031c030330cd14d93045db748cd05c956020c9bab2ffd91df33bb25e751789b489e0c9031b848e3806887364be08ee56495078a5e3e3ac3fd1ab41e05fe1dbc34180b9fd1c6a4a2ab0f7713732360bf8bdf0b1e90d5a0669e0ab8c151983356cf7780d462a2d599b48916f88829e8766ecaa9cac6e9e773763e5a0e38f5fdb652a83352a7eb837508fdf7c51979d51482b0683f09f87238d36b2675d2a60a03427c53b08cffc3d781fb0266092ece614fab62850509259e6fdd9f07434fe01fa4143d7977262c7d1648cffe66fdeaa076683bb9081559852b30d078e1bd12704faa621766013ba15e9f3f876433312de54c841d77b4ac31ccd18a13231756b54fdcb8a7f298a7c5015c70a3a05c1bf7065357077d70182e782cf4d328348a3409c67f7cb73d9733b251c74dbf7ae1cb6a5d874f4079dd275ffb0a5986893af343537be756c47d336a3c6d3b51bd1128e295f0c61b8edaa9412e46bceb9638a16ba5804f1ac9292dc0450aa859fd278a0e834b78f4b526d1fb8b38ab16e0ddf029a43afd1613296e7698c88da9a8ce11e0a09ff10d1837ff52e64788f23130a8772118381c5d85e91989aa07a28c15c6f048d6e4ccc00bc5598ba61858fa06159b81055744f334b3bdca8576eb0f934ac4fb09183c14e69366d93a7732f45aec2f64fe5413061be9570b4fd2beaacb5160d59d86992bac6739b783e821638791d1faad4ed8b403066cfc53f1fae91ea81d15444240ad910c20b2f6f7064eef22b4eee2d0eb7dd48f9e25982a599ea1f3e7b02f7664f6386ba1799d315fecc9d5458b9c735ee9620fc85f31654b9e679ba5507a76a88fac495ff64fcbca0bc3915aa2c633c2fcdc7dad9ee58f89e16f8ea368312b7f085af8617b6af209c29870180b238d313d98b73a82c1848b95c63295312e992b50d726892ab6de8bc7550239ec3071c7b1bad2feca09cabc62f0bc87723fa91dbcb413e3c25b0b9fd5d2e53e811d4987a259b05e70742e42317064d0455bdc413c66bae217d8be7cd8c5f5f3084da0f3bf99ef915eae53e11808edac97a4085c853eff447d712278b8ae0dcdc4961a865d033e524c1d8d06efc4c74d447fa257fe4272e40c039741db08c2bc4a8ebb787d1aa744e0b15de4e0ef558af0a7faf645030fb06e9e89e76c1ef1ae59d7957790a796fad0f0f164911abf11d9a904280b1b2ee14262647ca253b7686df87d0f5054bd95d099e027e5f2c9e4b1ba43b3eb2b44aa92720dc40425795522d4e869064c0d5a38b92a6ceb9df2cdaf5a64070e54f8a234dc580dc69909860128856da8844152e666088b9ce037a83ab25bf0926b0c014586e550e5046c5207c15a6236ea8468fe7ab508c76fd16889fa01feae74454b871b9b0f10219a191b3261ef6a9add53baa582674afaa69683095ac92baefcd5e8e7908511c0800eb4cfb065e26e4888fe7513be9e8fae46a4a962da82225cb9f86466870cf56058429bb4958cb2003d6982eea6d525ddbdc562bad05f0081808f57f4424fcd0eca8944baf1022e5a0b00414d24a2cd8fc73be060b123f7e14e8eb91264fc22eca9cf1881c82b01882b35445d4d9b4a60ccbca0391a905c75709cc7902f0708b7b8d78295b1987ab97a42ccdbac76081d29849949eea161ed86e76a190736b0e38e5a12a94d690e1d47e3aa27f675523e5a0077c10509e1e437a2b230044f2e4aea6e6e7558cd0018aae6c500c6c073a7c493333052bd3f5bffd3e08487913787dc8c072b4f8765bed81d0ba730d542b6cb47b46dc2c68124080a892149bc4d2492d704c11c840eadb6dfa3940385de47f24e5ddd7d29f6521ad40a14f98173ce2f63ee2105344270dd3e26a6a7f771d5a5b41eecf10c47a4280627ffb77cdb18d60b76666a7a4ea1e02ed3391c5b3d79967e81a140300172d78c32ca05c2a09b445d5666bdb4525a3d6c1bc00239c37021297160701a9df5842edc8638565e06ab5b7828a63537a16631faac711e6c93a850c278dab4982b2818cca447bb67a676f11a10ea96486cbe77e8deaa11e5d2bd276e4ab46887ef6fba5816da4a3cca9c527d771169c787b4d182ea15f71912fca4a212607411baab2cf49914fc39d8caa97bac36aeca9984b8fe5d701594053736e00e39a48007f3b475197dc9ded8c7e3cd12164717e41a7e0304be39f3e55f4522f56377801ff34db5047907e2305fb398b01457ae6f50959902ec6962ec481975dcdf79799df7e8c925c6c9918ae0e8160e478be99b5ecd889f3aa21371abef663f921967149ac7cf685adcdb3c2e663ef783be888a614c9fe1588560f73ffdb030f8e0111c5291d292ccf79a2bc2ccee16fd321adb6f070d836b5e240bcc0e065877b6c6c830be264cfc4e2d271cfd1bc38b091ea33b7965e147054b3ee25761cb34e27786fb779a4dcadd0e9fa1c5a92665c5e0b324b407a5a224aaf9874c9b98177ddf38248c61b1f11eaec1ea7f3a63badb3d8bfd67f8910f2d09535d63e35a4da88c4170fec2058420f9126f49e03d6737c1d7fb9ddc6b9ecff838e93fb4d22c082b5f86dcae1753ec74ee53cdca7bc273803af6c85e8bc4ecbfb6c382f3eb7d43a39e33311a109423e14f784f44b564352851bb039ffa0b19805cc2a555d8d4d8bff195d7fed24b87d6b648b0b072b390c72de44e5bc2fe3914dd7a7c33ac118a10a36e7b619972dc43806b1e2ec5654b50ee4a79487a9a4ecd3fdfe1a9df2334d642e196f6c4f046770a17327470c2b668a6e713f7329829b7c3a5ae9e5c038c7be63f7e336bb3f7908f8c48ce2f8f973ca4f307379c779e4d3fb92336293103bb64d2014a3ffc002b5644ff6541dd5f1f457a1f38e2d05da25722bcf8152853066594ba1c405c76c380546774ddf096154ac969cd6c277a03a649cd849495ff27318243b4b6a5cb9a948b66b6c63be38fe02119b6b41e7cff618305d03affe42e3b57eb517377fec58a503f2f3a9a47ed3847219e8a3628291876584d7e69e44d1c06202d0db3d9e248409fb76c2fecccca6fa8ecbd0c4f7d260b6bb613fa43b0ba7ba942c4cad0696491133c5803bfe96138f77e4df2d5c89ba9d0eafe3eeed958d703af0f342bd9be27f5eff15b0cd025007a26317713b822e97d72069a29daf36ea67c520f7365e629d496221a8c06ed32cf5f9bf114fec08d4c79c70fa0b39f46c5aa049401ba0ffca73a236b5bef1a7bef84b59e100bf7645b47ed0894174ff3905c2530fd84cf444e80731e36f641defaab534597a5a5d7b632b9b0682d00b263a798492619b57bf2e3fa5a76a25be599e966db40c511d126fece440b2bb46c92cbb7d2cd4ee9e0bd699b062d601ba3408c6090815212ee43997cd316996e27192722bb2f4a98625695b4b62bcc48b9e28bcbddbc12db77f561e3745b3c43970db04099812dd0e3d5e778878a7ea772ca2517b18a872cf7850eb99ba74e1ca253181261e41530dafe964f336730845c670daa18c488ac537dcec4ca1afe660d0f4c71c94dd9f0d3a9f025976157bf31ca796a8b2440e0626d80a7ac2b2f75589468d26834a559eeac01ef02508efe088f303443614189e1a6765d68319ec0b162a484fc152a2339d8dc1aa3614afe53fad2f44ee8b12a7dd29a83ff8a1d25b002665f5ae62731fea5d5c250fd1d1007ea002f268655d2d8a21c150e15eb845d3fd9e56706971a114668dc1d634095c39575ac15851461a6e8d281ee1c8304d5bf80d8d76401a68a53118a02f85152c7e4754e9cced58455f6eb2ba3ed5d5e9c6e99219768409e323ecb9dc6f43b6d5d5dc1cebd98f2b0d6c400d76ca5b5c692d43dad168704e76c16bf98f178ef954e30ed4e3a9afc9b99287cf033808336b48964b1840b0cc93c1ae9feb186d56e0ee9bc58b13673d56c89bdea69481bc368849f444ae488e1f39eb58457958c686cc6e26ba830c05f3ac9aa40dddba96601b78e74601d1f797fd197d16a3866af3ad7a41ba8a4481390abdf66447e64b9a4d04ce267a4deeb0f0404b51006674ff51f9e577449b6a47e686cd563049c53d5b1fe9430d096527a02d57760ed205763e1e5780572fdfb656933616024b344361fbaa6999a4458a0275be0b8d45e620f7112d6708d19e96ccd1cd1f22ff913c66f8cbe74b674517739f145a2564942e885c564726c8a21b5310d1fa8f2b8a7f02915948bfc82d37e305f1704dcc169171f44de3e78a9e32b059392af8ae706ae7553987d85236ee22eed232bffd93d193055327d96e684ce9dfe5e49edda7c6bbf2a55d9ef0757bb44023564e7ff9e9d9dac40ced2117076f258513ba5b22ebb84e9444fcd61ab5dc108ddb80e6005cd1f61a738e8b972f74ea661ec68ae63ae87496d6982a51bbd90c176c79c3d96741e4ad806b89531588fbba0d03f7bcfd46de2069c29a3954080576f35f20294e315e631f5725a8808e0604db8ffbdd1ca0876d18d2f9627c43173d6c2bb23174f0914099f5ac4b23b4abb5b7ad60a1e6465d06dcca7bf088f429f6ddf1f40010dc69ea344da894d03935f0f5b9dda9672c26b2c6b19769b782e0d1a72f9987c3d75c52b19a06e29cc40b23d3397d19718a7f81c32402f24464c9fa68b00edaefb23b3f06753098965dd5a9110894e65abb261ecaabe3518c39a2bc552854b37da2d8de7fecc9fde2bbc2b7eeb2aae8272db3ac2d7c3b97d97368b49da1b4af06fa8c313ef4c68fad3cac14c6e4b45148f31d0e5b245b1e58dd13d57f8b1c6ad5d6ae00aa3dd5801a56b7b3abee36f962b035295bc9faa88d00e1413466ca7d896c6c99a376c88de5eead1253adf58145c719a465f14fbda59a0b1da761faef8b97e242f75c53336d393a7c8452764c7e79bfb7bbe7e45d3c63fffcb51e2160f2e02bd44b7735c3d60ec27f2726b7315b2fc6acf83db3cf35fd91acfec8bf53e88583a609f6904ec04ab8f7d4f264dce9bf82c6ec55df91e5118317b1191f9d1083b7e78a94c298bf1631e81d68414b41e77e238a6dba480c35722fce759dc36fb7126e45924effa49c0a9d4b80b2d4b50efc219e471a00e1e8ad3304bac93b5a1b7a9793b71b6e4833ac92ad4b111e975c34140a912ab5b19b0fdfd4c47786e44e4744e7c98da70837c3f8745d33e326c87c0c9e9ab351355b7a0e012be71fd23c7542167de10117b286f4fb8f88b636d700b09579907d6af67c889239ad52523be18d33f1887e31900029e4314834d8ff2db9da22ae0e0c7a50a6f5472cdd8e63263f23443af9e6371e0d00acda1fa6d0009497e6b189ccdb84b5df47500563ba93e6031ee6335e3b026d3cfaa6dcf470f39c7903590d92d88725228623d8cd7a001cbc98a1034690c63ac412ba06e46d8a94b105844b8ce80c0ed911685127aad2b37032018b82412567e9ac1f04ef9669d91fdcfc0681856db1cce50875ab1260adbba42ab6c4ed0c806d81d33ac6da9d3dbb95a960d2112d1543bb2500d1d29b3a8a3b29c113874420e769aad2410b6c12f0cb1a19e0abf41920c910b086fea6fbf96898960cf81269c1ac140e4c86e9a2bf5214bb7480672395af3f8fb0c3093fa45c093dba170b436c478bf6466f493db18e10e05c446580b5019c1d0b8600d7f6b0a2c965c42dfc952b418f8dc48c82091dedc7fac7795273ca2a638b1369a40a6074967879eed862d4c895cc7c5ef8d852db8bcd6959a9ce36e9", 0x1000}, {&(0x7f0000001980)="b2eaf9cc36c647cc540b7798d2a1518c32bb03a0f6de67458c7c58e673ace61042d60be7c85b5a4f6833359143c480ee56caf12302368913ee242fa800088a733c73cfb02abd50397c41a330c1f1352dd84c039a360fc84804bd998d1fe4be7dc127d27e2d697603fa4a7d840666e84ff626a7458335f785b71395842c1a895379b2a43fcabfb5ea484099d29dc5be821f454314687a7eb92b17238ae86e29c71d7c59dbc05dee2113146fa7ced6ebe4d713d1cf11bbd8c9f6df07e4cd70448eb431063e3518181f3cd9dde9e5c2e587929e72aa01d725", 0xd7}], 0x5, &(0x7f0000001bc0)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x40}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x1}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r1, @rand_addr=0x64010100, @broadcast}}}, @ip_retopts={{0x68, 0x0, 0x7, {[@cipso={0x86, 0x56, 0x0, [{0x0, 0x11, "7629bebd95d75e9fc8c6088f6c3549"}, {0x0, 0x12, "82c8d0539304524812732c56c9ba5283"}, {0x1, 0x6, "eca0bfb5"}, {0x1, 0x6, "a1454b45"}, {0x5, 0x5, "d81e30"}, {0x6, 0x11, "399898f7c5ae49c705d911033b926e"}, {0x1, 0xb, "1deade48b2b70e7bb1"}]}]}}}, @ip_retopts={{0x2c, 0x0, 0x7, {[@timestamp={0x44, 0xc, 0x9, 0x0, 0xd, [0x7fff, 0x20]}, @end, @lsrr={0x83, 0xf, 0xf0, [@remote, @broadcast, @loopback]}]}}}], 0xe8}}, {{&(0x7f0000001cc0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000032c0)=[{&(0x7f0000001d00)="412d50814f493e783476483179873daf7140076e9508769433032491fad572ee0594a38fd8c6575297912ce78caf3a3153e90e25b7661b431a6322dc0cadadc36324cacc354f600907f8cc2b680882adef0589eae3d6379a685a1b9ef14c35db8305c22c0bdbae43007a14951e1d5af5b22409bab747659faa561d6784f38a5be0591a65421c49bfbd148fed66fc49b95f9585c1653f44e7947e76b16b3375207c93756b48d326b8dc832c0beed7583f6cb2966867b4dbd7fc90ef9fadc6a7d23087a9f930806375cc4062f56345e3c7e00d010c4dd23040b357eee1d1c6a06f85bec7fb4f6c1fc4abb55fb831fea1b67195b399f513f9f3f877", 0xfa}, {&(0x7f0000001e00)="9d376de2b161ed774054950e4bfb3e4cf1fa55125a4c8d5a2c32233a19fddbd0eb313f879620da9ebd85c1a800062b35f9c090f37f145f04bac2d7b3d21df0e7aa4b1810e1df10a6ca76435eec112c6ef60d7ecf7ff35d09", 0x58}, {&(0x7f0000001e80)="cb39995cb975b05ef0309efd34377baefb6dd3e8f3f28acfb7998b15b9330fb45d7e62b96fdbdacb89e9030e0132ccfb45286bf2c16dcae1bb53e59b9061f2ceb435929fa3dd250876f46de4602d064d7600b3bf4650d8149c1c22f8341826b9bd2ecc3e7e1a2e22fabe36a93cc39ab1050d4bf206066f77d8a8a49699ef35ed917d348f8ff2e7281225309d21727578888c761ebcbb336b9ded490194e864e572f57c64914201dc48dfb1eaefc5a8a193a2fe335da798c89124cf4bccc0f20ba48afc9ce24913526bd767", 0xcb}, {&(0x7f0000001f80)="1acb8ffca58067d7f7714d57ce696f7afa115943b5abf12a0e67237960b8b028dc4e07d617ea5843d124b0077918806e687db0e807fde78ef04fab200042a648889a42146a12e3f725219ef79f3305abccafb120ffcdbd66e08f635b2863dc1086a6458a65ee69a90d2db5980eba741d76e75e6805779f6e302d05861f1aeaf16afac68161faa7258b140d00df51bb98c86ea8929fa50c7c2c5b195f492ed3e35c2734d1c4eb5bd90fe0460379edf0a16245082374cfe5906150d1f30ee6b3e3aff201216a9b8bd9ab46be98e796dd665a09f7ff3de25232dbaffe125892d4baa040689e006b3be9826e8fdf48189eca9ca4328242abf90479c8503b1e", 0xfd}, {&(0x7f0000002080)="35bf4c067f60e1c610f3606de3b4581b3dce237ede764707467d3015521dd68e3ea6c7b9fbe6a992e17ffcd71255cb", 0x2f}, {&(0x7f00000020c0)="c51cd26f8790b0b4d611f5f158d40376c8ac2753efe1e303a9f7ae5b6fd96cc3b440f03bfe1536acb8bfd13df18b6d75afb84b34c77ef6d40e78ba2c1e9fe83979637a4d99b4c11e0e95a8b484eb60d4d37094736eadec00acf9e3282b51bd36335fde1a7057837b45acfd13893646c3dc7b7a9397964ce4f4a5740261e297b9a5978b33c736a599c949117a20bd9ca86d7315363cb0711da3b68e9e48a6b1642894c00d78b0e1223a2c7d48c3e3b3d10aabbe84332a4778cc210a8caafb745e6f35dc7e85690b7c2dc58884dc397ba2b27d7548b1", 0xd5}, {&(0x7f00000021c0)="71f4d2b8ef011dc63c80950f52c8ef2319910a0427cd94c65a9a9d9b327a72e36a7a16e7053b73b09b441d8d29ab6f2a5fadc1021b744caf78c34f2f171f5842d9a55dc1b14be0a800c5480a9d02334fda11", 0x52}, {&(0x7f0000002240)="8aa4fbc05ac15712f6878403862940b8eb9dc7b864643d5fd6e6194e6e306b55fbedef10914ed3906ad8722588ad2922ec6911bdda6d7b025ffd9821ad3b8a71b3ecff4a9e72c11195792272e4df03bf55e6f8e4dc4938f97825b0401c095013e889dd430a85f4ddd4635b31d803869896a5fb1072eab5a56dde77a3c2d0788fb3a077e5898e673304c5ef221a7d38e08b525c63a950cb005f8560d7154fde6f0722a92f332038589549517fa6b379253e7e83c5274d5ad913b84d457fdb859b9ef31fe8a71b21e8fd0eaebb0127e76b82d68bc5987cefce0d2a71f6c30ceba2a67cdc4f9baf5877ab19fe09a7c660ccb7197e32ba6f483390e8a87ef7a429f1e60b2dae802529d0adf693bcbec6d5b59558c87a9ed1085f5873b79956a4ffcff6916580b44b0ecf4055e2f060c3fc1671d1b30ce201d563411fae831b7906fd266331bee42e5c5ce662a790cf08ab63dd77a03f3ada70d7474231e24322d08e2ccb95b1301111b7ef4d3428fb4927effb220241be581ea89ff272f0da8c8872f96b786ba5e65963926d8b7087ebfbca4ce9d4d7c3a4ffbfb77f0a9b1f2e066f274f2fd8de3ce8614d447a064b18b1c107c0c740bb67e76efe2f139b9121d336c2e7ecf6db5d8a0b4b315b03d41d232b4c021cb3a8b594d1c92049da3949eaca1f53e036841caf1a1585f692014fb7e71604eb122c1a35c2832747c3912ba299485acbfca70221b1afe3599d50af932a0ead48ad448f77f2c0d10f24c7c3eea24a5bb362173a0382d23cde31b03ea93b43a72da99d4274b93e6ab490b262df71622149775b1218f5bb84f853e1dc2b51dece63f606efcc5f90353db80d69603508d937fb0092ec665ecc45b70b84dabc2cf384f9156d71e79d099ba259669e23ddeb33938f91e889811118fb9e03af75db0a2953d921e8b8602a8e38ac125cafb64b34734985b59438daf1ef7a22ed5c5520330b2216356187fd84970f9c2b9a4ae503d2c6af44bcd25960eb9e18b96adbbef85ee19002f7eac2d51ed44dadd7ccc3e7a64210e89896b8426357712a751d7bb68a874f1d0fa0765c0be2dfbfbe09bf341f336572ca0cd5a7ed770a51e118cc20f24902dc346afc29d979d54a321e2e95efc9657775006e8d114bae2e7079d6204cde070810ac4332a13d9ce050b71ff6c859f6b91fd33c745b57122f968ae05403e6a445a8dd6402eff80ace125d0b7de31b30c07a5524f2fb7ee21ff68dd053d6cc08f145da16659c5c0b53d04e91733844233cb13d80fafb66557c10f590f7169565f42aa830953375a401d5d80dc80e82367dce1b07ba5e4157753926578b6f4db95cfdd76abc35114bb11927ead1631d33ce25aebc267fe0378b27bc4d26c12ae458e4ae454a3a78278ab2d6542a9d453bf4946575335c09cf17fac0a19bab4a41cf9f18a15362915ee152c44c5494c770b16a541a7ca82393a0c77ed000ef871bd470f91f70390f4a4114c804c3fb50d40e2765c600fdf79d0196343ae13da45e3740954a48c65a36794dc3590da4688e211d96a2d533f1f483f654a33222e28eb93c471b000687f9ac77f155ddfb060855f58c3701529e8c35ddbfa5b9c2729322804b6548b9be6d856a5141326a11d08ac381b84716da054697787b3a117ab9dd7b1cf110ad5e45c6df313e085328ad5ab0aea0847610a0f6dfa33c03cffd4e950e0458bfc7c8a18c7d125e528b013a20bbc91c22c8baec07dd0cabe4e7d08e1b6b2f495e7fe67e5a6912efe0b653126ed9f5c640e83e279d66bdffa804be2ef354bff4aedf6e657fcd45f515e43000d6087a0a90cd857eba3672f85876abfdd13868d9b18b444f2debac82a2c69fcbd7a6ca5a0b0f51c8b51dd2c163a48c52cbf8e93ae4d44aa474cd5a1ce0234d8df6cdf9d8ada03785ab97c87ae494f4869ec193f2aeb813b0b28cb689c265875559c511ee087811d8dbc543114826fee23cbff2b5117a28e9be530b55948227ea0823efd8769468edddfe40728d117119e03707b35985b2ba56feb76e44940733d9b1b8914d67bf8ddc51bf8542eff76e563815b1907c80deb253eb21201fffbdc9eb32f7543eaae8971a4d65351f94f37ffad12fb97ed30ebd566f80e3290b0d4058ec2a45c5d4638e50fa0905751b473d170a8afab58d3ffc7573860d2b3a3cfc0f5b7952ef36e49fa625d164639e8dfead723640a2193698e221445b75a979227ff58e5892c2d076ea38d344cdaaf7b086ec14958336dc7b8b71fd5ea8e080e7306e1c97eda4619e346ff5c72b651d2d0f6e4c3a3eff18d770e31c0fab04a5f1f3dc109bd24bb477315db6784a805bc653e5812818c352eda4c9060c98fa0c0aa285f3b308182980f28dec9239e15f2a9e6d389ed1cbe23aa1584d17f6a0933777dadde74b7a35b1aaa1e9912722c07020ccb997d4616c05cea69c8148f74d63e27017042f09b5bb72f8a4e392b3223e14507bb113ac2f52e95b80d046ef1fb700b3194594841aa535d1aa915ee3e8885d49fcd7a40b9b42c08e025d2d2375f8ecb88e010a56841fa0b277550b7ad04a01671b401b91c261b105775d669dbe48c8ca94fefa8f2114a48d062b2c04c4e552c9530d3f101d3988da198997e019d1a54d2dfcd3aad343398b1a011dd6d3d4a6251cfb0653232fe42a84d9f82b3b25a719ff1abfbdba4f4a693c93baa8d6de59cc8e9cdf22799f24b4007c1716570290adf09079e0786fc0652dab99eac605f4dd6ac7fdad8cf7da0f6e10e0c6d72c23761ad9d6577779031c3ce20b7c3e55cb698895fbfb2dc16734644e197d7c86810fd531a8ad3c3149dfeec37f2b340c569881922c18c709c7c78d270b7dbb452dedc6101a008a2e935ce8914260d056beb40d9ef74eda185ca4163e9892bc9a40ee97649732e8ec0246d1f1549c79ad0d9d480b82e809d70bc1d29754c943bb7df9bc5aeb0429dcaf173a97f1591cb919f78312d2094c778325712f3739441dd17c0e19e2a29f6d3392df8fa4df1d30db3047e38a13a749b6bf98453c59d3e2301f780c32eaf2c955b68ee778852ae998dd59a133f5559c708fc4b13c34cb55d3e824205fb09864d7f7f8cd270fc6deefa54374c6565c04e1bdc4d68b19d2f7731075586c5f4bc167d0d79975fef3e69b70b059d8ef2fe75c202be8e7b06e3131db055be1af735f1f1eacaecf7543cf6b0237edf4fa9ae1fb4fec87be8c35d692494b89aa5699ba96b35ac6086aa759b3658c98dbfc3a2b87e173df32d59747319b9c58192d0085ba46353d615902dd66f9856bc60437b6939fc719e8a1ff5b1d24a1781438a47bd0b0a4654a7707580cf8aacf061b56123830e7818611111d6c323d1796ecaf82492db6cf121fc2a167ce54b2247ee560fc36f00db21ad809e8693152390e3348fb2d14a4bf0ca4d54a4b60939df44ca4cecc13f48537cef2b32cdb5430540afa2976bbf1b6011a1d1f27f664307cea213ef08090ad41e06b2b1ca2161f9a99958ffbbee1ad5fee791c900c7bac908f30ebebaacfc5b1249a009a8a6f16933e795099b3e690bd8ec8fdbf77e57d5a4e97131f9bc4c42678d47d5c93b1ce6c6a5a4629fb8572859129b4fd114836364e73ca05c43b8ce097cbd0ce3e62ef52753e47c4c37f5b712b63b1ba31975446ef67b91e944fbadddf83ed3b2a2d1903358095826347451cae55f49eb7ce91db416b435ed7afe205bc3545d309c4cf9049e96f21c22ae25668d0d17ad1356670050b265f6b4f62cfb9028ffe33ebe40c6be7a6cd2744a92bc7e6a63174b33b43e63e0acdc5696d03c821ce06a64b97c7d1fcbc0964044ea1f0e7ea373eae5d7dcb8d1f9ba6f22bfa1feb9a2d40d807d0ea1eb41d7f256fcb71bb9c72ff2c2ac7e350552741fb3a80421e99949c3f659e59e4e679d32255ef9bbc77593cbe656c2faf09154bf01a5b1362b022dfd69516bf268f0becc2d38a046779c0d05a082a704c180aff879e447d043a2a557da882f7b543a19f3a3980c7323b802717521e3ad25e73acab2fcaa35c3eb6151247c8a50e8665cc63c4fead4a8625281e28b3e431d0810921d37bf3419f3f2861242a96d81f9e24e01a895f709bd16be4c10abcd1cae200f4ff7a9d996c6ed2ea6266f6bf525c9ccda864ac20fc1569f9ef1cc2fe866de70fe6a987e50b48a988ebdfbeb7eeaf320fe0745bd41a79d6ac67eed90a2ca38bea1660bf5d1a274fd59a0cff15bad56bb912ed9c86baeee06557ec30e754a42b313f48d45a25cdc4393a5d10df7e69cc0107de568d6af9283a34b24328b1f96e585923e24ee853ad6c136f665926c40601f234793389a68710537f38fd170f9b9a03b3f630841bd7f0f4a1c00048d7ebace68cbe999447a5010e37b3e2a1ed7064ec5e1ac7cdc6f03eaa91988b6b11593c69be92a11cb69b936d9660b82d212a908a3cd22aa719d7f68b930e2b5acc077ba764a5a83eb0885f97729d60dde4d9b1c1b155303eda345b37364803958e615c652add4e539d05263152ceafdde6ab57aa87e89a5b274382fc259d5881eab42d2c95ff7b84c2163a642d4b0215c65f14159da9a0a7233ea53db1d8492beecd6d417e3090d7eb5db546a01826742624cd88ccf02b84eddac571c2d4d7b57be9d55d062e7b8b9a81007c209c1aad43d23904d00025941045c00106aeff3215febcfa4a0bcc8627010be9dffd85f4cdb631fb11201360ca7f8ee13e9eec1b96340b65756f92a3844801b7d8f1152889d2262d29aa572e31860ba0681b995c7510c654871a9221098456aada40a1a0b60274987c2143c3fc8d31a92cbcefc41ae4fd1b8fa34ceb7874df21fcdf27355a53a5c02469e0d2942e30e18f28e1017c1e133189e491b066f186797108a7774139912608871c0569af4deed6605415aa4a705558d26fbf84466c36e0576eda8b0b88a81fd69ebaac233a64fa056aa03aa7799e750d45711208ffb0f982a32b2be3cde8de179cffa9d6c01c3c5f6a8211f3cd3235ecec41ede7cae134c15b459c8bcf7ee4ec39c334236ddf3bd78ac9df52b3ae5fa41b9f6abcadaedb10daa3bdff141cb9a725f4d5fc9c17e9f4b85b5f86c91f9797db02412fd67a1226f29046c873533acf956068bd825fc7b76f7ff48ada0583b61551576cbbbde490cd93cace69e936d502e6cf7697c611336765a7b7f4a911afaaea4a0de1b0e129d3ff5fb5e8b111c02768c2686880e2fc27fe21063a327ebefd2877953c689472cacf72e10a714c51b157a1a59c1712fd74b9d07ea250b9a9a4d2a0fc1de34e8f8e763f3bd5ac28827989967bd1ff450bb23ae106b3ec4ec8154f430cbbad025be34e7aeb682af4a54c1fa56e4036f9fd17318d8749f8c52d6a3a05d00712ebeb3d512e689e541acf48138470e3f07f8d4245f9cab7647e6070fbd96f879a2a3eed5128f4675157ff4c3fdd10fa5e86243bc9712b40924d4a7f11528b423d300f68df7f2d0f960fc31bc9dd07a1994ee9db6e791c267a81b55b2fe1683aa3fbe264b2522d8eaa06a94a2597176dc16ce3c3e29187c9b4f5035c29e8da6076c39628341cd9b305ca2510746ad9ee1f4ece446a336a1a5d21a463abb0c4204072f824b1d0483364ddd5ec2faf8336a5842ece3fdf3836928cde72bbdcf8507658b39e2bbb45161f71fc6da060d1a6499f3d53a95a3d566550746ef1fd769ccedf6c410c8e87c7d7552e9aa97e73ee4ad6e35c606d8e1df20f8556b2102ce7b13ea074596b1fad5180e133d4ea52bfde734000e89c9fbdf6278a8fcc59f0a7c447ed67ce", 0x1000}, {&(0x7f0000003240)="d73b1d1a1d1f14d3829f95de27f8a293dc5f9c715f47ddc0f3e02a5066ad3e131faaea4a29e812a77e9c9a9279d24c5f4482fb0409b0a7e9d65aaa2e78f9499a0b66bb798f524e47757b86ac440505dbee4f2148b5e244c549d1478680e2a6a4835b1bf8312685f2496a7cf188bbe6f94b9c", 0x72}], 0x9, &(0x7f0000003380)=[@ip_ttl={{0x14, 0x0, 0x2, 0x2}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private=0xa010101, @multicast2}}}, @ip_retopts={{0x68, 0x0, 0x7, {[@ra={0x94, 0x4, 0x1}, @lsrr={0x83, 0x13, 0x7, [@broadcast, @remote, @remote, @remote]}, @generic={0x94, 0x2}, @ssrr={0x89, 0x1b, 0xc5, [@broadcast, @broadcast, @empty, @initdev={0xac, 0x1e, 0x1, 0x0}, @rand_addr=0x64010101, @multicast2]}, @timestamp={0x44, 0x18, 0xb7, 0x0, 0x9, [0xfc13, 0x4, 0x200, 0x3f, 0xb72f]}, @end, @lsrr={0x83, 0x7, 0xcd, [@multicast2]}, @ra={0x94, 0x4, 0x1}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @multicast2, @loopback}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x5}}, @ip_retopts={{0x88, 0x0, 0x7, {[@noop, @lsrr={0x83, 0x23, 0x65, [@broadcast, @multicast2, @private=0xa010100, @dev={0xac, 0x14, 0x14, 0x27}, @loopback, @rand_addr=0x64010100, @dev={0xac, 0x14, 0x14, 0x22}, @empty]}, @timestamp_prespec={0x44, 0x54, 0x4a, 0x3, 0x5, [{@local, 0x7fff}, {@empty, 0xfff}, {@local, 0x10000}, {@rand_addr=0x64010100, 0x4}, {@local, 0x8}, {@multicast1, 0x10040}, {@rand_addr=0x64010101, 0x3}, {@multicast1, 0x40}, {@remote, 0x7}, {@dev={0xac, 0x14, 0x14, 0x43}, 0x1000}]}]}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x200}}], 0x178}}, {{&(0x7f0000003500)={0x2, 0x4e22, @multicast1}, 0x10, &(0x7f0000004940)=[{&(0x7f0000003540)="06909d08f06101d814d82e54eb158fb22d2ae3118b7eff7a8cfd95d4d7952d94df67dd767fe000f5e3602cd9adf5599c6c296671d42c0ef3d590d930892f401d44ff0294896b0ee3656989dc05d468ed770bdaa2f93204897fa3428bbd8e84eba7be9d25c8ec798a84e0a3028c08b99e190373db642e7f752ce556545bed2adc56323ae2ac4f6e06fc4427550a3d959c63b498c96e615cf065c62fb7c8e675145f5831a5345d6b06f213041ddeb2fb1d5ee13739557eb3e0af680375b8ffda962c1f1da9c66c0db53a2ff76cf687aef66512c50a90042c9128411c5381f9e8e76bd2e187c9d43cb58fd608c3f4f2a72666", 0xf1}, {&(0x7f0000003640)="c508d44f11274c7817198f708dbb70049442d9eb3d576e407139763b9d9716cbd62a080b8136dc93892b9cbb2c0326ccf44ca075446e93fac6ac4a7fa9f4001416a20b4dbc86fdb5f33d4fc7ef487603898895123d9928", 0x57}, {&(0x7f00000036c0)="5fe1ef7351cd43f78e66c14fa04c73c2290b8384a7ac71e56c0a78eff422e83671baaba0b19259ce4a3fd2597a1656887438f469e9da0f211d04d89746e03bab70adc2740e", 0x45}, {&(0x7f0000003740)="760abef613fb872fe5ff842e58d5104fd93ef711ea300b01097ce4825830d753d88fdd50153dbe04f320c83cdd13ebacd9bc92373e8c881056dff7fb3c60c51f2429d25f328e0d6005efa5b4cdd9b64863ff955132f879850c9457c0fe39b13b323dce2f0fa0dd1ecd0037b8c8f2fa3e283983223f8a73bcb3c626b613cf5ca32325a5925ca02e0053fd4be7de9deb0073dcd56b33fa5d122ee49b818aad5d536da82d6783c55f989b62294072f029adb1f5d772bee72ce01094b272e079060a5600e22177ecda753665728c7b412f45d0a33ff0a48b61037457366696322a705ff9080ec4ccb815cb51228817317259c32ea0fe33270caf24e0625bdbbe061d14f294b1c7d0107bc9b5adc4099843dbf9dc7447d318d0f01c5c0b5ed0520715d859e1399ca7be90edb13a81a8201d51dd5d6f8052a24677a20d243b1742416b2206a2e88c9a79b2edad1232dde9af3325216efab43ccba3fc68a33d7e3c3b1339c8c6c509fbdfef996cec886532971d422451d34ded52d83c2be16ff21e70ad1ed7a28798f78a4e52dfe64360da3b69595e549dfe5327dcf6b81011f16ea118919b1df2beb5f445f999b77d0854819909fd7f362a78b806be0269999737f8fefdc21d24ead600bb509d50237775bbdff594575062e92551b1d4fd8957526b375052d91b832db6fdbea15a5c328b7fcbe6a4679b088b7902957446229d2ed37ea780b49db427645c771329d85e64469c2f528bbcdb4915705db829fe924c8fd142bb2b149346daf9fb9fe1b20a4138741f5148d65c85de304b9852ec1401ee6891afb6e997a82abab097760d1626645f6ffa9de9c9c745e960b022200aabff263ee31781f53c6cb0a38097fc128f8b155130d9b1f514fde96b7def45b93c866fac1f7566100cf146f90468bf82ddca4a69b00fe1132008e12d4adb22a325f960932cbd872b0cb32ccc9b6dddeba8b7041827ec50eb383a01d95159b5b6ba90b4d7d82c8ed608978506f5ba328c9276213781e55cae5e93b481765463f2d318df059b26b4f190e9784ffdbcdb264353df1326bd0d16e03fe5e15a23e50a90dfed74130beb6167231465beb5b812c6db85737ff27384e00775f02a860a52646e9d9c127303a9b6bf4cd6d044a540c1925f7581acd0a0f54a4f50320678e535b2976d275f0ca2149aaa816d21691d875bb29631aee911a4584f9b12f251cb1c44795103ab65b9da430e9f0e742bb84d87f902b32aeb99c52c880daede674f1aa4636e33697659b4a5ea9aa6ff9765d68e63cc1c9fc709568394531d408002c449ec510c999b7b8cd3f68e3f7cb90b53591f81022672c3f6b0af9570d9ec1927bcf0cddeecf54cca27d36dc6d9bee84ed7d2d929ab797b28e0d3b1e865ac50fc3f94f9da087d5338ace59467bab43e2e3d723e59392507186cdf315f0eae49c85ce57a31197bc30b25397e99d72b398c2ae8eaf34936641a6de116ce584df00bc4d94891a3dd4a859b5813404dfd7f0d436431f363d6edce087120d3599cf7acf8e2b24f9d2ffd56f208f0ab8e39046501993cd5c367971c17301ec78fbf97f10503324bcf62107500d062c5ea51b612b974cbddc087aecf4aa0c7c80c0678481fc9b52ec7be3174bf2828ef61e9a9878fc4b5b609c6fb37e4f083ed921399543e1f12830636703311332cca2a56a66723b8e7eff56263c07633a6b06086650b79970299831cae2fa753302c6cec7ba43c0d20a790e20a49b392515d0b92fb6ebd84f14e8fbb856d6fdad71aa8e78a1b47a94508bb1b9e5b1ada306f8a5ed9378ed09efbe06431bb44397b9e3cf95601cc740d668104b4fd0cff8ad84e8ee6ca4001c01782203efba074d7d100e4df662cfc5a2ded513cdd391dcf67a440d198ed480058a85466d646576edcae7fdf4b8b0c096f5cb40f3d3cd463139099c9e35275ad47c125cfba307cefd380a2857376798225bf534318ebf1fae9cf3cb524af55863fe0693e6e1b20700b6d4dc80aa8944b61fe68b37cc40f5a2f68471f5c1ffdec14c3acdb96e1665da556b09af507d550c16d17dac982ad451e1bf672eae074bc9354ae3da6cf15411adb19d4ec057c4b2d841de1dbb8b5020f94bb062008aa408a1de996af344e3950f5716989d18aa0901698120902c2f7179aababd30898b5dea336a87151a81aac2996b1325610d2c46ea45be16adaa9548b552113f19a53fa5ccecedbd17ac6649636dcbd9c192a6c90fe491fce515d3c7d51e11efb25d663ab408ae8c3cd84891ce36f0e0a2ba2397daf6cd3b677b67c8af8473c30053d22eb1fbf3577ba6d3a3fc925f3cb3c69f77e253f3c9c474b472070ae4a4cbe0a250309d9df70fe3148e64f4af989e149e915cd3747df3bf3caa865f9c1ed5ae3e891fcbea684b5bae9686cac20f65bd2b07c5ac8f2c6002eed65eda19ff83a201f247e8ddb9ae5723070d1082b5eac527d1a037d874796de4e215462f3b5bbaa13ecb692a103e1a464f83e4296e4be614a5019217b9fb83bcb648ec6a7a8e40da7c786cc243d2e8c226d4012ce8cef87ab4106f71ea5f7597a338ea22bca59a956e11dd402359b06164006fa5d201241e3dc6617826e22d7d1f792a59a418d68ba27166bb8f9a66c0624086c29c8402d917e499ca4c3f33d0ee7f51bfddea926839daf6ab10c3216f376e1f914b03d6cbf269f1dcc340292bcc9259465f58c53eb17bd20dfb174184c2cffd7da47a7ecf7773fe712fc3f65d689b7e737428939f13d7ca47e9e4d18a24987b085cdf6ca409da039fb7be8c84b82324fff96a3a394d54b15f96fb6d3ae90ea6018197a5fe073679678cc95ce426d25f6b881e5eb32e7597198a8b7a24b9cea5e0b88011da87ba03256b15e100cac189a6293d1d324f62cb003e1fd5e917cfe84cd7cf9a57abea2504fd1834da819e02bf3434882dc597facc734e7123594087aa7a716872d74c2f88db838aa9ad147260308619c5fcd73164cd0a872cc43601c7624e21e7e533a206e7bf1be06b1d0dc74c17e1fd1c827bbee4ddda066a49928720db16d9528f991d58bb587a14898f4ebae0438c88df57bee46fa6629f3a6e3307f1ff8e4ea60ddef310eb1969d0d1ed2001d0a98370128abe081c981b9f8c6f263e4c3b7a1aa4f5bf655caa39b91c4e08b0b19b5605cd6b1b5e9230815a7251b3cff9a22b91588b140bbfdf41f3e35add723a063e94d470777feddb591b81f809acbcf00001fa050d49c824ab096ab4b666ceaaea43a46b70b6c477978593891bd65814f7ebf1f77030feac37f1e9e7c089d19c9f84c7dea3444b4bd7a220c8a9f95c69cdfd707f45e12353489f7fb3063512973e30764fc6f5c9ca3d814dd0bc169abed78eeeeb6040c74d75b0a08c45b3289e6051f5e5d9d07132b47c49e6863492961d8bf4660e5a658d4f446c4f3cbb7084eb2fdfbc77192cbc8a843f515fdf0e8142fa577ea111ecc5dbc984025bee7da20fb5519d7959d14d59e0936e7132eaf89e1d3a6eb9f1d90b177d5f6a49b8a6860660c5c5c8d0d48418595a6751ef7cb3f557d280ab348a5ec2ea90c1ba78febb2dfdaf4392659072af3f6197c55c31a17a3d15f4447dcd5666d79f06109d4bd0d7da59d3f9eed3fcbd2601b794230ad874fde35c29fd4b7c9abc858cf3460fa579b93b88e2dd7be7aaee036b7f7687d8d318fc5497f038622e371da8e708ac8adf65070afab005ed21ee702843181f9a413155e155a806949bb737671dc948da21928f1cfb3629df0d5dfd884be00ad4888556f30e1ebb02d0c72b7e2b1e52683e085877a47f8dbecdc6fee6b0953e47d11aa8ab3ff1b2d9d0fcf46fe769a4fb58745f1489283eb10bed80f6508dd652e5b1bc494c853a4c5a57a7ef865320078b19dc1f3c83f83354aa0470456091f9059f8e2e71214ae91d97a81557956c05835d16c6f051a72999312d98b3ba074d512bcc92648d7efa43812c9199a605b5219cb7d40c5115e8f5f336c5346cc8b5fb7cc0093956890db5d9641a6845be60de3258febabc2ddcc71d1e394cecf82b36c2345f9492bcbdeb9e38e0ddb98cb67da78963c485db818da02f175593f8bc8cc97a1454c2d4b0e68ca3368f11b2f9ede5acc6981a2f9e1a2f30434d75ee40c62399ff4df9e261d0e745ce022d7caa6950640a37495a92a4f19fd56787782055ae779e58d7d2d64e3d89f52bc32c6c78475a6f9109cbe06b2edda08672287c8a375fcf654065a471bc69d6a9892c36a4eb978619cdc7feb8a44e3e1428f93d837f7fda79a2113787b0e9312bb5f58d18e55bf537adedc57d5cf8f7e45626bf0feacbb7d8ed2782e31d438987215c16f2b2b935fc45cad8dae6ef9dc4849ea3d26c0b71c5d55c2d56455d808ddae2df26b13288ea1deaa1670030b5f9e4f9b3b8b0c30433351af0b757eec8b24ba81628d615d6b525155bfd5d260e3d1f6af6e393abcde191dc42692cb64fb49174c086d69d740328bf91e6f834376989ea27f7c141c6b3e386ca5aafac23995d1b57fa01bc7cccc9e19d4fd452c5448a064fb355a4fbfa6fbb78c9c2aa76de140247956ca9725e6eb4f4b4ce65cd1d3b6d7dadce28b017a79e5797a295eb79df5c5a1f09545af59f1f73026f34b5b6a45da4cbfbdea594c4c098c5e412794c76812745dbe7245a0750defe76a7a9d659fdc6a7c1809be6fa87bec261ccd06189518f236f0f44d0179e23607403a4075d8431c8aefc05cb3682252082c675f0e48c19bdae8b3805be18a0c75ab592f11fd3f87eb4efb3aa350708390f25985b65ea8d00cf87c365da6ea421e4f0a272b988f941f5787a54342f68dd19eecfa442c48c93ab67a82ef77ac2359fe1eaac7d47604d56efd6ca8c36657b4b02ac7d17fac86a50cffc82d1b04dd768d8f9108178421a3e61411f8977cd2b78c5307ec14073f74cc96981d5f14928f8d9f00ad6d09f110f810e35331fab7157f4e4eed0355b635a94c0ca3735b886d7e5d3616810227da908a254d7f0f06a583d46d3234eb6f5200605feff57759a55b989f0c496e6d5bd6a400c2cddaf1c787bc37d02c6760e023121a5b2dae2eda01243429a05dbb6832e648545cc0fdfca4aad2d2394291d603515c393253ac97ec0eaaeea220f992d7904ea16f5a061b09bd148e6acfcdddaaa176187fa745531f709ee8214ea77dc8750a08d5d41c1656e77c3dec08bbc0b2b74b01f0cfa4fccb7a35442e6a6e89f2d2d8d8b14d10783206fc59f5c7e118fdfc9e4b53d9d75bc010c8176dba3792d5503219dd277a5b6318b34b8a7a1283005267624d5751a5187024fd9c83417930aaafb5e185a65df388e817f975775ae738426f4c4f693b59f5e7ec9082d2ca52158b440f19058230b8f207cb00a242a25d56c366530d4bd2d71d0d972f21c9a2bf075ba68213834cc979df31c2c538f3fb8aeb121926d7245990eea70744436b248c9441a7285739b9c12aee424e50aee13f3a4b8de7f147ff1518ac85024ec05c9ea842bfb1eebe81d51301167eb8051d30c3af5f427196a623b46ad44be6e669101e946cce61202689340014849772167684ea0bdb5d50965d55810992ab800f6ab42443d8d1642a897d06c944573d732eb963bec2bbd16118fa987db23013389feebbd769c9b446c627c03ec72f0f0badd8041f45c9658b444cdb1e996a0aa595a958da28f09212b4504665bdf7f4b299276104dfa57c9d50bd8efe4ae55854e106d5a4041a6521c766981627dec91a43a649ec8f9312c2c10a8ceda48957b355ed40380b999ed9c43115", 0x1000}, {&(0x7f0000004740)="603adc666f3911a0224d77e6e922d3bd48d64fbbe6ca2fa625724793435d3ded9077c700efc915a7b46fd0422c161cdedad32ebe4a52326bc5b4324a031cd702af1f4c941f9b640d865d8d1f826e72555c05dffe9ea027c92ecd77501bcbb56ef901c43eccc247d086554f2a91bc7db67ebb6ad344e80780082369969712df95fcdc489d07d1dac5df0e192c9eff5c1ce78b149e136adacc79e6ef82c9665a5dd18a511f96012a893a532fe87567bb8fa5191383ad21369cb1e2c8315496df4c2156a78579fdd6f46ac756e2bab5eeb0cacc8b4b74727c11ac79f64585701648e2f79f34dfadffc52b2e393521", 0xed}, {&(0x7f0000004840)="2efc3420cec448f3acc50d4b849e70a4dbbf16a34491de2309c2d760b45750d49710efbeec169605290a65705c607dbaf68b459b0b5005889c0d5fd71515288f021bbcd619f54c455fa7769b43cf59bf3c31969512579d0443e2c2c97a24e67ac2b77bf217331fb0d7003dbee147a76551e6f1f118c4784c23bebc1e585f0f2092869506e6f51a8089487f3d6cdf0c2b98bdf6b6602cd94f7f1d3b161c9a619ff29b858b5cb9bf9946b4221a421cb86139184fc4fe55db70739d9a5a57144d41c6e2a8e58c64624aafc4872ffcfaff2da51c9dfe8e897e86320f37493ae6415f5b8b0bccc852ce3a1ef4445cacff0c2c23f985ee09372d4e72c4738fc2", 0xfd}], 0x6}}, {{&(0x7f00000049c0)={0x2, 0x4e22, @private=0xa010102}, 0x10, &(0x7f0000005d80)=[{&(0x7f0000004a00)="d5393f148eae7ef011e96a1d097b4a70696f7d6d827035bd131ec6724e4487313751c2cbbc13a379c8f36fa746d60fd7911b400f6b6ba96373f8ee3df4f1aa45c106c3a9895e0721b10389e858b173911ed6ce1df03cde0714d8a11e1247b49f1eea2b29d441fe4ee726e1b505ef3ca0a2d8bb476a9ebe6a52ff7c954c9f985a8685cffb9dcef0598bac5389bee7fec77c400893979f04b1673f32f39d11bf3e30a527c0c646f7d3d3a489b57115671817ed65251f0a3eeaeeb6260c8346428b2175a8d334e99ffeee19eb79b17de90fefe2e7960986aa9ca5cf5c1a", 0xdc}, {&(0x7f0000004b00)="a428129da317ae493720e35c081bf4b738979958e303a73562473df61d9472b4d2a17c5b36d3b1073bdaca612e77a5d21c5f835a75b03f9047226680", 0x3c}, {&(0x7f0000004b40)="d2f2f6e26d5461ec378ca0ced3b5221911127cacc33fdc688c99bf4d6385f028cdae0c71c93fd49699e2", 0x2a}, {&(0x7f0000004b80)="973a23edde6590ca0c9c3523156c35a2fa8c34708a356368ac41f9feb668c82ff1f2a957a45d0a01c22efd4c63bf44875e70fc7a823cad28c1d007ab1e416815a4254fba5431a07a1b40fd7667f5ce7cad48fa18955c8f97a698da82c67be163196d5fc83a3147d847719e463592b5ec301bc3fc580a2fb2dd7143c9fa094715352d16ccd791076bc254be311f3c5bf8f8a4493bdfc6500ec1e689a4e5b2c169beba6fdac13085cb5d3d5d636b5263ff146a550c06fc95ef33537744d0bc9f52435e5b555db82ee1", 0xc8}, {&(0x7f0000004c80)="768f6ad7c5615c1cc16f1bee0cd9fce34ec8905d4dc2a9c5b6ddbfbf353c8f80e17ce84ccddfe14612960086e3f18d4f2d0029818503af71abb30918bb40f4e088eedc0b7cc9504300c318a5a458ba1b2535ffd753ab75d7a4d9f9b2d1ea1c77b712d42e3b7e367adb8ff520d6bdd5d17614572eebcd347fd30c9d7cbd932c7a6a1f16", 0x83}, {&(0x7f0000004d40)="96cf947c5af549037a48", 0xa}, {&(0x7f0000004d80)="7fb6d55ebc8c376b2aad88e277e2969f1cff756022ffe7255d70ac886fec2e5c746bf22057639e30c6771c7b30ad1bf986dc62d4c570535c610208914518bccc90e5b6e0a310b81fcfe3a660ea3b0b24e5b506cf79ae0a66584592a335313710db187129d16d23f461bb0e3e92613386e2acd58aa0e776d2610115a8208265a8555077de452cb1520285165fa67ff497ec77c900e56adfef5c634cead9b8015f4455e9d3987ea9305969e798c3b1753d209e197563444c2f644e8ef2fc1b63b93e3af46e23605f46731b55984b62479b7f21bdd647ca9bbc660733d7540357e1a7e35d97478d573cb95fb226626b3562bab3dcf6022ee07d66bc912ac55d03b4dfc7e02d84aefa0c2501e6399d5e8a5d0c794309ce46c19bd4d7ee82e12d4a5fcf0ef21fb8c65cf127209fa9d5d3ab72e3d3dbee9bd99f4c59874723274fef830f2a02b18f1aa2f4d77c430507ac0e8b483d2eb1f9386d47b7757b81e3b1b7ed88fe236698b4e0523e9fb730ea6ac4ecfc0c3434262a7853a63e2d52078c6a7a9c18d9ec5778787e3d2356d4d940bec0a14ef5c01a24f30160c46b9f038c32b601ab3139dba69a64bbb9a0aa4d440a645f59bf3ee09f7a3f1f8cbd5edd936d149063fd75cac0fc7b1023cf11688b863a7e9f961130927c4e534c1739e713f3a4e841ca828d25895af1a396b4b8d0eba4af87c4a3a9de8ddd1faaed02536295b7e7be634da1b537f838a7b072b2b4390f30a818242e47c69fb17dbb025ed35d61b1b8ef1baea83f746dbef46539f302789a4d456cfa48bc7cc8e5f5701fea2ada5eb1085ac1a7771b09edb4c28e46651f2919c1d1460b75973edbf68b232f178d421d9bea3d31a498f43f57f2637950d3edfe5e45657fda3dc3eb28271d18c63857ee2c8c98c45b3fcac2ba5eff2285f057feed9f5caad4d98045b59bec960c4fa6582e99d1d344c2e5072455db0fb1176b087aabe7e50df3aa4e5dd5dc8554e67dd08391ac0493dbfa2eca4fbf101a50c166ee9d5c41935e7d26cbf093cd34dc8bf67edc3de2e47fd369acbeb8dbabe01cb242b0ed6c15e5bd3e8d706cba2f30f9985b5d22530ee7470743b0b3c9a0b5560134c792eee59c47c799ac8e156d774a25173b858d8d39ba07150665a66fdc836e8e37e54964a67ba096486891d5aa5cf7e58cf9528475dc7a0b58dc554ce58d3aa70a88a225ded79a177a1f92fa44e70a47458041189a98241494e9ae8d230786266a30ffcc7870e3c13920aed820e2df1e160cc271015e6294fdfac88baa0c33dcc7663710b4c712e6e1adefa6951b59b07cb9ff9fab56c44bbd47fb21558cd40a27d23f1afc386088070692fd39158e6e135fc7384b92617f473fa07151f2b205a9bb2557391a2880d2db2a8bb7699a524515d5bfd182d3faa531528ed62a81b6980131e345433f09af4bea91ac8b4deb1d5787d1d09f5de8dbb4771f8e89b8d73bfc9c932d730565214421dd30195376ff888f69f6bf16d801371550ec17e13648ce02dce085d240fc1a584b581e4df11c5c6ea3564912544f1954358431219b8f6a8730a420c97d5fba710c34a4f18849c0c09a5d85870dc92e59a22bed002f758d46e0ca175427736846103edcf6a1d51270733a376449fb2d2227726d274c195fc83f39e654d3b4e725a2e95b148e9e6fdd5319a17bd47527120fd0aedd2bf6872e96dd874d4f6eed5f88647228be475876d70f3b8f53ec815766ea3874d4d4933905fb36ba899c6006d9c9401e3e9e6e176422fcd48680f4611be2b55639aff0eaae4017376ee73b3da1342f581a886c45f3c84d6894e4bffc02fcb506f8d303647a7c1ffd33c460095d9d5f0d4a843f8f788e5b3e5525325f729e9707f1d3401bede61d8a076cce6cf1dbe295bd742ab381af4a3291f9d8c538670b60fdde8971546094d782c10948842e1d8d7ebde2796e78ab647930285b276235d8b81a37a55ce1251e339cdf9bd0ec50043cb5031a809bd12d5b8c19d82393ac6b2e871e7717eedaceadb18c02cc836a53b4456be33e1bb4f2acaf09340b3024021e174094bc2bb4b9f5f4082257f7dbf522ab37a0c82f029be2391c7a8390ea9992ef4725ef47f3fdc8739b597748c9568be196053b635dcbb78465ebb0e5fd1de6a4d67ecc2b34e3b6336f9bf7373c66d2f3ae8f96050462f5b6e25d922e093980ecc787412b29d6709b76bc35178b241a589b3baf0dde9e447365d25b4f4f65b605a997c893b6dc103150bd16db39e94c07a800ec6fba182f38be5d431b5c992ebfa50df9c5ef53e1dce36972c4b5f77e54665a42f4be7db3373828d70ee7f5c97a5a75a7e27d1185be51068c40b6acd740a9a19c1bf8fe206bb13088e8ce874c0bb7dffb066e112a75e5653042e09d878af6c1cd61012f1dc606c186fea505e21fcd9c875fe4315266211668af21ac4bded7dbf242b3c282234dab4d44f70a6baff2186ae083290e4a802cb85f878c6ea55fba5f27ac3cf8f596c2cce56f156feaaad53e21b731809fa908d50bfa8bbb558229986ea70959dd457f6ca514685c5a21446c1d5254d1e2156bc10556c781d9639f977dbb7dc3f1f2dca66e8c60f8ad91a037e6c7673aa5793f9c9b6e8d03251d0eb9c5683c5c05936ba0cc3173993cf1574004a728006b766091727477219a0498d6462d8338a1d8e66627caadca81b8e0d661f1f242144196c5361b3179090ad3040321d337b71ec4a52347a77f185b9787b9a6006aefd8a20b6b7d8cfb76be398f4538ff0a023a1dcd3ca2de7c10fc4b22623883f1260f8bf0a48b23c3c4983c1433c35e617bc248789d87d9c7838433bd1760e75e62bf1e989e4834c06eca72b43c0edeb62822a4c065cab5148c1c76a93af559ee85f862463638245bdbcee8f1f31463e089d4b538f90e18a2fcea3e554d279cfd61009c76479b371394faea736eb9348ded5d98fcac9ee8b7c8ff53e78a7b84f05e4b6a2570c417418fb2cd0395b17feba0912a2599b85532d9a3e93aeea81e6fcca18aa3dc32036647cb875c45669cdfe3c8098e9aabf564e92146c4001c9d1eaf5e0efef24ce40665bd68eeb4003665a7e69ce6159cd23723a0d366badf32048774349fdf0d93ae2718480641d2d638294c1bbe6804ac4ba084b7fe7e991adcee6cade282332133e26b3e40e1dfecbb294fe699d899559e1e3a3f1f9244481db3824e882f495f1a7124214fb51581530f9248066625943f774dc679224d38549b8d53e6a00352400a4eead7aa6a1320f4477e61eb3c1a4329775648d52467ca01a03c645aa65af77ad7dc80090faac04b0c4de06e5207e706ad64caf798c77f0d1a16f883390c8d16825e7a94c6747a8720174f95863402eb65f1eebbc6311f95a866361f2574abb4033c57e1f701fcb54b0d30b7458f5d888c38a5af99377ff54e8a0ee4622ccec889b8c47f7ddf8f118c057d8a5344929806f54fb51c3bdcdfe7833754a39ff754325998cef63b3897f31400d052a6d0a07e584cad6ad241af89de8d32e026464f395bfe2c01d2bbb5d5d2d4ac30fea3ecc341a032d42100fcbf151db50a135ea8f13e4240657cff3b772871cfd6c9777508acdbf5b680702bb29eb384f2210bfeb1dc0bb122583a8eb95a8f897f7f623c56714c102e5b392f7f3723ed0e00dfdb668c890b3486e28c4a19daec346ede7cad95f4e1f06e0c8069a4ec29a31275b17862a0d8d64ef0a2b1da7bc3394d99aa8d2c9970eeb5f972ea664e88b9e20fd0d456e4031fa7bbf34ae1604438c87095f358897e7ef563fc52c254ccee5924577200a65ee32625dc8e4b37adcd19f4cd1b71433f046e3eda7cb17541a294d444650a8a013507db6d0a0c1df0aad5799b3e6c4840ed6608d92296f133d4b9ed9c28da9eb34a4ab50ab81779392745106896fe5b1bca20811ac4d3c5219136636055b1f6a16939c9e698a52bb9884236ff7b58f921736a03746f17077e6385f08fbe0feeadcbefa9bd467007b7303dc18fb6af5ba5cbfe47a73c9bddc2aab361cd7b96532cfce9858916190fbc42ac1e191b851fce54513a64dad248244b4edf029efc4a0963437d9fc8700b11bee28ac377f284ee112aea7ef5977b7f157958e89465d603830ea940f14b518aa2fc0b87261d2c096ae9a95c2fae3b079f30424871746299283e4070493331a7d3d65fd1bc3df73f26633440f286ce70ba5b30772c95050ab47ef55ef2cb46fc76a4803a3554c55033549c83d3402c4264558a7cd8954e3f42e91c54e6524e36c231427ad4cd8937eaca3f0494c7fcdb65f60d99215b7dd8fb59320e1f415d186523ce6a56a46613dd4519b16ad0face597f9668591426f05dab02f68870e75a2533256fe80abd597f0d9e339bd4a3e8de768dfbebb4dc5d7787b31c7a11480dc04d9f240f1cc8274efde5459f34ce1acfa0550f585dc6854a538cb28c4ca21eedc2c4e8af79f10189d46f303e7cf4fd32c9e03ba083a3a7474cb9a3d98521fbfe77b6af59e176055fbd3e29781438608b81d77213b02860904d75f3750a9a70757dacefdd6656520735bfaa14355cd4b94887d8335d16cd8d1705e51b6e4908be5405bea3c505f3bfaef1dfc5405300de867555901a57e4f8ee47e7653485640ad5ea7ed56214cc35a5e56e163b1e3d8fe689b47a7b2c6d5d10a6ce4fcb74c9f55ac3280a649b82463934aebf958300ad3a673374e0a59b1ab8b223bd87c0a5a3d21bd5d5a15414566584248d7aa3bb1413cf4d4986bd07a33517574b150dcb2deedf24f946d0a67ef9a277ef3f32d94424aef5d506be316118e47debcaee575c06a0d168517f39ef4ec7fcc994cb05a3de5282f79d27bdf03391b5a04533243bf45996ebfb296fa68ef3f53fb648cbae60453145ad0d73eee446544288d17a0da99bf3f7337f7db1cab250c6bd2ee6bf55804bec286fb99685d4881b20471ab7440bffcab84b27f77895fb7d97ed5e81173c99247ac9890169eee22a16cbf6fcea0d9c72bd23c2cea14a7695a13b24944c1e5cf237fb3c0b76152fa148e3f113efb745f272ba53d1915099551e3b2f2426d1f0be0f6e4f003b98267a0691f9a52e749d873a31d8efb73c8664e9ca25fa2e4ff46a23e097fd73b96b77dcb166ed568da31bd3bda8d1e339ab1f47f173c13a87007f771ecbffb007c1b94d5898fc138f04993c199b767ac94e4ee59847d7f36ef9e58f41dde4f145506db1eff039c94d3b8db4f6a7ca8e662d8a442d119bc9f0444bc758a1f759ab6d0688c409184e85554e0ed45c70d429e68911a2a01b62b9f450bdb8c9d03e7d3e9c68dc1ba8833e2fc4de29f98d05b512040f1e7ae4987fab836e5f9374b11c6e809e92ecd637c6967b9b7f28463f9267f663775678d45c214c9b1db30f4494c0803011b1a1413cfcc248890372ca202a65fd1c9d3a9bc7eba30940486ad6776b079f26fa832ae575b6c4032dfdf11b5d66ce06707f1a8405b7df1f29c7379ea1bae94ed4fbe5ac24567eef163ce3e1d0a79519414c770b081f48411bb878b289769411e6cd856392641af96505345fc7573c4d06d2644703e53fd83454299e86d50f8b3c1af2c8449a3aa398436916d2cb116d0303091697c24bbc9adce1e6b142970f5a007aede98a1b6dd69a99d19aad3861082ec7445b5b0c403574545215b07768fea6bc332145d0f7a718983a47d3686e7ffafb0635cceb9b192c1fbb56583834596f3d2e6aa7addd052167a65b24c96a414d1b690c43890e6e0d8c94d5efc7de84ff14c75454cb18cf7ec1945a7daf16d1", 0x1000}], 0x7, &(0x7f0000005e00)=[@ip_retopts={{0x1c, 0x0, 0x7, {[@rr={0x7, 0x7, 0x53, [@dev={0xac, 0x14, 0x14, 0x23}]}, @generic={0x7, 0x2}]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x9}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x9}}], 0x50}}], 0x5, 0x20000040)
fcntl$setlease(r0, 0x400, 0x2)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r6, 0x0)
preadv(r6, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
preadv(r6, &(0x7f00000003c0)=[{&(0x7f0000000040)=""/193, 0xc1}, {&(0x7f0000000140)=""/244, 0xf4}, {&(0x7f0000000240)=""/220, 0xdc}, {&(0x7f0000000340)=""/76, 0x4c}], 0x4, 0xa89, 0x1)
recvfrom$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

02:27:34 executing program 2:
pipe(&(0x7f0000000840))
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, 0x0)

02:27:34 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}]) (fail_nth: 37)

02:27:34 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:34 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',dfltgid='])

[  964.662126][ T5200] 9pnet: Could not find request transport: fd0x0000000000000003
[  964.689792][ T5207] loop4: detected capacity change from 0 to 87
[  964.746476][ T5220] FAULT_INJECTION: forcing a failure.
[  964.746476][ T5220] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  964.759738][ T5220] CPU: 0 PID: 5220 Comm: syz-executor.1 Not tainted 5.15.0-rc2-syzkaller #0
[  964.768453][ T5220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  964.778571][ T5220] Call Trace:
[  964.781925][ T5220]  dump_stack_lvl+0xd6/0x122
[  964.786538][ T5220]  dump_stack+0x11/0x1b
[  964.787949][    C1] sd 0:0:1:0: tag#5087 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  964.790684][ T5220]  should_fail+0x23c/0x250
[  964.790705][ T5220]  __alloc_pages+0x102/0x320
[  964.800517][    C1] sd 0:0:1:0: tag#5087 CDB: opcode=0xe5 (vendor)
[  964.804893][ T5220]  alloc_pages+0x382/0x3d0
[  964.804918][ T5220]  __page_cache_alloc+0x4d/0xf0
[  964.809485][    C1] sd 0:0:1:0: tag#5087 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  964.815774][ T5220]  pagecache_get_page+0x5fe/0x910
[  964.820177][    C1] sd 0:0:1:0: tag#5087 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  964.824991][ T5220]  grab_cache_page_write_begin+0x3f/0x70
[  964.834006][    C1] sd 0:0:1:0: tag#5087 CDB[20]: ba
[  964.838989][ T5220]  ext4_da_write_begin+0x2f9/0x7f0
[  964.863789][ T5220]  ? iov_iter_fault_in_readable+0x244/0x290
[  964.869686][ T5220]  generic_perform_write+0x1b8/0x3e0
[  964.874971][ T5220]  ? ext4_da_write_begin+0x7f0/0x7f0
[  964.880258][ T5220]  ext4_buffered_write_iter+0x305/0x400
[  964.885802][ T5220]  ext4_file_write_iter+0xe79/0x11f0
[  964.891086][ T5220]  aio_write+0x2b4/0x390
02:27:34 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1)

02:27:34 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r0, 0x0)
preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000840)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000800)={&(0x7f00000009c0)=ANY=[@ANYBLOB="980600001200000125bd7000ffdbdf251ea842094e214e2137b0ffffffff0000400d00000100008000000080020000000400000002000000", @ANYRES32=0x0, @ANYBLOB="070000000100000003000000050000006a000100aae033c8800f29c0c7209080d31ba53628553569e5a778bef0e67f3a152af46157cfc3d048d0b9b2fa31e6be8c1bfcb1b656a74d1983c5a466a31d22ab56c8f900080ee392cef15caef77c3620b89ecc80ad48a8d385c4deecf51a29600caa6084aaba5e631f00000301010090e486a789b2e9bd88ae961677d090efa5f0198c200ab45309eaaf24b5eee5ffbf1bb74f85b1595d522c16683bbd65f58a113cb3cf05c0a3533aa79173ffa574f47e53c4054012217fc63ceb2f5d1dd48b3484b1bc114a5e58e147d6bc7b858e15d731cf05705bd1c01feec85ea6071f2c072980d9a908013601e106487b2e78cb19a58d8a58fa310ce9d15e2e43bbe039cd353fd0a07f1450eed676814c105ab584fa3fc117a0bc83c974afde001a05cae58a8e61f2ec00922f22f8b3b468936168a698d808ba7235299485d3bda6036fccfd66a0f436aa1b1530035e78ed3e0f14b583bdcaa58f05bdeb4fbdeb0ba81ffee7e4c46900f6000100b2c97c29a512782379e653890bbbaa52730046e11ccf0c260282555ab11743e917b1963d738f9f1ec55d076a809cd780ead1077c135cc6015e27fab6eb83fd206247da7f44c761415c0f195fbcfe791957a862f788ae0839baf0cce8e15e225377669a8aa838de472ec09762af0384cbdab97db9303030515b19714939950a5a7cc381bf21235f14e096e9bf17951dacc5eb6636503dbdb34b46020f1f6cb4737c1eed5888a7bd7c27bb2f52b7d735d35bc385ff11e658669ceb4e21ab2ab4dcc92562ab102836e58a2d57fb63bf447069df5546bc588cd999ddb3ea7bb71d872547f713f682884310d12a37557b5f63f19200004e000100502a70b1540c7a398426d0b321ddefce63ff7ec39c411f45b582124ce2570ca90a3872ec1a8b650ed38066caa6c135b044252eac22aa184bf8fb43642ed03e969bfc7ec0e54b1d84c8930000c00001001b888807604c07a8dac1abfa2a60b04fb05b9ffde663872c031531108e9e25d9c9aa96bd016e7e2c07cb708539ccedcc2c2d80b21aff893525370ca9d0996bedb651a48385ec650f1a2016bb67b2975fba548b6812dc9a5dbee76b2d733c6c1bd01fd23793d129c5bddb76cf9f5e633802b6d1078487dca52e2d84a5edd944ff6ebb18564a2b035ee5ca5b578d1770b21302f970a1f0499c6a9aeb3f171b87d0957a16801fbb88be063998e5e96d04d5536a87af31943d7603ae16ef5a000100f5563ce36d6c2685b900d61a91a336f660e76a341927ff27b83ce1682bca500da73eea802b5a457d9b7cfaaa1fae9d82344261a667e2f1760001505890e83330ac5412ed9cda70d43cc48b28d50d25b43067cfd53eba0000a600010084293604e5abb991b6fb2c49f74ddf9bc5285c1f0447d4445896de9d08e415d8ebb22a3498004ff17f73062db41f05969aca15b1078f06830dc857f49f5a82c8f4f36ed3b447668cf6f20621def4db7c76260b9d07b495b624a12c58651f077ea692f99919800b0853b65face7b5d51d2ba018df0552ec55858021678a7c7aec2c5048fdc21106be9d0f88d0d13c7cd5ced217988936edd32e04dcf492218ca6e92b00006a00010068993a89ad27d65a45f89fb377a180f0bf37928930ca280cff1bd18ef2c3a6aea48206556d74956d41c4a803f823f6080751a13c9191fe83ed2f7fc8b989bec109597417032f7f03a2e113a3e200618c27200141885ea27af7390da478cda8ee1bf33c85a4cd0000ac000100f000361e9f8a7b93149d0f154b0a4d8bcc27f1ec905191210237b4536e86afa8f4a14d6c764807abbaf5114e53b5529db868dc0e2be88902eec9ba3218a54f0ed19babeeb9f90837316c93015640d0a15a092314e32c6c9cdd9fecf54ad2c07a4c3380943d79ee6b55b74e400be1f2bd628a3e5164a0a03722f12f124be6a5d365d5eea11c5bf6f4fe4578e8f09ff1e9d01d081799ebdf53c3327ff0dfebe2628a41c7630c97c7beb7000100b4b80ac2cc834fa502ede0bde299bf131dcafe93b4f04b0f1df29485901c3dd73ebf8417df7ec60e8b3a217aff0258419a0778eb1efb370d078a07040ddcb7073708f91ee3cff94ea6bb415e78331e2e2f6d8be201c1161a1af5c28535d3e39d9c09e7da806178e50816100e482ec3e88c82cd2dcd59ce82c79223528f443ca2b75bfd068ee946e71d4370461ee65c796a8304873e1ac89d407453fb6c3e5c4ea935b98a2c62e9e643ff8510075829b25fd5e8000b2092f94d690d4c19bb953f92a4ba2305bab95a1bcb61e494227dd4e8d9c1ee0efc3cf99e65d32cb8c5444573cbb02582d9854a1a1a6b43ae7303b92cbb7293b90af6175203710c8c6a5baa0ee90710dfdb055252ffd4dfef2e105b5eee546fc8f572eb0d83a3031d5bae21e82ee9c45747ff5186947297b5b2dd5f52d457baafaa7a0fa3068bd7d6856a6b784eefbc22313290a6441d6f886a57f377988ba0942ddde288b31a2199a80e91355e43b1460c8ceed7b24299cac1a25631264f45995c5e93b50a4828a5a112c11520691de350ad76590d0523e442fb14b9cdbef79935efa9ccec6579579d94265262773d2bfcd91bdecd3ce2ccab35475dbe4a6129773934a3be84094dd7d2c955c88af5c6ba1bdd9d59ae417bdb172fdf9d9702c27ab758256222e45fc0fbf84353d12e642a879408d79865c144c50dad2ff64449477cf3a3a82f7e996df6f48fda75b4c9a66eaef5c8dd34a6f84cfde03e3fe6fd8985f963f7c64fdb9f01d4104c4f990e625d1e5b30c651b3f8b806890fc57276fe5e490878b89467032a8b6cbabbb5e622dbb5620f040efa74314ed74a25ac0c5ca8973e554313a711ea77f94a29312a8726e5b9cda1cfcf7e0d395e583fb7402e8d03b0036a041945df434fd7a9c5526f73b65121b1f47c8966e5"], 0x698}, 0x1, 0x0, 0x0, 0x20004080}, 0x80)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
shutdown(r1, 0x0)
r2 = socket$inet_icmp(0x2, 0x2, 0x1)
accept(r2, &(0x7f0000000040)=@qipcrtr, &(0x7f00000000c0)=0x80)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
preadv(r1, &(0x7f0000000380)=[{&(0x7f00000018c0)=""/4096, 0x1000}, {&(0x7f0000000200)=""/210, 0xd2}, {&(0x7f0000000300)=""/64, 0x40}, {&(0x7f0000000340)=""/23, 0x17}], 0x4, 0xfffffeea, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r3, 0x0)
recvfrom$inet6(r1, 0x0, 0x0, 0x120, &(0x7f0000001880)={0xa, 0x0, 0xfffffffe, @private1}, 0x1c)
fstat(r3, &(0x7f00000003c0))
symlink(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='./file0\x00')

02:27:34 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {r7}, {}, {}, {0x0, r8}, {r6}, {0x0, r8}, {}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:34 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfd', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  964.895401][ T5220]  io_submit_one+0x86f/0x13b0
[  964.900078][ T5220]  __se_sys_io_submit+0x105/0x270
[  964.905113][ T5220]  __x64_sys_io_submit+0x3f/0x50
[  964.910046][ T5220]  do_syscall_64+0x44/0xa0
[  964.911331][ T5226] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  964.914462][ T5220]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  964.927971][ T5220] RIP: 0033:0x7f2c6ce8a709
[  964.932381][ T5220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  964.951985][ T5220] RSP: 002b:00007f2c6ac02188 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  964.960408][ T5220] RAX: ffffffffffffffda RBX: 00007f2c6cf8ef60 RCX: 00007f2c6ce8a709
[  964.968373][ T5220] RDX: 0000000020000540 RSI: 000000000000003b RDI: 00007f2c6abd9000
[  964.976409][ T5220] RBP: 00007f2c6ac021d0 R08: 0000000000000000 R09: 0000000000000000
[  964.976549][ T5235] FAULT_INJECTION: forcing a failure.
[  964.976549][ T5235] name failslab, interval 1, probability 0, space 0, times 0
[  964.984373][ T5220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  965.004919][ T5220] R13: 00007ffe6923ec8f R14: 00007f2c6ac02300 R15: 0000000000022000
[  965.013007][ T5235] CPU: 1 PID: 5235 Comm: syz-executor.5 Not tainted 5.15.0-rc2-syzkaller #0
[  965.016652][ T5237] 9pnet: Insufficient options for proto=fd
[  965.021671][ T5235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  965.021683][ T5235] Call Trace:
[  965.021689][ T5235]  dump_stack_lvl+0xd6/0x122
02:27:35 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfd', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:35 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001200)={&(0x7f0000000140)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f00000011c0)=[{&(0x7f00000001c0)="e3133f76ed319b4b95c0073822af95513e146a586386bea04097981adf4c9a5bb1f2359040d43c51912883b11b997c6f807e2e225365f40d02b9c6e33518db8789d46f9294cf007209dc56f8b3aae3b1653c5eef6882f7fef6bb563e043cd38e2498f81b222ced35069748a1e52cfa6090a8746ca0d3ceae0e79963ebb96ab0cf47269cca37038ec316f48f95146fa59590c932f59f3180bc071beee15097b773a73e59b377d08bab060e12f0c615aef45185d4394bf8dfb959574f0ad41bd9b43fe9e5548aea3ea09a6d88bca04f60ced88ab0b86c97938dfbcfb318bd8ead90b2c930ec4e6e5d2dd9f1f718367ac5f8dc952fbf9652d2c3b94106bbd85a0fa6f660ed0ed615b9187630307bca57885137c81356a7d0c10005f6676e618787386e50db65644c5fd863e201d13424360ab8c91366550218ceaa08ae1cf76ca42c03476e728dd74b98079b7242d3e91931bf0d8991d0089bb28effe32ae16bae8c05fb18f3e3fcd1cab0317ffd6439216a2ccaae2931b771667311e6f869ff99b305f2682a6fe2b0e654ea723426b9915100db8480ff347e1b283dfd56d7a41dfc4d1dc8a86c3bcf67f77c3e09f0a8505dd2037ced7267713137a92ca90a12f600d8192e0cca872a7fe1e46c37414941d43fa81a470528f66bca9ea18623f1b078b6314e02cf854fb4e00e6a033ab75ca98540098d8539a6c992ede44e9a6018f75e900ba6bf901fb998ff84237f73003ee23105fb58e08d8f1d9f9643f4589b3594c3af4e618670251170da10711e2292b7c7b14fe911ea3a34168636851ebadf2ab8db310bf5d5172cdc907aa31806e0ccb142a12c3208f740b43b9f483d374a75a66c6cbb84c1f7b302821e24467f9fd2ab81416fce00eb4441df74b709e4308d75deab7cf6c093feae33a08030e7a1a5f817ae79a0c2ec72c32dd3c1ef222ea7f9f4d170f6551bd097c9280512ca61c23c1440d7ec2b2b2d5b5c81d7299aa9dd53c59fbc45c7eab5c1b78f68a02c00982ee33b49a578020955d02591f208890acc62415a83ec0d605a23b5e5c9975141f936dd44504156d0ceffca9ae23b03d7def3716e00d4bcc7a5eeaa5449547a8d22c947af8f497900e80a684f49374018c79590d5978117ec965c4683651763b0557c1bd5f5146bf4d489979f2ebee55be8a3ffae464fc43c3b2ecca14b1787644a787193deb98e58238868c4b2bf0d51b9b028b6e54a8f37712ff5f6c09e7f12890d143d8c94d7ee2a60f395bb7eede0ae10f58dbfa664cd46131398ed14ad09a0dc23bd85c57a9c9cbb2b1d245cfae9146aa575c538da77f515f1bcdb10e13c219bd4da1ca8d41bc3b2aa83b39ec05cdb2ff83db9a6db5cad48c0baf893b7747b8d07572dbc3b0cacba117f026331f30059432dfa8bccfc8b9a06ef334319649f4d5175d8af044b5da0fb69f3c5d46f0aa1931903c838c30ed8e062fb300d1744cc65e8ef421c55f45ee8cd5a5a2c83bb3f83cec9ff3b5d7d1f4bb1812d66e8231e9ab9cc035ba69e2c704843dddd94fe684ba125a9f47a5ed7b44efbc8342565763939550fd2b21079c92cca4276276ff12801a398528dec4707ebc4e1913e57a519093464682eddb5245e81f62332c1d76eaaadb1b648c84ad211c84e36a591fdfa0777e9da8b537c982253bc4f65e4e1e819829ce2473d176e33241529bc2bb596d77ebc798ea3945e3ef4258697a88e4769ac046bd69dd1e6f10343617bee2c9fb63e94eb1d3c120fcaaf39112d4326fa0e17b1aad9305d3a4256b4092a0aaec2e3e0d70e902a5f5be61161fb036960ce57cae48f9c0485b60e24658800834b797f343ee5942f90a00a0da50d60dce478bba0ca07de0d73c798f95ae25b66e6793946dc08813da2b13dba1a28234a74691ea5d973a5da541249df952fc6cbdbac9be27c7ac36a1972a689ff901318d6e43a1e01d78890cade027134df98f0b790a75b1c993a8844965123150a68c3f88ab08a5c510e7b14488965f5b688beddbd53bf19a68ad25fe9f0c0ad9a1f59919c40474c1605aa102de339db2089de6675c6d310e505dfa5dc20f22166e36c447c7c220de3fabea98b2ecd73481f94bcbbc3fe73e286379177926fe1241f8cd3aa4f5ca36231304fbaecef4c32c20966d48fc3925e47946b6a6eaf519d1d84a024881cbb5f03a61c1c3706f29e1c9f3e4adb009ef0435ebf1969acf4c263307b8933261f9b82ece04b98adb51988fde43b9667dbd6a4882ee2d9fc2b5de2a4aa0473c503c8841b3481f480c37ec770abea41cdaa14d146d5be161fb4042a686ef4b0541b3f899c4a8c7dd69706e4df8ebfc38c3a57cbd78998385cadc88ad874865aa6966a1659c3f6277e89fd3d875ea246c3e602ef2afb5c8c67338ab4e0fa7ed30db384056296aed5c904c2ff9582caf15029fe368f634cf835aff2907af668195f259ec15ce781a112935fce98854db0d09a2cc1bfd2f81d24f0a609e6f3676985b4bcbad119a33fd09696c60d86eb2239372eb5bdd8620ea92eb227a3e180671ca5d98b5ef2ae8e73d90db8d32b879344964a0298045b105c8d9a46aae697e6df7c759e2545a02cad1e60a08fc031c7d8113cc7a4ecbafad1bed25cbfe7e2535802b50701c261498e05455891778df55ac3a3e2e3772aa3568bd6e8284f03b5264d4619670ce3d27b97b48775e1de28ef49bf5f1a3c548a12e3f7e3d9483a609d8408653faf1281934f093f7151bdcd36af17a7c90b01b031a6bd37a1e07d4810378bdd333d353c21870a56909d96514f7876fe2ee53d28c56917dbd679cce8f327a28ef15d75be3d1548e3481badc325f8501715e348b4b61cfc23b71335d80d319897d5f85c6e02eb8964d7944716733c4f8f1abb1a73dd7ab5f057a9d7226e5f4cd8d5ebcbabd9d9a8808e19a8637801bbb9312b1390afeabc7a0d4f97b9a13880f8ac23332883a49d2f0366ba966ac202ad2facd8101dd12dfd743a1f9e7b3a427d075fd99a370470ebc39477a5e5b64a49626c31109b1b22da08b60faab0a9d75a0f0fae21a5f4987616632a04442690a4c8706680d73dfaf5030f1504487adc9c3f55d4f24f3c7cf5c804ee923c6438908412791eace131add985c572d0ff2332dc4b0f9283b06e3dd38c323af23518d2a2e14344e025b162c5854dfa7c7f021348bb6303cfcc5df76a963d49135af37a188985c26bf5a02167ce664459900eb9eb1c0ac73ea34a73726959f9be0010b3833284b3919d907a6f566744ca0731a225c980d378907a4b73229b375c5c85cc4c12d4015bdc7a2386f623078906d308a0c2dc36240fb944ff5b007843cdfa30cba440582939ae84126ac0304b178cd3b6c2dcb8a6b4972b845f5c58d5a9f00045795e72b8f93c24cd53fb844bcf41993c00faa4e9a8d3f5f590594430fabc6f6e6a100abf304b435cbe59f970c9b4b5ea789d139f47de8ac534c6fd1575327178ea40a6b121992cedaa6846a4e16b3a62f56bf723f249c315678b104674e216aa06fe561e5a98967cd7315878484e7fdf86c3beeca4bd2744a3be2d442bce1c4fad4585f7b7a0274fa4f6cadd2bb023192b0b191165252173258b9ce37137d7c4fccc4c6dfbeafc63ffb17a3149ed53f0c86eb63a9bf43107f5a7a6cd40f5609752f2463c907c40c5300b9e5efeeb7729b1d10116a4cfb23f24b948ffe92df8fbe97792432023606835331da9dc65d03928024333a29e86186971436c8aa6978ed146ba236ca4fec56b81baa81272d5ec0115384c6179ca3e75b77395f78872c45fa19a9fa612e1459d59fa8cc1f358929192a3af4c5f4eaa1754b4cb7366d462b288baf4bd4552b4e4d3322767e239c1427487bb320d5cc155405e0cef3adda69405f71246dc428915123bca1dcef1165828945ab6c0bf0996eb857f08ed16e036079afce799b02669a7f6a810b80d72249f84b264ad683c3e47332f05bc34459249b80a43030ea738a85c9c06b41422c48f4ffcdc29ce78962ab3bf4a1c8045341d4eebfc0eb9b645f02415cf543e2bfa66b2128a97e6e6f2891ee94278f400af843d06b6c63780a56912e90e930904f6a0b6359d93a5d9c23ef11dca9fe912cddba3e0d42cfddc7fae4b4aae3ccc610fa4cf4aadb818116092ee172ddebee8c0027114b694f0b0517d308a790029359085d59a48eb023c46159db88702cf0cd2e9bbdd4dd061a96a479fdc48572da73f7b3f6f8be8c9b2013da8dc276837b31fc53d70f756caa0cce99c1d4e8876ee9148ef9fe63cd1e2d2694336768d2d6b2652d7c495fa2d7d53906c4f33cec78f8d59a6d2cb626ef4fd56bd7bda8230f7c2db50a65b919b129474ec249a402f29a1896dba441628763258eed18e1d6e1b111aadaa9572a6a5b9fea2fbfdb9ec0718f2f9e39923535d7473345fe3eba3db61805e79b2a1d78bddcd564aa975922f1bc895a22bd8396d1c424c9410d657f5c1331ea2208a07958b3c603b0b2e80b18174064fe50524f384267b9c301ed42f5345e15fc6ee7d582cfef1dcf2a4f870c9c12925e478c41579aa7d29a861fc02ad22d8f5cdb953477f53cf7a2e573be70f262d6e7bc3e8cb2abdb42a72efd5feedf9ae9c048aae3543bbd5bb5efd5448d858119efab1954058307f9395b14cc6802bd895b2c7726f3cdce60529df2fcefdd9f22423d49434c2186befb608218a18384e64182e1743d82f8e156e1453736c5a9692b3b862e062e281db5f67e6b33fa89bb48696af4d886e22fca08f33b643a575546b447c3d814f6dbbd914aa121ea3ffd18d5949ccf57b2b5517e15dd87af632c3272ade05c300fc6c06ddbb2478d3c2e8b53a8f720578ee534834f91c85113feacbef02adc03eebba478b63c4cec050024e9ecb7af3a83c3af07e3ade8605686bf7add57fe14be84445e6a5a7f506c7efec1c09798e9c937bbcb166f2a3536866996383157660718a0a077a09b2b316f18b79a0587975f862574f40d5a3bd444c442c9c1ec821d2f39a1dd6145b496cc823fb61f6cd98cae893cef6ed5c55c62180c503c884da957d07e8dc02b8b9b73ff4858e0e8c51e4a436e3bf610547a7da4ce1d01871710ba58d95c77348a9db8df97e592fc9ff0fc053c646780c2f4881e1687981b6db949989ddea6a091b7a0b5e98b1dfddfd9e917aa0a4276bc586bb43fc5e4713b2f6f5e748d910a3dbac9e64b24d728aaf2586bc26076cade68e170eddb0b1dae44a6c70a6500a3732bbc56d7284cc9c633ae97423927cc7c8b3f925a1fc3ffe280810269449ac5ee47f1b1dcf39a33d478681b9d815b1709aa8f3b8258915cbdb20a45214b73835b20588f091091e51e69b7ca89ab8fb8dc8f2fc06b06d247ef51238712b6e942b851d0b3ac174b90dca0ec598928eafe5746f4140f800eb913ab2734a9fc1a410355b93dad40c732c4444b3c443cfeb38d6182303dd50b8bc307c57940ce2ad5aa3d3ac54fb2723d4573c6a92d1ee9fcb5a48c63f8eceb16039929581a09cd6a3e4b4fb5963c7a65e9cd0ce78a99cd8340b4f9defe2cd73e839ed54a9ac3abc6faa29aee95b302676a1d8551a3acc457b3a6e5046c792a0550c8a84ee92e94705499b14adae2b392ffde0eafba46c93bfac872719d9a0160c0a1f040e1e45a120b7aa41426f6ef1bb197d1001747cc49291a79645fbd4fcb429a38d6f74fc8e8543835e3e47a78e9eaa2e68e94b314c4965acd177f33ec95d4d90e3081c6f87cbddcb419ad22b50dcbb3002b6abf9e4a983f104b9003155f4f60e44bc4e3a83a6bd545b6d4", 0x1000}], 0x1, 0x0, 0x0, 0x40}, 0x4)
shutdown(r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r1, 0x0)
r2 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_READ=@pass_buffer={0x16, 0x1, 0x0, @fd_index=0x9, 0xffff, &(0x7f0000000040)=""/174, 0xae, 0x0, 0x1, {0x0, r2}}, 0x8)
recvfrom$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x20000000)

[  965.045396][ T5235]  dump_stack+0x11/0x1b
[  965.049553][ T5235]  should_fail+0x23c/0x250
[  965.053965][ T5235]  __should_failslab+0x81/0x90
[  965.058723][ T5235]  should_failslab+0x5/0x20
[  965.063219][ T5235]  kmem_cache_alloc_bulk+0x40/0x340
[  965.068412][ T5235]  io_submit_sqes+0x548/0xde0
[  965.073206][ T5235]  __se_sys_io_uring_enter+0x20d/0xb30
[  965.074873][ T5241] 9pnet: Insufficient options for proto=fd
[  965.078662][ T5235]  ? __fget_light+0x21b/0x260
[  965.078683][ T5235]  ? fput+0x2d/0x130
02:27:35 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfd', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:35 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, 0x40)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r1, 0x0)
recvfrom$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x20000000)

[  965.078702][ T5235]  __x64_sys_io_uring_enter+0x74/0x80
[  965.098469][ T5235]  do_syscall_64+0x44/0xa0
[  965.102917][ T5235]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  965.108814][ T5235] RIP: 0033:0x7fb8c503a709
[  965.113284][ T5235] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  965.132872][ T5245] 9pnet: Insufficient options for proto=fd
[  965.132911][ T5235] RSP: 002b:00007fb8c2db2188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
02:27:35 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  965.147164][ T5235] RAX: ffffffffffffffda RBX: 00007fb8c513ef60 RCX: 00007fb8c503a709
[  965.155129][ T5235] RDX: 0000000000000000 RSI: 0000000000006374 RDI: 0000000000000003
[  965.163090][ T5235] RBP: 00007fb8c2db21d0 R08: 0000000000000000 R09: 0000000000000000
[  965.171080][ T5235] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  965.179046][ T5235] R13: 00007ffdf2c9d6df R14: 00007fb8c2db2300 R15: 0000000000022000
[  965.200765][ T5250] 9pnet: Insufficient options for proto=fd
[  965.226767][ T5257] loop4: detected capacity change from 0 to 87
[  965.245320][    C1] sd 0:0:1:0: tag#5089 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  965.255149][    C1] sd 0:0:1:0: tag#5089 CDB: opcode=0xe5 (vendor)
[  965.261500][    C1] sd 0:0:1:0: tag#5089 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  965.270508][    C1] sd 0:0:1:0: tag#5089 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  965.279530][    C1] sd 0:0:1:0: tag#5089 CDB[20]: ba
02:27:35 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:35 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}]) (fail_nth: 38)

02:27:35 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
shutdown(r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000500), 0x10000, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x24, &(0x7f0000000540)=0x800, 0x4)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r1, 0x0)
recvfrom$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x20000000)

02:27:35 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:35 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0) (fail_nth: 2)

02:27:35 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {r7}, {}, {}, {0x0, r8}, {r6}, {0x0, r8}, {}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

[  965.367035][ T5274] 9pnet: Insufficient options for proto=fd
[  965.379102][ T5276] FAULT_INJECTION: forcing a failure.
[  965.379102][ T5276] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  965.381666][ T5277] loop4: detected capacity change from 0 to 87
[  965.392181][ T5276] CPU: 1 PID: 5276 Comm: syz-executor.1 Not tainted 5.15.0-rc2-syzkaller #0
[  965.407077][ T5276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  965.417121][ T5276] Call Trace:
[  965.420388][ T5276]  dump_stack_lvl+0xd6/0x122
[  965.424970][ T5276]  dump_stack+0x11/0x1b
[  965.429110][ T5276]  should_fail+0x23c/0x250
[  965.433591][ T5276]  should_fail_usercopy+0x16/0x20
[  965.438614][ T5276]  copy_page_from_iter_atomic+0x2c1/0xbb0
[  965.444372][ T5276]  generic_perform_write+0x201/0x3e0
[  965.449738][ T5276]  ? ext4_da_write_begin+0x7f0/0x7f0
[  965.455011][ T5276]  ext4_buffered_write_iter+0x305/0x400
[  965.460552][ T5276]  ext4_file_write_iter+0xe79/0x11f0
[  965.465919][ T5276]  aio_write+0x2b4/0x390
[  965.470214][ T5276]  io_submit_one+0x86f/0x13b0
[  965.474881][ T5276]  __se_sys_io_submit+0x105/0x270
[  965.479897][ T5276]  __x64_sys_io_submit+0x3f/0x50
[  965.484823][ T5276]  do_syscall_64+0x44/0xa0
[  965.489227][ T5276]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  965.495111][ T5276] RIP: 0033:0x7f2c6ce8a709
[  965.499527][ T5276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  965.519154][ T5276] RSP: 002b:00007f2c6ac02188 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  965.527551][ T5276] RAX: ffffffffffffffda RBX: 00007f2c6cf8ef60 RCX: 00007f2c6ce8a709
[  965.535506][ T5276] RDX: 0000000020000540 RSI: 000000000000003b RDI: 00007f2c6abd9000
[  965.543458][ T5276] RBP: 00007f2c6ac021d0 R08: 0000000000000000 R09: 0000000000000000
[  965.551459][ T5276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  965.559430][ T5276] R13: 00007ffe6923ec8f R14: 00007f2c6ac02300 R15: 0000000000022000
02:27:35 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  965.598527][    C1] sd 0:0:1:0: tag#5090 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  965.600941][ T5279] FAULT_INJECTION: forcing a failure.
[  965.600941][ T5279] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  965.608409][    C1] sd 0:0:1:0: tag#5090 CDB: opcode=0xe5 (vendor)
[  965.621427][ T5279] CPU: 0 PID: 5279 Comm: syz-executor.5 Not tainted 5.15.0-rc2-syzkaller #0
[  965.627749][    C1] sd 0:0:1:0: tag#5090 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  965.636370][ T5279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  965.636381][ T5279] Call Trace:
[  965.636389][ T5279]  dump_stack_lvl+0xd6/0x122
[  965.645390][    C1] sd 0:0:1:0: tag#5090 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  965.655407][ T5279]  dump_stack+0x11/0x1b
[  965.655427][ T5279]  should_fail+0x23c/0x250
[  965.658688][    C1] sd 0:0:1:0: tag#5090 CDB[20]: ba
[  965.663245][ T5279]  should_fail_usercopy+0x16/0x20
[  965.690840][ T5279]  _copy_to_user+0x1c/0x90
02:27:35 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno='])

02:27:35 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {r7}, {}, {}, {0x0, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:35 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
shutdown(r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r1, 0x0)
recvfrom$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x20000000)

[  965.695261][ T5279]  simple_read_from_buffer+0xab/0x120
[  965.700627][ T5279]  proc_fail_nth_read+0x10d/0x150
[  965.705696][ T5279]  ? proc_fault_inject_write+0x230/0x230
[  965.711326][ T5279]  vfs_read+0x1e6/0x750
[  965.715527][ T5279]  ? __fget_light+0x21b/0x260
[  965.720199][ T5279]  ? __cond_resched+0x11/0x40
[  965.724868][ T5279]  ksys_read+0xd9/0x190
[  965.729023][ T5279]  __x64_sys_read+0x3e/0x50
[  965.733530][ T5279]  do_syscall_64+0x44/0xa0
[  965.737977][ T5279]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  965.743861][ T5279] RIP: 0033:0x7fb8c4fed48c
[  965.748260][ T5279] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[  965.767883][ T5279] RSP: 002b:00007fb8c2db2170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  965.776273][ T5279] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fb8c4fed48c
[  965.784226][ T5279] RDX: 000000000000000f RSI: 00007fb8c2db21e0 RDI: 0000000000000005
02:27:35 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:27:35 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno='])

[  965.792179][ T5279] RBP: 00007fb8c2db21d0 R08: 0000000000000000 R09: 0000000000000000
[  965.800133][ T5279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  965.808161][ T5279] R13: 00007ffdf2c9d6df R14: 00007fb8c2db2300 R15: 0000000000022000
[  965.833235][ T5293] 9pnet: Insufficient options for proto=fd
[  965.839287][ T5295] 9pnet: Insufficient options for proto=fd
02:27:35 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 1)

[  965.901620][ T5307] 9pnet: Insufficient options for proto=fd
[  965.905836][ T5309] loop4: detected capacity change from 0 to 87
[  965.917178][ T5312] FAULT_INJECTION: forcing a failure.
[  965.917178][ T5312] name failslab, interval 1, probability 0, space 0, times 0
[  965.929876][ T5312] CPU: 1 PID: 5312 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  965.938615][ T5312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  965.948664][ T5312] Call Trace:
[  965.951931][ T5312]  dump_stack_lvl+0xd6/0x122
[  965.956517][ T5312]  dump_stack+0x11/0x1b
[  965.960712][ T5312]  should_fail+0x23c/0x250
[  965.965112][ T5312]  ? __se_sys_mount+0x4e/0x2f0
[  965.969921][ T5312]  __should_failslab+0x81/0x90
[  965.974701][ T5312]  should_failslab+0x5/0x20
[  965.979200][ T5312]  __kmalloc_track_caller+0x6d/0x350
[  965.984530][ T5312]  ? strnlen_user+0x137/0x1c0
[  965.989196][ T5312]  strndup_user+0x73/0x120
[  965.993633][ T5312]  __se_sys_mount+0x4e/0x2f0
[  965.998274][ T5312]  ? fput+0x2d/0x130
[  966.002219][ T5312]  ? ksys_write+0x162/0x190
[  966.006710][ T5312]  __x64_sys_mount+0x63/0x70
[  966.011317][ T5312]  do_syscall_64+0x44/0xa0
[  966.015719][ T5312]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  966.021699][ T5312] RIP: 0033:0x7f925409f709
[  966.026109][ T5312] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
02:27:36 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}]) (fail_nth: 39)

02:27:36 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
shutdown(r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000040)=[@timestamp, @window={0x3, 0x4, 0x9}, @window={0x3, 0x0, 0x1ff}, @sack_perm], 0x4)
recvfrom$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x20000000)

02:27:36 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno='])

02:27:36 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x2, 0x0, 0x0, 0x0, 0x0)

[  966.045700][ T5312] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  966.054097][ T5312] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  966.062051][ T5312] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  966.070003][ T5312] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  966.078299][ T5312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  966.086252][ T5312] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:36 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
shutdown(r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r1, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000040))
recvfrom$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x20000000)

02:27:36 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX])

[  966.125536][    C0] sd 0:0:1:0: tag#5092 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  966.135423][    C0] sd 0:0:1:0: tag#5092 CDB: opcode=0xe5 (vendor)
[  966.141574][ T5325] 9pnet: Insufficient options for proto=fd
[  966.141865][    C0] sd 0:0:1:0: tag#5092 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  966.156678][    C0] sd 0:0:1:0: tag#5092 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  966.165731][    C0] sd 0:0:1:0: tag#5092 CDB[20]: ba
[  966.196515][ T5323] FAULT_INJECTION: forcing a failure.
[  966.196515][ T5323] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  966.209751][ T5323] CPU: 0 PID: 5323 Comm: syz-executor.1 Not tainted 5.15.0-rc2-syzkaller #0
[  966.218423][ T5323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  966.228635][ T5323] Call Trace:
[  966.231908][ T5323]  dump_stack_lvl+0xd6/0x122
[  966.232611][ T5334] 9pnet: Insufficient options for proto=fd
[  966.236551][ T5323]  dump_stack+0x11/0x1b
02:27:36 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 2)

[  966.246481][ T5323]  should_fail+0x23c/0x250
[  966.250930][ T5323]  __alloc_pages+0x102/0x320
[  966.255523][ T5323]  alloc_pages+0x382/0x3d0
[  966.259940][ T5323]  __page_cache_alloc+0x4d/0xf0
[  966.264792][ T5323]  pagecache_get_page+0x5fe/0x910
[  966.269839][ T5323]  grab_cache_page_write_begin+0x3f/0x70
[  966.275479][ T5323]  ext4_da_write_begin+0x2f9/0x7f0
[  966.280615][ T5323]  ? iov_iter_fault_in_readable+0x244/0x290
[  966.286509][ T5323]  generic_perform_write+0x1b8/0x3e0
[  966.291856][ T5323]  ? ext4_da_write_begin+0x7f0/0x7f0
[  966.297139][ T5323]  ext4_buffered_write_iter+0x305/0x400
[  966.302682][ T5323]  ext4_file_write_iter+0x2e7/0x11f0
[  966.308046][ T5323]  ? avc_policy_seqno+0x22/0x30
[  966.312902][ T5323]  ? selinux_file_permission+0x223/0x350
[  966.318531][ T5323]  ? fsnotify_perm+0x5a/0x370
[  966.323200][ T5323]  ? security_file_permission+0x7c/0xa0
[  966.328740][ T5323]  ? security_file_permission+0x87/0xa0
[  966.334324][ T5323]  aio_write+0x2b4/0x390
[  966.338558][ T5323]  io_submit_one+0x86f/0x13b0
[  966.343294][ T5323]  __se_sys_io_submit+0x105/0x270
[  966.348318][ T5323]  __x64_sys_io_submit+0x3f/0x50
[  966.353308][ T5323]  do_syscall_64+0x44/0xa0
[  966.357743][ T5323]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  966.363634][ T5323] RIP: 0033:0x7f2c6ce8a709
[  966.368038][ T5323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  966.387725][ T5323] RSP: 002b:00007f2c6ac02188 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  966.396135][ T5323] RAX: ffffffffffffffda RBX: 00007f2c6cf8ef60 RCX: 00007f2c6ce8a709
[  966.404097][ T5323] RDX: 0000000020000540 RSI: 000000000000003b RDI: 00007f2c6abb8000
[  966.412125][ T5323] RBP: 00007f2c6ac021d0 R08: 0000000000000000 R09: 0000000000000000
[  966.420105][ T5323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  966.428071][ T5323] R13: 00007ffe6923ec8f R14: 00007f2c6ac02300 R15: 0000000000022000
[  966.468593][ T5341] FAULT_INJECTION: forcing a failure.
[  966.468593][ T5341] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  966.481772][ T5341] CPU: 0 PID: 5341 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  966.490508][ T5341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  966.500553][ T5341] Call Trace:
[  966.503821][ T5341]  dump_stack_lvl+0xd6/0x122
[  966.508409][ T5341]  dump_stack+0x11/0x1b
[  966.512559][ T5341]  should_fail+0x23c/0x250
[  966.516985][ T5341]  should_fail_usercopy+0x16/0x20
[  966.522004][ T5341]  _copy_from_user+0x1c/0xd0
[  966.526626][ T5341]  strndup_user+0xb0/0x120
[  966.531037][ T5341]  __se_sys_mount+0x4e/0x2f0
[  966.535624][ T5341]  ? fput+0x2d/0x130
[  966.539595][ T5341]  ? ksys_write+0x162/0x190
[  966.544092][ T5341]  __x64_sys_mount+0x63/0x70
[  966.548682][ T5341]  do_syscall_64+0x44/0xa0
[  966.553098][ T5341]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  966.558989][ T5341] RIP: 0033:0x7f925409f709
[  966.563387][ T5341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  966.583073][ T5341] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  966.591576][ T5341] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  966.599546][ T5341] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  966.607510][ T5341] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  966.615471][ T5341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  966.623436][ T5341] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:36 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {r7}, {}, {}, {0x0, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:36 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:27:36 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX])

02:27:36 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r1, 0x0)
preadv(r1, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f00000000c0)={0x2, 0xda6923b, 0x786, 0x8, 0x5}, 0x14)
shutdown(r0, 0x0)
r2 = fork()
ptrace$setopts(0x4206, r2, 0x0, 0x0)
wait4(r2, 0x0, 0x20000000, 0x0)
process_vm_readv(r2, &(0x7f0000000980)=[{&(0x7f0000000200)=""/105, 0x69}, {&(0x7f0000000280)=""/198, 0xc6}, {&(0x7f0000000380)=""/168, 0xa8}, {&(0x7f0000000440)=""/148, 0x94}, {&(0x7f0000000500)=""/242, 0xf2}, {&(0x7f0000000600)=""/218, 0xda}, {&(0x7f0000000700)=""/199, 0xc7}, {&(0x7f0000000800)=""/208, 0xd0}, {&(0x7f0000000900)=""/46, 0x2e}, {&(0x7f0000000940)=""/49, 0x31}], 0xa, &(0x7f0000000e00)=[{&(0x7f0000000a40)=""/71, 0x47}, {&(0x7f00000018c0)=""/4096, 0x1000}, {&(0x7f0000000ac0)=""/188, 0xbc}, {&(0x7f0000000b80)=""/15, 0xf}, {&(0x7f0000000bc0)=""/91, 0x5b}, {&(0x7f0000000c40)=""/169, 0xa9}, {&(0x7f0000000d00)=""/8, 0x8}, {&(0x7f0000000d40)=""/168, 0xa8}, {&(0x7f00000028c0)=""/4096, 0x1000}], 0x9, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
r4 = open_tree(r3, &(0x7f0000000080)='./file0\x00', 0x8900)
r5 = pidfd_getfd(r3, r4, 0x0)
perf_event_open(&(0x7f0000000140)={0x3, 0x80, 0x6, 0x40, 0x4, 0x20, 0x0, 0x3, 0x0, 0x8, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x9, 0xa1d3625cf12514e, @perf_config_ext={0x81, 0x6}, 0x400, 0x3ff, 0x1, 0x1, 0x9e42, 0x5, 0x101, 0x0, 0x1000, 0x0, 0x101}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
setsockopt$inet6_tcp_int(r4, 0x6, 0x19, &(0x7f0000000100)=0x6, 0x4)
setsockopt$inet6_tcp_int(r5, 0x6, 0x6, &(0x7f0000000040)=0xfff, 0x4)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r3, 0x0)
recvfrom$inet6(r0, 0x0, 0x64, 0x0, &(0x7f0000001880)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x1d}, 0xf92}, 0x20000000)

02:27:36 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 3)

02:27:36 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}]) (fail_nth: 40)

[  966.768303][ T5350] FAULT_INJECTION: forcing a failure.
[  966.768303][ T5350] name failslab, interval 1, probability 0, space 0, times 0
[  966.773888][ T5351] 9pnet: Insufficient options for proto=fd
[  966.780942][ T5350] CPU: 1 PID: 5350 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  966.795347][ T5350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  966.805389][ T5350] Call Trace:
[  966.808656][ T5350]  dump_stack_lvl+0xd6/0x122
[  966.813240][ T5350]  dump_stack+0x11/0x1b
[  966.817391][ T5350]  should_fail+0x23c/0x250
[  966.821857][ T5350]  __should_failslab+0x81/0x90
[  966.826621][ T5350]  ? __se_sys_mount+0xf7/0x2f0
[  966.831380][ T5350]  should_failslab+0x5/0x20
[  966.835897][ T5350]  kmem_cache_alloc_trace+0x52/0x320
[  966.841165][ T5350]  ? _copy_from_user+0x94/0xd0
[  966.845946][ T5350]  __se_sys_mount+0xf7/0x2f0
[  966.850606][ T5350]  ? fput+0x2d/0x130
[  966.854529][ T5350]  ? ksys_write+0x162/0x190
[  966.859020][ T5350]  __x64_sys_mount+0x63/0x70
[  966.863600][ T5350]  do_syscall_64+0x44/0xa0
[  966.868078][ T5350]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  966.873964][ T5350] RIP: 0033:0x7f925409f709
[  966.878364][ T5350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  966.897953][ T5350] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  966.906414][ T5350] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
02:27:36 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX])

02:27:36 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x2, 0x0, 0x0, 0x0)

[  966.914418][ T5350] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  966.922375][ T5350] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  966.930353][ T5350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  966.938313][ T5350] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
[  966.952274][ T5357] FAULT_INJECTION: forcing a failure.
[  966.952274][ T5357] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  966.965526][ T5357] CPU: 0 PID: 5357 Comm: syz-executor.1 Not tainted 5.15.0-rc2-syzkaller #0
[  966.974324][ T5357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  966.984434][ T5357] Call Trace:
[  966.986908][ T5365] 9pnet: Insufficient options for proto=fd
[  966.987703][ T5357]  dump_stack_lvl+0xd6/0x122
[  966.998071][ T5357]  dump_stack+0x11/0x1b
[  967.002225][ T5357]  should_fail+0x23c/0x250
[  967.006690][ T5357]  __alloc_pages+0x102/0x320
[  967.011313][ T5357]  alloc_pages+0x382/0x3d0
02:27:36 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYRESHEX=r1])

[  967.015733][ T5357]  __page_cache_alloc+0x4d/0xf0
[  967.020587][ T5357]  pagecache_get_page+0x5fe/0x910
[  967.025684][ T5357]  grab_cache_page_write_begin+0x3f/0x70
[  967.031348][ T5357]  ext4_da_write_begin+0x2f9/0x7f0
[  967.036507][ T5357]  ? iov_iter_fault_in_readable+0x244/0x290
[  967.042474][ T5357]  generic_perform_write+0x1b8/0x3e0
[  967.044005][ T5369] loop4: detected capacity change from 0 to 87
[  967.047851][ T5357]  ? ext4_da_write_begin+0x7f0/0x7f0
[  967.054392][ T5370] 9pnet: Insufficient options for proto=fd
[  967.059286][ T5357]  ext4_buffered_write_iter+0x305/0x400
[  967.059307][ T5357]  ext4_file_write_iter+0xe79/0x11f0
[  967.059327][ T5357]  aio_write+0x2b4/0x390
[  967.080168][ T5357]  io_submit_one+0x86f/0x13b0
[  967.084830][ T5357]  __se_sys_io_submit+0x105/0x270
[  967.089841][ T5357]  __x64_sys_io_submit+0x3f/0x50
[  967.094832][ T5357]  do_syscall_64+0x44/0xa0
[  967.099373][ T5357]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  967.105290][ T5357] RIP: 0033:0x7f2c6ce8a709
[  967.109745][ T5357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  967.129508][ T5357] RSP: 002b:00007f2c6abd8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  967.137998][ T5357] RAX: ffffffffffffffda RBX: 00007f2c6cf8f020 RCX: 00007f2c6ce8a709
[  967.145963][ T5357] RDX: 0000000020000540 RSI: 000000000000003b RDI: 00007f2c6abd9000
[  967.153919][ T5357] RBP: 00007f2c6abd81d0 R08: 0000000000000000 R09: 0000000000000000
[  967.161877][ T5357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  967.169905][ T5357] R13: 00007ffe6923ec8f R14: 00007f2c6abd8300 R15: 0000000000022000
[  967.187976][    C1] sd 0:0:1:0: tag#5094 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  967.197825][    C1] sd 0:0:1:0: tag#5094 CDB: opcode=0xe5 (vendor)
[  967.204163][    C1] sd 0:0:1:0: tag#5094 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
02:27:37 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0xf, 0x0, 0x0, 0x0)

[  967.213221][    C1] sd 0:0:1:0: tag#5094 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  967.222282][    C1] sd 0:0:1:0: tag#5094 CDB[20]: ba
[  967.262021][ T5380] FAULT_INJECTION: forcing a failure.
[  967.262021][ T5380] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  967.268476][ T5381] 9pnet: Insufficient options for proto=fd
[  967.275112][ T5380] CPU: 0 PID: 5380 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  967.289549][ T5380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  967.299601][ T5380] Call Trace:
[  967.302874][ T5380]  dump_stack_lvl+0xd6/0x122
[  967.307458][ T5380]  dump_stack+0x11/0x1b
02:27:37 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYRESHEX=r1])

02:27:37 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 4)

[  967.311657][ T5380]  should_fail+0x23c/0x250
[  967.316066][ T5380]  should_fail_usercopy+0x16/0x20
[  967.321122][ T5380]  _copy_from_user+0x1c/0xd0
[  967.325789][ T5380]  __se_sys_mount+0x119/0x2f0
[  967.330473][ T5380]  ? fput+0x2d/0x130
[  967.334366][ T5380]  ? ksys_write+0x162/0x190
[  967.338862][ T5380]  __x64_sys_mount+0x63/0x70
[  967.343526][ T5380]  do_syscall_64+0x44/0xa0
[  967.347997][ T5380]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  967.353908][ T5380] RIP: 0033:0x7f925409f709
[  967.358317][ T5380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  967.377915][ T5380] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  967.386329][ T5380] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  967.394283][ T5380] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  967.402242][ T5380] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  967.410270][ T5380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  967.418255][ T5380] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:37 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0xf00, 0x0, 0x0, 0x0)

02:27:37 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYRESHEX=r1])

02:27:37 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 5)

02:27:37 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}]) (fail_nth: 41)

02:27:37 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {r7}, {}, {}, {0x0, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:37 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
shutdown(r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000080)={&(0x7f000071a000/0x4000)=nil, 0x4000}, &(0x7f00000000c0)=0x10)
r2 = dup3(r0, r0, 0x0)
ioctl$SG_GET_VERSION_NUM(r2, 0x2282, &(0x7f0000000040))
recvfrom$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x20000000)

[  967.911939][ T5398] FAULT_INJECTION: forcing a failure.
[  967.911939][ T5398] name failslab, interval 1, probability 0, space 0, times 0
[  967.924597][ T5398] CPU: 1 PID: 5398 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  967.933294][ T5398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  967.943335][ T5398] Call Trace:
[  967.946609][ T5398]  dump_stack_lvl+0xd6/0x122
[  967.951281][ T5398]  dump_stack+0x11/0x1b
[  967.955476][ T5398]  should_fail+0x23c/0x250
[  967.959885][ T5398]  ? getname_flags+0x84/0x3f0
[  967.964565][ T5398]  __should_failslab+0x81/0x90
[  967.969316][ T5398]  should_failslab+0x5/0x20
[  967.973856][ T5398]  kmem_cache_alloc+0x4f/0x300
[  967.978602][ T5398]  getname_flags+0x84/0x3f0
[  967.983181][ T5398]  user_path_at_empty+0x28/0x110
[  967.988120][ T5398]  __se_sys_mount+0x217/0x2f0
[  967.992783][ T5398]  __x64_sys_mount+0x63/0x70
[  967.997405][ T5398]  do_syscall_64+0x44/0xa0
[  968.001821][ T5398]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  968.007702][ T5398] RIP: 0033:0x7f925409f709
[  968.012152][ T5398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  968.031745][ T5398] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  968.040202][ T5398] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  968.048156][ T5398] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  968.056111][ T5398] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  968.064064][ T5398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  968.072018][ T5398] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
[  968.087218][ T5401] 9pnet: Insufficient options for proto=fd
[  968.101158][ T5402] FAULT_INJECTION: forcing a failure.
[  968.101158][ T5402] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  968.114237][ T5402] CPU: 0 PID: 5402 Comm: syz-executor.1 Not tainted 5.15.0-rc2-syzkaller #0
[  968.122915][ T5402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  968.132971][ T5402] Call Trace:
[  968.136245][ T5402]  dump_stack_lvl+0xd6/0x122
[  968.140831][ T5402]  dump_stack+0x11/0x1b
[  968.144980][ T5402]  should_fail+0x23c/0x250
[  968.149450][ T5402]  should_fail_usercopy+0x16/0x20
[  968.154478][ T5402]  copy_page_from_iter_atomic+0x2c1/0xbb0
[  968.160201][ T5402]  generic_perform_write+0x201/0x3e0
[  968.165594][ T5402]  ? ext4_da_write_begin+0x7f0/0x7f0
[  968.170870][ T5402]  ext4_buffered_write_iter+0x305/0x400
[  968.176417][ T5402]  ext4_file_write_iter+0xe79/0x11f0
[  968.181725][ T5402]  aio_write+0x2b4/0x390
[  968.185961][ T5402]  io_submit_one+0x86f/0x13b0
[  968.190624][ T5402]  __se_sys_io_submit+0x105/0x270
[  968.195649][ T5402]  __x64_sys_io_submit+0x3f/0x50
[  968.200577][ T5402]  do_syscall_64+0x44/0xa0
[  968.204983][ T5402]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  968.210941][ T5402] RIP: 0033:0x7f2c6ce8a709
[  968.215341][ T5402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  968.234936][ T5402] RSP: 002b:00007f2c6abd8188 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  968.243331][ T5402] RAX: ffffffffffffffda RBX: 00007f2c6cf8f020 RCX: 00007f2c6ce8a709
[  968.251299][ T5402] RDX: 0000000020000540 RSI: 000000000000003b RDI: 00007f2c6abd9000
02:27:38 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB, @ANYRESHEX=r1])

02:27:38 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x2000, 0x0, 0x0, 0x0)

[  968.259303][ T5402] RBP: 00007f2c6abd81d0 R08: 0000000000000000 R09: 0000000000000000
[  968.267254][ T5402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  968.275219][ T5402] R13: 00007ffe6923ec8f R14: 00007f2c6abd8300 R15: 0000000000022000
02:27:38 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 6)

02:27:38 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB, @ANYRESHEX=r1])

[  968.315046][ T5415] loop4: detected capacity change from 0 to 87
[  968.320127][ T5418] 9pnet: Insufficient options for proto=fd
02:27:38 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x2000000, 0x0, 0x0, 0x0)

02:27:38 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB, @ANYRESHEX=r1])

[  968.364130][    C0] sd 0:0:1:0: tag#5097 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  968.374010][    C0] sd 0:0:1:0: tag#5097 CDB: opcode=0xe5 (vendor)
[  968.376599][ T5425] 9pnet: Insufficient options for proto=fd
[  968.380332][    C0] sd 0:0:1:0: tag#5097 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  968.380352][    C0] sd 0:0:1:0: tag#5097 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  968.404179][    C0] sd 0:0:1:0: tag#5097 CDB[20]: ba
[  968.421289][ T5428] FAULT_INJECTION: forcing a failure.
[  968.421289][ T5428] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  968.434349][ T5428] CPU: 1 PID: 5428 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  968.443082][ T5428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  968.453199][ T5428] Call Trace:
[  968.456470][ T5428]  dump_stack_lvl+0xd6/0x122
[  968.461059][ T5428]  dump_stack+0x11/0x1b
[  968.465222][ T5428]  should_fail+0x23c/0x250
[  968.469629][ T5428]  should_fail_usercopy+0x16/0x20
[  968.474638][ T5428]  strncpy_from_user+0x21/0x250
[  968.479509][ T5428]  getname_flags+0xb8/0x3f0
[  968.484656][ T5428]  user_path_at_empty+0x28/0x110
[  968.489590][ T5428]  __se_sys_mount+0x217/0x2f0
[  968.494310][ T5428]  ? fput+0x2d/0x130
[  968.498191][ T5428]  __x64_sys_mount+0x63/0x70
[  968.502779][ T5428]  do_syscall_64+0x44/0xa0
[  968.507180][ T5428]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  968.513117][ T5428] RIP: 0033:0x7f925409f709
[  968.517518][ T5428] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  968.537106][ T5428] RSP: 002b:00007f9251df6188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  968.545508][ T5428] RAX: ffffffffffffffda RBX: 00007f92541a4020 RCX: 00007f925409f709
[  968.553580][ T5428] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  968.561538][ T5428] RBP: 00007f9251df61d0 R08: 0000000020000180 R09: 0000000000000000
02:27:38 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfd', @ANYRESHEX=r1])

02:27:38 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {r7}, {}, {}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:38 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0xf000000, 0x0, 0x0, 0x0)

[  968.569506][ T5428] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  968.577459][ T5428] R13: 00007fff03c32e3f R14: 00007f9251df6300 R15: 0000000000022000
[  968.596982][ T5434] 9pnet: Insufficient options for proto=fd
02:27:38 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}]) (fail_nth: 42)

02:27:38 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 7)

02:27:38 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x20000000, 0x0, 0x0, 0x0)

02:27:38 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfd', @ANYRESHEX=r1])

[  968.667962][ T5440] 9pnet: Insufficient options for proto=fd
[  968.737268][ T5456] 9pnet: Insufficient options for proto=fd
[  968.742513][ T5455] loop4: detected capacity change from 0 to 87
[  968.774738][ T5461] FAULT_INJECTION: forcing a failure.
[  968.774738][ T5461] name failslab, interval 1, probability 0, space 0, times 0
[  968.775581][ T5459] FAULT_INJECTION: forcing a failure.
[  968.775581][ T5459] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  968.787485][ T5461] CPU: 1 PID: 5461 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  968.809133][ T5461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  968.819177][ T5461] Call Trace:
[  968.822439][ T5461]  dump_stack_lvl+0xd6/0x122
[  968.827017][ T5461]  dump_stack+0x11/0x1b
[  968.831198][ T5461]  should_fail+0x23c/0x250
[  968.835600][ T5461]  __should_failslab+0x81/0x90
[  968.840352][ T5461]  ? alloc_fs_context+0x46/0x500
[  968.845301][ T5461]  should_failslab+0x5/0x20
[  968.849795][ T5461]  kmem_cache_alloc_trace+0x52/0x320
[  968.855070][ T5461]  alloc_fs_context+0x46/0x500
[  968.859820][ T5461]  ? strncmp+0x34/0x70
[  968.863876][ T5461]  fs_context_for_mount+0x1d/0x20
[  968.868887][ T5461]  path_mount+0xe0d/0x1d20
[  968.873297][ T5461]  __se_sys_mount+0x24b/0x2f0
[  968.877961][ T5461]  ? fput+0x2d/0x130
[  968.881855][ T5461]  __x64_sys_mount+0x63/0x70
[  968.886494][ T5461]  do_syscall_64+0x44/0xa0
[  968.890897][ T5461]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  968.896918][ T5461] RIP: 0033:0x7f925409f709
[  968.901323][ T5461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  968.920990][ T5461] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  968.929392][ T5461] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
02:27:38 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x2, 0x0, 0x0)

[  968.937359][ T5461] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  968.945315][ T5461] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  968.953269][ T5461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  968.961301][ T5461] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
[  968.969258][ T5459] CPU: 0 PID: 5459 Comm: syz-executor.1 Not tainted 5.15.0-rc2-syzkaller #0
[  968.978023][ T5459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  968.988065][ T5459] Call Trace:
[  968.991335][ T5459]  dump_stack_lvl+0xd6/0x122
[  968.996001][ T5459]  dump_stack+0x11/0x1b
[  969.000282][ T5459]  should_fail+0x23c/0x250
[  969.004716][ T5459]  should_fail_usercopy+0x16/0x20
[  969.009741][ T5459]  copy_page_from_iter_atomic+0x2c1/0xbb0
[  969.015461][ T5459]  generic_perform_write+0x201/0x3e0
[  969.020753][ T5459]  ? ext4_da_write_begin+0x7f0/0x7f0
[  969.026081][ T5459]  ext4_buffered_write_iter+0x305/0x400
[  969.031675][ T5459]  ext4_file_write_iter+0xe79/0x11f0
[  969.036962][ T5459]  aio_write+0x2b4/0x390
[  969.041207][ T5459]  io_submit_one+0x86f/0x13b0
[  969.045879][ T5459]  __se_sys_io_submit+0x105/0x270
[  969.050986][ T5459]  __x64_sys_io_submit+0x3f/0x50
[  969.055948][ T5459]  do_syscall_64+0x44/0xa0
[  969.060376][ T5459]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  969.066313][ T5459] RIP: 0033:0x7f2c6ce8a709
[  969.070766][ T5459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  969.090378][ T5459] RSP: 002b:00007f2c6ac02188 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  969.098792][ T5459] RAX: ffffffffffffffda RBX: 00007f2c6cf8ef60 RCX: 00007f2c6ce8a709
[  969.106840][ T5459] RDX: 0000000020000540 RSI: 000000000000003b RDI: 00007f2c6abd9000
[  969.114809][ T5459] RBP: 00007f2c6ac021d0 R08: 0000000000000000 R09: 0000000000000000
[  969.122782][ T5459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  969.130752][ T5459] R13: 00007ffe6923ec8f R14: 00007f2c6ac02300 R15: 0000000000022000
02:27:39 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfd', @ANYRESHEX=r1])

02:27:39 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 8)

[  969.145380][    C0] sd 0:0:1:0: tag#5098 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  969.155249][    C0] sd 0:0:1:0: tag#5098 CDB: opcode=0xe5 (vendor)
[  969.161634][    C0] sd 0:0:1:0: tag#5098 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  969.170652][    C0] sd 0:0:1:0: tag#5098 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  969.178921][ T5469] 9pnet: Insufficient options for proto=fd
[  969.179691][    C0] sd 0:0:1:0: tag#5098 CDB[20]: ba
[  969.193484][ T5470] FAULT_INJECTION: forcing a failure.
[  969.193484][ T5470] name failslab, interval 1, probability 0, space 0, times 0
[  969.206142][ T5470] CPU: 1 PID: 5470 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  969.214881][ T5470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  969.224954][ T5470] Call Trace:
[  969.228232][ T5470]  dump_stack_lvl+0xd6/0x122
[  969.232827][ T5470]  dump_stack+0x11/0x1b
[  969.237037][ T5470]  should_fail+0x23c/0x250
[  969.241486][ T5470]  __should_failslab+0x81/0x90
[  969.246344][ T5470]  ? legacy_init_fs_context+0x2d/0x70
[  969.251800][ T5470]  should_failslab+0x5/0x20
[  969.256305][ T5470]  kmem_cache_alloc_trace+0x52/0x320
[  969.261635][ T5470]  ? alloc_fs_context+0x46/0x500
[  969.266619][ T5470]  legacy_init_fs_context+0x2d/0x70
[  969.271823][ T5470]  alloc_fs_context+0x419/0x500
[  969.276680][ T5470]  fs_context_for_mount+0x1d/0x20
[  969.281708][ T5470]  path_mount+0xe0d/0x1d20
[  969.286126][ T5470]  __se_sys_mount+0x24b/0x2f0
[  969.290848][ T5470]  ? fput+0x2d/0x130
[  969.294761][ T5470]  __x64_sys_mount+0x63/0x70
[  969.299353][ T5470]  do_syscall_64+0x44/0xa0
[  969.303772][ T5470]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  969.309671][ T5470] RIP: 0033:0x7f925409f709
[  969.314110][ T5470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  969.333798][ T5470] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
02:27:39 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {r7}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:39 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno', @ANYRESHEX=r1])

[  969.342211][ T5470] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  969.350182][ T5470] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  969.358158][ T5470] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  969.366137][ T5470] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  969.374106][ T5470] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:39 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno', @ANYRESHEX=r1])

02:27:39 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0xf, 0x0, 0x0)

[  969.414568][ T5477] 9pnet: Insufficient options for proto=fd
[  969.439774][ T5481] loop4: detected capacity change from 0 to 87
02:27:39 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno', @ANYRESHEX=r1])

[  969.497000][    C0] sd 0:0:1:0: tag#5100 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  969.497820][ T5489] 9pnet: Insufficient options for proto=fd
[  969.506873][    C0] sd 0:0:1:0: tag#5100 CDB: opcode=0xe5 (vendor)
[  969.506893][    C0] sd 0:0:1:0: tag#5100 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  969.528035][    C0] sd 0:0:1:0: tag#5100 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  969.537085][    C0] sd 0:0:1:0: tag#5100 CDB[20]: ba
[  969.604068][ T5493] 9pnet: Insufficient options for proto=fd
02:27:39 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:27:39 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0xf00, 0x0, 0x0)

02:27:39 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:39 executing program 2:
pipe(&(0x7f0000000840)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYBLOB=',wfdno=', @ANYRESHEX=r0])

02:27:39 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 9)

[  969.893027][ T5509] loop4: detected capacity change from 0 to 87
[  969.903897][ T5511] FAULT_INJECTION: forcing a failure.
[  969.903897][ T5511] name failslab, interval 1, probability 0, space 0, times 0
[  969.916626][ T5511] CPU: 1 PID: 5511 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  969.925303][ T5511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  969.935396][ T5511] Call Trace:
[  969.938680][ T5511]  dump_stack_lvl+0xd6/0x122
[  969.943263][ T5511]  dump_stack+0x11/0x1b
[  969.947402][ T5511]  should_fail+0x23c/0x250
[  969.951812][ T5511]  __should_failslab+0x81/0x90
[  969.956596][ T5511]  ? v9fs_mount+0x41/0x4c0
[  969.960998][ T5511]  should_failslab+0x5/0x20
[  969.965490][ T5511]  kmem_cache_alloc_trace+0x52/0x320
[  969.970760][ T5511]  ? tsan.module_ctor+0x10/0x10
[  969.975592][ T5511]  v9fs_mount+0x41/0x4c0
[  969.979823][ T5511]  ? selinux_capable+0x34/0x40
[  969.984571][ T5511]  ? tsan.module_ctor+0x10/0x10
[  969.989470][ T5511]  legacy_get_tree+0x70/0xc0
[  969.994130][ T5511]  vfs_get_tree+0x4a/0x1a0
[  969.998641][ T5511]  path_mount+0x11ec/0x1d20
[  970.003131][ T5511]  __se_sys_mount+0x24b/0x2f0
[  970.007796][ T5511]  ? fput+0x2d/0x130
[  970.011737][ T5511]  __x64_sys_mount+0x63/0x70
[  970.016390][ T5511]  do_syscall_64+0x44/0xa0
[  970.020798][ T5511]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  970.026684][ T5511] RIP: 0033:0x7f925409f709
[  970.031081][ T5511] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  970.050679][ T5511] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  970.059087][ T5511] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  970.067039][ T5511] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  970.074993][ T5511] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  970.082947][ T5511] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  970.091045][ T5511] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
[  970.099619][ T5518] 9pnet: Insufficient options for proto=fd
[  970.111087][    C0] sd 0:0:1:0: tag#5102 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  970.120964][    C0] sd 0:0:1:0: tag#5102 CDB: opcode=0xe5 (vendor)
[  970.127344][    C0] sd 0:0:1:0: tag#5102 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
02:27:40 executing program 2:
pipe(&(0x7f0000000840)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYBLOB=',wfdno=', @ANYRESHEX=r0])

[  970.136399][    C0] sd 0:0:1:0: tag#5102 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  970.145475][    C0] sd 0:0:1:0: tag#5102 CDB[20]: ba
02:27:40 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x2000, 0x0, 0x0)

02:27:40 executing program 2:
pipe(&(0x7f0000000840)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYBLOB=',wfdno=', @ANYRESHEX=r0])

02:27:40 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x2000000, 0x0, 0x0)

[  970.218339][ T5527] 9pnet: Insufficient options for proto=fd
02:27:40 executing program 2:
pipe(&(0x7f0000000840)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r0])

02:27:40 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0xf000000, 0x0, 0x0)

[  970.289164][ T5537] 9pnet: Insufficient options for proto=fd
02:27:40 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x20000000, 0x0, 0x0)

[  970.361354][ T5545] 9pnet: Insufficient options for proto=fd
02:27:40 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x10000000000, 0x0, 0x0)

02:27:40 executing program 2:
pipe(&(0x7f0000000840)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r0])

[  970.635548][ T5559] 9pnet: Insufficient options for proto=fd
02:27:40 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 10)

02:27:40 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
shutdown(r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x40000, 0x3)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000240)=0x2, 0x4)
setsockopt$inet6_tcp_int(r1, 0x6, 0x18, &(0x7f0000000040)=0x6, 0x4)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r1, 0x0)
recvfrom$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x20000000)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), r1)
sendmsg$BATADV_CMD_GET_BLA_CLAIM(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r3, 0x400, 0x70bd29, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x8080}, 0x801)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r4, 0x0)
preadv(r4, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
syz_io_uring_setup(0x3ede, &(0x7f0000000240), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x5}, 0x0)
r7 = openat$cgroup_netprio_ifpriomap(r1, &(0x7f0000000280), 0x2, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f00000002c0)=@IORING_OP_SPLICE={0x1e, 0x4, 0x0, @fd_index=0x6, 0x6, {0x0, r7}, 0x4, 0x4, 0x1, {0x0, 0x0, r2}}, 0xffffff7d)
ioctl$sock_SIOCBRDELBR(r4, 0x89a1, &(0x7f0000000200)='vlan0\x00')
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080), 0x4)

02:27:40 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x2, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:27:40 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x1000000000000, 0x0, 0x0)

02:27:40 executing program 2:
pipe(&(0x7f0000000840)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r0])

02:27:40 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

[  970.766411][ T5574] FAULT_INJECTION: forcing a failure.
[  970.766411][ T5574] name failslab, interval 1, probability 0, space 0, times 0
[  970.768391][ T5572] 9pnet: Insufficient options for proto=fd
[  970.779078][ T5574] CPU: 0 PID: 5574 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  970.793536][ T5574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  970.803590][ T5574] Call Trace:
[  970.806860][ T5574]  dump_stack_lvl+0xd6/0x122
[  970.811514][ T5574]  dump_stack+0x11/0x1b
[  970.815692][ T5574]  should_fail+0x23c/0x250
[  970.820092][ T5574]  ? v9fs_session_init+0x48/0xd50
[  970.825098][ T5574]  __should_failslab+0x81/0x90
[  970.829847][ T5574]  should_failslab+0x5/0x20
[  970.834335][ T5574]  __kmalloc_track_caller+0x6d/0x350
[  970.839603][ T5574]  ? make_kuid+0x117/0x170
[  970.844008][ T5574]  kstrdup+0x31/0x70
[  970.847910][ T5574]  v9fs_session_init+0x48/0xd50
[  970.852742][ T5574]  ? avc_has_perm_noaudit+0x1c0/0x270
[  970.858099][ T5574]  ? should_fail+0xd6/0x250
[  970.862586][ T5574]  ? v9fs_mount+0x41/0x4c0
[  970.867047][ T5574]  ? kmem_cache_alloc_trace+0x30e/0x320
[  970.872615][ T5574]  ? v9fs_mount+0x41/0x4c0
[  970.877018][ T5574]  v9fs_mount+0x57/0x4c0
[  970.881307][ T5574]  ? selinux_capable+0x34/0x40
[  970.886109][ T5574]  ? tsan.module_ctor+0x10/0x10
[  970.890944][ T5574]  legacy_get_tree+0x70/0xc0
[  970.895519][ T5574]  vfs_get_tree+0x4a/0x1a0
[  970.899994][ T5574]  path_mount+0x11ec/0x1d20
[  970.904506][ T5574]  __se_sys_mount+0x24b/0x2f0
[  970.909167][ T5574]  ? fput+0x2d/0x130
[  970.913047][ T5574]  __x64_sys_mount+0x63/0x70
[  970.917621][ T5574]  do_syscall_64+0x44/0xa0
[  970.922044][ T5574]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  970.927965][ T5574] RIP: 0033:0x7f925409f709
[  970.932364][ T5574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  970.952099][ T5574] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
02:27:40 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x200000000000000, 0x0, 0x0)

02:27:40 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  970.960501][ T5574] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  970.968455][ T5574] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  970.976421][ T5574] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  970.984446][ T5574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  970.992445][ T5574] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:41 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 11)

02:27:41 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = accept4$unix(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000140)=0x6e, 0x800)
shutdown(r1, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
r3 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x12}, 0x18)
mknodat$null(r3, &(0x7f0000000180)='./file0\x00', 0x8000, 0x103)
mmap(&(0x7f00002bd000/0x3000)=nil, 0x3000, 0x2800004, 0x80010, r2, 0xb6e000)
recvfrom$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x20000000)

02:27:41 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:41 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  971.080134][ T5591] loop4: detected capacity change from 0 to 87
[  971.088289][ T5598] FAULT_INJECTION: forcing a failure.
[  971.088289][ T5598] name failslab, interval 1, probability 0, space 0, times 0
[  971.100955][ T5598] CPU: 0 PID: 5598 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  971.109624][ T5598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  971.119683][ T5598] Call Trace:
[  971.122961][ T5598]  dump_stack_lvl+0xd6/0x122
[  971.127547][ T5598]  dump_stack+0x11/0x1b
[  971.131710][ T5598]  should_fail+0x23c/0x250
[  971.136117][ T5598]  ? v9fs_session_init+0x77/0xd50
[  971.141136][ T5598]  __should_failslab+0x81/0x90
[  971.145987][ T5598]  should_failslab+0x5/0x20
[  971.150484][ T5598]  __kmalloc_track_caller+0x6d/0x350
[  971.155756][ T5598]  ? v9fs_session_init+0x48/0xd50
[  971.160835][ T5598]  kstrdup+0x31/0x70
[  971.164831][ T5598]  v9fs_session_init+0x77/0xd50
[  971.169706][ T5598]  ? avc_has_perm_noaudit+0x1c0/0x270
[  971.175110][ T5598]  ? should_fail+0xd6/0x250
[  971.179612][ T5598]  ? v9fs_mount+0x41/0x4c0
[  971.184030][ T5598]  ? kmem_cache_alloc_trace+0x30e/0x320
[  971.189574][ T5598]  ? v9fs_mount+0x41/0x4c0
[  971.194004][ T5598]  v9fs_mount+0x57/0x4c0
[  971.198246][ T5598]  ? selinux_capable+0x34/0x40
[  971.203064][ T5598]  ? tsan.module_ctor+0x10/0x10
[  971.207909][ T5598]  legacy_get_tree+0x70/0xc0
[  971.212547][ T5598]  vfs_get_tree+0x4a/0x1a0
[  971.216951][ T5598]  path_mount+0x11ec/0x1d20
[  971.221447][ T5598]  __se_sys_mount+0x24b/0x2f0
[  971.226196][ T5598]  ? fput+0x2d/0x130
[  971.230322][ T5598]  __x64_sys_mount+0x63/0x70
[  971.234929][ T5598]  do_syscall_64+0x44/0xa0
[  971.239348][ T5598]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  971.245295][ T5598] RIP: 0033:0x7f925409f709
[  971.249703][ T5598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  971.269344][ T5598] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  971.277740][ T5598] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  971.285724][ T5598] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  971.293703][ T5598] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  971.301657][ T5598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  971.309612][ T5598] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:41 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0xf00000000000000, 0x0, 0x0)

[  971.329232][    C1] sd 0:0:1:0: tag#5105 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  971.339126][    C1] sd 0:0:1:0: tag#5105 CDB: opcode=0xe5 (vendor)
[  971.345485][    C1] sd 0:0:1:0: tag#5105 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  971.354543][    C1] sd 0:0:1:0: tag#5105 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  971.363581][    C1] sd 0:0:1:0: tag#5105 CDB[20]: ba
02:27:41 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
shutdown(r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x420601, 0xa2)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800002, 0x4000010, r1, 0x0)
recvfrom$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x20000000)

02:27:41 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x47f, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:27:41 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 12)

[  971.474824][ T5624] FAULT_INJECTION: forcing a failure.
[  971.474824][ T5624] name failslab, interval 1, probability 0, space 0, times 0
[  971.487498][ T5624] CPU: 1 PID: 5624 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  971.496170][ T5624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  971.506211][ T5624] Call Trace:
[  971.509551][ T5624]  dump_stack_lvl+0xd6/0x122
[  971.514187][ T5624]  dump_stack+0x11/0x1b
[  971.518326][ T5624]  should_fail+0x23c/0x250
[  971.522783][ T5624]  __should_failslab+0x81/0x90
[  971.527530][ T5624]  ? p9_client_create+0x53/0x720
[  971.532458][ T5624]  should_failslab+0x5/0x20
[  971.536945][ T5624]  kmem_cache_alloc_trace+0x52/0x320
[  971.542216][ T5624]  ? selinux_inode_permission+0x335/0x3f0
[  971.547919][ T5624]  p9_client_create+0x53/0x720
[  971.552747][ T5624]  ? v9fs_session_init+0x77/0xd50
[  971.557752][ T5624]  ? __kmalloc_track_caller+0x33c/0x350
[  971.563348][ T5624]  ? v9fs_session_init+0x77/0xd50
[  971.568356][ T5624]  v9fs_session_init+0x100/0xd50
[  971.573275][ T5624]  ? avc_has_perm_noaudit+0x1c0/0x270
[  971.578628][ T5624]  ? should_fail+0xd6/0x250
[  971.583114][ T5624]  ? v9fs_mount+0x41/0x4c0
[  971.587560][ T5624]  ? kmem_cache_alloc_trace+0x30e/0x320
[  971.593163][ T5624]  ? v9fs_mount+0x41/0x4c0
[  971.597630][ T5624]  v9fs_mount+0x57/0x4c0
[  971.601857][ T5624]  ? selinux_capable+0x34/0x40
[  971.606603][ T5624]  ? tsan.module_ctor+0x10/0x10
[  971.611475][ T5624]  legacy_get_tree+0x70/0xc0
[  971.616049][ T5624]  vfs_get_tree+0x4a/0x1a0
[  971.620450][ T5624]  path_mount+0x11ec/0x1d20
[  971.624935][ T5624]  __se_sys_mount+0x24b/0x2f0
[  971.629610][ T5624]  ? fput+0x2d/0x130
[  971.633612][ T5624]  __x64_sys_mount+0x63/0x70
[  971.638188][ T5624]  do_syscall_64+0x44/0xa0
[  971.642597][ T5624]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  971.648556][ T5624] RIP: 0033:0x7f925409f709
[  971.652974][ T5624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  971.672562][ T5624] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  971.680953][ T5624] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  971.688909][ T5624] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  971.696860][ T5624] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  971.704820][ T5624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  971.712786][ T5624] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:41 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r0, 0x0)
preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
sendmsg$NL80211_CMD_SET_MCAST_RATE(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="6dd6d79278966b108236bf8b", @ANYRES16=0x0, @ANYBLOB="000426bd7000ffdbdf255c00000008000300", @ANYRES32=0x0, @ANYBLOB="0c009900ff00000036000000"], 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e20, 0x4, @mcast2, 0x8}, 0x1c)
shutdown(r1, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
pipe(&(0x7f0000000040))
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r2, 0x0)
recvfrom$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x20000000)

02:27:41 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x2000000000000000, 0x0, 0x0)

02:27:41 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:41 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 13)

02:27:41 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:41 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0xffffffffffffffff, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

[  971.963481][ T5639] FAULT_INJECTION: forcing a failure.
[  971.963481][ T5639] name failslab, interval 1, probability 0, space 0, times 0
[  971.976128][ T5639] CPU: 1 PID: 5639 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  971.984814][ T5639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  971.994852][ T5639] Call Trace:
[  971.998115][ T5639]  dump_stack_lvl+0xd6/0x122
[  972.002693][ T5639]  dump_stack+0x11/0x1b
[  972.006832][ T5639]  should_fail+0x23c/0x250
[  972.011232][ T5639]  ? p9_client_create+0x1b5/0x720
[  972.016292][ T5639]  __should_failslab+0x81/0x90
[  972.021042][ T5639]  should_failslab+0x5/0x20
[  972.025531][ T5639]  __kmalloc_track_caller+0x6d/0x350
[  972.030801][ T5639]  ? kmem_cache_alloc_trace+0x30e/0x320
[  972.036362][ T5639]  kstrdup+0x31/0x70
[  972.040280][ T5639]  p9_client_create+0x1b5/0x720
[  972.045131][ T5639]  v9fs_session_init+0x100/0xd50
[  972.050068][ T5639]  ? avc_has_perm_noaudit+0x1c0/0x270
[  972.055423][ T5639]  ? should_fail+0xd6/0x250
[  972.059906][ T5639]  ? v9fs_mount+0x41/0x4c0
[  972.064311][ T5639]  ? kmem_cache_alloc_trace+0x30e/0x320
[  972.069851][ T5639]  ? v9fs_mount+0x41/0x4c0
[  972.074326][ T5639]  v9fs_mount+0x57/0x4c0
[  972.078561][ T5639]  ? selinux_capable+0x34/0x40
[  972.083352][ T5639]  ? tsan.module_ctor+0x10/0x10
[  972.088195][ T5639]  legacy_get_tree+0x70/0xc0
[  972.092791][ T5639]  vfs_get_tree+0x4a/0x1a0
[  972.097238][ T5639]  path_mount+0x11ec/0x1d20
[  972.101725][ T5639]  __se_sys_mount+0x24b/0x2f0
[  972.106414][ T5639]  ? fput+0x2d/0x130
[  972.110362][ T5639]  __x64_sys_mount+0x63/0x70
[  972.114941][ T5639]  do_syscall_64+0x44/0xa0
[  972.119342][ T5639]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  972.125224][ T5639] RIP: 0033:0x7f925409f709
[  972.129701][ T5639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  972.149408][ T5639] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
02:27:42 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x2)

[  972.157905][ T5639] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  972.165868][ T5639] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  972.173872][ T5639] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  972.181828][ T5639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  972.189783][ T5639] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:42 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
shutdown(r0, 0x0)
r1 = syz_open_dev$vcsu(&(0x7f00000000c0), 0x101, 0x400000)
sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r1, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x4, 0x1, 0x401, 0x0, 0x0, {0x5, 0x0, 0xa}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x400c840}, 0x20004800)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x208000, 0x4)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r2, 0x0)
getsockopt$IP_SET_OP_GET_FNAME(r2, 0x1, 0x53, &(0x7f0000000040)={0x8, 0x7, 0x0, 'syz0\x00'}, &(0x7f0000000080)=0x2c)
recvfrom$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000001880)={0xa, 0x0, 0x10001, @mcast2}, 0x1c)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000740)={0x28, r4, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8}, @val={0xc}}}}, 0x28}}, 0x0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000280)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000240)={&(0x7f00000018c0)=ANY=[@ANYBLOB="601b0000", @ANYRES16=r4, @ANYBLOB="000129bd7000fbdbdf258900000008000300", @ANYRES32=0x0, @ANYBLOB="38061d802801008005000900c00000000c000300080000000000000005000c000200000005000700d5000000ec000d80040001800c00028005000400020000008800028024000100241b16300b0002061e1836010106601802097e0204300012030303096048090b3300020011193841394b351b571d1e4a3b4b033d4a2f0343072810204f510538431725002c0a373b52022330150754531a1938001b000100481e603006161630023030300b1b481b09010c0202361b000500020070000000050004000200000050000180050004000100000029000200373138154623203c330102500008284241121d133e141d1925333739482a1f533b3d115410000000180001001224162402051b6c4830483616601205300b0b02050006000900000004000400060005006400000024000080050007004e0000000400040005000900000000000c000300aa0700000000000008000080040004000c00008005000b00000000004400008006000500ee0000000c0003000200000000000000060005005f000000050008001a00000005000900000000000400040005000800cc00000005000c00010000001800008006000500e90000000c0003005ecd000000000000200200800500060001000000dc010d804c0002802c0002002909042601070718481d00020035112f4f040844084a1b304343390d311d3d503211380b4918082a190001001b18300c05041b486009481b0c661601026a1806120000007c0000800b0001005c061b6c246018002e000200264546570c100f52323d1d061703163f36474d3f18524f393e492e2131501f00394a2526560b02550e14000014000300ea000500080004000500000004000300050004000200000014000300ffff8000040001000500ff00060004000a0001000204363a02060000bc0003801200010012161805241b180b3604240b020c0000210002002111490d1f400812511e2f1353fb1c33461a5227402f461a20003704320000000500040001000000140003000200200081fd0000ff0f060003009f0f3200020025072f2c2334043d48242f121829422d4737101f2a1c04f3322811062a1100121a50513106172b3d003d0f4911090000050004000200000007000100161248001d000200234e3a511517205050570629290f4d2b15314037323e441b29000000540000800a0001003006006c04090000140003000000fcff03000400510001040800829814000300080006000200070008001f00008010cd050004000100000012000100306c4860090b120b184830090900000005000900010000000c00030006000000000000000c000300000100000000000005000b0000000000050008004000000006000500620000004402008005000700a400000004020d808c00038014000300ffff0800000007000800fb010200010414000300070008000000ff017f000300c724ffff140003000000d9ffff07ff0f0700000040006c0214000300faff00800500810007000001030001011e0001000c48026024284800483009031612026c0609601205030609056c000005000400a00000000f0002002447490f2226350019142b0014000080100001000b12026000181b1802041b03f4000080330002002a4a103950121f084f1c20163f171c51050a01454f3503431b3b5731551f45241e3b0d2038350e0912152e012f29d400140003000400e9fc070007000200d700ff7f000005000400010000004f0002001e36102b371a210b40142c4b4e22354314420318191a2f104f1c02395321184c03101221542f283a3c06073618203d362704410b141812053b28022f0c110e4a2b2c2a2411042c32331719004d0002003a48341500480805245349215410444818221c092d014a3a284527311f190d2a391b543c56484e29153d47540d38450c4c004c15451e31221422393252392947014f11094448502311000000180003801400030002000002008081000100090000082b055400018024000100056006603605306c361b01096c484818481603194812481805486c043016486006000100163600000500040002000000050004000200000014000300ff000700a7c26a00fa0f0000eb0a040005000b00010000000500090000000000050006000000000005000900010000000c000200010000000000000005000c0000000000140000800500090001000000050006000100000040021d801c000080050008001c000000060005001a000000040004000400040020020080f4010d80a000038014000300ff0140000000ffff03000700a8000000050004000200000009000100166c121b090000000500040001000000050004000200000018000100010004481b0b6516ce046c126236300c3012031614000300c10d05000600e7c3070002000300050019000100486c16606c020c1605094830306c036c0b4824030c0000001400020010514a5134084d124113492f13083523050004000200000054000080140003007f000000e1ff05000000200033001f000500040001000000130001000503052024060c2460010609002424001e0001001636031b36060660010c124818126c0916480404180c640d021b00003c000280050004000200000010000100186c2269054816061b970512050004000100000005000400010000000d0001000101180902033612360000000c00028005000400000000003c00018005000400010000001400030000024000ff0007003cfa0300000005000a0001003024244e16060000050004000200000005000400000000007800028017000100360c0c080c043618020904061b0c0314000300eadc090001000200427f04000200050007000100480c6c0005000400020000000f000100301b2402600112160c1609001d0001000130090c01411616040b01040624603001160902183036090200000005000a000000000005000700b900000005000a000100000005000c000200000005000a00010000009c001d804000008005000b00000000000c000300060000000000000005000c000100000005000800710000000c00020000010000000000000400040006000500020000002800008006000500710000000c0002000400000000000000040004000c000300060000000000000030000080060005003800000005000800cc0000000c000300040000000000000005000700ef00000006000500fa0000001c001d80180000800c000200530000000000000005000c0001000000b40c1d80040000801c000080050007006f00000005000c000200000005000c000100000090030080060005001a000000050008001000000064030d809400008014000300ff000100a900ff030000c10fff011f0005000400010000000e000100121b300212551218121800001400030002003208000001751dd7c9cff8ffff001400030001800080ffff0000060004000701ff0705000400000000001800010005303024480c6c0202010c181b164803056c0b0b14000300030001800000ff0f81007f00030004000500040002000000800001800500040000000000070002003a06510023000200120824375008033c1e3e3c2d3f0b38172d0e491526261e4833041d4141391700060001000304000014000300867b010001000002040003000000ccf8220001001205300b65244802020448091606040136480b306860242703051818041200000500040002000000380002800900010006060409120000001900020033323922224d1840554445143340414c3810471d1e0000000b0001001603167904040900e000038013000100040324656c06240306032405360130004f0002001d1e282a272a1b1f492f50232048404a281a5124482e57493b080c38113f0450081b2822394e4c17172421030200061b343f1b4750394a4b00194103534918464818175137503a38290319000500040000000000140003000100080001000600c000060000029700140003000500030008000100060005000800ff0745000200241f544b2f2911401f3f180e4a051e3a2705400635430251145448012f4538023d2f2d110b3e4a0c39003c2c3e3b1f045240094b474a203b4f3a2e28014d0a32050000008c0001801400030000100800060005005400ff7f0400ca00140003000400ff00ff07f9ffff000500008080001400010012030301121b050b0b02043636001b370500040001000000440002002f521b08443a40283923413319574714383832493546133311004c172219182134564036082a1744281b264c1911204c2350391854310b4242223c4930181615a800018022000100241602052404026048161a1201091b0c182403480c3046180c6c0305481b000024000200124e3d51470a5730180f37392a2f530007293a432140514d21261825381a204e1d0001002460431b480c0336091802051b161824604802041b360b1b0100000025000200213a4b183f0c0c4b0b122440161051414e5722480128464e4057114a153f481f570000001400030000080200bfb10900040002000400020005000c000200000005000a000100000006000500ef000000100000800c00020009000000000000004002008010000d800c000280050004000100000005000800c60000000c00020005000000000000000c000300fcffffffffffffff0500090001000000f0010d80240002800d000200262d3932793e1d383d00000006000100006e000005000400020000009400008005000400000000000600010060590000240001000c3006001b0204602448180903180c090201061b12240012001612004824361619000100090c02303630300403021b1601001b30051b6909200000001400030001000100aba31000060004000800018029000200072f4004520d0340002c574940182200384d0b261b0e442c511525381310324002454107560000008c00038005000100000000000e00010003360306055e040b16240000170001000905060412013605040c300b6c24180106020200070002002c51450015000100061636480603036cc156186c12031b480b00000012000100123648241b010604240b3005090600000500040001000000050004000100000012000200012a2a0b343a2d253411514328510000a800028014000300ff0fc2090101000468aa020008000104050004000000000014000300000208000700000001040004000808001b000100364c0612030560030c033630181b16480b36091b0b48240011000100020b0c60093004056c0612180600000042000200322431392550282a1738355621113b3c2d372d0c2a031844143d101a071b4353260a2a0920532b0f0c363e04470251491736341922150c0f360c0d324949000005000b000100000005000c000200000004000400c80100809c010d80c800038005000400020000000a0002001d2e1a311d110000190001001803184848061b05240512180216603f6c06010c48000000440002003c3d0a31170e1f2d392e1f3f1355483d2016193e032900194955271f3101000f51164116570233281d0a1631493b49452e460830310c1834202d2723282b23381400030035da00187f006908f7ffc6ba00221f0a3c0002003b4151074004432f820f4f0825113d3a2d3a49041d4644154a281d4112074c52203e212d0c1d003c27403f002f4953183c2242370c4a30313c0001800f000100160f0c30036c0218164836001f0001000948d30c6c00010c09741b041203060248121016031605161660090005000400000000004c0000803600020051054f260c4948260128124a2a56bb1355294731532733313e264145194c091c150e171d392f3d14141b033b493d0c183d1300000500040002000000050004000100000048000180050004000000000014000300060001000700b699090002008e0dff00140003000500000000001f00500a06007b00000811000100161804120b4818300603241b0c0000000c000300010000800000000005000a00010000000c000200010f00000000000005000a000000000024000080050009000000000005000a0000000000050008006c00000006000500fc000000e800008005000800de00000006000500d500000005000b00010000000500070097000000bc000d800c0003800500010036000000a80000800500040001000000050004000000000006000200200500001400030047c304001000ff000180020008000700140003000001090002000100080001800000930c05000400010000003a0002003055281c0b5236342b0b560b502b400b3e2926392423180d2540322f30244c34350e4a4001094b0214011a3c1e0b4e41342f1830274800001f0001000c0b050503300202162402160109090248240971480c3648481830000400038005000a0000000000dc03008005000a00000000000400040005000a0000000000bc030d80780000801d0001003004122402480604041b034804241b0405486c010b060509050000000500040000000000080001001649005707000100600602002700020037322a2d213309452f300f28304739044a21294120251d383d303b16290e0a42023726001100010003164806051236430b3060030c000000d0000380140003000800100aff07070001000400000095021e00020051210738423e380f20371c4133054b180b2709521f251c3c470a000014000300d70a18080100ff0002000008e501ffff120002003f2317493929533b3c221e4f3e28000030000200420e1d3b3b0a353428051a2908004e12563d3a35465516384d27350e03394619215643002e3526095021181b40000200051b2c2c36383a1a265711124e3b1e392c364247081f100e1434104b37103e074a33363754302856132c270447062e4a300925453d293007121315194c0000804500020053374922411201112621073b1b4e11185533171e1412280d0a2f1e2d0a012e39483033120b4e1c35184927264710361e404d082e52243c0a20502c18544e134c53000000d000028005000400010000003100020004361c490d132d08154d2d39240c2e33342b000015302d483b5039200d251c42012b3e1c3e4b490c2a0450461100000014000300af7540d105000700010001fe07000300100001000504600f064801010b0c090b500002001b30000e41463f0e2e3d0a1120492528545534402820060334183c022f3a3d20413b300e4407423f20282f1250433e421634185450340f294411073b0a000c0c3e3a4d26343018681600413e1400030000007f0006000400e1001f00060004000500040002000000240003801e000100067506301bd4120612041b0916400500050b036c60481b0560600000440000801000010036090230241b096c0b036c002200010005000016000512360324010548066c30770212180948241b050505091b480000090002002e1b05430900000004000280340002801c0002000d2255094a020f3b26472224370c51162a3441021118204814000300f0000700ff00a78b010006000002c400540000800500040001000000050004000100000005000400020000001e000200355345012752184c001d1f1328194a270a3d410014050a39481b000005000100010000000e000100050230120500601b240b00006000008005000400010000001100020007080825294c49081a062a0d00000000050004000000000005000400010000001b0002003810433839191a4411293008220f3b1e30142b313e4f3400140003000900000204007cff4700d2ffec0e5d00050009000000000080001d800c00008005000900010000002400008005000b0001000000050008002200000006000500ff0000000500060000000000100000800c0002009d3b000000000000200000800c000200ffffffff00000000050006000100000005000600010000001c0000800500060000000000060005000100000005000700900000000c011d800c00008005000600000000005000008005000b0001000000050009000000000005000a000100000005000a0000000000050006000100000005000a000100000005000b00010000000c000200050000000000000005000c0002000000ac00008005000600000000000500080041000000050007004e00000090000d808c000280140003000080080009002a010900ffff0700140005000400010000000f00010002063609606c30040f163600140003000104cf2305000800fc2b010000085f003f000200334b372c53380f444c10311c2728443a2d0a340a100d2b4b282f000016181a2916334e0f2d4b3a3c042e57154515052a072a0c53410f563757321a000500040002000000d4031d8040000080060005002e00000005000800c20000000500060000000000050007003f00000005000b000000000005000a00010000000400040006000500fc0000003800008006000500fa00000005000700ff00000005000b0000000000050006000100000005000700940000000c00030000000000000000007802008005000600010000000c0003003f600000000000000c000200df090000000000000500090000000000050008006b0000002c020d80280001801000010009481648300212184805166c090001001201063b6c00000005000400010000009c0002800500040001000000050004000100000004000100050004000000000007000100061b1200320002005100352d074215b21001572d07361f00193019381950084751044229090d1606053c171113072232080c2a12193600001400030000080700860c020000045a0c4b09780011000100056c740b1201304812040c480000000017000200023d570b31482d33314a3110323e52400a3e0000280001801400030003008100090006000000020000044c0005000400020000000500040000000000400001801400030009000800ff0fffff08000200970d030014000300ff03070003000500800020000300020014000300000080e7b71c5e73be0709000180bb215800008031000200053f153821541f20394253062b244c0848514d114e09284e1b204d4c05141a540551531f07324e324d2f2339100000000c0001000c031b0b18030c03140003000100080002000900faff0200ffff1744a4000080080002000f12384605000400010000000f0001006c0324180b06361b04180b00170002003230340a4c49114141474a56384d2f0b40462d00050004000000000014000300fb000700760004000400001003008b041d0001000603162d061202090b48240348301b6006025c0212030000090000001700010048050b2418060301180c24246c6001011b1e020014000300000001000600f9ff060004000020790a05000600010000000c000200030000000000000004000400a000008005000c000100000005000c00010000000c00030002000000000000000c00020007000000000000006c000d800400038064000380230002004a5150293e3404483a1513331d501418333c1203092c0c1c4f2f144047353a001400030002002000090080000004090004000000140003000400020001800300353908000100040008000200440c0e3d09000100180330022400000005000700740000002c00008005000800a10000000500080049000000060005005e00000005000b0001000000050006000000000014000080050006000000000005000b00"/6980], 0x1b60}, 0x1, 0x0, 0x0, 0x40004}, 0x12)

02:27:42 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  972.232434][ T5649] loop4: detected capacity change from 0 to 87
[  972.258139][    C0] sd 0:0:1:0: tag#5107 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  972.268030][    C0] sd 0:0:1:0: tag#5107 CDB: opcode=0xe5 (vendor)
02:27:42 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:42 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0xf)

02:27:42 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
shutdown(r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r1, 0x0)
recvfrom$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x20000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000040)={0x1, [0x0]})

[  972.274381][    C0] sd 0:0:1:0: tag#5107 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  972.283416][    C0] sd 0:0:1:0: tag#5107 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  972.292464][    C0] sd 0:0:1:0: tag#5107 CDB[20]: ba
02:27:42 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 14)

02:27:42 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:42 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  972.383349][ T5674] FAULT_INJECTION: forcing a failure.
[  972.383349][ T5674] name failslab, interval 1, probability 0, space 0, times 0
[  972.395999][ T5674] CPU: 0 PID: 5674 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  972.404665][ T5674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  972.414721][ T5674] Call Trace:
[  972.417994][ T5674]  dump_stack_lvl+0xd6/0x122
[  972.422598][ T5674]  dump_stack+0x11/0x1b
[  972.426756][ T5674]  should_fail+0x23c/0x250
02:27:42 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
shutdown(r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r1, 0x0)
preadv(r1, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
shutdown(r1, 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r2, 0x0)
recvfrom$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x20000000)

[  972.431169][ T5674]  ? match_strdup+0x33/0x40
[  972.435725][ T5674]  __should_failslab+0x81/0x90
[  972.440291][ T5681] 9pnet: Could not find request transport: fd0x0000000000000003
[  972.440484][ T5674]  should_failslab+0x5/0x20
[  972.452578][ T5674]  __kmalloc_track_caller+0x6d/0x350
[  972.457854][ T5674]  ? strcmp+0x23/0x50
[  972.461851][ T5674]  kmemdup_nul+0x27/0x70
[  972.466091][ T5674]  match_strdup+0x33/0x40
[  972.470461][ T5674]  p9_client_create+0x383/0x720
[  972.475311][ T5674]  v9fs_session_init+0x100/0xd50
[  972.480260][ T5674]  ? avc_has_perm_noaudit+0x1c0/0x270
[  972.485631][ T5674]  ? should_fail+0xd6/0x250
[  972.490131][ T5674]  ? v9fs_mount+0x41/0x4c0
[  972.494607][ T5674]  ? kmem_cache_alloc_trace+0x30e/0x320
[  972.500155][ T5674]  ? v9fs_mount+0x41/0x4c0
[  972.504593][ T5674]  v9fs_mount+0x57/0x4c0
[  972.508838][ T5674]  ? selinux_capable+0x34/0x40
[  972.513625][ T5674]  ? tsan.module_ctor+0x10/0x10
[  972.518478][ T5674]  legacy_get_tree+0x70/0xc0
[  972.523079][ T5674]  vfs_get_tree+0x4a/0x1a0
[  972.527592][ T5674]  path_mount+0x11ec/0x1d20
02:27:42 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
shutdown(r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r1, 0x0)
r2 = fork()
ptrace$setopts(0x4206, r2, 0x0, 0x0)
wait4(r2, 0x0, 0x20000000, 0x0)
fcntl$setown(r0, 0x8, r2)
recvfrom$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x20000000)

[  972.532097][ T5674]  __se_sys_mount+0x24b/0x2f0
[  972.536776][ T5674]  ? fput+0x2d/0x130
[  972.540671][ T5674]  __x64_sys_mount+0x63/0x70
[  972.545262][ T5674]  do_syscall_64+0x44/0xa0
[  972.549705][ T5674]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  972.555604][ T5674] RIP: 0033:0x7f925409f709
[  972.560012][ T5674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  972.579642][ T5674] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  972.588115][ T5674] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  972.596086][ T5674] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  972.604106][ T5674] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  972.612142][ T5674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  972.620107][ T5674] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:42 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:27:42 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:42 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0xf00)

02:27:42 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 15)

[  972.655436][ T5691] loop4: detected capacity change from 0 to 87
[  972.719512][    C1] sd 0:0:1:0: tag#5108 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  972.729356][    C1] sd 0:0:1:0: tag#5108 CDB: opcode=0xe5 (vendor)
[  972.735697][    C1] sd 0:0:1:0: tag#5108 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  972.744745][    C1] sd 0:0:1:0: tag#5108 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  972.753783][    C1] sd 0:0:1:0: tag#5108 CDB[20]: ba
[  972.768483][ T5703] 9pnet: Could not find request transport: fd0x0000000000000003
[  972.783121][ T5707] FAULT_INJECTION: forcing a failure.
[  972.783121][ T5707] name failslab, interval 1, probability 0, space 0, times 0
[  972.795743][ T5707] CPU: 0 PID: 5707 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  972.804483][ T5707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  972.814524][ T5707] Call Trace:
[  972.817787][ T5707]  dump_stack_lvl+0xd6/0x122
[  972.822451][ T5707]  dump_stack+0x11/0x1b
[  972.826604][ T5707]  should_fail+0x23c/0x250
[  972.831002][ T5707]  ? parse_opts+0xcf/0x2f0
[  972.835411][ T5707]  __should_failslab+0x81/0x90
[  972.840162][ T5707]  should_failslab+0x5/0x20
[  972.844651][ T5707]  __kmalloc_track_caller+0x6d/0x350
[  972.849918][ T5707]  kstrdup+0x31/0x70
[  972.853798][ T5707]  parse_opts+0xcf/0x2f0
[  972.858086][ T5707]  p9_fd_create+0x42/0x1f0
[  972.862500][ T5707]  p9_client_create+0x59a/0x720
[  972.867379][ T5707]  v9fs_session_init+0x100/0xd50
[  972.872299][ T5707]  ? avc_has_perm_noaudit+0x1c0/0x270
[  972.877704][ T5707]  ? should_fail+0xd6/0x250
[  972.882239][ T5707]  ? v9fs_mount+0x41/0x4c0
[  972.886643][ T5707]  ? kmem_cache_alloc_trace+0x30e/0x320
[  972.892172][ T5707]  ? v9fs_mount+0x41/0x4c0
[  972.896572][ T5707]  v9fs_mount+0x57/0x4c0
[  972.900799][ T5707]  ? selinux_capable+0x34/0x40
[  972.905543][ T5707]  ? tsan.module_ctor+0x10/0x10
[  972.910381][ T5707]  legacy_get_tree+0x70/0xc0
[  972.914956][ T5707]  vfs_get_tree+0x4a/0x1a0
[  972.919355][ T5707]  path_mount+0x11ec/0x1d20
[  972.923849][ T5707]  __se_sys_mount+0x24b/0x2f0
[  972.928513][ T5707]  ? fput+0x2d/0x130
[  972.932393][ T5707]  __x64_sys_mount+0x63/0x70
[  972.937082][ T5707]  do_syscall_64+0x44/0xa0
[  972.941487][ T5707]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  972.947366][ T5707] RIP: 0033:0x7f925409f709
[  972.951763][ T5707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  972.971352][ T5707] RSP: 002b:00007f9251df6188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  972.979890][ T5707] RAX: ffffffffffffffda RBX: 00007f92541a4020 RCX: 00007f925409f709
[  972.987854][ T5707] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  972.995942][ T5707] RBP: 00007f9251df61d0 R08: 0000000020000180 R09: 0000000000000000
[  973.003895][ T5707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  973.011849][ T5707] R13: 00007fff03c32e3f R14: 00007f9251df6300 R15: 0000000000022000
02:27:42 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:43 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:43 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x2000)

[  973.019934][ T5707] 9pnet: Insufficient options for proto=fd
02:27:43 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 16)

[  973.107796][ T5723] 9pnet: Could not find request transport: fd0x0000000000000003
[  973.109284][ T5720] loop4: detected capacity change from 0 to 87
[  973.131375][ T5724] FAULT_INJECTION: forcing a failure.
[  973.131375][ T5724] name failslab, interval 1, probability 0, space 0, times 0
[  973.144078][ T5724] CPU: 1 PID: 5724 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
02:27:43 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfd', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  973.152750][ T5724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  973.162797][ T5724] Call Trace:
[  973.166072][ T5724]  dump_stack_lvl+0xd6/0x122
[  973.170662][ T5724]  dump_stack+0x11/0x1b
[  973.174813][ T5724]  should_fail+0x23c/0x250
[  973.179228][ T5724]  ? match_int+0x5b/0x100
[  973.183557][ T5724]  __should_failslab+0x81/0x90
[  973.188320][ T5724]  should_failslab+0x5/0x20
[  973.192877][ T5724]  __kmalloc_track_caller+0x6d/0x350
[  973.198152][ T5724]  kmemdup_nul+0x27/0x70
[  973.202382][ T5724]  match_int+0x5b/0x100
[  973.206521][ T5724]  parse_opts+0x1c0/0x2f0
[  973.210838][ T5724]  p9_fd_create+0x42/0x1f0
[  973.215246][ T5724]  p9_client_create+0x59a/0x720
[  973.220166][ T5724]  v9fs_session_init+0x100/0xd50
[  973.225134][ T5724]  ? avc_has_perm_noaudit+0x1c0/0x270
[  973.230523][ T5724]  ? should_fail+0xd6/0x250
[  973.235012][ T5724]  ? v9fs_mount+0x41/0x4c0
[  973.239474][ T5724]  ? kmem_cache_alloc_trace+0x30e/0x320
[  973.245008][ T5724]  ? v9fs_mount+0x41/0x4c0
[  973.249413][ T5724]  v9fs_mount+0x57/0x4c0
[  973.253647][ T5724]  ? selinux_capable+0x34/0x40
[  973.258397][ T5724]  ? tsan.module_ctor+0x10/0x10
[  973.263233][ T5724]  legacy_get_tree+0x70/0xc0
[  973.267811][ T5724]  vfs_get_tree+0x4a/0x1a0
[  973.272213][ T5724]  path_mount+0x11ec/0x1d20
[  973.276700][ T5724]  __se_sys_mount+0x24b/0x2f0
[  973.281358][ T5724]  ? fput+0x2d/0x130
[  973.285238][ T5724]  __x64_sys_mount+0x63/0x70
[  973.289845][ T5724]  do_syscall_64+0x44/0xa0
[  973.294249][ T5724]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  973.300143][ T5724] RIP: 0033:0x7f925409f709
[  973.304541][ T5724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  973.324141][ T5724] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  973.332536][ T5724] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  973.340488][ T5724] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  973.348452][ T5724] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  973.356419][ T5724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  973.364372][ T5724] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
[  973.390076][    C1] sd 0:0:1:0: tag#5110 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  973.399943][    C1] sd 0:0:1:0: tag#5110 CDB: opcode=0xe5 (vendor)
02:27:43 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x2000000)

02:27:43 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfd', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  973.406304][    C1] sd 0:0:1:0: tag#5110 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  973.414630][ T5732] 9pnet: Insufficient options for proto=fd
[  973.415326][    C1] sd 0:0:1:0: tag#5110 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  973.430117][    C1] sd 0:0:1:0: tag#5110 CDB[20]: ba
[  973.434737][ T5724] 9pnet: Insufficient options for proto=fd
02:27:43 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
shutdown(r0, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r1, 0x0)
r2 = signalfd(r0, &(0x7f0000000040)={[0x8]}, 0x8)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000080)={@in6={{0xa, 0x4e21, 0xffffff25, @dev={0xfe, 0x80, '\x00', 0x16}, 0x1}}, 0x0, 0x0, 0x2c, 0x0, "c1a387e616fbcd9d8139734ced05e885767cf2fcd4126cc4b57edc7a2acf59b69616e5869fc36a662ded71545320f002fb888ba5878265be639bbce96594ea7b06951427e81e6e7613e39f6ce683e18e"}, 0xd8)
recvfrom$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000001880)={0xa, 0x3, 0x0, @mcast2}, 0x1c)
ioctl$BTRFS_IOC_GET_DEV_STATS(r0, 0xc4089434, &(0x7f0000000200)={0x0, 0x3, 0x0, [0x8dc, 0x100, 0x1, 0x9, 0x3], [0x444f, 0x100000000, 0x10000, 0x8, 0x5, 0x80000000, 0x7fffffff, 0x2, 0x8, 0xfffffffffffffffc, 0xa22, 0x200, 0x4, 0xffff, 0x9, 0x100, 0x401, 0xfff, 0xef, 0x5, 0xb814, 0x6, 0x0, 0xf3ff, 0x8001, 0x200, 0x4dc, 0x40, 0x2, 0x9, 0x4, 0x34ee, 0x6d10, 0x3f, 0x6, 0x10001, 0x0, 0x3, 0x8001, 0x0, 0x2, 0x6, 0x7, 0xfffffffffffffffe, 0x5, 0x80, 0xf60, 0x0, 0xeba, 0x1, 0x4, 0x9, 0x8, 0x7, 0xc95f, 0x2d5, 0x1, 0x9, 0x20, 0x8, 0x7, 0xf7, 0xffffffff, 0x8dce, 0x13, 0x5, 0x2, 0x40d5, 0x3, 0x2, 0x1, 0xa8c, 0x0, 0x587, 0x6, 0x4, 0x4, 0x7fff, 0xffff, 0x5, 0x3, 0x380, 0x100000000, 0x4, 0x7, 0x7, 0x2, 0x100, 0x5447, 0x80, 0x80000001, 0xa5, 0x1, 0x1, 0x0, 0x3, 0xffffffffffff7001, 0x3, 0x401, 0x0, 0x7ff, 0x400, 0x2, 0xfffffffffffffffb, 0x9, 0xf9, 0x100000000, 0x6, 0x0, 0x6, 0x8, 0x6, 0x3, 0xfffffffffffffff9, 0x6, 0x6f4c, 0x100, 0x7, 0x4, 0x10001, 0x8]})
mmap(&(0x7f00005c2000/0x4000)=nil, 0x4000, 0xa, 0x10, r2, 0xe1d28000)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r3, 0x0)
preadv(r3, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
bind$unix(r3, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e)

[  973.478935][ T5741] 9pnet: Insufficient options for proto=fd
02:27:43 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x2, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:27:43 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 17)

02:27:43 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfd', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:43 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:43 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0xf000000)

02:27:43 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x7, &(0x7f0000000080)=0x4, 0x4)
shutdown(r0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
getsockopt$sock_timeval(r0, 0x1, 0x43, &(0x7f00000000c0), &(0x7f0000000100)=0x10)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r2, 0x0)
recvfrom$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x20000000)

[  973.650948][ T5763] 9pnet: Insufficient options for proto=fd
[  973.652967][ T5766] loop4: detected capacity change from 0 to 87
[  973.663787][ T5765] FAULT_INJECTION: forcing a failure.
[  973.663787][ T5765] name failslab, interval 1, probability 0, space 0, times 0
[  973.676405][ T5765] CPU: 0 PID: 5765 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  973.685069][ T5765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  973.695110][ T5765] Call Trace:
[  973.698372][ T5765]  dump_stack_lvl+0xd6/0x122
[  973.703028][ T5765]  dump_stack+0x11/0x1b
[  973.707175][ T5765]  should_fail+0x23c/0x250
[  973.711587][ T5765]  ? match_int+0x5b/0x100
[  973.715899][ T5765]  __should_failslab+0x81/0x90
[  973.720646][ T5765]  should_failslab+0x5/0x20
[  973.725147][ T5765]  __kmalloc_track_caller+0x6d/0x350
[  973.730475][ T5765]  kmemdup_nul+0x27/0x70
[  973.734748][ T5765]  match_int+0x5b/0x100
[  973.738890][ T5765]  parse_opts+0x1c0/0x2f0
[  973.743638][ T5765]  p9_fd_create+0x42/0x1f0
[  973.748037][ T5765]  p9_client_create+0x59a/0x720
[  973.752873][ T5765]  v9fs_session_init+0x100/0xd50
[  973.757791][ T5765]  ? avc_has_perm_noaudit+0x1c0/0x270
[  973.763145][ T5765]  ? should_fail+0xd6/0x250
[  973.767629][ T5765]  ? v9fs_mount+0x41/0x4c0
[  973.772029][ T5765]  ? kmem_cache_alloc_trace+0x30e/0x320
[  973.777560][ T5765]  ? v9fs_mount+0x41/0x4c0
[  973.781976][ T5765]  v9fs_mount+0x57/0x4c0
[  973.786207][ T5765]  ? selinux_capable+0x34/0x40
[  973.790955][ T5765]  ? tsan.module_ctor+0x10/0x10
[  973.795788][ T5765]  legacy_get_tree+0x70/0xc0
[  973.800417][ T5765]  vfs_get_tree+0x4a/0x1a0
[  973.804813][ T5765]  path_mount+0x11ec/0x1d20
[  973.809357][ T5765]  __se_sys_mount+0x24b/0x2f0
[  973.814072][ T5765]  ? fput+0x2d/0x130
[  973.818047][ T5765]  __x64_sys_mount+0x63/0x70
[  973.822624][ T5765]  do_syscall_64+0x44/0xa0
[  973.827033][ T5765]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  973.832913][ T5765] RIP: 0033:0x7f925409f709
[  973.837535][ T5765] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  973.857122][ T5765] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  973.865602][ T5765] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  973.873556][ T5765] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  973.881554][ T5765] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  973.889590][ T5765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
02:27:43 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  973.897540][ T5765] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
[  973.905558][ T5765] 9pnet: Insufficient options for proto=fd
[  973.927323][    C1] sd 0:0:1:0: tag#5112 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  973.932584][ T5777] 9pnet: Insufficient options for proto=fd
[  973.937155][    C1] sd 0:0:1:0: tag#5112 CDB: opcode=0xe5 (vendor)
02:27:43 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:43 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
shutdown(r0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r1, 0x0)
recvfrom$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x20000000)

02:27:43 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x20000000)

02:27:43 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

[  973.949252][    C1] sd 0:0:1:0: tag#5112 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  973.958296][    C1] sd 0:0:1:0: tag#5112 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  973.967331][    C1] sd 0:0:1:0: tag#5112 CDB[20]: ba
[  973.978121][ T5779] 9pnet: Insufficient options for proto=fd
02:27:43 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:44 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x3, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:27:44 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 18)

02:27:44 executing program 0:
unshare(0x4a060480)
r0 = socket(0x11, 0x800, 0x0)
bind(r0, 0x0, 0x0)

02:27:44 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x10000000000)

[  974.056431][ T5795] loop4: detected capacity change from 0 to 87
[  974.067412][ T5797] 9pnet: Insufficient options for proto=fd
[  974.104026][    C1] sd 0:0:1:0: tag#5113 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  974.113889][    C1] sd 0:0:1:0: tag#5113 CDB: opcode=0xe5 (vendor)
[  974.120208][    C1] sd 0:0:1:0: tag#5113 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  974.129239][    C1] sd 0:0:1:0: tag#5113 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  974.138277][    C1] sd 0:0:1:0: tag#5113 CDB[20]: ba
02:27:44 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 1)

[  974.155430][ T5809] FAULT_INJECTION: forcing a failure.
[  974.155430][ T5809] name failslab, interval 1, probability 0, space 0, times 0
[  974.168040][ T5809] CPU: 1 PID: 5809 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  974.176712][ T5809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  974.186758][ T5809] Call Trace:
[  974.190036][ T5809]  dump_stack_lvl+0xd6/0x122
[  974.194675][ T5809]  dump_stack+0x11/0x1b
[  974.198916][ T5809]  should_fail+0x23c/0x250
[  974.203405][ T5809]  __should_failslab+0x81/0x90
[  974.208200][ T5809]  ? p9_fd_create+0xaf/0x1f0
[  974.212789][ T5809]  should_failslab+0x5/0x20
[  974.213416][ T5814] FAULT_INJECTION: forcing a failure.
[  974.213416][ T5814] name failslab, interval 1, probability 0, space 0, times 0
[  974.217286][ T5809]  kmem_cache_alloc_trace+0x52/0x320
[  974.217310][ T5809]  p9_fd_create+0xaf/0x1f0
[  974.239535][ T5809]  p9_client_create+0x59a/0x720
[  974.244381][ T5809]  v9fs_session_init+0x100/0xd50
[  974.249380][ T5809]  ? avc_has_perm_noaudit+0x1c0/0x270
[  974.254821][ T5809]  ? should_fail+0xd6/0x250
[  974.259308][ T5809]  ? v9fs_mount+0x41/0x4c0
[  974.263710][ T5809]  ? kmem_cache_alloc_trace+0x30e/0x320
[  974.269315][ T5809]  ? v9fs_mount+0x41/0x4c0
[  974.273714][ T5809]  v9fs_mount+0x57/0x4c0
[  974.277939][ T5809]  ? selinux_capable+0x34/0x40
[  974.282704][ T5809]  ? tsan.module_ctor+0x10/0x10
[  974.287599][ T5809]  legacy_get_tree+0x70/0xc0
[  974.292171][ T5809]  vfs_get_tree+0x4a/0x1a0
[  974.296567][ T5809]  path_mount+0x11ec/0x1d20
[  974.301073][ T5809]  __se_sys_mount+0x24b/0x2f0
[  974.305783][ T5809]  ? fput+0x2d/0x130
[  974.309674][ T5809]  __x64_sys_mount+0x63/0x70
[  974.314250][ T5809]  do_syscall_64+0x44/0xa0
[  974.318667][ T5809]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  974.324559][ T5809] RIP: 0033:0x7f925409f709
[  974.328959][ T5809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  974.348560][ T5809] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  974.357094][ T5809] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  974.365050][ T5809] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  974.373004][ T5809] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  974.380957][ T5809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  974.388944][ T5809] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
[  974.396905][ T5814] CPU: 0 PID: 5814 Comm: syz-executor.2 Not tainted 5.15.0-rc2-syzkaller #0
[  974.405578][ T5814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  974.415723][ T5814] Call Trace:
[  974.418998][ T5814]  dump_stack_lvl+0xd6/0x122
[  974.423589][ T5814]  dump_stack+0x11/0x1b
[  974.427847][ T5814]  should_fail+0x23c/0x250
[  974.432262][ T5814]  ? __se_sys_mount+0x4e/0x2f0
[  974.437040][ T5814]  __should_failslab+0x81/0x90
[  974.441816][ T5814]  should_failslab+0x5/0x20
[  974.446307][ T5814]  __kmalloc_track_caller+0x6d/0x350
[  974.451580][ T5814]  ? strnlen_user+0x137/0x1c0
[  974.456243][ T5814]  strndup_user+0x73/0x120
[  974.460645][ T5814]  __se_sys_mount+0x4e/0x2f0
[  974.465222][ T5814]  ? fput+0x2d/0x130
[  974.469137][ T5814]  ? ksys_write+0x162/0x190
[  974.473624][ T5814]  __x64_sys_mount+0x63/0x70
[  974.478199][ T5814]  do_syscall_64+0x44/0xa0
[  974.482601][ T5814]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  974.488560][ T5814] RIP: 0033:0x7f60c5f03709
[  974.492959][ T5814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  974.512595][ T5814] RSP: 002b:00007f60c3c7b188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  974.521022][ T5814] RAX: ffffffffffffffda RBX: 00007f60c6007f60 RCX: 00007f60c5f03709
[  974.528992][ T5814] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  974.537002][ T5814] RBP: 00007f60c3c7b1d0 R08: 0000000020000180 R09: 0000000000000000
[  974.544956][ T5814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
02:27:44 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:44 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x1000000000000)

02:27:44 executing program 0:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000140)=[{&(0x7f0000000200)="eb3c906d6b66732e66617400020801000240008000f801", 0x17}, {0x0, 0x0, 0x32a048b5}], 0x2060010, &(0x7f0000000100)={[{@iocharset={'iocharset', 0x3d, 'macceltic'}}]})
chdir(&(0x7f0000000180)='./file0/file0\x00')
creat(&(0x7f00000001c0)='./file0\x00', 0x2)
lchown(&(0x7f0000000080)='./file0\x00', 0x0, 0xee00)

[  974.552910][ T5814] R13: 00007fffb56895bf R14: 00007f60c3c7b300 R15: 0000000000022000
02:27:44 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 19)

02:27:44 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 2)

[  974.607600][ T5831] FAULT_INJECTION: forcing a failure.
[  974.607600][ T5831] name failslab, interval 1, probability 0, space 0, times 0
[  974.620335][ T5831] CPU: 1 PID: 5831 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  974.629024][ T5831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  974.639087][ T5831] Call Trace:
[  974.639405][ T5836] FAULT_INJECTION: forcing a failure.
[  974.639405][ T5836] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  974.642350][ T5831]  dump_stack_lvl+0xd6/0x122
[  974.642375][ T5831]  dump_stack+0x11/0x1b
[  974.664061][ T5831]  should_fail+0x23c/0x250
[  974.668478][ T5831]  ? p9_client_prepare_req+0xaf/0x4e0
[  974.673857][ T5831]  __should_failslab+0x81/0x90
[  974.678617][ T5831]  should_failslab+0x5/0x20
[  974.683115][ T5831]  kmem_cache_alloc+0x4f/0x300
[  974.687863][ T5831]  p9_client_prepare_req+0xaf/0x4e0
[  974.693051][ T5831]  p9_client_rpc+0xa8/0x660
[  974.697538][ T5831]  ? add_wait_queue+0x48/0xa0
[  974.702201][ T5831]  ? _raw_spin_unlock_irqrestore+0x27/0x40
[  974.708016][ T5831]  ? p9_write_work+0x7c0/0x7c0
[  974.712759][ T5831]  ? pipe_poll+0x241/0x260
[  974.717157][ T5831]  ? pipe_write+0xd00/0xd00
[  974.721726][ T5831]  p9_client_version+0xa0/0x310
[  974.726698][ T5831]  p9_client_create+0x631/0x720
[  974.731539][ T5831]  v9fs_session_init+0x100/0xd50
[  974.736459][ T5831]  ? avc_has_perm_noaudit+0x1c0/0x270
[  974.741811][ T5831]  ? should_fail+0xd6/0x250
[  974.746294][ T5831]  ? v9fs_mount+0x41/0x4c0
[  974.750697][ T5831]  ? kmem_cache_alloc_trace+0x30e/0x320
[  974.756280][ T5831]  ? v9fs_mount+0x41/0x4c0
[  974.760682][ T5831]  v9fs_mount+0x57/0x4c0
[  974.764951][ T5831]  ? selinux_capable+0x34/0x40
[  974.769697][ T5831]  ? tsan.module_ctor+0x10/0x10
[  974.774532][ T5831]  legacy_get_tree+0x70/0xc0
[  974.779330][ T5831]  vfs_get_tree+0x4a/0x1a0
[  974.783729][ T5831]  path_mount+0x11ec/0x1d20
[  974.788217][ T5831]  __se_sys_mount+0x24b/0x2f0
[  974.792888][ T5831]  ? fput+0x2d/0x130
[  974.796780][ T5831]  __x64_sys_mount+0x63/0x70
[  974.801354][ T5831]  do_syscall_64+0x44/0xa0
[  974.805780][ T5831]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  974.811698][ T5831] RIP: 0033:0x7f925409f709
[  974.816130][ T5831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  974.835780][ T5831] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  974.844173][ T5831] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  974.852128][ T5831] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  974.860084][ T5831] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  974.868050][ T5831] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  974.876004][ T5831] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
[  974.883959][ T5836] CPU: 0 PID: 5836 Comm: syz-executor.2 Not tainted 5.15.0-rc2-syzkaller #0
[  974.892685][ T5836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  974.902763][ T5836] Call Trace:
02:27:44 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x200000000000000)

02:27:44 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 20)

[  974.906036][ T5836]  dump_stack_lvl+0xd6/0x122
[  974.910650][ T5836]  dump_stack+0x11/0x1b
[  974.914804][ T5836]  should_fail+0x23c/0x250
[  974.919220][ T5836]  should_fail_usercopy+0x16/0x20
[  974.924237][ T5836]  _copy_from_user+0x1c/0xd0
[  974.928818][ T5836]  strndup_user+0xb0/0x120
[  974.933234][ T5836]  __se_sys_mount+0x4e/0x2f0
[  974.937822][ T5836]  ? fput+0x2d/0x130
[  974.941729][ T5836]  ? ksys_write+0x162/0x190
[  974.946245][ T5836]  __x64_sys_mount+0x63/0x70
[  974.950894][ T5836]  do_syscall_64+0x44/0xa0
[  974.955327][ T5836]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  974.961241][ T5836] RIP: 0033:0x7f60c5f03709
[  974.965651][ T5836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  974.978505][ T5848] FAULT_INJECTION: forcing a failure.
[  974.978505][ T5848] name failslab, interval 1, probability 0, space 0, times 0
[  974.985248][ T5836] RSP: 002b:00007f60c3c7b188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  974.985269][ T5836] RAX: ffffffffffffffda RBX: 00007f60c6007f60 RCX: 00007f60c5f03709
[  974.985281][ T5836] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  974.985292][ T5836] RBP: 00007f60c3c7b1d0 R08: 0000000020000180 R09: 0000000000000000
[  974.985314][ T5836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  974.985325][ T5836] R13: 00007fffb56895bf R14: 00007f60c3c7b300 R15: 0000000000022000
[  975.046034][ T5848] CPU: 1 PID: 5848 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  975.047086][ T5846] loop4: detected capacity change from 0 to 87
[  975.054720][ T5848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  975.054731][ T5848] Call Trace:
[  975.054738][ T5848]  dump_stack_lvl+0xd6/0x122
[  975.078865][ T5848]  dump_stack+0x11/0x1b
[  975.083014][ T5848]  should_fail+0x23c/0x250
[  975.087427][ T5848]  ? p9_fcall_init+0xad/0x100
[  975.092104][ T5848]  __should_failslab+0x81/0x90
[  975.096862][ T5848]  should_failslab+0x5/0x20
[  975.101369][ T5848]  __kmalloc+0x6f/0x350
[  975.105524][ T5848]  p9_fcall_init+0xad/0x100
[  975.110030][ T5848]  p9_client_prepare_req+0xec/0x4e0
[  975.115228][ T5848]  p9_client_rpc+0xa8/0x660
[  975.119725][ T5848]  ? add_wait_queue+0x48/0xa0
[  975.124402][ T5848]  ? _raw_spin_unlock_irqrestore+0x27/0x40
[  975.130205][ T5848]  ? p9_write_work+0x7c0/0x7c0
[  975.134903][    C0] sd 0:0:1:0: tag#5069 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  975.134958][ T5848]  ? pipe_poll+0x241/0x260
[  975.144788][    C0] sd 0:0:1:0: tag#5069 CDB: opcode=0xe5 (vendor)
[  975.144802][    C0] sd 0:0:1:0: tag#5069 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  975.144818][    C0] sd 0:0:1:0: tag#5069 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  975.149208][ T5848]  ? pipe_write+0xd00/0xd00
[  975.155531][    C0] sd 0:0:1:0: tag#5069 CDB[20]: ba
[  975.164501][ T5848]  p9_client_version+0xa0/0x310
[  975.164529][ T5848]  p9_client_create+0x631/0x720
[  975.192761][ T5848]  v9fs_session_init+0x100/0xd50
[  975.197695][ T5848]  ? avc_has_perm_noaudit+0x1c0/0x270
[  975.203062][ T5848]  ? should_fail+0xd6/0x250
[  975.207552][ T5848]  ? v9fs_mount+0x41/0x4c0
[  975.211968][ T5848]  ? kmem_cache_alloc_trace+0x30e/0x320
[  975.217555][ T5848]  ? v9fs_mount+0x41/0x4c0
[  975.221972][ T5848]  v9fs_mount+0x57/0x4c0
[  975.226207][ T5848]  ? selinux_capable+0x34/0x40
[  975.230968][ T5848]  ? tsan.module_ctor+0x10/0x10
[  975.235809][ T5848]  legacy_get_tree+0x70/0xc0
[  975.240436][ T5848]  vfs_get_tree+0x4a/0x1a0
[  975.244831][ T5848]  path_mount+0x11ec/0x1d20
[  975.249313][ T5848]  __se_sys_mount+0x24b/0x2f0
[  975.254017][ T5848]  ? fput+0x2d/0x130
[  975.257892][ T5848]  __x64_sys_mount+0x63/0x70
[  975.262511][ T5848]  do_syscall_64+0x44/0xa0
[  975.266929][ T5848]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  975.272877][ T5848] RIP: 0033:0x7f925409f709
[  975.277288][ T5848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  975.296878][ T5848] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  975.305268][ T5848] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  975.313253][ T5848] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  975.321211][ T5848] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  975.329166][ T5848] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  975.337116][ T5848] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:45 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:27:45 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$sock(r0, &(0x7f0000000380)={&(0x7f0000000000)=@in6={0xa, 0x4e20, 0x0, @remote}, 0x80, 0x0, 0x0, &(0x7f0000000340)=[@mark={{0x14, 0x1, 0x24, 0x7}}], 0x18}, 0x0)

02:27:45 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 3)

02:27:45 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0xf00000000000000)

02:27:45 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:45 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 21)

[  975.502502][ T5871] loop4: detected capacity change from 0 to 87
[  975.510533][ T5876] FAULT_INJECTION: forcing a failure.
[  975.510533][ T5876] name failslab, interval 1, probability 0, space 0, times 0
[  975.523198][ T5876] CPU: 1 PID: 5876 Comm: syz-executor.2 Not tainted 5.15.0-rc2-syzkaller #0
[  975.531867][ T5876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  975.541963][ T5876] Call Trace:
[  975.545274][ T5876]  dump_stack_lvl+0xd6/0x122
[  975.549864][ T5876]  dump_stack+0x11/0x1b
[  975.554016][ T5876]  should_fail+0x23c/0x250
[  975.558434][ T5876]  __should_failslab+0x81/0x90
[  975.563199][ T5876]  ? __se_sys_mount+0xf7/0x2f0
[  975.567956][ T5876]  should_failslab+0x5/0x20
[  975.572569][ T5876]  kmem_cache_alloc_trace+0x52/0x320
[  975.577842][ T5876]  ? _copy_from_user+0x94/0xd0
[  975.582594][ T5876]  __se_sys_mount+0xf7/0x2f0
[  975.587170][ T5876]  ? fput+0x2d/0x130
[  975.591050][ T5876]  ? ksys_write+0x162/0x190
[  975.595591][ T5876]  __x64_sys_mount+0x63/0x70
[  975.600166][ T5876]  do_syscall_64+0x44/0xa0
[  975.604600][ T5876]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  975.610481][ T5876] RIP: 0033:0x7f60c5f03709
[  975.614879][ T5876] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  975.634465][ T5876] RSP: 002b:00007f60c3c7b188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  975.642871][ T5876] RAX: ffffffffffffffda RBX: 00007f60c6007f60 RCX: 00007f60c5f03709
02:27:45 executing program 0:
r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8)
r1 = creat(&(0x7f0000000380)='./bus\x00', 0x0)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0)
preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/module/xhci_hcd', 0x4c8000, 0x2)
sendmsg$NL80211_CMD_TDLS_OPER(r5, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x54, 0x0, 0x100, 0x70bd26, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0xe3a067a66dc73780}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x3}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x4}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x4}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x1}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000805}, 0x44000)
sendfile(r2, r3, 0x0, 0x80000001)
ioctl$VT_ACTIVATE(r4, 0x5606, 0xed)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
ioprio_get$uid(0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
lseek(r1, 0x7ffffc, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000000)=ANY=[], 0xfd14)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
fsetxattr$security_capability(r1, &(0x7f0000000140), &(0x7f0000000180)=@v1={0x1000000, [{0x5}]}, 0xc, 0x1)

02:27:45 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x2000000000000000)

[  975.650905][ T5876] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  975.658856][ T5876] RBP: 00007f60c3c7b1d0 R08: 0000000020000180 R09: 0000000000000000
[  975.666809][ T5876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  975.674764][ T5876] R13: 00007fffb56895bf R14: 00007f60c3c7b300 R15: 0000000000022000
[  975.683421][ T5872] FAULT_INJECTION: forcing a failure.
[  975.683421][ T5872] name fail_page_alloc, interval 1, probability 0, space 0, times 0
02:27:45 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 4)

[  975.696620][ T5872] CPU: 0 PID: 5872 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  975.705300][ T5872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  975.715344][ T5872] Call Trace:
[  975.718613][ T5872]  dump_stack_lvl+0xd6/0x122
[  975.723217][ T5872]  dump_stack+0x11/0x1b
[  975.727367][ T5872]  should_fail+0x23c/0x250
[  975.730708][    C1] sd 0:0:1:0: tag#5071 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  975.731776][ T5872]  __alloc_pages+0x102/0x320
[  975.731798][ T5872]  kmem_getpages+0x1a/0xd0
02:27:45 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

[  975.731816][ T5872]  cache_grow_begin+0x4c/0x1a0
[  975.741626][    C1] sd 0:0:1:0: tag#5071 CDB: opcode=0xe5 (vendor)
[  975.741642][    C1] sd 0:0:1:0: tag#5071 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  975.741656][    C1] sd 0:0:1:0: tag#5071 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  975.741670][    C1] sd 0:0:1:0: tag#5071 CDB[20]: ba
[  975.782711][ T5889] FAULT_INJECTION: forcing a failure.
[  975.782711][ T5889] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  975.784749][ T5872]  cache_alloc_refill+0x326/0x3d0
[  975.802777][ T5872]  ? should_fail+0xd6/0x250
[  975.807281][ T5872]  ? p9_fcall_init+0xad/0x100
[  975.811987][ T5872]  __kmalloc+0x2c6/0x350
[  975.816210][ T5872]  ? p9_fcall_init+0xad/0x100
[  975.820875][ T5872]  p9_fcall_init+0xad/0x100
[  975.825447][ T5872]  p9_client_prepare_req+0xec/0x4e0
[  975.830665][ T5872]  p9_client_rpc+0xa8/0x660
[  975.835202][ T5872]  ? add_wait_queue+0x48/0xa0
[  975.839869][ T5872]  ? _raw_spin_unlock_irqrestore+0x27/0x40
[  975.845663][ T5872]  ? p9_write_work+0x7c0/0x7c0
[  975.850407][ T5872]  ? pipe_poll+0x241/0x260
[  975.854808][ T5872]  ? pipe_write+0xd00/0xd00
[  975.859364][ T5872]  p9_client_version+0xa0/0x310
[  975.864206][ T5872]  p9_client_create+0x631/0x720
[  975.869042][ T5872]  v9fs_session_init+0x100/0xd50
[  975.873966][ T5872]  ? avc_has_perm_noaudit+0x1c0/0x270
[  975.879324][ T5872]  ? should_fail+0xd6/0x250
[  975.883809][ T5872]  ? v9fs_mount+0x41/0x4c0
[  975.888208][ T5872]  ? kmem_cache_alloc_trace+0x30e/0x320
[  975.893738][ T5872]  ? v9fs_mount+0x41/0x4c0
[  975.898138][ T5872]  v9fs_mount+0x57/0x4c0
[  975.902365][ T5872]  ? selinux_capable+0x34/0x40
[  975.907113][ T5872]  ? tsan.module_ctor+0x10/0x10
[  975.911949][ T5872]  legacy_get_tree+0x70/0xc0
[  975.916522][ T5872]  vfs_get_tree+0x4a/0x1a0
[  975.921001][ T5872]  path_mount+0x11ec/0x1d20
[  975.925506][ T5872]  __se_sys_mount+0x24b/0x2f0
[  975.930178][ T5872]  ? fput+0x2d/0x130
[  975.934072][ T5872]  __x64_sys_mount+0x63/0x70
[  975.938660][ T5872]  do_syscall_64+0x44/0xa0
[  975.943062][ T5872]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  975.948946][ T5872] RIP: 0033:0x7f925409f709
[  975.953438][ T5872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  975.973094][ T5872] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  975.981537][ T5872] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  975.989564][ T5872] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  975.997543][ T5872] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  976.005502][ T5872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  976.013461][ T5872] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
[  976.021424][ T5889] CPU: 1 PID: 5889 Comm: syz-executor.2 Not tainted 5.15.0-rc2-syzkaller #0
[  976.030311][ T5889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  976.040357][ T5889] Call Trace:
[  976.043620][ T5889]  dump_stack_lvl+0xd6/0x122
[  976.048214][ T5889]  dump_stack+0x11/0x1b
[  976.052371][ T5889]  should_fail+0x23c/0x250
[  976.056869][ T5889]  should_fail_usercopy+0x16/0x20
[  976.062012][ T5889]  _copy_from_user+0x1c/0xd0
[  976.066600][ T5889]  __se_sys_mount+0x119/0x2f0
[  976.071357][ T5889]  ? fput+0x2d/0x130
[  976.075331][ T5889]  ? ksys_write+0x162/0x190
[  976.079847][ T5889]  __x64_sys_mount+0x63/0x70
[  976.084485][ T5889]  do_syscall_64+0x44/0xa0
[  976.088898][ T5889]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  976.094890][ T5889] RIP: 0033:0x7f60c5f03709
02:27:46 executing program 5:
r0 = syz_io_uring_setup(0x49da, &(0x7f00000002c0)={0x0, 0xffffffff}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000480)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r5, 0x0)
preadv(r5, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
ioctl$sock_SIOCGIFBR(r5, 0x8940, &(0x7f0000000440)=@add_del={0x2, &(0x7f0000000100)='macvlan0\x00'})
listen(0xffffffffffffffff, 0x1)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r6, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x3}, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

[  976.099297][ T5889] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  976.118930][ T5889] RSP: 002b:00007f60c3c7b188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  976.127319][ T5889] RAX: ffffffffffffffda RBX: 00007f60c6007f60 RCX: 00007f60c5f03709
[  976.135289][ T5889] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  976.143243][ T5889] RBP: 00007f60c3c7b1d0 R08: 0000000020000180 R09: 0000000000000000
02:27:46 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x1, 0x10, r0, 0x10000000)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f00000de000/0x1000)=nil, 0x1000, 0x4, 0x30, 0xffffffffffffffff, 0x0)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000340)=@IORING_OP_POLL_ADD={0x6, 0x4, 0x0, @fd=r0, 0x0, 0x0, 0x0, {0x40e8}, 0x1, {0x0, r6}}, 0x6)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r7, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r8=>0x0)
syz_io_uring_submit(r1, r8, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

[  976.151214][ T5889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  976.159234][ T5889] R13: 00007fffb56895bf R14: 00007f60c3c7b300 R15: 0000000000022000
[  976.225562][ T5915] loop4: detected capacity change from 0 to 87
[  976.240058][    C1] sd 0:0:1:0: tag#5114 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  976.249913][    C1] sd 0:0:1:0: tag#5114 CDB: opcode=0xe5 (vendor)
[  976.256342][    C1] sd 0:0:1:0: tag#5114 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  976.265367][    C1] sd 0:0:1:0: tag#5114 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  976.274402][    C1] sd 0:0:1:0: tag#5114 CDB[20]: ba
02:27:46 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x5, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:27:46 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 22)

02:27:46 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x200000b, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0x11, 0x400000, r5)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x7ee3233589471238, 0x0, @fd_index=0x9, 0xac, 0x0, 0xffffffff, 0x0, 0x1, {0x0, r5}}, 0xfffffffb)
syz_io_uring_submit(0x0, r4, &(0x7f0000000340)=@IORING_OP_WRITE={0x17, 0x0, 0x2000, @fd, 0x8, &(0x7f0000000440)="3bc592ecf5a3070f7813d653da8b570002cde497f9161d9260bbf8f687913e95d40f491c9ba0ea526c0eeb508ba671fad0df60e120f45ab1fc73ae01718b4114ebc1985bca8b3fc6126ad1edcd17fcdc8821d7fb0f192ac87052cd15726dae5fab96ed31e244b2b3eab69e59dd7b76822dc1bb2df76fa7f3c1024249006672a1f640a93173470fb7d5a47d00c348b39d5765c6d687ab6095a337487fac69c4138fe3126d78ae777b5a70f580d3f07c96c7bbd1af37feeed7f853782510208e176c9cf322b8e4433ff7593ffc05e71bc33a03d9c42523ba0882d2fb5ddef576a598", 0xe1, 0x0, 0x0, {0x0, r5}}, 0x1)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r6, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
r7 = syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r8=>0x0)
syz_io_uring_submit(r1, r8, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x40010, r7, 0x8000000)

02:27:46 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 5)

02:27:46 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

[  976.358821][ T5925] loop4: detected capacity change from 0 to 87
[  976.372006][ T5930] FAULT_INJECTION: forcing a failure.
[  976.372006][ T5930] name failslab, interval 1, probability 0, space 0, times 0
[  976.378004][ T5932] FAULT_INJECTION: forcing a failure.
[  976.378004][ T5932] name failslab, interval 1, probability 0, space 0, times 0
[  976.384651][ T5930] CPU: 1 PID: 5930 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  976.405857][ T5930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  976.415964][ T5930] Call Trace:
[  976.419224][ T5930]  dump_stack_lvl+0xd6/0x122
[  976.423802][ T5930]  dump_stack+0x11/0x1b
[  976.427939][ T5930]  should_fail+0x23c/0x250
[  976.432337][ T5930]  ? p9_fcall_init+0xad/0x100
[  976.436999][ T5930]  __should_failslab+0x81/0x90
[  976.441745][ T5930]  should_failslab+0x5/0x20
[  976.446231][ T5930]  __kmalloc+0x6f/0x350
[  976.450368][ T5930]  ? p9_fcall_init+0xad/0x100
[  976.455033][ T5930]  p9_fcall_init+0xad/0x100
[  976.459526][ T5930]  p9_client_prepare_req+0x13c/0x4e0
[  976.464839][ T5930]  p9_client_rpc+0xa8/0x660
[  976.469344][ T5930]  ? add_wait_queue+0x48/0xa0
[  976.474123][ T5930]  ? _raw_spin_unlock_irqrestore+0x27/0x40
[  976.479917][ T5930]  ? p9_write_work+0x7c0/0x7c0
[  976.484659][ T5930]  ? pipe_poll+0x241/0x260
[  976.489062][ T5930]  ? pipe_write+0xd00/0xd00
[  976.493547][ T5930]  p9_client_version+0xa0/0x310
[  976.498395][ T5930]  p9_client_create+0x631/0x720
[  976.503230][ T5930]  v9fs_session_init+0x100/0xd50
[  976.508212][ T5930]  ? avc_has_perm_noaudit+0x1c0/0x270
[  976.513602][ T5930]  ? should_fail+0xd6/0x250
[  976.518088][ T5930]  ? v9fs_mount+0x41/0x4c0
[  976.522490][ T5930]  ? kmem_cache_alloc_trace+0x30e/0x320
[  976.528016][ T5930]  ? v9fs_mount+0x41/0x4c0
[  976.532430][ T5930]  v9fs_mount+0x57/0x4c0
[  976.536655][ T5930]  ? selinux_capable+0x34/0x40
[  976.541406][ T5930]  ? tsan.module_ctor+0x10/0x10
[  976.546375][ T5930]  legacy_get_tree+0x70/0xc0
[  976.550952][ T5930]  vfs_get_tree+0x4a/0x1a0
[  976.555351][ T5930]  path_mount+0x11ec/0x1d20
[  976.559902][ T5930]  __se_sys_mount+0x24b/0x2f0
[  976.564562][ T5930]  ? fput+0x2d/0x130
[  976.568454][ T5930]  __x64_sys_mount+0x63/0x70
[  976.573047][ T5930]  do_syscall_64+0x44/0xa0
[  976.577580][ T5930]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  976.583460][ T5930] RIP: 0033:0x7f925409f709
[  976.587856][ T5930] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  976.607927][ T5930] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  976.616320][ T5930] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  976.624295][ T5930] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  976.632250][ T5930] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  976.640204][ T5930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  976.648180][ T5930] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
[  976.656135][ T5932] CPU: 0 PID: 5932 Comm: syz-executor.2 Not tainted 5.15.0-rc2-syzkaller #0
[  976.664857][ T5932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  976.674908][ T5932] Call Trace:
[  976.678184][ T5932]  dump_stack_lvl+0xd6/0x122
[  976.682820][ T5932]  dump_stack+0x11/0x1b
[  976.687012][ T5932]  should_fail+0x23c/0x250
[  976.691423][ T5932]  ? getname_flags+0x84/0x3f0
[  976.696123][ T5932]  __should_failslab+0x81/0x90
[  976.700885][ T5932]  should_failslab+0x5/0x20
[  976.705384][ T5932]  kmem_cache_alloc+0x4f/0x300
[  976.710137][ T5932]  getname_flags+0x84/0x3f0
[  976.714686][ T5932]  user_path_at_empty+0x28/0x110
[  976.719610][ T5932]  __se_sys_mount+0x217/0x2f0
[  976.721966][    C1] sd 0:0:1:0: tag#5094 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  976.724284][ T5932]  ? fput+0x2d/0x130
[  976.724307][ T5932]  __x64_sys_mount+0x63/0x70
[  976.734110][    C1] sd 0:0:1:0: tag#5094 CDB: opcode=0xe5 (vendor)
[  976.737956][ T5932]  do_syscall_64+0x44/0xa0
[  976.742541][    C1] sd 0:0:1:0: tag#5094 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  976.748835][ T5932]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  976.753248][    C1] sd 0:0:1:0: tag#5094 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  976.762217][ T5932] RIP: 0033:0x7f60c5f03709
[  976.762233][ T5932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  976.768100][    C1] sd 0:0:1:0: tag#5094 CDB[20]: ba
02:27:46 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 23)

[  976.777080][ T5932] RSP: 002b:00007f60c3c7b188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  976.814602][ T5932] RAX: ffffffffffffffda RBX: 00007f60c6007f60 RCX: 00007f60c5f03709
[  976.822661][ T5932] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  976.830623][ T5932] RBP: 00007f60c3c7b1d0 R08: 0000000020000180 R09: 0000000000000000
[  976.838583][ T5932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  976.846573][ T5932] R13: 00007fffb56895bf R14: 00007f60c3c7b300 R15: 0000000000022000
[  976.889204][ T5946] FAULT_INJECTION: forcing a failure.
[  976.889204][ T5946] name failslab, interval 1, probability 0, space 0, times 0
[  976.901859][ T5946] CPU: 0 PID: 5946 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  976.910527][ T5946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  976.920573][ T5946] Call Trace:
[  976.923836][ T5946]  dump_stack_lvl+0xd6/0x122
[  976.928420][ T5946]  dump_stack+0x11/0x1b
[  976.932574][ T5946]  should_fail+0x23c/0x250
[  976.936981][ T5946]  ? radix_tree_node_alloc+0x154/0x1f0
[  976.942428][ T5946]  __should_failslab+0x81/0x90
[  976.947187][ T5946]  should_failslab+0x5/0x20
[  976.951690][ T5946]  kmem_cache_alloc+0x4f/0x300
[  976.956449][ T5946]  ? radix_tree_node_alloc+0x154/0x1f0
[  976.961901][ T5946]  radix_tree_node_alloc+0x154/0x1f0
[  976.967182][ T5946]  idr_get_free+0x22a/0x5d0
[  976.971680][ T5946]  idr_alloc+0xdf/0x1a0
[  976.975854][ T5946]  p9_client_prepare_req+0x2f6/0x4e0
[  976.981234][ T5946]  p9_client_rpc+0xa8/0x660
[  976.985732][ T5946]  ? add_wait_queue+0x48/0xa0
[  976.990462][ T5946]  ? _raw_spin_unlock_irqrestore+0x27/0x40
[  976.996267][ T5946]  ? p9_write_work+0x7c0/0x7c0
[  977.001018][ T5946]  ? pipe_poll+0x241/0x260
[  977.005441][ T5946]  ? pipe_write+0xd00/0xd00
[  977.010011][ T5946]  p9_client_version+0xa0/0x310
[  977.014863][ T5946]  p9_client_create+0x631/0x720
[  977.019705][ T5946]  v9fs_session_init+0x100/0xd50
[  977.024640][ T5946]  ? avc_has_perm_noaudit+0x1c0/0x270
[  977.030000][ T5946]  ? should_fail+0xd6/0x250
[  977.034528][ T5946]  ? v9fs_mount+0x41/0x4c0
[  977.038976][ T5946]  ? kmem_cache_alloc_trace+0x30e/0x320
[  977.044538][ T5946]  ? v9fs_mount+0x41/0x4c0
[  977.048996][ T5946]  v9fs_mount+0x57/0x4c0
[  977.053277][ T5946]  ? selinux_capable+0x34/0x40
[  977.058105][ T5946]  ? tsan.module_ctor+0x10/0x10
[  977.062982][ T5946]  legacy_get_tree+0x70/0xc0
[  977.067571][ T5946]  vfs_get_tree+0x4a/0x1a0
[  977.071975][ T5946]  path_mount+0x11ec/0x1d20
[  977.076477][ T5946]  __se_sys_mount+0x24b/0x2f0
[  977.081146][ T5946]  ? fput+0x2d/0x130
[  977.085046][ T5946]  __x64_sys_mount+0x63/0x70
[  977.089630][ T5946]  do_syscall_64+0x44/0xa0
[  977.094097][ T5946]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  977.100005][ T5946] RIP: 0033:0x7f925409f709
[  977.104404][ T5946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  977.124108][ T5946] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  977.132570][ T5946] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
02:27:47 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r1, 0x0)
preadv(r1, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
ioctl$TCSETS(r1, 0x5402, &(0x7f00000000c0)={0xfb55, 0x1, 0x1, 0x9, 0x16, "1875cf08b716a7567eee7d7ce5ae934ec8ab51"})
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "00e4d3f26c00000173d5e822a76322000600"})
r2 = syz_open_pts(r0, 0x10000)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000080))
dup3(r2, r0, 0x0)

02:27:47 executing program 5:
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ')
sendmsg$NLBL_CIPSOV4_C_REMOVE(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001840)=ANY=[@ANYRES32, @ANYRES32, @ANYRESOCT, @ANYRES32, @ANYRES32, @ANYRES64, @ANYRESHEX], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025)
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(0xffffffffffffffff, 0x50009418, &(0x7f0000000440)={{}, 0x0, 0x4, @unused=[0x1fbfffffd, 0x71, 0x8, 0x8000], @devid})
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(0xffffffffffffffff, 0x50009418, &(0x7f0000000300)={{}, 0x0, 0xc, @unused=[0x1, 0x0, 0x1, 0x7], @devid})
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000002280)={0x1, 0x4, {0x4000000, @struct={0x0, 0x7fffffff}, 0x0, 0x1ff, 0x12, 0x5, 0x2, 0xab, 0x0, @usage=0x10001, 0x0, 0x8001, [0x3, 0x80000001, 0x3, 0x6, 0x7ff, 0x8]}, {0x5, @usage, 0x0, 0x7d, 0x8, 0x1, 0x40, 0x1cab, 0x200, @usage=0x3, 0x0, 0x40, [0x5, 0x1, 0x7fffffff, 0xc5cd, 0x8, 0x1]}, {0x9, @usage=0x4, 0x0, 0x5506c4b0, 0x9a4, 0x1, 0x5, 0xfffffffffffffffa, 0x400, @struct={0x0, 0x7}, 0x3, 0x1, [0x9, 0x2, 0x5, 0xfffffffffffffffa, 0x9, 0x80000000]}, {0x0, 0x6, 0x9666}})
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:27:47 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

[  977.140574][ T5946] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  977.148586][ T5946] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  977.156553][ T5946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  977.164529][ T5946] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:47 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:47 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
clock_gettime(0x0, &(0x7f0000000480)={<r3=>0x0, <r4=>0x0})
syz_io_uring_submit(0x0, r2, &(0x7f0000000440)=@IORING_OP_TIMEOUT={0xb, 0x2, 0x0, 0x0, 0x3, &(0x7f0000000340)={r3, r4+10000000}, 0x1, 0x1}, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x2000001, 0x4000011, r0, 0x10000000)
r6 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r6, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
r7 = signalfd(r0, &(0x7f00000004c0)={[0x44]}, 0x8)
io_uring_enter(r7, 0x1e59, 0x7a89, 0x2, &(0x7f0000000500)={[0xffff]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r8, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
r9 = syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140))
write$binfmt_script(r9, &(0x7f0000000680)=ANY=[@ANYBLOB="2321202e2f66696ce3302000202f5b7429400a67d01ea8dc5dd84c0685c24630bedcf16c1b82680173eaefc6d8fe249bc22d38fd878bc5edf0ad675cfb45f4e44f0aa2c39bc34e416dedb99879635674b003020b8d7d6cf2500609c2d85c66f103477752ab0cb25fb800d5c74b91323140ce437c4b292c97d37dd8e8dc7f7719ffca894f44de3ebb7c9f5d0c6d7379aafd43b75044203d1e68ebbe552ea4b0be700000fb083a8c1eda669be6448409af257c37c34b1325b4ed09e0493eab73fbf5f1706b5e6b5366dbe9d25eaabab17968b9f3644b2ea72737b8da4a7801c67e1423e2973aea3efc669c91b14564732652af96cb6d85e09b63ec409b0b26c670875e21747921198d6519595afd27"], 0xb1)
syz_io_uring_submit(r1, r5, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
getsockname$packet(r7, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000600)=0x14)
syz_io_uring_submit(r1, r6, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:27:47 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:47 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x6, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:27:47 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x3, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:47 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_READ_FIXED={0x4, 0x5, 0x2004, @fd, 0x5366, 0x100, 0x0, 0x8, 0x0, {0x1}}, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f0000000340)='ns\x00')
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f513, &(0x7f00000004c0))
ioctl$sock_SIOCGIFCONF(r7, 0x8912, &(0x7f0000000480)=@req={0x28, &(0x7f0000000440)={'bridge_slave_1\x00', @ifru_ivalue}})
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

[  977.340435][ T5977] loop4: detected capacity change from 0 to 87
[  977.360242][    C0] sd 0:0:1:0: tag#5089 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  977.370084][    C0] sd 0:0:1:0: tag#5089 CDB: opcode=0xe5 (vendor)
[  977.376436][    C0] sd 0:0:1:0: tag#5089 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
02:27:47 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:47 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 24)

02:27:47 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x5, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  977.385512][    C0] sd 0:0:1:0: tag#5089 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  977.394547][    C0] sd 0:0:1:0: tag#5089 CDB[20]: ba
[  977.443001][ T5996] FAULT_INJECTION: forcing a failure.
[  977.443001][ T5996] name failslab, interval 1, probability 0, space 0, times 0
[  977.455592][ T5996] CPU: 0 PID: 5996 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  977.464239][ T5996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  977.474359][ T5996] Call Trace:
[  977.477646][ T5996]  dump_stack_lvl+0xd6/0x122
[  977.482228][ T5996]  dump_stack+0x11/0x1b
[  977.486388][ T5996]  should_fail+0x23c/0x250
[  977.490790][ T5996]  ? radix_tree_node_alloc+0x154/0x1f0
[  977.496225][ T5996]  __should_failslab+0x81/0x90
[  977.501015][ T5996]  should_failslab+0x5/0x20
[  977.505499][ T5996]  kmem_cache_alloc+0x4f/0x300
[  977.510258][ T5996]  ? radix_tree_node_alloc+0x154/0x1f0
[  977.515698][ T5996]  radix_tree_node_alloc+0x154/0x1f0
[  977.520981][ T5996]  idr_get_free+0x22a/0x5d0
[  977.525473][ T5996]  idr_alloc+0xdf/0x1a0
[  977.529690][ T5996]  p9_client_prepare_req+0x2f6/0x4e0
[  977.534966][ T5996]  p9_client_rpc+0xa8/0x660
[  977.539448][ T5996]  ? add_wait_queue+0x48/0xa0
[  977.544178][ T5996]  ? _raw_spin_unlock_irqrestore+0x27/0x40
[  977.549967][ T5996]  ? p9_write_work+0x7c0/0x7c0
[  977.554748][ T5996]  ? pipe_poll+0x241/0x260
[  977.559145][ T5996]  ? pipe_write+0xd00/0xd00
[  977.563634][ T5996]  p9_client_version+0xa0/0x310
[  977.568578][ T5996]  p9_client_create+0x631/0x720
[  977.573419][ T5996]  v9fs_session_init+0x100/0xd50
[  977.578400][ T5996]  ? avc_has_perm_noaudit+0x1c0/0x270
[  977.583749][ T5996]  ? should_fail+0xd6/0x250
[  977.588229][ T5996]  ? v9fs_mount+0x41/0x4c0
[  977.592646][ T5996]  ? kmem_cache_alloc_trace+0x30e/0x320
[  977.598175][ T5996]  ? v9fs_mount+0x41/0x4c0
[  977.602620][ T5996]  v9fs_mount+0x57/0x4c0
[  977.606851][ T5996]  ? selinux_capable+0x34/0x40
[  977.611688][ T5996]  ? tsan.module_ctor+0x10/0x10
[  977.616628][ T5996]  legacy_get_tree+0x70/0xc0
[  977.621215][ T5996]  vfs_get_tree+0x4a/0x1a0
[  977.625621][ T5996]  path_mount+0x11ec/0x1d20
[  977.630109][ T5996]  __se_sys_mount+0x24b/0x2f0
[  977.634804][ T5996]  ? fput+0x2d/0x130
[  977.638717][ T5996]  __x64_sys_mount+0x63/0x70
[  977.643303][ T5996]  do_syscall_64+0x44/0xa0
[  977.647757][ T5996]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  977.653685][ T5996] RIP: 0033:0x7f925409f709
[  977.658089][ T5996] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  977.677680][ T5996] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  977.686079][ T5996] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  977.694036][ T5996] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  977.701994][ T5996] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  977.710062][ T5996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  977.718040][ T5996] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:47 executing program 0:
creat(&(0x7f0000000140)='./file0\x00', 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000148000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000340), &(0x7f0000000100))
r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x9, 0x2010, r0, 0x8000000)
syz_io_uring_setup(0x3ede, &(0x7f0000000240), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x5}, 0x0)
r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x40002, 0x0)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x101000, 0x4)
syz_io_uring_submit(r1, r3, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x1, 0x0, @fd=r4, 0xffffffff7fffffff, {0x0, r0}, 0x5, 0x4, 0x0, {0x0, r5, r6}}, 0x5)
mount$9p_tcp(&(0x7f0000000040), &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="7472292dd3b4a8c646616e733d7463702c706f72743d3078303030303030303030303030303030302c70726976706f72742c726f6f74636f6e746578743d737973"])

02:27:47 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:47 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x6, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:47 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:27:47 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 25)

02:27:47 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x7, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:27:48 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:48 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x8, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  978.050485][ T6018] loop4: detected capacity change from 0 to 87
[  978.063292][ T6023] FAULT_INJECTION: forcing a failure.
[  978.063292][ T6023] name failslab, interval 1, probability 0, space 0, times 0
[  978.075922][ T6023] CPU: 1 PID: 6023 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  978.084591][ T6023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  978.094736][ T6023] Call Trace:
[  978.098012][ T6023]  dump_stack_lvl+0xd6/0x122
[  978.102607][ T6023]  dump_stack+0x11/0x1b
[  978.103447][    C0] sd 0:0:1:0: tag#5090 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  978.106831][ T6023]  should_fail+0x23c/0x250
[  978.116667][    C0] sd 0:0:1:0: tag#5090 CDB: opcode=0xe5 (vendor)
[  978.116689][    C0] sd 0:0:1:0: tag#5090 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  978.116707][    C0] sd 0:0:1:0: tag#5090 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  978.121103][ T6023]  ? p9pdu_readf+0x1090/0x18c0
[  978.127452][    C0] sd 0:0:1:0: tag#5090 CDB[20]: ba
[  978.136390][ T6023]  __should_failslab+0x81/0x90
[  978.136411][ T6023]  should_failslab+0x5/0x20
[  978.164481][ T6023]  __kmalloc+0x6f/0x350
[  978.168640][ T6023]  p9pdu_readf+0x1090/0x18c0
[  978.173214][ T6023]  ? p9_client_rpc+0x521/0x660
[  978.177998][ T6023]  ? _raw_spin_unlock_irqrestore+0x27/0x40
[  978.183873][ T6023]  ? pipe_write+0xd00/0xd00
[  978.188362][ T6023]  p9_client_version+0xf3/0x310
[  978.193200][ T6023]  p9_client_create+0x631/0x720
[  978.198118][ T6023]  v9fs_session_init+0x100/0xd50
[  978.203035][ T6023]  ? avc_has_perm_noaudit+0x1c0/0x270
[  978.208389][ T6023]  ? should_fail+0xd6/0x250
[  978.212973][ T6023]  ? v9fs_mount+0x41/0x4c0
[  978.217374][ T6023]  ? kmem_cache_alloc_trace+0x30e/0x320
[  978.222971][ T6023]  ? v9fs_mount+0x41/0x4c0
[  978.227430][ T6023]  v9fs_mount+0x57/0x4c0
[  978.231655][ T6023]  ? selinux_capable+0x34/0x40
[  978.236402][ T6023]  ? tsan.module_ctor+0x10/0x10
[  978.241237][ T6023]  legacy_get_tree+0x70/0xc0
[  978.245905][ T6023]  vfs_get_tree+0x4a/0x1a0
[  978.250307][ T6023]  path_mount+0x11ec/0x1d20
[  978.254929][ T6023]  __se_sys_mount+0x24b/0x2f0
[  978.259650][ T6023]  __x64_sys_mount+0x63/0x70
[  978.264226][ T6023]  do_syscall_64+0x44/0xa0
[  978.268635][ T6023]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  978.274595][ T6023] RIP: 0033:0x7f925409f709
[  978.279002][ T6023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  978.298591][ T6023] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  978.306984][ T6023] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  978.314936][ T6023] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  978.322900][ T6023] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  978.330910][ T6023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  978.338861][ T6023] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:48 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_setup(0x3ede, &(0x7f0000000240), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100)=<r7=>0x0, &(0x7f0000000140)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x5}, 0x0)
r9 = mmap$IORING_OFF_SQES(&(0x7f00000d9000/0x3000)=nil, 0x3000, 0x2, 0x13, r0, 0x10000000)
r10 = syz_mount_image$tmpfs(&(0x7f0000000340), &(0x7f0000000440)='./file0\x00', 0x401, 0x5, &(0x7f00000016c0)=[{&(0x7f0000000480)="aa2bfd25635856243d92e368b5ca513f35db9cacf7137cc0ac040e649890c339119440336d8d741fc62ddba716d189e71413b43c8e8e2cd9ab72461f5e737a3735bdb35bc809934893b567be0795e8cdc1e6ffad565c3471bc29e631836dce134cf946d46c8359a2ce821eb54a89fd4b9f67594cbc5f58b96d2eded0b5dc23d05c1df399a98eb9b8dbc0ba9490fcf0f58d4c76be74a374f28c9c7aa63bf5db915f05a99578653c5053dbc985f13b48d47af97b04045a081d6e262a33359c6f8cde5ee7eff317d87d20fb9a032146d1588b42f6d9c7bc3337713528a5e25a73a5ea33499a4e9155e2a84cd772ddd7835476de9c5512586c", 0xf7, 0x4}, {&(0x7f0000000580)="7fffa43170ddd9267a6fa31626d143ffbcd96260c8cf83c418ea8056", 0x1c, 0xa6}, {&(0x7f00000005c0)="6799acb42e5af7c3ba525c0b745668864aa3d2ecda01f11533bd1089cee478e3ce88e52dcc6aa62953f8bf69a5e68456c1c43ff2f20b0ae7fb7b20fa61746c870081fd2661ebeecc7db14bf37483c02c19c81373f88b8ee9e1a0a4da38ab714c1482dac4b1ebb622f4e84430ae68f240f25f4596a84d215971b8437700f3628f15bee9e93fcaa5efa10500937f716f9ea32bef44c51987", 0x97, 0x40}, {&(0x7f0000000680)="385dc466e669377d3a83d8ea70d5430f35e4f2ae980f124d8c125656c6d7b2f0b383fe960a858b8d57ecda2fb88108d82e91999c4c6c48a321fc107428dca3092ed5f58d5d1312e9a2f5fb57a1a2cfaed23ad4624ab07717453f6b205f7467561f2f3a215da2d1dcb149a94215714bffbe9cd07230a88128993a3582ca0fa99b6f281b48f6a34c059782dd8eb49783b4f79331427ba68a63c20151b614d0e4aaba1a1b643085ee739cc6cc60303d10187e14febdd266f953640e74840509c4f499a73d323a266635ffb22a8cef4b60aedba2afb3702331d58167627c666c1b4e09fcf28d295eb4e06007a01139e6f30fe671f25ba668b1d6720ed414e078b8430a2684911347383df6733454b40977f0d797b67dd41548073317a6a9468ec9dcb8c49daa8a59caa6de89034ce4124e716557f8f123a7ff31c84cc76b8fbe2a9d5093cde9ef2735cd945d44e4ef2157a80d88de13fb833e461f3e648736ff89bfa2e9135183454a7a398b11c4aca16a401ddc62729393ca77be0cbd4f2c48bae64d50f1b31b7d7ff30571bd89f9a9abfeaec89483505fe4482fb401dd32e608608d1d0da0e691cd5ca7c1be2a187598b32d7e3305e586d49758e24ae4efa9d478b22ac82d17ca29b3a5c019e8da6e900e976c9417332b3b99f2103cf871682e2f36c0d07c1d164d85ce40d10762ebc3dd1248eee5993445b05b81010285a56ef390e397544695342f87bd024898a0a4d20b1d997d1ca13119de9b4d6dff26568b73b15c67698a373cef7847551239cebb3bfd5a46f7acb33c5f2200034046a163304e4137bcc896a037c8e046ddfe5ccdc93fd8920377d41f049d72e702933d8f06d1efc47d330179c9f829d55d790ebfa49498ac619593d78d8fe1d79b5e911ec41c736df71e202163983b76d03420e977e7ec3e1f6420a1f015e5e5669cb2dad4a455f1976348863d2a0ca2800294da9b618058515da9129b13e11d9f80cbb8e2689f91a7b66286e101245f563aa99314829df9d599f2c3eddb43e4f88309ff36b2b48abb7f31d31bd09ef090f41c26c268024b23a87a0f871ff7e5d746957df82ead1e6a87a8e17628e2313f96beec078fa06abb3fe8993dfc4208515c943e794950d3a383d730cc08283db860d4312e2365cc8a9b60b9a351f4aec22e87d7b72e8b84a4ab8c1443ff333aea335688d522aae7a06d9e09af0cddc0bf964167f44ed1ebda3bb5cb9339f126f17a841427bc4fc4dac53a35906fa170632655c683413e23052c3c716091dcc6e9eacff675bc0d9615f650e86e2b04ca34fad2707c45d1dc665531b5fe35fad507bd45bf62b2b75175d6a968c5a2b242a10ac236c4aeb2049d9bd7e39dacd78ebf0ac1e99545db3324722d21929f5050a71121f7e30635b976558df734ab653c8da382b8c7cb3605e99fc860871daed1d69955a944d009e8ddf00522d0454a0f5a6ffac3fb2b3492a53e1f00c4c00dd1db140e7017cfbcb834e5f38e5957e51c76e26b2cab0e6084ffde1cc940080199a5e78f0bf1ff9f83e3d8202ffa7558579a850c9a20a61324b8e95ce8954501b9e05827e66b6c77f07cd59d26c7b155756164684d858dcbee8c0c559367e1a6f14c4705f8c68423b84e12022aadd8c5b4a932e290c4de8836d0b9689b9361951c0c8b4eff45b6f3c95eab9788b14e72e1c891c79cb054d8d4543a753652701cfd69454d4b9152773484764f7260ee7710bbb0ca66ca5c5a1499317365737f8473ec5028850508b3d251449391bace152085c7fa98decf44551e97f67d0d1a91cbd93f7d565c1cbdce683226068b93bf2ed36a73f00bc4285a458702a135b263ea902628dc2c9bbcdc4808c50002e820630c85a723f3b5c9915226a8e16a9d3bdda080e1a2df5f991c0331b2389adff8918ec10d5273f44bc32b5ee7a84ff15a309e300204c8cdc57dac60cbd2117777414f9e452e760bd63330656edb2209b9a7d2f6a3e296d6616f71643c219b8f1e5e512178341b2c51ae54afcba67ba18787e3310999be4f622ce25ccdac9ac79b7f4f62132322ef9e9437fdb546948e0f31770af9bbea8140b2100905086f44970d77ed5a7508e11651fabfabdfe2015fdb3610774ea809806040d5a2d3f74f456d5dbc479e41139ec8c9a22d01bcbe984a1b573876ddafacaaaa4f4cf4b208ef99891fffe009136e32a4129aeba83ed5613896a0389fbec8c6f61d6a9f4d0d4022f4510fbd2107cee04e7629579f5338c7742d7c8b29296f3fe7df1edd8ccfd9c8802238a96d156482bccc92395549b0cf2ae36b51227cdd28b33081b7ee9901b4a098f4fd2ffc5f6abccb618f931f4953555e0f5cfe32c40b1823f3c832072630893d224ef1f65a614e8e2e7d299d28c445e02c6a33bbaf348674dec61bd4f9210cefcb2a40d1731b163e4562f19c807cd876497e8f9ae01a69d4237cf8e9047096e0577e49b66fcdbf659c6dea1535e3547de620f92c996563fce959b8a7b6080d18a13b2c313f501aa87136348c6b51f9acbc8d5435dcfd74602adf502f9f61dbe2f4e8cbb58400e520859f65ce0558ded76a90338048f2a9f384fbda204e911103fc6b94fad262f76983dd1fd2802d731cd715c6d5d92025e108e326b574be8f6ec65a5b6e7e8dd6dd5c2cf71d9bb308fe7994c62be4cdb5e2d21dcd157784399ed477164bd723b0b5d1b669518492dbc8742098ebd8a87381cb6378b38256d8fd810212c7c31632c0045d656ee4c6b06adf02ad8a135e9200c6c85d222fb6865332a05e7f7eda936e1d2db8750497510ef394f8054f1f7ce11157da68decf1a1da5bf8a66cd1080d7af4586b290d66739c2ed54ab25e031fb8638fc08748605cdb1024d4adbed152fa265fb3f2e993917b25f8a8e5d22ade7550bfdd00cbbb40dcfdf7cf3c914fa29a7bf6d5f60176bd59ede690b689409eb28f5e3fcdb7d46384c737149d242b155d367fd39fb84a18851a574155b12389a3d7a2c643fdee9babb1828649da3c253e3c4a1beff8f16c7e5a40a071829dd23d20f35e7b624d207df83a8345d88df50ce7a5ca276b01adad67435df12cd411a551fc3a97478e3ea86962767cc271f9cd96bb7b07bf7845488aa2c8107aaf5519e902d3e3765e9e8144d18120dcf2a24391c110ef1599af1a5551c3ca7310b14250bc7b92aa530450c239058700bebdd71a57624bb342e2a7aa4f14e71e53373a0e24cace219138987b3e4af0c736e5f79b0d525ccba673237e5befc7f6262f3f5be3af4603a890541f231feaa7461f24a46a87d4ce532fe8b5f795d0e33e81da69fa871d0f7f7c354e894d9d827f9a658120a19e030fa2c59459f0baf363e9bae8b0eb342089d43c47dd6b36575bba9d0710798b6398aa6480f4e05621104ed3233f34120db720aafb0598f08fe4962c237dd3b4095fb3d981304f026077c644ba89baa3488b317456b6e08420a37c4f874f144d6e895ba004c6b0187f2082780ff212b6e0a664aafe418aa0ede88527d95aec8f23f64637dda78fcdfc2b2fc42063189922bf86e69bca1f45f58e7ddca8f5d4c4b056da566a50f6900e38db741e959f97b9331af2c8c6cb565a4a638d1055031739384f38c353ef70d9e743528d6d204dc520d9ad296643dd712d07f21ad343f8cb2497c9939f8801e2656724925af864d6702d8be16c6476d8e0b98632c5239483730bab1a993bab9092380df541b7e9fe5fdac2fa6907af9c465e100a9ca3c4d7c1f4fa24e0c34d6125d10b5ce4213546b465a85c50318195d3babaca09254588cb011e819bcc22311e97257a533b9b886ce47b00a5dd632d85c4fcc48e2962fd61105bdb981ca1b7aa4743f25d83123c0a250d328b109a54a45ebec22be20ba85d24ceeb9eb31d4eb015a61b37d65ecc44744e6250ed684bf1380779ea9a83aad05cfe29e9bb3c2a0733cfd8e38d1c42ff0f43b8d0cdb9020806722f89ad4f1ffe8ba5a580e74605bf544c9ff4487965c7c9841a4474bc737c3ad5139e4c45e7644b3f0efd20c6fe226f58be9675ee4bcf756a02a91698c0904c717c04a6bba7b917d7daf65382da102ab7ab0d934535cc1b86e95589f2e28699d30b57ae83907173592eda30fdc5cb85b9f3a9e2b77d6816142d34db6a93705a7575d4b8ef88769d2b9ff22114b027ae14b5511634c4f5004f97df294ea1db8428562be13e9b3b3278d50160c0c71730bdbdafc249fcd19d582946de640d62375e647be8f6aad66ea60222d131ba937781fe063dffc2d8f81fc4849f3301d4ec3913feebdfbe702df57ea1535dd00245f281249de31eec54b3b51a6debdf9656bb0eed30fba5aeaf140a78f94ce99480167432409df574a979e73031d52e9ad73da78c736c7fabff973baa0270e793305b482c377f057e5ad6f91e3326556c0f184e835b36452615efbaf93924d1ac045b170b9c5feec2abe0ae965cadcd4d9d3b0cae14cc7d84f4dedac8d653ea25d917303ba563b47a2eaccf72a7a21acdcd908d37a2bddc1531b9b3b546bddffa94fcc06e398f5fb5f27e87f468f9f569ade0e9d8e599a7d0901ad8c37ac9e0d9e9897a0e15ef9e760e2ce1dca0fd1725274b5a61749a1bf1cbb248fc943f89de7d843285a12fab007ebaf633a47705654e318b135bc6bad3e779bb80a6d051a90a669c4f8a643c92fb3eab4c1480e3a50f0a80ba878b442f38204bc1cc158626ea4908920f6d05caabd19f1b134de138534242664df8eb1a439518aa5d80953430f2657ddb3fb0e3fa61f819024e621f9aba35e2bfd24f526c84c0b45a5d2d892bd80bdbafae355469dec088b24b2ce81e33e4c45aac5e6a68517185dc626d118a2d2f45278a8447090f135f7549c0150afcb58c818cd7ffa92d99f04995d48a267c370325ee8d517f3452ca4e075e1c7c10f16719e138779dcd74eb77430a101148ee8d2e1b65c357796052c66d407aacf4d11881a66111cf3cf712da76c89cdf2af53d18f1f23205f8f7145727bfe443e368fb7539a6383c1ebd2748649eb38a0382a14810bbbb137f58d4df58abe5c150828d8e25af7f0bd0300c1ceb982452bcaa4304845cd18751672a25c987cd754eb4e188aa337470be04705ccde158ca4148705610c1d33a0829a7dd5f65717d44e1414d89bfeee969134b76e250a8122bdec3c5cebe941621af3e9029f374343ab53cd7454cd4686457b9c59befacfe92762552502107e45f81a35b0afd344f31a9a2b1973683de34b925c05cdd00604318ecfb870b22d6a24bcd169ef1d3a2650f82497b0493313a3d9bff1fb35277832c8dc708a3e4583c63c1894480a75b2df70349ab905a92324236b6a0832991ed20768c36108fbe9ebfaeb4f534863d6c6297eae51723ebc9be3dc2371244d11451a27ad4ff98b6b41326114dce4ca473dc784affe15bc5fc42c3aec022956f4b6e987d1cabad9bfdace1092400cf7fad1e2edd10762893c04dfb69bfa7f551b7d4661133bab23f76e1a8f752232f9a4564a44710e4a95cf598d0783ef86fe819947ba58a1cbb1d84a527dc5a975fb292d6665f09fde6c461e36b442640edcd4cdcc499dd1ff8b6078f6b07a6d432ff30f8c41e4d6a64acfcf9df33e03f2e36b4bf84e2628b20e5c65dbb74227c77baa635d8bf4ae967a79766962a34282dabae40bf207edf6e71f1b2efd72c07d1966c57773a15731c35c9b24033f6561ac48a632e8ddde2a969b591b78076c59e264769a1f35435c9ad488ef934897f6b02646f8886683696583e840c4510439e65c28b6b83b34c8d662b9f9", 0x1000, 0xffffffffffffffe1}, {&(0x7f0000001680)="0b348d5365f0930ff4adf8a3053e04ede2e7ada93008757c1c0dfea64ea2710df428c219ad4a5131993fbe8baa349afb76be6d0ec9e3a1d8615b", 0x3a, 0x101}], 0x1000880, &(0x7f0000001740)={[{@mode={'mode', 0x3d, 0x7}}, {@gid={'gid', 0x3d, 0xee00}}, {@huge_always}], [{@dont_hash}, {@uid_lt={'uid<', 0xee01}}]})
syz_io_uring_submit(r7, r9, &(0x7f00000017c0)=@IORING_OP_CLOSE={0x13, 0x0, 0x0, r10, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x7)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:27:48 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x9, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:48 executing program 0:
r0 = socket$inet(0x2, 0x80000, 0x8000)
setsockopt$inet_int(r0, 0x0, 0xa, &(0x7f0000000080)=0xf, 0x1)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000200)='sit0\x00', 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
recvmmsg(r0, &(0x7f0000000640)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000040)=""/39, 0x27}, {&(0x7f0000000240)=""/224, 0xe0}, {&(0x7f0000000340)=""/203, 0xcb}, {&(0x7f0000000100)=""/167, 0xa7}, {&(0x7f0000000440)=""/178, 0xb2}], 0x5, &(0x7f0000000580)=""/155, 0x9b}, 0x7}], 0x1, 0x1, &(0x7f0000000680)={0x0, 0x3938700})
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r1, 0x0)
setsockopt$inet6_opts(r1, 0x29, 0x37, &(0x7f0000000ac0)=@dstopts={0xa, 0x2, '\x00', [@calipso={0x7, 0x10, {0x0, 0x2, 0xe2, 0x6, [0x401]}}, @enc_lim={0x4, 0x1, 0x5}]}, 0x20)
preadv(r1, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
r2 = accept4(r1, &(0x7f0000000980)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000a00)=0x80, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x800, &(0x7f00000000c0)={0x2, 0xfffe, @multicast1}, 0x10)
recvmmsg(r0, &(0x7f0000006040), 0xf7, 0x22, 0x0)
getsockopt$IP_SET_OP_VERSION(r2, 0x1, 0x53, &(0x7f0000000b00), &(0x7f0000000b40)=0x8)
splice(r0, &(0x7f0000000a40)=0x60691739, r0, &(0x7f0000000a80)=0x1ff, 0xb, 0x2)
r3 = accept(r0, &(0x7f00000006c0)=@nl=@proc, &(0x7f0000000740)=0x80)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x81f8943c, &(0x7f0000000780))

[  978.364212][ T6031] 9pnet_virtio: no channels available for device 127.0.0.1
02:27:48 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:48 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 26)

02:27:48 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  978.450430][ T6046] FAULT_INJECTION: forcing a failure.
[  978.450430][ T6046] name failslab, interval 1, probability 0, space 0, times 0
[  978.463078][ T6046] CPU: 0 PID: 6046 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  978.471746][ T6046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  978.481794][ T6046] Call Trace:
[  978.485166][ T6046]  dump_stack_lvl+0xd6/0x122
[  978.489792][ T6046]  dump_stack+0x11/0x1b
[  978.493961][ T6046]  should_fail+0x23c/0x250
[  978.498373][ T6046]  __should_failslab+0x81/0x90
[  978.503140][ T6046]  should_failslab+0x5/0x20
[  978.507643][ T6046]  kmem_cache_alloc_node_trace+0x61/0x2e0
[  978.513400][ T6046]  ? pcpu_memcg_post_alloc_hook+0xe5/0x1d0
[  978.519193][ T6046]  ? init_cache_node+0x86/0x190
[  978.524031][ T6046]  init_cache_node+0x86/0x190
[  978.528690][ T6046]  setup_kmem_cache_node+0x230/0x4a0
[  978.533955][ T6046]  do_tune_cpucache+0x271/0x390
[  978.538802][ T6046]  ? p9_req_put+0xf9/0x130
[  978.543269][ T6046]  ? ___cache_free+0x3c/0x300
[  978.547933][ T6046]  ? __radix_tree_delete+0x563/0x580
[  978.553208][ T6046]  enable_cpucache+0x68/0x90
[  978.557862][ T6046]  __kmem_cache_create+0x42d/0x470
[  978.562957][ T6046]  kmem_cache_create_usercopy+0x13a/0x2a0
[  978.568663][ T6046]  p9_client_create+0x6f0/0x720
[  978.573499][ T6046]  v9fs_session_init+0x100/0xd50
[  978.578427][ T6046]  ? avc_has_perm_noaudit+0x1c0/0x270
[  978.583783][ T6046]  ? should_fail+0xd6/0x250
[  978.588295][ T6046]  ? v9fs_mount+0x41/0x4c0
[  978.592782][ T6046]  ? kmem_cache_alloc_trace+0x30e/0x320
[  978.598311][ T6046]  ? v9fs_mount+0x41/0x4c0
[  978.602714][ T6046]  v9fs_mount+0x57/0x4c0
[  978.606939][ T6046]  ? selinux_capable+0x34/0x40
[  978.611685][ T6046]  ? tsan.module_ctor+0x10/0x10
[  978.616523][ T6046]  legacy_get_tree+0x70/0xc0
[  978.621103][ T6046]  vfs_get_tree+0x4a/0x1a0
[  978.625510][ T6046]  path_mount+0x11ec/0x1d20
[  978.630012][ T6046]  __se_sys_mount+0x24b/0x2f0
[  978.634702][ T6046]  ? fput+0x2d/0x130
[  978.638666][ T6046]  __x64_sys_mount+0x63/0x70
[  978.643242][ T6046]  do_syscall_64+0x44/0xa0
[  978.647676][ T6046]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  978.653592][ T6046] RIP: 0033:0x7f925409f709
[  978.657987][ T6046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  978.677610][ T6046] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  978.686010][ T6046] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  978.693963][ T6046] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  978.701917][ T6046] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  978.709870][ T6046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  978.717899][ T6046] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
[  978.725948][ T6046] enable_cpucache failed for 9p-fcall-cache, error 12
[  978.732721][ T6046] kmem_cache_create_usercopy(9p-fcall-cache) failed with error -12
[  978.740603][ T6046] CPU: 0 PID: 6046 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  978.749262][ T6046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  978.759298][ T6046] Call Trace:
[  978.762562][ T6046]  dump_stack_lvl+0xd6/0x122
[  978.767141][ T6046]  dump_stack+0x11/0x1b
[  978.771299][ T6046]  kmem_cache_create_usercopy+0x21c/0x2a0
[  978.777005][ T6046]  p9_client_create+0x6f0/0x720
[  978.781893][ T6046]  v9fs_session_init+0x100/0xd50
[  978.786815][ T6046]  ? avc_has_perm_noaudit+0x1c0/0x270
[  978.792168][ T6046]  ? should_fail+0xd6/0x250
[  978.796651][ T6046]  ? v9fs_mount+0x41/0x4c0
[  978.801098][ T6046]  ? kmem_cache_alloc_trace+0x30e/0x320
[  978.806755][ T6046]  ? v9fs_mount+0x41/0x4c0
[  978.811153][ T6046]  v9fs_mount+0x57/0x4c0
[  978.815420][ T6046]  ? selinux_capable+0x34/0x40
[  978.820181][ T6046]  ? tsan.module_ctor+0x10/0x10
[  978.825033][ T6046]  legacy_get_tree+0x70/0xc0
[  978.829612][ T6046]  vfs_get_tree+0x4a/0x1a0
[  978.834022][ T6046]  path_mount+0x11ec/0x1d20
[  978.838519][ T6046]  __se_sys_mount+0x24b/0x2f0
[  978.843179][ T6046]  ? fput+0x2d/0x130
[  978.847064][ T6046]  __x64_sys_mount+0x63/0x70
[  978.851639][ T6046]  do_syscall_64+0x44/0xa0
[  978.856043][ T6046]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  978.861971][ T6046] RIP: 0033:0x7f925409f709
[  978.866366][ T6046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  978.885953][ T6046] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  978.894361][ T6046] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
02:27:48 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xb, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:48 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0x11, 0x400000, r5)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x7ee3233589471238, 0x0, @fd_index=0x9, 0xac, 0x0, 0xffffffff, 0x0, 0x1, {0x0, r5}}, 0xfffffffb)
r6 = accept4(0xffffffffffffffff, &(0x7f0000000440)=@nfc_llcp, &(0x7f0000000340)=0x80, 0xc00)
syz_io_uring_submit(0x0, r2, &(0x7f00000004c0)=@IORING_OP_SPLICE={0x1e, 0x2, 0x0, @fd_index=0x6, 0x7, {0x0, r0}, 0x100, 0x3, 0x1, {0x0, r5, r6}}, 0xffffff80)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x4)
syz_io_uring_setup(0x2de1, &(0x7f0000000280)={0x0, 0x0, 0x2, 0x8000000}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:27:48 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r1, 0x0)
r2 = openat$cgroup_devices(r1, &(0x7f0000000140)='devices.allow\x00', 0x2, 0x0)
sendfile(r1, r2, 0x0, 0x41a5e461)
preadv(r1, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000200)={{{@in=@multicast2, @in6=@loopback}}, {{@in6=@private0}, 0x0, @in=@multicast1}}, &(0x7f0000000080)=0xe8)
fsetxattr$trusted_overlay_upper(r1, &(0x7f0000000180), &(0x7f0000000300)={0x0, 0xfb, 0xa5, 0x0, 0x81, "7d582d71f3dda89351e52973dd8829f8", "86b7297164e9ee11145a1546dfb3a55a513f30566808ebba50d025b55d3e484c5ac263412f68568fcb055ed29efbffaa6327547ffbaa33b625f3011376f6de9cb6872a55cf2dbe6da33108aa07def3c127b24eeec38e6f908abd7a5d0868acb915d15b81d531aae484f77f1e8ba6f68f6806cd38838dfe6d5a94799a71b74c34642899740ae2d9f39845413b5414bbaa"}, 0xa5, 0x9353e82a870330e7)
setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @loopback}, 0xc)
r3 = socket$netlink(0x10, 0x3, 0x0)
writev(r3, &(0x7f0000000400)=[{&(0x7f0000000040)="390000001300034700ae65e1c3e4ffff01000000010000005600deff25000000190063000400000007fdab19fdeeec925e2c71011e46a917e5", 0x39}, {&(0x7f00000003c0)="c6c2eb277376e12d9a1a57b10578daffcd0f75197c0823b83cb9f54a454597fc2a07cfa64a710a492c66", 0x2a}], 0x2)
shutdown(0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xf7, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(r1, &(0x7f0000000440)='cpuset.effective_mems\x00', 0x0, 0x0)
writev(r3, &(0x7f00000001c0)=[{&(0x7f00000000c0)="390000001300034700bb65e1c3e4ffff06000000010000004500000025000000190004000400ad000200000000000006040000000000000000", 0x39}], 0x1)

[  978.902329][ T6046] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  978.910539][ T6046] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  978.918546][ T6046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  978.926497][ T6046] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
[  978.983819][ T6065] loop4: detected capacity change from 0 to 87
[  979.005885][    C0] sd 0:0:1:0: tag#5093 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  979.015742][    C0] sd 0:0:1:0: tag#5093 CDB: opcode=0xe5 (vendor)
[  979.022091][    C0] sd 0:0:1:0: tag#5093 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  979.031103][    C0] sd 0:0:1:0: tag#5093 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  979.040129][    C0] sd 0:0:1:0: tag#5093 CDB[20]: ba
02:27:49 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x8, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:27:49 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xc, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:49 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r3}}, 0x20010001)
r4 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r5 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r4, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r5, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r6, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, &(0x7f0000000340), 0x1)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:27:49 executing program 0:
r0 = socket$inet6(0xa, 0x3, 0x3)
fstat(r0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
setuid(r1)
add_key$keyring(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
r2 = add_key$keyring(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
r3 = add_key(&(0x7f0000000000)='id_legacy\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)="01c3d4b5beae7515c74540b879f0b2344113700fcaf8c56cc53eb391e2f5347e356ec5cea1a4c92f6e9ff98bf80b9b5e752eaf5a9e5b5204fac9c8f1f5e87e5066203f07f69faa0803e191dcbfbb4857ed665f279ef37c662bc96af02b684a32e4df21a14d22e410b83edac789cfff4177a79002808efb21", 0x78, r2)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, 0x0, 0x0)

02:27:49 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 27)

02:27:49 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

[  979.155807][ T6096] loop4: detected capacity change from 0 to 87
[  979.158407][ T6094] FAULT_INJECTION: forcing a failure.
[  979.158407][ T6094] name failslab, interval 1, probability 0, space 0, times 0
[  979.174386][    C1] sd 0:0:1:0: tag#5094 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  979.174589][ T6094] CPU: 0 PID: 6094 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  979.184432][    C1] sd 0:0:1:0: tag#5094 CDB: opcode=0xe5 (vendor)
[  979.193029][ T6094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  979.193040][ T6094] Call Trace:
[  979.193047][ T6094]  dump_stack_lvl+0xd6/0x122
[  979.199350][    C1] sd 0:0:1:0: tag#5094 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  979.209372][ T6094]  dump_stack+0x11/0x1b
[  979.212668][    C1] sd 0:0:1:0: tag#5094 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  979.217214][ T6094]  should_fail+0x23c/0x250
[  979.226233][    C1] sd 0:0:1:0: tag#5094 CDB[20]: ba
[  979.230340][ T6094]  ? v9fs_session_init+0x294/0xd50
02:27:49 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:49 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xd, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  979.253947][ T6094]  __should_failslab+0x81/0x90
[  979.258718][ T6094]  should_failslab+0x5/0x20
[  979.263222][ T6094]  __kmalloc_track_caller+0x6d/0x350
[  979.268516][ T6094]  kstrdup+0x31/0x70
[  979.272409][ T6094]  v9fs_session_init+0x294/0xd50
[  979.277343][ T6094]  ? avc_has_perm_noaudit+0x1c0/0x270
[  979.282716][ T6094]  v9fs_mount+0x57/0x4c0
[  979.286953][ T6094]  ? selinux_capable+0x34/0x40
[  979.291781][ T6094]  ? tsan.module_ctor+0x10/0x10
[  979.296631][ T6094]  legacy_get_tree+0x70/0xc0
[  979.301287][ T6094]  vfs_get_tree+0x4a/0x1a0
02:27:49 executing program 0:
clone(0x80002100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x117, &(0x7f00000003c0)="8d31e183156939000000e28c0b1dd2a357b265c8745b78376e18cd3d3dfcb946cf885a21539a0c4a081ceeb24ac13830c1beaa1b4dc69190f8d2802fab69347b9a915308c4829b4b43353c485f8bb2965cd7e1292aaa6375f12e594a37c9686d403d3a823ec2117496b2dd4837334f73c37edfd46003eb96a9c79d3de0cab4645adde76e8ac90dba5bdc53cdc3235210b2e21df4f23e22471e2d53415f8f4151d0b915d0c68708733778513261f1e9a548b33b5e8a96381e1d1ff7adcc95d49b4e5a7f1497d726ba6d35a1c89c4b200f63c0b8a455a19c00994f30c13cd0c08ac368d2d3e0423f0959abbe34ea129b4beb505903dfd43cf81e8f42776760740ecfdc955a9861272a4496259440ad7b27dca31131ee26e6"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x38)
ptrace$cont(0x20, r0, 0x0, 0x7)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
clone(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = gettid()
r2 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0x41, 0x100)
fcntl$dupfd(r2, 0x0, 0xffffffffffffffff)
tkill(r1, 0x38)
r3 = fork()
ptrace$setopts(0x4206, r3, 0x0, 0x0)
wait4(r3, 0x0, 0x20000000, 0x0)
wait4(r3, &(0x7f0000000080), 0x1, &(0x7f0000000240))
ptrace$cont(0x20, r0, 0x1, 0x9)
clone(0x40020000, &(0x7f0000000140)="3df6834adfd66b35afe0a7b79700266786309d7bd5f9a9f53298cc4b14db76f9694aad44fd465d5a177b6ce6556419bf76fedf2cf5c2a87c7154b112404a20ed2d36ea555e9ad33f5c84c1c78243d0d599c593381c8902ca6511c5015a556be0eef1e51736c1123f13205b623a96591ebb211e6a81cfb06f97ca73fc1331f76a85ecd4f9d431ccf043fb6e168f0f", &(0x7f0000000300), &(0x7f0000000340), &(0x7f0000000500)="1ea3042f422b826f275abf9ebeba704369b00c1a5e79533dfb7db2f3d532568e783b9b8f6f650bd586e06b043cdf88f2b2def1c10f0a6e47c0b853819f0fa123c378397fe2a986caed30db4cbe00760f87cb639168244bc1e85750675a6fa8fa347ed245c006d56325e3fb4846344398d84be70c431150630fa0777871e61a3c5c01f76e56dad187f03d036cfc59d28b48404d15c0c6f53c6c495699137cf64022beac2685675413ccda1ae5da51d3a17f965abd1b9dc42f71b06b642dc59dce8f1f94390a491dcdf2be29c2f467805c990ce876da1a9b112848579551d83300ed8ad997d75de42dcf8cb6f8004f5f3684f3fbf99be30f0490b347fad8bbfe95b19f82d6675b21e9fc5abb8c221506ad20931f891583f366af8b487191746f5b1ab666139b6c6f46b02a9384a91a898e14b40bc88f117832b7a0976fd3182662f17e3a05e42b4887424c25117ed584b9d185f9a18cb5510c07509e78a760cde94a2db0e9aa64679cdcb271f2f903df513026df2db521ba8587a17d671d1c225e8981324f9c51bd57c8d461ed0cd723c30a8e276a5ffc74beea9eda5a76e71c6b72a897ebb66dd5cfb4b720bc8c899cc0d25e938b95e5531d3f6c37fb33009d62ba360cacad0887e9949269faa22349e8ad668bc9e8ebf1d464f3e491482404fb3193b6dea972e7e72603bf50ff9c8678fd33e733af53cacb8334a5756fff2e8c2c479c776af0942144dad435270ea654f44c73c232ec1de86b3f2a9026e8a83fcaa995eaef2749f4c005f7296083598791dcc9a627bcc8d1804684b23fca38f410e3647b6059857545e99801f4c0ec1f37224b2a48e0995f165169aaea0143a25dd5b43bcc0e257867c6ee5c3317a4369a57480e62fda1621a8fa546245091588dcbb64e92c0f74066f2a6b946a60ed53d7a4342590b997d0f1b5501fcaefbe73b440e0a14e6c661efc6eb995becf7a336d53aff0f012fbe26041f7b2c3584d03fa5a453926a4878013bb47e30769976ada1434fbefe6c97890b0bdae1bc60a5eaa4d4e1a4ba72e1116860e0ea1ab04d3b7fa877a59faf53307d9dd2cdf5dca837aa596c9b036697a59e197fc742a0ae228604b7142f2006d2b03f02fac5dd367488867d0b4fb910a795011ff8a644424bb32070048a39713d189b4901938346116b73a0030cea975d373f84029e01bde70bdd005e6f5d15288de370bdf3559ebfb9f9b2866ac995b9d2de8cc0f0af63367c5fcabfc075d504af3880d0a373bfed016be37bd244528dad134e60addfa50c999345600bf3aee0fd627ad26d08ff53777f276da293dbca352cd4d68068cc6c35e69bbf65f3ceb28d3e92f928d541d0e6bee463769e0c7098f6197e0c86b4f71ed259754cefd01a7fa2d29a53d522f7dff1e0a07b56346cebf817b2047f6b34110f34dd19785d80ecc3d6c8068622f6d36a5fe47a6e630b5139295c69b6af07ca35ef51ef21a504dd994c7f65a45be42e33b2c09c19b4993caae12544ad8a9cff526e68fc241e038b264a43fda276d60191c9e2ec715f74fc689be5870c817af99e23f3ced76dcc03adae84312a2d04848348f0f391a2f0fdc20b7f63474aeb327c2b9ea45335d5e46304756930790dcb664ff208b435dbfcd898042a2a049cb6a793a043a4c5981260521999a1ef897114f39fe580399778ff563abf8c40229ea2c8080601aa2d34e017d51a23c5a22170b3aae5de5a94a1ea72aa9d5f709818f521e205d9b89b16de1b6a0f64147fad6d651a6c8d56c3c038e879a928129c3a214aeb39f96550c2edf5c6adecbab0431c231ba47a68236b851ec2bfaabcf830d37960133995672bcc665ee039f554ab1ec7599a6723e0b95bcac319db52fc287ef2b02c33a2c0a4168c9e86e9972f71e1f729dbde3686636c1064f44bdef57e7836689140a2dc11cf3691c230432bd4663a265a657d0ce68274f024df4db4083b977810f963522fffbdd05c99bcd371b0877b58b4facad7035babb9ab7c2c2e3b6bda2b79f14e7645d92c87713c6f1056ab9f8adb02fdd79762f11a5789fb67717363fdfaa9c67be9bc49905e4cfa1b512832d19cbb7c0cc1a007857e5a4202ec2f731fbae20acc21bb161d5c4c7104fc70f327576766af643fc949b571ad12f2cd700d1a6d54253b0b5581a97c8a1c628fed7f15c49a7d96c3762e7a59f096dedb890e722cf562fe7e4698017ba3b71537f0ff1faa2d5e454b72e594301427059314496b82a2838cf51d993bd332ee081e6d0661a08eb9bbc9911df21ea93fa5bf10a1385f22493a3417eb1741b160de5db1d7f44cf3163b2b9f4771370e61c3b8294800695aa63302d9957fc47ce7bafc3391c4929ffd1125017ee736bb25e018849f76b885f02147594d2f817dbdf81e584c8beeeeb7112b613809eb360e334a7977f8a705aa861b941c475c0d7eaf6167f49feba68987682091da497e7647f0cd8506719fdf11360938fe8c26a951de38285595dee26525e54021f80218979cb398ecf079c6017ed86a393fe2c20692b3f147b2e6537c75cae2c2cb1b2ce46a96ef2943f87b946cde9af41d7b604a88c0676907cddfd5a81ca5089a9499d8f83ccab7bbc00c79af5bd7f913de818c1fffa19f2f43db6b059f45abd80e5438f358676cb1627baf82777dd8a261c562c1638a095ccaa767fcf4c2a80f7284da3f70ea6c5c77c07d990bd93dc6e22c291d53916be122b570f61bb5e87cecfad96b2867348537b689afabeb1616a79d1d09f463d5fc1cf101863ba42c2500f6f460b098ee6800bdeda3ed917c35bf9c495aa5dff4048d881e7640736afb64491628726058f11aa54758c4b94dadbb2efec2498180d149a23bbcf0b5b42aba62142c0ab119a30c24bc91ad567d910859c436268f9ae9c81129f39830f435a75335698fae9a0e2ed010c606282ebce76d55173c32aaa54fb91b9cf15cf4361f6790bda77b4a73d4ef9aebc579f27a9e9109cc2094311e6a254b42f91148a726d14ffd2d1a0ff4547ee6c18748c136f471e326736e2b072ef83f25b0f1d7c8383fa1eccfd6b7ffbec926ae95f63d4bc788bbca3e909599babd0bef7fa00a51eee7bf3d66be130d64aeab8d8f57891a6af51947728907c33ef2801acd9d0abf554d5c2dab2dc2f8465626197153e6dd85de54a637a5e4e27f3be98dea5fc88a97835572a2a5494eaac18af80cc038e6e31f454ab937f3f8ef2ccb49d6abef09d39b478361bf3a05c26aea940a203632e8b2806d78959f085a1d4f1ecab741b3a03ca43ead1e379f944e2cbd10df8c02b356b59c5e2e994197b5383057e072ad332e5e229d43a44a8561f024d4f0e81adf7146c8e5fc1029553915802ce772f492352dbd640c84abe56ca324ad33502a692c6302ef74cdf547d0f4b1a44914dd62d9dc79159cb22482c3651dc0a50e522983c8625338de85df947143549e90d1e49f81f894f54b56a5346d66c778b3e8d37a07bede06ed56e8d0b44ad33b2f986ea3e972afde3b693eed75f798a6406b85b80ec0b8b5898d9fad531adb196259625f1dc591a4015ca2fcd5f5662726abb7c0a0a8040d866c041ab7a6aef53c25e1bd8b6eb2eebc2aae78db7634ecc297a6f0a43ce737bc56f7c3f0263936453729dd13310566fe9fc547c13db046ec014fe996491da223c527b3c56c317adaf14cca7f27fdb620b4e7df0dfce9a58e2ddc31f1a7a41d14ededc01de0d9891aa37cf49d507affa01c4e12cbc2d6a9797b4e576c544cfef64dbc0f5f3c54a268f77e9e96f2b08a82fbc55796fad9d306fb4ab8f018acbf4202de9d5f567ab4dc2eb9ba406fde9eacb2747a7f37bc46182f62ee6ca18dc614b67cf17766780f1fdaba227834d9edfa42d5cf923b929571240952ca5ce0dbe569627e1325e86f6f79ab27a5de966fb44856c65ce91018652ae11e2a5b55263dbc19aeec54957179149376fe0766171bea1aafa847fd380fa71afb04fdf7b9b1fa1d2e93a9143fac18e4031e5069aa2f03ad1ddc62792014cb167d834bd6ea487ddbafd5ab9d78d18484a45b38ef67f0ce86b2abd22d6a61be109114395ef1ae10e0b228e4a8d9af62c824b55367de22d658d755280010bb0356fd6115e61907fa3a9e309579185c19b7f2951a73849e8b9be9cd701be0a41c4e333bf4214acb1ab1fe87eedb4c81392aa8da8d5b5109c763cec2344663cfbc9f0082266ceec702ec89faac1e2f3aab6590abd0ae1171f9222015259ac83a89071d2467a8a6e34213c9803684a772d4fde5ccdff892ff682dc79bd3cbf7c298fc738af81774f593dcc809b087a1ea4ac96217bf51a17ce3f18615b3cd495a4c8f9a35dc0e546e04bbcefa7b832dd17e4b036db4dc3223f0e893262c4f55aa32d1f2c3d605f337cfb00037b87bdc79772a344214efd746eb79b0a53bd3c4248844244d604675d3f4e83e585ac76990437b9c00c6271b1c5d89bc295dd16b7055526d609c8b24351a9a49fd8f5f4648e5e06a2e677ce4b9cd42fbdbe0db6619ac024d3bb3bc9749c63e6055ffebf6d2f0e6ce5a38ab42feb2f9bffa71946a795d6b1c4f7faa6f3ef68780af9cbd61074cb03d50fc250c0b1614b74cd15597aa8802d1e5f8cfa45f2d08825c6ac702c0b8279d0fd5f12ba2a99aaac35a0a8ba2bc8ceefe789f3a94dd058d1e1688a7267c533ce26897c327690e5cffc6f6a0d04d383503a4856557f8d468ed8dc3ed23146e07ce0eca099743d44d0a8d10f551dad0155f4d8fc19c866efcb80f9bbece555a76d15a46ba3b8e950dea48d0e1065b965590983a2d94609a66043aad4cd8b7ff432cb4786260eda491865593d611ab3e7f9af880d9163a8b1c653d9c7d83555970bdc946ba27e23777ab77af74115e6264b60451c561957c17a77959adeb9e515e862b1aac65cf79ea3282694db4e382fa07b92a5952df6421a3a34a43cc4281206fb65dcd4697cedda9afad79655d49125336162d0646b4454cc6e9b2b0627b98ec597c6e30fa16d5f2774b6c1e0feb6392311fbd4553a721999fa68bc4cd65677c59caa801f7acc8c165795863c57cd5634f575fc513f308081ef5314b36dee406b1b6f65f7a18ea8d8756fd762a31936f77b5ad4baa0d54838e3483c94fc09cf558e08e29ca4e0acf84065d57cac9e46fe8cf3b4e18579fbd71eabb2bd0bdad14e139b71185e6b019d2840799685135203a08e6661bbc9e0d098264545daeab34762ba4c9fecdb248b59347b055471c47c3bc7d8ad8e36f2f275328eb3c92a478a6dc98b1db4522537a3d7e3530c39ebecca0eda14e0dd144f9ecfa902f7f83c12fd446b6db9b8d7f740ebb991eafe2bcfada93e7e0e0cb6c08f5f55e46c8777acf1bd0fa49419026282d035fb3b0b74ba8f0c6356e5b6cd4dd6e1d5d04dd469b3d731e6f3f12a2932d091fe82fe9b4e626c9099f89785b647fc680a41403ccd2885b6275d9ca40d95eb6a0ba4e07c3ddd656152467fc7554558916b59ec8416961a25757e655d0af8d19d73f563ebe159493756c2f576c20582b2cd9aa07ac4d07abf6a55c745665b412bb086306c1529a4791b0e5edd33edcbfa71b08702043ea449f2a3a68c72c1dffd43f25730ef9c338c72a37fa86c1e474619d0acb19778d7df80c1fe5cdb800085a848291223db3d370f84b414a5c00c716353573ef52362f01db46df9327d8d0fea5ceaf197b4108ea8042f800cb1bf29210f28f6dac02b502751f578b431c7c0754c1aa7e7bcc947c657760e80980d518a1b11136e266555595ae588def3e2a2200e0")

[  979.305692][ T6094]  path_mount+0x11ec/0x1d20
[  979.310231][ T6094]  __se_sys_mount+0x24b/0x2f0
[  979.314909][ T6094]  ? fput+0x2d/0x130
[  979.318872][ T6094]  __x64_sys_mount+0x63/0x70
[  979.323449][ T6094]  do_syscall_64+0x44/0xa0
[  979.327916][ T6094]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  979.333795][ T6094] RIP: 0033:0x7f925409f709
02:27:49 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xe, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:49 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 28)

[  979.338188][ T6094] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  979.357778][ T6094] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  979.366173][ T6094] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  979.374461][ T6094] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  979.382413][ T6094] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  979.390397][ T6094] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  979.398375][ T6094] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:49 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x10, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  979.461376][ T6125] FAULT_INJECTION: forcing a failure.
[  979.461376][ T6125] name failslab, interval 1, probability 0, space 0, times 0
[  979.472129][ T6124] loop4: detected capacity change from 0 to 87
[  979.473993][ T6125] CPU: 1 PID: 6125 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  979.488831][ T6125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  979.498959][ T6125] Call Trace:
[  979.502232][ T6125]  dump_stack_lvl+0xd6/0x122
[  979.506818][ T6125]  dump_stack+0x11/0x1b
[  979.510971][ T6125]  should_fail+0x23c/0x250
[  979.515378][ T6125]  __should_failslab+0x81/0x90
[  979.520209][ T6125]  ? p9_fid_create+0x30/0x170
[  979.524886][ T6125]  should_failslab+0x5/0x20
[  979.529388][ T6125]  kmem_cache_alloc_trace+0x52/0x320
[  979.534720][ T6125]  p9_fid_create+0x30/0x170
[  979.539294][ T6125]  p9_client_attach+0x4d/0x2d0
[  979.540174][    C0] sd 0:0:1:0: tag#5096 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  979.544126][ T6125]  v9fs_session_init+0xb74/0xd50
[  979.544151][ T6125]  ? avc_has_perm_noaudit+0x1c0/0x270
[  979.553953][    C0] sd 0:0:1:0: tag#5096 CDB: opcode=0xe5 (vendor)
[  979.558839][ T6125]  v9fs_mount+0x57/0x4c0
[  979.564208][    C0] sd 0:0:1:0: tag#5096 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  979.570480][ T6125]  ? selinux_capable+0x34/0x40
[  979.574713][    C0] sd 0:0:1:0: tag#5096 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  979.583683][ T6125]  ? tsan.module_ctor+0x10/0x10
[  979.583705][ T6125]  legacy_get_tree+0x70/0xc0
[  979.588438][    C0] sd 0:0:1:0: tag#5096 CDB[20]: ba
[  979.611987][ T6125]  vfs_get_tree+0x4a/0x1a0
[  979.616398][ T6125]  path_mount+0x11ec/0x1d20
[  979.620970][ T6125]  __se_sys_mount+0x24b/0x2f0
[  979.625746][ T6125]  ? fput+0x2d/0x130
[  979.629640][ T6125]  __x64_sys_mount+0x63/0x70
[  979.634228][ T6125]  do_syscall_64+0x44/0xa0
[  979.638641][ T6125]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  979.644580][ T6125] RIP: 0033:0x7f925409f709
[  979.649074][ T6125] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  979.668760][ T6125] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  979.677270][ T6125] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  979.685276][ T6125] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  979.693233][ T6125] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  979.701183][ T6125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  979.709177][ T6125] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:49 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x9, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:27:49 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000480)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x1, 0x0, 0x0, 0x0, 0x23456}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
r5 = io_uring_setup(0x13be, &(0x7f0000000000))
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0x11, 0x400000, r6)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x4, 0x0, @fd_index, 0x0, 0x0, 0x3, 0xa, 0x0, {0x0, r6}}, 0xfffffffb)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000440)=@IORING_OP_SEND={0x1a, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000340)="38f5fef8387a958d0ef76be97e5667d7b2bac4f6839a99918ca0584dfbebd1f2b6bd15", 0x23, 0x10, 0x1, {0x0, r6}}, 0x3f53b0d6)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r7, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
r8 = syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r9=>0x0)
syz_io_uring_submit(r1, r9, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x5, 0x0, @fd_index=0x2, 0x0, {}, 0xfffffffd, 0x0, 0x0, {0x0, 0x0, r8}}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:27:49 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x11, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:49 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:49 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 29)

[  979.828821][ T6153] FAULT_INJECTION: forcing a failure.
[  979.828821][ T6153] name failslab, interval 1, probability 0, space 0, times 0
[  979.829883][ T6154] loop4: detected capacity change from 0 to 87
[  979.841418][ T6153] CPU: 1 PID: 6153 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  979.856263][ T6153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  979.866308][ T6153] Call Trace:
[  979.869574][ T6153]  dump_stack_lvl+0xd6/0x122
[  979.874175][ T6153]  dump_stack+0x11/0x1b
02:27:49 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x12, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:49 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x14, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  979.878342][ T6153]  should_fail+0x23c/0x250
[  979.882757][ T6153]  ? radix_tree_node_alloc+0x154/0x1f0
[  979.888223][ T6153]  __should_failslab+0x81/0x90
[  979.892241][    C0] sd 0:0:1:0: tag#5097 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  979.893057][ T6153]  should_failslab+0x5/0x20
[  979.893080][ T6153]  kmem_cache_alloc+0x4f/0x300
[  979.902879][    C0] sd 0:0:1:0: tag#5097 CDB: opcode=0xe5 (vendor)
[  979.907328][ T6153]  radix_tree_node_alloc+0x154/0x1f0
[  979.912098][    C0] sd 0:0:1:0: tag#5097 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  979.918412][ T6153]  ? ___cache_free+0x3c/0x300
[  979.923694][    C0] sd 0:0:1:0: tag#5097 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  979.932662][ T6153]  idr_get_free+0x22a/0x5d0
[  979.932680][ T6153]  idr_alloc_u32+0xbc/0x160
[  979.932698][ T6153]  p9_fid_create+0x101/0x170
[  979.937356][    C0] sd 0:0:1:0: tag#5097 CDB[20]: ba
[  979.946348][ T6153]  p9_client_attach+0x4d/0x2d0
[  979.946370][ T6153]  v9fs_session_init+0xb74/0xd50
[  979.974604][ T6153]  ? avc_has_perm_noaudit+0x1c0/0x270
[  979.979968][ T6153]  v9fs_mount+0x57/0x4c0
[  979.984276][ T6153]  ? selinux_capable+0x34/0x40
[  979.989027][ T6153]  ? tsan.module_ctor+0x10/0x10
[  979.993862][ T6153]  legacy_get_tree+0x70/0xc0
[  979.998438][ T6153]  vfs_get_tree+0x4a/0x1a0
[  980.002834][ T6153]  path_mount+0x11ec/0x1d20
[  980.007377][ T6153]  __se_sys_mount+0x24b/0x2f0
[  980.012043][ T6153]  ? fput+0x2d/0x130
[  980.015923][ T6153]  __x64_sys_mount+0x63/0x70
[  980.020559][ T6153]  do_syscall_64+0x44/0xa0
[  980.024962][ T6153]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  980.030842][ T6153] RIP: 0033:0x7f925409f709
[  980.035239][ T6153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  980.054826][ T6153] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  980.063221][ T6153] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  980.071179][ T6153] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  980.079138][ T6153] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  980.087117][ T6153] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  980.095070][ T6153] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:50 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

[  980.206137][ T6178] loop4: detected capacity change from 0 to 87
[  980.237487][    C0] sd 0:0:1:0: tag#5111 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  980.247338][    C0] sd 0:0:1:0: tag#5111 CDB: opcode=0xe5 (vendor)
02:27:50 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
r6 = syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_setup(0x13a6, &(0x7f0000000440)={0x0, 0x1cf4, 0x4, 0x1, 0x1fb, 0x0, r6}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ee7000/0x3000)=nil, &(0x7f0000000340)=<r8=>0x0, &(0x7f00000004c0))
r9 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r9, 0x0)
preadv(r9, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
syz_io_uring_submit(r8, r4, &(0x7f0000000540)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x2, 0x0, r9, &(0x7f0000000500)={0x60000000}, r6, 0x1, 0x0, 0x1}, 0x2)
syz_io_uring_submit(r1, r7, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:27:50 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x22, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:50 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 30)

02:27:50 executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x14, 0x0, 0x800, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x44000}, 0x4004800)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0xf5d, 0x0)
r1 = syz_io_uring_setup(0x777e, &(0x7f0000000080), &(0x7f0000395000/0x1000)=nil, &(0x7f00006d3000/0x1000)=nil, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000000)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000240)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r4, 0x0)
preadv(r4, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r5, 0x0)
preadv(r5, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
io_uring_enter(r1, 0x450c, 0x0, 0x0, 0x0, 0x0)

02:27:50 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xa, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

[  980.253778][    C0] sd 0:0:1:0: tag#5111 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  980.262820][    C0] sd 0:0:1:0: tag#5111 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  980.271860][    C0] sd 0:0:1:0: tag#5111 CDB[20]: ba
02:27:50 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:50 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f00000004c0)=ANY=[], 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r2, 0x0)
preadv(r2, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
vmsplice(r2, &(0x7f00000002c0)=[{&(0x7f0000000140)}, {&(0x7f0000000200)="2ea3acc51c4a111b652cf9dcbb88eef61e055c100353f44e1140dc66f3112800a327c858c91a8c85af218a93ce4ba3e4ab46af62e7e3ca3914f3e105b934f7c4460aa62d2e0e08275ab0eab589d5677d987482eff0a9cbc90762031e6b0ca0de40293fe590d5c3713284785f50b19fbd90b92dea37535c091df80da8e57bd388ea37a7cee7113a97187c6c7b1b65c5", 0x8f}, {&(0x7f0000000380)="ffbb2021cbf4e054d2c6791474fbfcc8c724f4ac195ce853c323d07789527a07f99aac6f4b9f6451c3e4a614d5a78cbc3ca36a70395450b445e7995c1ad3b05807de876aaedfb25ab45ab038a7919dce55ed9af8c4cbca811c321308fe4f59bdfb97ee4817d5499db028436ca3a4a0dbd5a586985bdd943d5a103c1f41096f91e75ca128dd1348ecde552de93c26c215016f1c91f8bc", 0x96}], 0x3, 0xd)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="400100001000130700004e1e00000000ac1414bb000000000000000000000000fe8000000000000000000000000000aa00000000000000000000000033000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000032000000fc00000000000000000000000000000100000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008001f00", @ANYRES32], 0x140}}, 0x0)
sendfile(r3, r1, 0x0, 0x100000002)

02:27:50 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r5, 0x0)
preadv(r5, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_WRITE={0x17, 0x3, 0x4007, @fd_index=0x6, 0x600000000, &(0x7f0000000440)="8d9c1bfe78b793e7a997da864f8f6197dbb345e9f300a65f6eaa2a2d64f03ff23a41091251f69985ac76d06f25d454f1971aa0fb40ae9bf9a7986f450467b5ecd6e66cbefee887846638720fb107d03d902cc55d720d9b348cb41fe94c985c7f3eaa1c20d7188503abb557192fce81cc09c7279de795405e3878b64aba270f74c659f36e36df802e42054a4db19625bb4a7a00bff654c08e190c0f4f80973e162e1102eb505549f088b69d6740981d766f7311d64e8a77", 0xb7, 0xc, 0x1}, 0x8001)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x5}, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000400)=@IORING_OP_NOP={0x0, 0x1}, 0x10005)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

[  980.309193][ T6191] FAULT_INJECTION: forcing a failure.
[  980.309193][ T6191] name failslab, interval 1, probability 0, space 0, times 0
[  980.321874][ T6191] CPU: 1 PID: 6191 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  980.330548][ T6191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  980.340683][ T6191] Call Trace:
[  980.343965][ T6191]  dump_stack_lvl+0xd6/0x122
[  980.348565][ T6191]  dump_stack+0x11/0x1b
[  980.352729][ T6191]  should_fail+0x23c/0x250
[  980.357221][ T6191]  ? p9_client_prepare_req+0xaf/0x4e0
[  980.362659][ T6191]  __should_failslab+0x81/0x90
[  980.367437][ T6191]  should_failslab+0x5/0x20
[  980.371981][ T6191]  kmem_cache_alloc+0x4f/0x300
[  980.376739][ T6191]  p9_client_prepare_req+0xaf/0x4e0
[  980.381935][ T6191]  p9_client_rpc+0xa8/0x660
[  980.386424][ T6191]  ? radix_tree_iter_tag_clear+0xe4/0x150
[  980.392131][ T6191]  ? idr_alloc_u32+0x110/0x160
[  980.396880][ T6191]  p9_client_attach+0xd8/0x2d0
[  980.401658][ T6191]  v9fs_session_init+0xb74/0xd50
[  980.406587][ T6191]  ? avc_has_perm_noaudit+0x1c0/0x270
[  980.411951][ T6191]  v9fs_mount+0x57/0x4c0
[  980.416244][ T6191]  ? selinux_capable+0x34/0x40
[  980.421000][ T6191]  ? tsan.module_ctor+0x10/0x10
[  980.425832][ T6191]  legacy_get_tree+0x70/0xc0
[  980.430407][ T6191]  vfs_get_tree+0x4a/0x1a0
[  980.434805][ T6191]  path_mount+0x11ec/0x1d20
[  980.439295][ T6191]  __se_sys_mount+0x24b/0x2f0
[  980.443980][ T6191]  ? fput+0x2d/0x130
[  980.447920][ T6191]  __x64_sys_mount+0x63/0x70
[  980.452534][ T6191]  do_syscall_64+0x44/0xa0
[  980.456969][ T6191]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  980.462869][ T6191] RIP: 0033:0x7f925409f709
[  980.467344][ T6191] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  980.486933][ T6191] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  980.495410][ T6191] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
02:27:50 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x25, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  980.503393][ T6191] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  980.511347][ T6191] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  980.519377][ T6191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  980.527331][ T6191] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:50 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_setup(0x74ae, &(0x7f0000000440)={0x0, 0xab6a, 0x4, 0x0, 0x1ee, 0x0, r0}, &(0x7f0000ee7000/0xc000)=nil, &(0x7f0000eeb000/0x4000)=nil, &(0x7f00000004c0), &(0x7f0000000500)=<r6=>0x0)
clock_gettime(0x0, &(0x7f0000000540)={<r7=>0x0, <r8=>0x0})
syz_io_uring_submit(r1, r6, &(0x7f00000005c0)=@IORING_OP_TIMEOUT={0xb, 0x5, 0x0, 0x0, 0x3, &(0x7f0000000580)={r7, r8+60000000}, 0x1, 0x0, 0x1}, 0x2)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
r9 = syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000)=<r10=>0x0, &(0x7f0000000140)=<r11=>0x0)
syz_io_uring_submit(r1, r11, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)
r12 = io_uring_register$IORING_REGISTER_PERSONALITY(r9, 0x9, 0x0, 0x0)
syz_io_uring_submit(r10, r5, &(0x7f0000000340)=@IORING_OP_ASYNC_CANCEL={0xe, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, {0x0, r12}}, 0x400)

02:27:50 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 31)

02:27:50 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x54, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:50 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x55, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  980.608766][ T6216] loop4: detected capacity change from 0 to 87
[  980.621925][ T6220] FAULT_INJECTION: forcing a failure.
[  980.621925][ T6220] name failslab, interval 1, probability 0, space 0, times 0
[  980.634618][ T6220] CPU: 1 PID: 6220 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  980.643336][ T6220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  980.653382][ T6220] Call Trace:
[  980.656655][ T6220]  dump_stack_lvl+0xd6/0x122
[  980.661324][ T6220]  dump_stack+0x11/0x1b
[  980.665535][ T6220]  should_fail+0x23c/0x250
[  980.668384][    C0] sd 0:0:1:0: tag#5113 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  980.669947][ T6220]  ? p9_fcall_init+0x5e/0x100
[  980.679788][    C0] sd 0:0:1:0: tag#5113 CDB: opcode=0xe5 (vendor)
[  980.684501][ T6220]  __should_failslab+0x81/0x90
[  980.684524][ T6220]  should_failslab+0x5/0x20
[  980.690834][    C0] sd 0:0:1:0: tag#5113 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  980.695560][ T6220]  kmem_cache_alloc+0x4f/0x300
[  980.695580][ T6220]  p9_fcall_init+0x5e/0x100
[  980.700060][    C0] sd 0:0:1:0: tag#5113 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  980.709039][ T6220]  p9_client_prepare_req+0xec/0x4e0
[  980.713809][    C0] sd 0:0:1:0: tag#5113 CDB[20]: ba
[  980.718268][ T6220]  p9_client_rpc+0xa8/0x660
[  980.742002][ T6220]  ? radix_tree_iter_tag_clear+0xe4/0x150
[  980.747729][ T6220]  ? idr_alloc_u32+0x110/0x160
[  980.752487][ T6220]  p9_client_attach+0xd8/0x2d0
[  980.757271][ T6220]  v9fs_session_init+0xb74/0xd50
[  980.762207][ T6220]  ? avc_has_perm_noaudit+0x1c0/0x270
[  980.767606][ T6220]  v9fs_mount+0x57/0x4c0
[  980.771839][ T6220]  ? selinux_capable+0x34/0x40
[  980.776642][ T6220]  ? tsan.module_ctor+0x10/0x10
[  980.781495][ T6220]  legacy_get_tree+0x70/0xc0
[  980.786084][ T6220]  vfs_get_tree+0x4a/0x1a0
[  980.790498][ T6220]  path_mount+0x11ec/0x1d20
[  980.795107][ T6220]  __se_sys_mount+0x24b/0x2f0
[  980.799800][ T6220]  ? fput+0x2d/0x130
[  980.803692][ T6220]  __x64_sys_mount+0x63/0x70
[  980.808269][ T6220]  do_syscall_64+0x44/0xa0
[  980.812747][ T6220]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  980.818664][ T6220] RIP: 0033:0x7f925409f709
[  980.823072][ T6220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  980.842678][ T6220] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  980.851093][ T6220] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
02:27:50 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:50 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x56, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:50 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x9, 0x40010, r0, 0x10000000)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x3ede, &(0x7f0000000240), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100)=<r7=>0x0, &(0x7f0000000140)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x5}, 0x0)
r9 = signalfd(r0, &(0x7f0000000340)={[0x19]}, 0x8)
syz_io_uring_submit(r1, r8, &(0x7f0000000440)=@IORING_OP_WRITE_FIXED={0x5, 0x3, 0x0, @fd=r9, 0xe0, 0x7f, 0x6, 0x17, 0x1, {0x3}}, 0x401)

[  980.859056][ T6220] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  980.867029][ T6220] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  980.874990][ T6220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  980.882979][ T6220] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:50 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xb, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:27:50 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 32)

[  980.982083][ T6248] FAULT_INJECTION: forcing a failure.
[  980.982083][ T6248] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  980.995373][ T6248] CPU: 0 PID: 6248 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  981.004061][ T6248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  981.014112][ T6248] Call Trace:
[  981.017389][ T6248]  dump_stack_lvl+0xd6/0x122
[  981.022062][ T6248]  dump_stack+0x11/0x1b
[  981.023287][ T6250] loop4: detected capacity change from 0 to 87
[  981.026216][ T6248]  should_fail+0x23c/0x250
[  981.026237][ T6248]  __alloc_pages+0x102/0x320
[  981.026258][ T6248]  kmem_getpages+0x1a/0xd0
[  981.045739][ T6248]  cache_grow_begin+0x4c/0x1a0
[  981.050509][ T6248]  cache_alloc_refill+0x326/0x3d0
[  981.055541][ T6248]  ? should_fail+0xd6/0x250
[  981.060057][ T6248]  ? p9_fcall_init+0x5e/0x100
[  981.064726][ T6248]  kmem_cache_alloc+0x278/0x300
[  981.069560][ T6248]  ? p9_fcall_init+0x5e/0x100
[  981.074227][ T6248]  p9_fcall_init+0x5e/0x100
[  981.078718][ T6248]  p9_client_prepare_req+0xec/0x4e0
[  981.083906][ T6248]  p9_client_rpc+0xa8/0x660
[  981.088396][ T6248]  ? radix_tree_iter_tag_clear+0xe4/0x150
[  981.094103][ T6248]  ? idr_alloc_u32+0x110/0x160
[  981.098854][ T6248]  p9_client_attach+0xd8/0x2d0
[  981.103649][ T6248]  v9fs_session_init+0xb74/0xd50
[  981.108569][ T6248]  ? avc_has_perm_noaudit+0x1c0/0x270
[  981.113981][ T6248]  v9fs_mount+0x57/0x4c0
[  981.118214][ T6248]  ? selinux_capable+0x34/0x40
[  981.122992][ T6248]  ? tsan.module_ctor+0x10/0x10
[  981.127833][ T6248]  legacy_get_tree+0x70/0xc0
[  981.132413][ T6248]  vfs_get_tree+0x4a/0x1a0
[  981.136811][ T6248]  path_mount+0x11ec/0x1d20
[  981.141300][ T6248]  __se_sys_mount+0x24b/0x2f0
[  981.145964][ T6248]  ? fput+0x2d/0x130
[  981.149843][ T6248]  __x64_sys_mount+0x63/0x70
[  981.154478][ T6248]  do_syscall_64+0x44/0xa0
[  981.158885][ T6248]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  981.164844][ T6248] RIP: 0033:0x7f925409f709
[  981.169265][ T6248] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  981.188855][ T6248] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  981.197257][ T6248] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  981.205282][ T6248] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  981.213234][ T6248] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  981.221185][ T6248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  981.229136][ T6248] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
[  981.251748][    C0] sd 0:0:1:0: tag#5073 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  981.261614][    C0] sd 0:0:1:0: tag#5073 CDB: opcode=0xe5 (vendor)
[  981.267940][    C0] sd 0:0:1:0: tag#5073 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  981.276998][    C0] sd 0:0:1:0: tag#5073 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  981.286056][    C0] sd 0:0:1:0: tag#5073 CDB[20]: ba
02:27:51 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0)={0x0, 0xffffffff, 0x0, 0x0, 0x20}, &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ee7000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2, 0x10010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280)={0x0, 0x0, 0x8, 0x0, 0x3}, &(0x7f0000fff000/0x1000)=nil, &(0x7f00000df000/0x2000)=nil, &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
r8 = io_uring_setup(0x13be, &(0x7f0000000000))
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r8, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r8, 0x11, 0x400000, r9)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x7ee3233589471238, 0x0, @fd_index=0x9, 0xac, 0x0, 0xffffffff, 0x0, 0x1, {0x0, r9}}, 0xfffffffb)
syz_io_uring_submit(r6, r2, &(0x7f0000000340)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x23456, 0x0, 0x0, 0x1, {0x0, r9}}, 0x400)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd=r0, 0x0, {}, 0xffffffff}, 0x81)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:27:51 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x57, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:51 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 33)

02:27:51 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xc, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

[  981.557141][ T6272] FAULT_INJECTION: forcing a failure.
[  981.557141][ T6272] name failslab, interval 1, probability 0, space 0, times 0
[  981.569808][ T6272] CPU: 0 PID: 6272 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  981.578481][ T6272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  981.588533][ T6272] Call Trace:
[  981.591796][ T6272]  dump_stack_lvl+0xd6/0x122
[  981.596403][ T6272]  dump_stack+0x11/0x1b
[  981.600544][ T6272]  should_fail+0x23c/0x250
[  981.604941][ T6272]  ? p9_fcall_init+0x5e/0x100
[  981.609602][ T6272]  __should_failslab+0x81/0x90
[  981.614347][ T6272]  should_failslab+0x5/0x20
[  981.618831][ T6272]  kmem_cache_alloc+0x4f/0x300
[  981.623610][ T6272]  ? p9_fcall_init+0x5e/0x100
[  981.628271][ T6272]  p9_fcall_init+0x5e/0x100
[  981.632760][ T6272]  p9_client_prepare_req+0x13c/0x4e0
[  981.638032][ T6272]  p9_client_rpc+0xa8/0x660
[  981.642520][ T6272]  ? radix_tree_iter_tag_clear+0xe4/0x150
[  981.648227][ T6272]  ? idr_alloc_u32+0x110/0x160
[  981.652974][ T6272]  p9_client_attach+0xd8/0x2d0
[  981.657755][ T6272]  v9fs_session_init+0xb74/0xd50
[  981.662675][ T6272]  ? avc_has_perm_noaudit+0x1c0/0x270
[  981.668044][ T6272]  v9fs_mount+0x57/0x4c0
[  981.672365][ T6272]  ? selinux_capable+0x34/0x40
[  981.677125][ T6272]  ? tsan.module_ctor+0x10/0x10
[  981.681959][ T6272]  legacy_get_tree+0x70/0xc0
[  981.686544][ T6272]  vfs_get_tree+0x4a/0x1a0
[  981.690942][ T6272]  path_mount+0x11ec/0x1d20
[  981.695515][ T6272]  __se_sys_mount+0x24b/0x2f0
[  981.700185][ T6272]  ? fput+0x2d/0x130
[  981.704066][ T6272]  __x64_sys_mount+0x63/0x70
[  981.708644][ T6272]  do_syscall_64+0x44/0xa0
[  981.713097][ T6272]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  981.718999][ T6272] RIP: 0033:0x7f925409f709
[  981.723397][ T6272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  981.743004][ T6272] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
02:27:51 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x115, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:51 executing program 0:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
stat(&(0x7f0000000480)='./file0\x00', &(0x7f0000002880)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
openat2$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x800, 0x4, 0x14}, 0x18)
lchown(&(0x7f0000000440)='./file0\x00', r0, 0xee01)
getresgid(&(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000100), &(0x7f0000000140))
setresgid(0xee01, r1, 0x0)
setxattr$system_posix_acl(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000140)='system.posix_acl_access\x00', &(0x7f0000000040)={{}, {}, [], {}, [{0x8, 0x1, r1}, {0x8, 0x3, r1}], {0x10, 0x5}}, 0x34, 0x1)
setxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='system.posix_acl_access\x00', &(0x7f0000000600)={{}, {}, [], {}, [], {}, {0x20, 0x3}}, 0x24, 0x3)

02:27:51 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r0, 0x80489439, &(0x7f0000000440))
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

[  981.751395][ T6272] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  981.759346][ T6272] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  981.767298][ T6272] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  981.775256][ T6272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  981.783228][ T6272] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:51 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:51 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2e1, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:51 executing program 0:
r0 = creat(&(0x7f0000000500)='./bus\x00', 0x83)
fcntl$setstatus(r0, 0x4, 0x46000)
r1 = open(&(0x7f0000000180)='./bus\x00', 0x100000169042, 0x0)
r2 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r3, 0x0)
preadv(r3, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, 0xffffffffffffffff, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r4, 0x0)
preadv(r4, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
poll(&(0x7f0000000440)=[{r3, 0x50}, {r0, 0x44}, {r2, 0xa501}, {r4, 0x5000}], 0x4, 0x9)
preadv(0xffffffffffffffff, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
ioctl$BTRFS_IOC_SNAP_CREATE(r3, 0x50009401, &(0x7f0000000680)={{}, "5081b480da95bc51d441dcd2551f9e542938790ebe1479f2710186b4c8cb17c42fe0cdfdbc117d302f437557b58d87ac01b578a5a11c1c9b82bf0c3a5aa4bba5bb0d99cd21a7ea3bf890440875ff4264e4af515149a148612d5850e7d4c7df64bd9ee6c4e5528f365325e6754582454214604c1259064be3d93bb89cd4102569b432210eceecc46ab62363d38f578febaeee5d488defc0183ca6bd8180445335980d3ba87700ac27f518a684da93d391fd1753b34ff42eb6265ed1b7a29a832a99126956504ac98aaead92affb1ae35d8b81bba6bd23082998ab1ad95c63c8f10c563543057097dd1c99f09164231a0ad086fceccec543468b4124f0d0d082ad5b49876c986d5671517e36f4b96075fe6fd95b7e033804c52623b06062a6aa27720117547d1430e17b53f03e0b73cb34c5343d29096e03107849ff8ccc78f87f1b088acffd72f45509bb6f23ecbca93c1f8393dc802ce5e8da963d8a5a4263a9c965efb9629106bcc4c14e1a532b42422a172ee271b1a9c1f8261cbfbfcda58a635a251c3ab2befa5250dfafa1d835c66358bfe18bbb3bb5c5076730e2416d1ddd0bd3f3461a56b9028ce007a7cca7a1fd8e08f0c4cb6059a1bd5132ab7398d677c34b6252679fa35ee30191f3f0a666231014abe869a90ece1d70a2c8790d97d0e7ee42e728d6f1ee5ab79e49c6491b3a7cbd671ebe666d655d0f5f4ebe3c63a975319389a44aa7c7a0e6dd0fdaf7a7527393230e454dc117f8221349cbe50ef9d49a9062204008b0b51f93b76d531111fcf98613bdb9f497a6c47614baffa0510c4ffe524c8d7ac981436e738199c252b138b6e07e4968f4e491a1a2bc06f9bed4036e723d7dba29b76992a9f9968de24373adcddb8378be4a7516e66bef7122f815eaf3efe2d9046d7ed14c467aa640dcffc739574d40ba5f8a3a545c7df1d3fd25e18976f633460a10dc2f25a552cd2f5c1d958e7b83125273b4cf8631653fe353ed435402b37e883297b5f0b5ac36c3d6a4699d4a78df1680d6a219595b99441ee398add4603232f000fa5865bc862d307c32a8411398abdc37e29cfbe12876243467cae55b860ce2eaf2214f397afc298188b85a700598588978930591b9bccae46dd8cffb6eaaa71d2d2d287090b47a57b36a49d8b4ca8f7bf67f5f60684740fef6aa9bd68e873729992ec5cf264df91dc3969218bcee71133ff62ef50cda1ed12437ef9be62ad94b0218bb75d3195207a67602a4ddd917cb395420088ffa98f1c2febcfecbaf88818ab29fb5a660221e58f6ff5a2204fa4a4a45c596afcaacfd3a2dac57fc298277f6fd999d7467d9a60e6e5ed0ca83946a1e92ce6fb7bce8beae9b4b3f45606dc6df12c95c7c6ec5c49fec16fada9b47f2645a7b19065be0115727979cc9bec621aed7dfbdb45926aa9ed46399689963d341677642c75a2077968961439f78b38304893ef9703167e9ffc8238619d73e8e5d8bf8c6fdc65f7be8275bb954072a4b791ffa28a1ce68b34e17e79e18df4d70973bc5f8577ef76280895b38336b68d8413f9b9adc25ae5ebc5d1800349ee786e7d5926e4558e082c10e3d59b9a2cb81ee369d81699ffe2d1671f80793093d2217e727b44a6da9b528e77fb25afc6dce398d6532058880abae7cf354a590259d3c8a52f1c1f55e746be570c9dc66736dcce4081847e8818d7b8396a13b8eca2533fdf7577278d64be38c28888734163e63b420b1b32b6ab69a31130a8aba775332cf83eb549259b8b381c61b68586d9438de01bbf506231968a46751fb54f91a7e2cc9b3bad93bb0219407a9a4787592f8e7b943712477b506120d7395122c830a35ee7edcc31faa3d017ba20e4c6ef37e12372e8ad36bc81832a03ad0d4ddcc65d27b936dc0b10061227819d109e047c8fcf74b2687fa2a0ac19cf3e40fa34a753d21c41000591629a1b99e0c1688daa7360e0d6b6ed9693a1c7f43f2112b4414f3c7563d34846c05e66c67b13b276a503f57b769c5c55d1f71c0347ce977644e98edcd7945867756495281dcddb9becb0159793ebb13220bfdfe2cb74e79b263fbda14f365b9a5c46b1e7ccc14d9cd3dee72ca71c4807cc2e53006629eff509284bdafab4b1c2cb45630dfb9133c0106d284294c76b0b2aeb3dce81f62a3b7dafd74b086a2045d4715fc647a7ecbf01718ca3d1a9380491f7f65d22d38e39325c75771ff5ae32651525152d303d90c95d3926beda288be9754fb553d563ed24dfa2c3d8a6ae5c2efb0cf6af997f68ca444902fec946b4fd5c5bce0b234dc21af3e3fbfa547ff91b36c043c6c9793a8d4b43691f578e959de4c27d3754aa4e565a0fd0bd3cae9c29096d6d34a1c5da4640e1c6925a5e8d284ec858547ffabbfa51538af36602745e67baaf39fe5c2b9a4e932c9f227a442d56f4a871fc363a1935e709ed21f3dd5304957b8cf82cf68e9017c44b4f192d016bd73b2860937f0b464a2bd371b7aa86442988b02cf6d39ddf7b6c2372cf7cba9a7abd670deb0788b59c3461fabeb1b971f7cb84f93d06f9be216bc98072f7fe0ddb638f245a3feed0f703cb6f0df63d54707ec064476474845780a9d6a107d57655cdc0c4a560cdb19bfe6fd465b3c405d6f63aeabea76b14eb62244ad844d675701cbbef3b175b86df74a0928448ce4dc6f605927c7d5096982b0e31dfd05a3c1df994e991b9dddc33313551422275a59ef361fe33e23f89dce87df3e9302f531d1a7a828e9c277dfa28a2ad6a64af5fc05568e274774bc9d615f37318b3106836f8e03433037f6c5ad43ca4c3ecde38e0d579da89e0bd7a26bdc0cac8878f2af8c4ac9fac7e45cb158b978395d98b6822525edae7488300c1c0b82fd789a1a247615757a33bbd1cac42f08bea44e15fc2987b32a9c7c7ae5d2020133cdf719964c3306c845346a75f7092252acf4ebff5a824dcc12e1ec60d9e101366da149064e698b059409cb06f52455ba97c5d4884515ef484c5dde60430b5daef80aef1c468fc55163c57426ff3cc4480acc6263bb7c4989e3c98e83ab12de8971630c49ae9c993cbbec9c60db820bc7434f57f513b39c27a6b0706f2f20b5ddd3ba7c56af2d8c5eb68b1d24db58f1c40083b2c49bcb3e9fb48d07070f8f1e95267b10b1ddb78a6a49f6b3fb5d07a736c23f9d0bbfdc2597eb04ec2d56a3bbb4a51c1a0b6283a1428d03abd4ae3ea6f66e190ec883d767279f2bf3791a7d5f610be2853b086c24996e1a9e69bb526ca9425f15c41816fa3733d7a40494b757ad0179bd5f83494b17cb30daea84a5213e08fe40704f1bb6d6312e35e7b9acfbb522c2b15fb2e18c84bdc6468f1d11fc7bded2e4e2915039f83f710081c82d514c85406d7f5eb6f49fc1d8b6a2a662b649ca90296bd4952296c1fea88be29844f3c8eba9199caec1ed87d1d8fec06103bded47ab1336b5e110830432156a78ec1c449bb4b3d120fef33381ca30562d6610191318ebba5ed877d468dad4461f06761268dab3905abfef156dfbfe5218b763210b587f1236df513f536035ac4124a43b65007da50e754134c9c81f41abb7dedb007609418167e06685a07a5c8d7d39f8634ae06f2bff50e9160b9503445405ac01de8a9196946b0d2ab8ffc9f283f7da49e385521b592b6f2a9c52485f03957ae508cbb721f1e923a3d245c69151a9b6fbadccba18167dba8ddf8da032e5594dd845d7849f90010cedd3629a9f0e7416f8f65bf706ca6cb4103cc5b1d0ebf59a9b3c970712e1901b3bbe88a4a7968440e327769fdb5e68ca2c749f9405eaf0e7b3eb049be97ad3ce7432b2dfc198715f374df97dc2ba75194f0a2839c03384e11823fac9c0694a5012e10d3bb4dc5f1b08305e7b80af3b3c498fda100a67114274cc962fd9e3a3b9a3f0a61130a228c72d55071cac729b3edcb33bb7b70868f3925b133042351bf2a539f83ff7898b9957562636cedf1e6b84aa7bd24d527ebcab28e6acaecbb4def11e1a2522da7b81bcb3bb421c01dd62c1251506702845377855a26178b345305b57f3f50313a9b295f06a4e59637fedce7880846d87c0c3c5c331a42240b5a9ae06fa0bff94f13bd2144e43a938fe1caa578eb4064951d42bbc0e71f23efd445915d17d087ded6e58fbc0e0532aacc1f526422ec6e59f828054769155b18f96ff132e4c90ba0cb399129de6286d379a14034fc3dc3d77434319df4ab6bbfae71ad1d3558b0cb9c54f9882b0bd602a2306b58870f2fda6ef447405f49e16713ae4d4717255fe30fdec8e6844f1c76a7492a1b00815ee8f7073418bbcfdbcf6a071f11eb4a4d44c03a8462c332f35699dbcd58f25a608a29fb14310840f45b4864658f19bd9c464e6975eb8406b9de021d9ef7033dc86fc86d93bc6f1226e4130c3f6d2562b1564ab37f5fab1d7b9e80ef87b989fade2efa9289f32ecb539ca058e48d40e01a780240ea6335da4722acbb4440a3f5f0541f21a5da6e4d7154628d4aa208138fe249ab7b10f2acb1dad28e1ab5d30809ef8d27723b2e1d23d4d50933bedd380709c9a304d0f8fa7d36b1d768db36131ea07e5f970973d76297a256e779defd15153703a9f11e614236f0a24e082a44180a75401e6a095914e7b65e18f5a2f06763e8917ba14e05206e09daf8469775c46e5e3e8f02a51bec596dfa6448172a0864dc6be6cbf4d7772d646aa9a2bdee828b66527a20fed9d79867c7fc91144010623abcf0fbf90344b82fd152069fc02ea06d9b22e8e92240e5784117f01a0d5044d2adbe1587264bdad1de4ffae895e9308f6064b263ce7f2ab8d47f1ba8f29397b47ff4ed600cbd3a54eb00a1b22617f642b4cf452e12858501beacf692c19db86fda6d59fc3e5b577084eeab191aa7d359cef591387dd104e097fd5a161442a508ec2e1710b45522b1cc914bf5a5b4033625e61f131cf5c7d1a247098b3f62325dafa47b440767545257cfc2ba43922257f2d481004241267c820f55d8b222eefff4fc1c7f4c03e0f718c23be2015a5f8bfde8d4c6991e29ddfb0ded0f93169fa7ff686d752bff660aae2f6075eaf18ca91e09db67508715af1177eefb6eaa1ed05fea953cd4dc79d8d32073a0341a8f6671fd4045da7a58566d28793befa32e7f2671b7280598f82e926c188168f6475c06b679d552f5b5e1f0f02b3525eab97b13d337e557250906763d7166197cbd82d8a10d3e545805aeba6a1a5f4e6c566fb8a0535bd7f09792a0b5a0245b2156260396cc7c13127e63aff2040dca60e286d92ea0aea40c51e478418744f4433d3782ef5cd27440f57b9649e23c101dc64410992be95a3fa28325e2fb0f8b937163f37a02c8b55bd9d1acf9d7e63a35dbddc313c73db22d23a48747d26de2a1a01662201a39a320d8fa3ac79f73e91b240280ced1df43dfd00146d643f02e4384ef3ef8ec34e7c391bce2280e6d8af03880430f284cb99787c7ed19a22313792f5efec9f3fe41bc82d7e1d8c36407980320d2234b45664874235eb3bfeef04e016d0e3916c3145f06e292da733299cdd2b332d2bb515c806a208b93ae09b7b1411be544c201ccff9cd0f31741b1867bb76a73c49a10731c87e700c109da7dfed9f1929199759ccd68e8baa0cfbd74a00403d4292de2c7fdf44ca3aadaa9f70af052fb8b926f2ddeb5365383fa89e88c07ad3c704f599fbe95d07c380c084406607b1365c74e7eef4151201c75bc9d34035bc15d7631241cdc5eb04802e28e1d9faad3644c350ec70dbba1e15df6a087aa9c448940de8ec"})
preadv(r0, &(0x7f0000000580)=[{&(0x7f00000001c0)=""/140, 0x8c}, {&(0x7f0000002c80)=""/212, 0xd4}, {&(0x7f0000000380)=""/186, 0xfffffffffffffe78}, {&(0x7f0000001680)=""/232, 0xe8}, {&(0x7f0000000100)=""/96, 0x60}, {&(0x7f0000000080)=""/2, 0x2}, {&(0x7f0000000280)=""/133, 0x85}, {&(0x7f0000000340)=""/54, 0x36}, {&(0x7f0000001800)=""/168, 0xb3}, {&(0x7f0000000480)=""/35, 0x23}, {&(0x7f00000018c0)=""/173, 0xb9}, {&(0x7f0000001980)=""/173, 0xad}, {&(0x7f0000001a40)=""/114, 0x72}, {&(0x7f0000001ac0)=""/155, 0x9b}, {&(0x7f0000001b80)=""/4096, 0x1000}], 0xf, 0xffff437b, 0x8)
ftruncate(r1, 0x10099b8)
io_submit(0x0, 0x1801, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x3a5, 0x2, 0x1, 0x0, r0, &(0x7f0000000000), 0x10099b8}])

02:27:51 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2ea, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:51 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
r5 = syz_open_dev$ptys(0xc, 0x3, 0x1)
fremovexattr(r5, &(0x7f0000000340)=@random={'security.', '\x00'})
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
syz_io_uring_setup(0x7c9a, &(0x7f0000000480)={0x0, 0x9770, 0x1, 0x2, 0x311}, &(0x7f00000de000/0x1000)=nil, &(0x7f0000fee000/0x12000)=nil, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000500))
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x4010, r0, 0x10000000)
syz_io_uring_submit(r6, r7, &(0x7f0000000540)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x9, 0x0, 0x0, 0x0, {0x4000}, 0x1}, 0x1)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r8, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r9=>0x0)
syz_io_uring_submit(r1, r9, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000440)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:27:51 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 34)

02:27:51 executing program 0:
r0 = syz_open_dev$vcsa(&(0x7f0000000100), 0x18, 0x48000)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000240)={&(0x7f00002ba000/0x1000)=nil, 0x1000}, &(0x7f0000000280)=0x10)
set_mempolicy(0x2, &(0x7f0000000000)=0x5, 0x3)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4)
setsockopt$inet_tcp_int(r2, 0x6, 0x14, &(0x7f00000000c0)=0x100000001, 0x4)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r3, 0x0)
preadv(r3, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
set_mempolicy(0x2, &(0x7f00000002c0)=0x3, 0xa7a)
setsockopt$inet_tcp_buf(r3, 0x6, 0x1a, &(0x7f0000000040)="91fc25ee1e826aaa7f9d7dbb0e1476e6fa723689e06d83b02b3942802f4dfb5f320f7c23ea401a7c3038592dafcfc6b6448702ecb4c33a71316084b32a4ecba01a1d6a0dba417ed04e4c6635b032bdd7e4621bfc2d1862ae371e0a80b342d06f7cdb20619098e7742e460e", 0x6b)
connect$inet(r2, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
sendto$inet(r2, &(0x7f0000000200)="e1", 0xfea8, 0x0, 0x0, 0x0)
splice(r2, 0x0, r1, 0x0, 0x40005, 0x0)

02:27:51 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = io_uring_setup(0x13be, &(0x7f0000000000))
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0x11, 0x400000, r4)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x7ee3233589471238, 0x0, @fd_index=0x9, 0xac, 0x0, 0xffffffff, 0x0, 0x1, {0x0, r4}}, 0xfffffffb)
syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_ACCEPT={0xd, 0x5, 0x0, 0xffffffffffffffff, &(0x7f0000000340)=0x80, &(0x7f0000000440)=@ethernet={0x0, @remote}, 0x0, 0x80800, 0x0, {0x0, r4}}, 0x5)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x810, r0, 0x10000000)
r6 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r6, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r7, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r8=>0x0)
syz_io_uring_submit(r1, r8, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

[  981.942888][ T6305] loop4: detected capacity change from 0 to 87
[  981.975292][ T6311] FAULT_INJECTION: forcing a failure.
[  981.975292][ T6311] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  981.988508][ T6311] CPU: 1 PID: 6311 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  981.997175][ T6311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  982.007214][ T6311] Call Trace:
[  982.010554][ T6311]  dump_stack_lvl+0xd6/0x122
[  982.015132][ T6311]  dump_stack+0x11/0x1b
[  982.019267][ T6311]  should_fail+0x23c/0x250
[  982.023679][ T6311]  __alloc_pages+0x102/0x320
[  982.028255][ T6311]  kmem_getpages+0x1a/0xd0
[  982.032677][ T6311]  cache_grow_begin+0x4c/0x1a0
[  982.037421][ T6311]  cache_alloc_refill+0x326/0x3d0
[  982.042534][ T6311]  ? should_fail+0xd6/0x250
[  982.047019][ T6311]  ? p9_fcall_init+0x5e/0x100
[  982.051731][ T6311]  kmem_cache_alloc+0x278/0x300
[  982.056596][ T6311]  ? p9_fcall_init+0x5e/0x100
[  982.061259][ T6311]  p9_fcall_init+0x5e/0x100
[  982.065816][ T6311]  p9_client_prepare_req+0x13c/0x4e0
[  982.071088][ T6311]  p9_client_rpc+0xa8/0x660
[  982.075695][ T6311]  ? radix_tree_iter_tag_clear+0xe4/0x150
[  982.081400][ T6311]  ? idr_alloc_u32+0x110/0x160
[  982.086182][ T6311]  p9_client_attach+0xd8/0x2d0
[  982.090934][ T6311]  v9fs_session_init+0xb74/0xd50
[  982.095855][ T6311]  ? avc_has_perm_noaudit+0x1c0/0x270
[  982.101209][ T6311]  v9fs_mount+0x57/0x4c0
[  982.105462][ T6311]  ? selinux_capable+0x34/0x40
[  982.110296][ T6311]  ? tsan.module_ctor+0x10/0x10
[  982.115131][ T6311]  legacy_get_tree+0x70/0xc0
[  982.119706][ T6311]  vfs_get_tree+0x4a/0x1a0
[  982.124179][ T6311]  path_mount+0x11ec/0x1d20
[  982.128772][ T6311]  __se_sys_mount+0x24b/0x2f0
[  982.133483][ T6311]  ? fput+0x2d/0x130
[  982.137362][ T6311]  __x64_sys_mount+0x63/0x70
[  982.141939][ T6311]  do_syscall_64+0x44/0xa0
[  982.146424][ T6311]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  982.152309][ T6311] RIP: 0033:0x7f925409f709
[  982.156713][ T6311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  982.176377][ T6311] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  982.184795][ T6311] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  982.192749][ T6311] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  982.200705][ T6311] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  982.208657][ T6311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  982.216609][ T6311] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
[  982.228312][    C0] sd 0:0:1:0: tag#5081 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  982.238169][    C0] sd 0:0:1:0: tag#5081 CDB: opcode=0xe5 (vendor)
[  982.244520][    C0] sd 0:0:1:0: tag#5081 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  982.253567][    C0] sd 0:0:1:0: tag#5081 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  982.262617][    C0] sd 0:0:1:0: tag#5081 CDB[20]: ba
02:27:52 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xd, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:27:52 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x300, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:52 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 35)

02:27:52 executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200001020000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080", 0x59, 0x400}], 0x0, &(0x7f00000000c0))

[  982.459326][ T6337] FAULT_INJECTION: forcing a failure.
[  982.459326][ T6337] name failslab, interval 1, probability 0, space 0, times 0
[  982.471991][ T6337] CPU: 1 PID: 6337 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  982.480739][ T6337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  982.490932][ T6337] Call Trace:
[  982.494202][ T6337]  dump_stack_lvl+0xd6/0x122
[  982.498810][ T6337]  dump_stack+0x11/0x1b
[  982.502960][ T6337]  should_fail+0x23c/0x250
[  982.507367][ T6337]  ? radix_tree_node_alloc+0x154/0x1f0
[  982.512819][ T6337]  __should_failslab+0x81/0x90
[  982.517583][ T6337]  should_failslab+0x5/0x20
[  982.522084][ T6337]  kmem_cache_alloc+0x4f/0x300
[  982.526924][ T6337]  radix_tree_node_alloc+0x154/0x1f0
[  982.532234][ T6337]  idr_get_free+0x22a/0x5d0
[  982.536733][ T6337]  ? p9_fcall_init+0x5e/0x100
[  982.541411][ T6337]  idr_alloc+0xdf/0x1a0
[  982.545599][ T6337]  p9_client_prepare_req+0x2f6/0x4e0
[  982.550886][ T6337]  p9_client_rpc+0xa8/0x660
[  982.555439][ T6337]  ? radix_tree_iter_tag_clear+0xe4/0x150
[  982.561160][ T6337]  ? idr_alloc_u32+0x110/0x160
[  982.565995][ T6337]  p9_client_attach+0xd8/0x2d0
[  982.570770][ T6337]  v9fs_session_init+0xb74/0xd50
[  982.575745][ T6337]  ? avc_has_perm_noaudit+0x1c0/0x270
[  982.581149][ T6337]  v9fs_mount+0x57/0x4c0
[  982.585471][ T6337]  ? selinux_capable+0x34/0x40
[  982.590233][ T6337]  ? tsan.module_ctor+0x10/0x10
[  982.595082][ T6337]  legacy_get_tree+0x70/0xc0
[  982.599725][ T6337]  vfs_get_tree+0x4a/0x1a0
[  982.604135][ T6337]  path_mount+0x11ec/0x1d20
[  982.608636][ T6337]  __se_sys_mount+0x24b/0x2f0
[  982.613336][ T6337]  ? fput+0x2d/0x130
[  982.617234][ T6337]  __x64_sys_mount+0x63/0x70
[  982.621828][ T6337]  do_syscall_64+0x44/0xa0
[  982.626245][ T6337]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  982.632158][ T6337] RIP: 0033:0x7f925409f709
[  982.636569][ T6337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  982.656226][ T6337] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  982.664626][ T6337] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  982.672633][ T6337] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  982.680594][ T6337] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  982.688581][ T6337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  982.696546][ T6337] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:52 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:52 executing program 0:
r0 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0)
setreuid(0x0, 0xee01)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000000)={0x0, 0x0, 0x55})
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x3a)
getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000080)={{{@in=@loopback, @in=@loopback}}, {{@in6=@mcast1}, 0x0, @in6=@private2}}, &(0x7f0000000180)=0xe8)

02:27:52 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x80}, &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r5, 0x0)
preadv(r5, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000640)=@IORING_OP_RECVMSG={0xa, 0x5, 0x0, r5, 0x0, &(0x7f0000000600)={&(0x7f0000000440), 0x80, &(0x7f0000000340)=[{&(0x7f00000004c0)=""/168, 0xa8}, {&(0x7f0000000580)=""/89, 0x59}], 0x2}, 0x0, 0x0, 0x0, {0x3, r6}}, 0x5)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x1}, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r7, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r8=>0x0)
syz_io_uring_submit(r1, r8, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index, 0x0, {}, 0x0, 0x0, 0x1}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:27:52 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x394, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:52 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 36)

[  982.794573][ T6346] program syz-executor.0 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  982.795608][ T6348] FAULT_INJECTION: forcing a failure.
[  982.795608][ T6348] name failslab, interval 1, probability 0, space 0, times 0
[  982.816763][ T6348] CPU: 1 PID: 6348 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  982.825531][ T6348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  982.835580][ T6348] Call Trace:
[  982.838849][ T6348]  dump_stack_lvl+0xd6/0x122
[  982.843446][ T6348]  dump_stack+0x11/0x1b
[  982.847598][ T6348]  should_fail+0x23c/0x250
[  982.852011][ T6348]  __should_failslab+0x81/0x90
[  982.856832][ T6348]  ? alloc_super+0x3a/0x520
[  982.861446][ T6348]  should_failslab+0x5/0x20
[  982.865955][ T6348]  kmem_cache_alloc_trace+0x52/0x320
[  982.871141][ T6354] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  982.871236][ T6348]  alloc_super+0x3a/0x520
[  982.878428][ T6354] IPv6: NLM_F_CREATE should be set when creating new route
[  982.882719][ T6348]  sget+0x1a5/0x400
[  982.882762][ T6348]  ? v9fs_kill_super+0x60/0x60
[  982.889932][ T6354] IPv6: NLM_F_CREATE should be set when creating new route
[  982.893715][ T6348]  v9fs_mount+0x91/0x4c0
[  982.893740][ T6348]  ? selinux_capable+0x34/0x40
[  982.914605][ T6348]  ? tsan.module_ctor+0x10/0x10
[  982.919516][ T6348]  legacy_get_tree+0x70/0xc0
[  982.921269][ T6357] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  982.924174][ T6348]  vfs_get_tree+0x4a/0x1a0
[  982.935756][ T6348]  path_mount+0x11ec/0x1d20
[  982.940283][ T6348]  __se_sys_mount+0x24b/0x2f0
02:27:52 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x500, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:52 executing program 0:
r0 = socket(0x10, 0x802, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000140)=0x14)
write(r0, &(0x7f0000000000)="fc00000018000708ab092500090007000a070000000000060000369321000100fb2500000005d00000000000000398996c92773411419da79bb94b46fe000000bc00020000036c6c256f1a272f2e117c22ebc205214000000000008934d07302ad031720d7d5bbc91a3e2e8077000000005a32e280fc83ab82f605f70c9ddefefe082038f4f8b29d3ef3d92c83170e5bba4a463ae4f5566f91cf190201ded815b2ccd243f295ed94e0ad91bd0734babc7c3f2eeb57d43dd16b17e583df150c3b880f411f46a6b567b4d5715587e658a1ad0a46ef94a505b0350b0041f0d48f6f0000080548deac270e33429fd3000175e63fb8d38a873cf1587c3b41", 0xfc)
sendto$packet(r0, &(0x7f0000000180)="f077644d00c7", 0x6, 0x404c857, 0x0, 0x0)
r1 = accept(r0, 0x0, &(0x7f00000001c0))
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'veth0_macvtap\x00'})

02:27:52 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x600, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:52 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:27:52 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x700, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:52 executing program 0:
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_devices(r0, &(0x7f0000000180)='devices.allow\x00', 0x2, 0x0)
sendfile(r0, r1, &(0x7f0000000200)=0x80000001, 0xfffffffffffeffff)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r0, 0x0)
ioctl$RTC_PLL_SET(r0, 0x40207012, &(0x7f0000000080)={0xffff, 0x4, 0x0, 0x5, 0xa2, 0x10001})
getdents64(r0, &(0x7f00000000c0)=""/167, 0xa7)
preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101000, 0x101)
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x8}, {r0, 0x529}, {r2, 0x20}], 0x3, 0x8)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDDELIO(r3, 0x4b35, 0x3c9)

02:27:52 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
ppoll(&(0x7f0000000340), 0x0, &(0x7f0000000440), &(0x7f0000000480)={[0x3]}, 0x8)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_setup(0x52e4, &(0x7f00000004c0)={0x0, 0x762b, 0x0, 0x1, 0x1f1}, &(0x7f00000da000/0x9000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000340), &(0x7f0000000540))
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

[  982.944954][ T6348]  ? fput+0x2d/0x130
[  982.948931][ T6348]  __x64_sys_mount+0x63/0x70
[  982.953616][ T6348]  do_syscall_64+0x44/0xa0
[  982.958041][ T6348]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  982.963959][ T6348] RIP: 0033:0x7f925409f709
[  982.968427][ T6348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  982.988474][ T6348] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  982.996879][ T6348] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  983.004849][ T6348] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  983.012898][ T6348] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  983.020866][ T6348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  983.028836][ T6348] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
[  983.082582][ T6379] loop4: detected capacity change from 0 to 87
[  983.094241][    C1] sd 0:0:1:0: tag#5084 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  983.104106][    C1] sd 0:0:1:0: tag#5084 CDB: opcode=0xe5 (vendor)
[  983.110423][    C1] sd 0:0:1:0: tag#5084 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  983.119459][    C1] sd 0:0:1:0: tag#5084 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
02:27:53 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x900, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:53 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 37)

02:27:53 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0)={0x0, 0x0, 0x2, 0x2}, &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
r6 = syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)
io_uring_enter(r6, 0x635, 0xdb9a, 0x1, &(0x7f0000000340)={[0x9]}, 0x8)

02:27:53 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

[  983.128496][    C1] sd 0:0:1:0: tag#5084 CDB[20]: ba
02:27:53 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa00, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:53 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xb00, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:53 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xc00, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  983.171065][ T6392] FAULT_INJECTION: forcing a failure.
[  983.171065][ T6392] name failslab, interval 1, probability 0, space 0, times 0
[  983.183786][ T6392] CPU: 1 PID: 6392 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  983.192460][ T6392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  983.202511][ T6392] Call Trace:
[  983.205784][ T6392]  dump_stack_lvl+0xd6/0x122
[  983.210372][ T6392]  dump_stack+0x11/0x1b
[  983.214580][ T6392]  should_fail+0x23c/0x250
02:27:53 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xd00, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  983.218985][ T6392]  ? kzalloc+0x1d/0x30
[  983.223055][ T6392]  __should_failslab+0x81/0x90
[  983.227807][ T6392]  should_failslab+0x5/0x20
[  983.232307][ T6392]  __kmalloc+0x6f/0x350
[  983.236455][ T6392]  ? alloc_super+0x3a/0x520
[  983.240953][ T6392]  kzalloc+0x1d/0x30
[  983.244874][ T6392]  security_sb_alloc+0x3c/0x180
[  983.249728][ T6392]  alloc_super+0x10b/0x520
[  983.254141][ T6392]  sget+0x1a5/0x400
[  983.257946][ T6392]  ? v9fs_kill_super+0x60/0x60
[  983.262743][ T6392]  v9fs_mount+0x91/0x4c0
[  983.267014][ T6392]  ? selinux_capable+0x34/0x40
[  983.271828][ T6392]  ? tsan.module_ctor+0x10/0x10
[  983.276665][ T6392]  legacy_get_tree+0x70/0xc0
[  983.281237][ T6392]  vfs_get_tree+0x4a/0x1a0
[  983.285632][ T6392]  path_mount+0x11ec/0x1d20
[  983.290122][ T6392]  __se_sys_mount+0x24b/0x2f0
[  983.294813][ T6392]  ? fput+0x2d/0x130
[  983.298707][ T6392]  __x64_sys_mount+0x63/0x70
[  983.303297][ T6392]  do_syscall_64+0x44/0xa0
[  983.307715][ T6392]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  983.313612][ T6392] RIP: 0033:0x7f925409f709
[  983.318019][ T6392] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  983.337629][ T6392] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  983.346049][ T6392] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  983.354015][ T6392] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  983.362010][ T6392] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
02:27:53 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xf, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:27:53 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xe00, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  983.369968][ T6392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  983.377919][ T6392] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
[  983.409332][ T6408] loop4: detected capacity change from 0 to 87
[  983.430470][    C1] sd 0:0:1:0: tag#5085 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  983.440337][    C1] sd 0:0:1:0: tag#5085 CDB: opcode=0xe5 (vendor)
[  983.446682][    C1] sd 0:0:1:0: tag#5085 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  983.455713][    C1] sd 0:0:1:0: tag#5085 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  983.464733][    C1] sd 0:0:1:0: tag#5085 CDB[20]: ba
02:27:53 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 38)

02:27:53 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000340)=0xcc3)
r6 = syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r7=>0x0)
ioctl$EVIOCGREP(0xffffffffffffffff, 0x80084503, &(0x7f0000000440)=""/163)
syz_io_uring_submit(r1, r7, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
io_uring_setup(0x3cac, &(0x7f0000000500)={0x0, 0xc1ee, 0x2, 0x0, 0x390, 0x0, r6})
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:27:53 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x1020, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:53 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:53 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x10, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:27:53 executing program 0:
sched_setattr(0x0, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e20, 0x7, @dev={0xfe, 0x80, '\x00', 0xf}, 0x1}, 0x1c)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x35)
r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200)
r2 = fork()
ptrace$setopts(0x4206, r2, 0x0, 0x0)
wait4(r2, 0x0, 0x20000000, 0x0)
sched_setattr(r2, &(0x7f0000000140)={0x38, 0x6, 0x50, 0x0, 0x7f, 0x4, 0x0, 0x0, 0x101, 0x7fff}, 0x0)
sendfile(r0, r1, 0x0, 0xef85)
r3 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0)
sendfile(r3, r0, 0x0, 0xffffff38)
r4 = openat(r0, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x21)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r4, 0x0)
preadv(r4, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
mmap(&(0x7f0000fe9000/0x14000)=nil, 0x14000, 0x0, 0x4000010, r4, 0x9267a000)

[  983.895469][ T6439] FAULT_INJECTION: forcing a failure.
[  983.895469][ T6439] name failslab, interval 1, probability 0, space 0, times 0
[  983.900802][ T6437] loop4: detected capacity change from 0 to 87
[  983.908157][ T6439] CPU: 1 PID: 6439 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  983.922909][ T6439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  983.932958][ T6439] Call Trace:
[  983.936283][ T6439]  dump_stack_lvl+0xd6/0x122
[  983.940904][ T6439]  dump_stack+0x11/0x1b
02:27:53 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000480)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x104, &(0x7f0000000340)=0x7, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x0, 0x10, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_setup(0x3ede, &(0x7f0000000240)={0x0, 0x2, 0x2, 0x1}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100)=<r6=>0x0, &(0x7f0000000380)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x5}, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r7, &(0x7f0000000440)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x10000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r9=>0x0)
syz_io_uring_submit(r1, r9, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x1, 0x0, @fd, 0x9c0, &(0x7f0000000740)=[{&(0x7f00000004c0)=""/192, 0xc0}, {&(0x7f0000000580)=""/193, 0xfffffffffffffe9e}, {&(0x7f0000000780)=""/167, 0xa7}], 0x3, 0x0, 0x1}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:27:53 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x1100, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  983.945081][ T6439]  should_fail+0x23c/0x250
[  983.949498][ T6439]  ? __list_lru_init+0x70/0x680
[  983.954387][ T6439]  __should_failslab+0x81/0x90
[  983.959226][ T6439]  should_failslab+0x5/0x20
[  983.963748][ T6439]  __kmalloc+0x6f/0x350
[  983.967974][ T6439]  ? prealloc_memcg_shrinker+0x444/0x460
[  983.973615][ T6439]  __list_lru_init+0x70/0x680
[  983.978305][ T6439]  alloc_super+0x490/0x520
[  983.982733][ T6439]  sget+0x1a5/0x400
[  983.986545][ T6439]  ? v9fs_kill_super+0x60/0x60
[  983.988246][    C0] sd 0:0:1:0: tag#5090 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  983.991312][ T6439]  v9fs_mount+0x91/0x4c0
[  983.991335][ T6439]  ? selinux_capable+0x34/0x40
[  984.001136][    C0] sd 0:0:1:0: tag#5090 CDB: opcode=0xe5 (vendor)
[  984.005335][ T6439]  ? tsan.module_ctor+0x10/0x10
[  984.010091][    C0] sd 0:0:1:0: tag#5090 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  984.016401][ T6439]  legacy_get_tree+0x70/0xc0
[  984.016424][ T6439]  vfs_get_tree+0x4a/0x1a0
02:27:54 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

[  984.021258][    C0] sd 0:0:1:0: tag#5090 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  984.030233][ T6439]  path_mount+0x11ec/0x1d20
[  984.034810][    C0] sd 0:0:1:0: tag#5090 CDB[20]: ba
[  984.039191][ T6439]  __se_sys_mount+0x24b/0x2f0
[  984.062405][ T6439]  ? fput+0x2d/0x130
[  984.066297][ T6439]  __x64_sys_mount+0x63/0x70
[  984.070895][ T6439]  do_syscall_64+0x44/0xa0
[  984.075342][ T6439]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  984.081234][ T6439] RIP: 0033:0x7f925409f709
02:27:54 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x1200, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  984.085644][ T6439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  984.105254][ T6439] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  984.113765][ T6439] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  984.121761][ T6439] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  984.129729][ T6439] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  984.137700][ T6439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
02:27:54 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x1400, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:54 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x20000}, &(0x7f00000dd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)={0x20, 0x0, 0x1, 0x0, 0x0, {0x16}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x20}}, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000016c0)={&(0x7f0000000500)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000015c0)=[{&(0x7f0000000540)="d4eb21c5cc5f09dc0c49cb07aeacce3a9f51d54696e5df05b5cc34fcc7c17ab2a0ed2465c4c28d9ee7f5c040a5f3708d902c864ccf0f01820e730ba2533dae676517f2d5a5219b35be0f6907de116dc65eac9f9d0462ec81fd83b5ab318e2f365de337090fe060bb694576efe0a671fb68dd20e468b2eab75f48a5beaea78a347dcfbcc5b2c4e06ab60bb35a60e74c5ea55ab8273b08209d9fa025c5dd1bb6406a7e2e40e1de0bd9f5ce6b86a79c350a40b116373651771c30a34fdc4da2a4a2496767fa57586b37f19c642b8875800aa9d22757ba2f18645e30d73874ff2169a8c06ead8a1e1a95447f25a9ee50b5480ed0ba4aadb7faf553efc173095329922cdd9c9cdfdb566c74359b337e0287052d6e32fa9c1f7ff931035f20bb0f0cfb5096c2ed46a86ffad593dd785ab176798c6c954c6452e1df4f24ed5e4e2e17af0323a4e15b53316c399557426d78a40fe41a84c7dacebd1e295765e29bc4a5b07bd234730e4695a8ceda857d878c40a272a592d4650f798496b123a222a597719c7acde527d159acfc816593ffffdbcccd7bcdfbcdb8a87f6a3cc4047f8bb22e58fdff9c32dc991a7a238d3703b1ca442bec12202f1581280aa625612a4acfddf19556b229d1dc97460577f5bbd64311bda5ce04a725c488d0bfcc4a74143328f795cb064153023d6e1fc91cc6ef57bb6e09c895d0cf6787fcc00074ef3f781c5322af155fc0fc1dd80d63864ac6bed4c208d7838599e4d6809a4d9e93efe241eac3d72b3942ca4fcdfff68bb71563eca5c8791bea273c49f11fe57d19434363d85c0a0ccd31cdad7f0112f1c69c81533075860fa2737cbcbcc1c44660c32279fa05df5126e4abca67f55f138f69ff44015018cb59ee4c4a7502d64c3f013ee08f960b5697f2ad617a57f2c9959232279d23c79cf4295367200724b9d0ad6740e3bf51731d68ed668ed443a215ec5110daf79a04ff1e5d969d2fcfbfc633e7282762f6210090d1eb6d809605079c4637ba1179bf6513893bdfebc4259c450ac0e17a6b81c988907a94841a2d31c172d882afbd070e62f0a2de94e5a7387d30c13a9d4aa974dca95d566846a711244ab8ce6959e567d6dc2cc128e9b029ef68073b2a032edbf0d1d573e5c5d61314fa8c13111b925a51a6297fa4376b8ad97f0bad1476033a04bc80c916c9d3cecf8c513492a6b7c4c726209c40751c45f02eae31cd1166eaf9dff1f257f44249e7c850e72c007c70a6ddddcdc6151b239c654fdbc43e5f73c8e822de527a30fdb57bca4d25e370a979d2fd8567b640f8ad41364b420423f026958dfd7749913175bc4b5a68872c42db8716bef3b6de66bb9ccce30f6aa94b95c72b7023ac574b06d55acdb9375c317a14689d9122b8aa9e0ee3b288f6a191bebf85bd457fc3257712d73baf7638397107fab6588999b8e4efcad6824cefe3a87c6bc66bcbe85802c25bae4dbd79bff504b3047bca71f2e0023b4e251b82b7436d2332381da5876c0026ad0a2eaa54a079a1953f2f3aea473cf121df185de55d8f154949c1fe5be195ed1575a946d3a18cb941ca8bb81346ebdf74e4a80578c0e5ff2d00c6bfe304c4f1b608509600cfcf608c40f688322b29b314bf5739be3bf5abdcc452cd3086890a1854df2886af11da42c4d09374411953265832b0a1762651fe98597cdc790172abd151a7966de2524ec1beaa5454efb7513ab9ae10eda5ef0b1e07464766009e1dfbdac39898e03c2e476feb598ae765f1d910cf4fdedb8fbf8f5ab84bddc6ab067a24ebcbe526e08de1fe4f718db8f6978d2293a126d896cefafa9e8609f5cac270864c0e413f1a9b952a911b402ae9bea46ebe0991e072349a80d10d3918bc4dc7e48096407f4d0ff65ebaeb922de2a1188bf833e41b0e26af6c60fc5d1fbea1dee627bfd6ff6da92ef0fa7c8ba2d08a5f1e1d227cffe22188729ddd5dfeba48cdc90fdc55eca62717b1efae4c0c001cba372c87d1a5424552160a9c2cb83dc52f51b28b656475501430dca6b092361e8e58192d4330daf00b979e6200934ee6cd10f677c797c39274b49e6d0b28323fbc383ba0765ed4aa430408921da4d7e351b62a54eeca73b620392be3acb5db625b5b4d8b80babf8fa8786da1d454348bd449b94821db61f775cf52668d1311ee0b9d151161722458d77330c52ed8125f1eb9646e293c978a85d8615923d6d8d92c1ad1e2d56daf3d48ec7697f19af8a3f601a0381ef97e0357532b701b1ccb444469753f56c63c938eb98431fd6968911751c5693adfd266af482545eb28f540eecdc9d03c41c5d9751748fd3ee7501d48d8de12262f035decf9647ddf994de06350815349781fde44bc385caf72b90a4b648ccd01733a82758c0151d91dd91cde8d370f1a7aadbe11138bbd3c9da7abc7d42bbbb9fc72a57cc4abe54edf07328fd288b65dc6c4c3593398a331fdde3b9053380b70d6eb14a1cb3634bbd1b8963a8b74654999a73808ee6ab16cb7ce2f4284e1fd9d5afd835f3cecafbb287b8cbd85eb2f6e73daf951f2accc67ffbee33fb33482f3b4c1e51682c884b4e52a4c18cdc951141848b591cc20c75ac2f4d4b4f0b269c2129bf7ad3446007f578cd2b3c5507e14aeb90d5d0f9f0837c72345692f355b6536541e92dd2b11eaf401f5b3aaf3eb42d1adcc614ecf2e3ab6ea66c73adc0b0f57dd5b030633882828a6f58c06e26ff398649edebd069d969be615c5e4e6c2d29787153dfea7ca899113d296439870e80f99e9eed6895e7198bfb703054d0d0f8724dcae0b8f17600c2806cae4f7a8ba9b1efa1719a208e40928d5fc9eafdda303eedc7548e1e4af31199973bddb09b0b21b3d2bac6862ecf897e8e8ed16d9c9bee9bb68e4951a44a2d65c885cb2252d784b081afe9fed43090f499cb3fdb2c732054eaef05fb8f49a3f7b1c7b54aae1c85e05ea1f14e5298bc87b024321b71c87ce69efbdafcd7d3525502f017c322481a2446f1bd51a55b3e2601c6d0d715a75a62fddb0762c1b49b52fe37e4196ce8a8e2b91c2a259e9fc5320af18191c28d95b33a5c3a8f205128f1680991cb178bf9425487a9e252321cb9cf72c3f0169719bbbf2092e22ba62e02b7e3a233c890f2b15cfc130a534f2232a235badd24fba764932131b748667d9ad85cdd6894fd5609af3f609cefeb12a70dfa8f71dd8bef90bf37b9781a131e98b257ef2f955c2e23299ada59056683c65feff8adc7cea3590ca2cfd4280c51575751ffd3054767dfbcef4a2d1b8eb4e9d31b4176b229f1dc8cdc6e3eecc4b3c9e1c25695a798bf65e82469391b5d3d5cfcf5486c480cdddffd12053cfb7e122030677a96b51c3c0d6575a6f1b844b6567d410fe1a8d210502815ccb9142d1409fe5079d7ce5346ff722897cdd2cda2cf4e21801354a8f6fa5ad5947573f13496ced78692d35718fedffc58b02b4f9e643073202dfc413b642598e7a1d7caff37f6147ab53b0237ff9cb911265e9dda8495bb3968972dd2dbdf3fad21a9935e8d6d51747efa3fd87d8980142562a70cda0e761d8e5e02c3164a0277f31f6a4a6b677c218ebb63c5dd8c8fa192d1d8846ae700c40c490dcd7203140782e226a3ad2a8967073ec16d32366538a6fda3f7d187bc22c0db879532b075e0b02dee0f11882285cd207419934e16fcfc8f8f420383dcb020d5e68686ba7632a42c2cf6c488daa5e36779c0a08ac3a833fc84ec90af11d5173293b7e28bbec75b3be5aa8edc386362c92d92a200020490e9a511add52e2ba64aeea831de8814170776b56497036c2e3fda99559c4c23f70e2078f4caf0e3085b504da7faaae920838d9491645836527616657265d2fa8d0d15e0f10ec6eb905c856525ca941bd2eaf9f0c8bc89c4a64130108bf809654bc17ec5697eeee3470c9ff312c9c41f44868ba874d39041350a4755279df3f4ca252c2419de3b6c4825d52f74fe2f71cd48ffdb4c5e99348c9d4bbf2a7e162e6ac2045955e2e5669c02d6260063782c811d6b3ec03e5514c7ce219134622102d0ab30851d0c17a453491014c8db078f171f9e28046b62fc458cf409b01194cf481abfe356a481787db20ac2dd534a97c0304dec33f2aee4da6e9a7364d1c5dbe2d9e0cf8d9a2dbf258ccb0a1f8e6e40f165ad7f03602bc3d34f0a54905647b12f7434d3b259df6fa43b0daa9667a1792f651050b96c35979814875da32da19ca16549d411e27449df2486668d88229c0eba112fdf51889eb9e3a384e74e5251eea08db93efa4cad194f483a6b619c8ed93d06059430f581b69e159ec30f22743a9424ffe8f803ce4d7635bb8ab07595dc9514641a2e58e0974a5dc4bc2e0f45d06b138470f787f1cbba60279e5a2b47d7fe2081c6b7675450cbdb53af8077ad8f382a353d464be362da8137eb46ea14123af5abec893da66fc71eed91588caa60ef93f90f052f7f45435a760cc42917a16ece5d1dd00b88a73f2f4cf9428bf19564382f63f0256fb061f3dd23eac285f9c0e8f247b01feaef99966e58267b5ac080a7a0f2d0204c99b9c5810f1698fbed5c7b096c8d0fc2d71e0bbe355a0fd565a451b0ffcb315cca3bdc79d961e4fcc8871fc8b05a55d7130cc738669f9cb375b3dbcef50d8d2ed9a89be5536f6279696555e25042666aecf3d89dc6a785838d09b5fad08523fded06dbbd997df84307c838b654413e563463dbb8116dbb02a2f2761562d119e94d2cbf839f4049e230ca5bec410acc3e430bdafc1fa7bf670956c389f0b59aae60f0ceee2d63afcc241ad0af18dd8780edba2fa8c5df4bb4494e5f0f8a27f575cc44e683dbb0ca59e360cae047a849bc0c810274e422f283e9b5c8244ff336978b8d552fb0716f0d1ef093085dc904ed2de1f3283f54ed93212a46060e6f647333ffbe5f396fb5926a6ea8bc1c65dc65c99db3759293d5e1169d4fc1adee057d74e1d0d9017fe1d015b39095b39eb01bbb64bf415baf3dd7d6a956ad62de097b53de16d6b6d4d09e292322df3f20c1507dd3fd3c4bab1091fd9e39184c2fb21aa5faae7f057820a4f8ad5a7f67062ccc1274548eeb3b0aa9b8419c5aa8c88b1d8abaca594033f9b9ccc4125576eb7fd3dce0a196d1e1a22882be839ae68db7d58d8b36366dac2698a40f6c67caf637514c769f81fd4fe7ea50491ac9971c9bd4f72365aa694b7518496da2793dd3089cb02a0992b1eb069ab506e54bd7dfaa15767ca8a0df1f6ada821a378edbb757976366e104b0382efe353935d04ea9bc77b7bf19de7f29790fde16c6329f3c05c43a42dd4fa7c60a26820e57b7c13bd511b91403c049bbbb875fd4fa5da1b966bcaca43eda2b9d7187345de30485d90e708daf31d32c2e252798cfab9e5d72c8f914fa3c6f0d222fa11ec0c415bf5f6d6b0a4354fc42d496fdfe78a795a54bf28928a1b8d3c9155d96595a6e5a4aa862e707feee3de0d037d320c81a5ca4feafae1a41f330f8ecf77f6d98930752f41a597c78c60506446b0b9de8a0d3dd4cf894d966190cedf33fa3926a0a3cecfef414682834290ff582efa2990f7f0ac572c038d2eb7708145e180abf73055a57bc45c97fbd98e2fbdd375510f32656941ded114178c8488e86743155a438347655c89822550e785ff4530915e84eadd62aaa21d757efbdbaddb24e3d16505a84a1d20920d6b900721ffd974ceeaf500af7e1a2cb98f7f34c4f953d18093a50e840f23a01c3ef5b9aaa8077d75630dd9ab63c5270d7613809b14651eec5ba0db1f5fce8c35975ceb2c49a0fb78cd08", 0x1000}, {&(0x7f0000001540)="6f8cdc8f79018b5ad9b3e4a4573aac9776b098aba53aae56349e9e011f90ac41e4bb73049ed2ea80e8c77757d3abe69f37c2118aa15c97b10928077c2282454982d69a501b026e668a9c6f0ed038f579e9f77d", 0x53}], 0x2, &(0x7f0000001600)=[@ip_tos_int={{0x14}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @remote}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x3}}, @ip_retopts={{0x50, 0x0, 0x7, {[@generic={0x82, 0x2}, @timestamp={0x44, 0x8, 0x83, 0x0, 0x6, [0x3]}, @rr={0x7, 0xb, 0x16, [@private=0xa010100, @rand_addr=0x64010101]}, @end, @end, @lsrr={0x83, 0x17, 0x4c, [@rand_addr=0x64010102, @empty, @multicast2, @empty, @private=0xa010101]}, @ra={0x94, 0x4}, @generic={0x44, 0x2}, @generic={0x2, 0xc, "c00fafbd5fa90eaf5e53"}]}}}], 0xa0}, 0x40000)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r6, r4, &(0x7f00000004c0)=@IORING_OP_FSYNC={0x3, 0x2, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0x1}, 0x973a)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
pivot_root(&(0x7f0000000440)='./file0\x00', &(0x7f0000000480)='./file0\x00')
syz_io_uring_submit(r1, r3, &(0x7f0000000340)=@IORING_OP_ASYNC_CANCEL={0xe, 0x4, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x1}, 0x3)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:27:54 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 39)

[  984.145666][ T6439] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
[  984.216832][ T6475] FAULT_INJECTION: forcing a failure.
[  984.216832][ T6475] name failslab, interval 1, probability 0, space 0, times 0
[  984.224450][ T6479] loop4: detected capacity change from 0 to 87
[  984.229522][ T6475] CPU: 0 PID: 6475 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  984.244286][ T6475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  984.245906][    C1] sd 0:0:1:0: tag#5099 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  984.254327][ T6475] Call Trace:
[  984.254335][ T6475]  dump_stack_lvl+0xd6/0x122
[  984.254359][ T6475]  dump_stack+0x11/0x1b
[  984.264182][    C1] sd 0:0:1:0: tag#5099 CDB: opcode=0xe5 (vendor)
[  984.267418][ T6475]  should_fail+0x23c/0x250
[  984.267439][ T6475]  __should_failslab+0x81/0x90
[  984.272018][    C1] sd 0:0:1:0: tag#5099 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  984.276124][ T6475]  should_failslab+0x5/0x20
[  984.282442][    C1] sd 0:0:1:0: tag#5099 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  984.286819][ T6475]  kmem_cache_alloc_node_trace+0x61/0x2e0
[  984.291570][    C1] sd 0:0:1:0: tag#5099 CDB[20]: ba
[  984.300564][ T6475]  ? __kmalloc_node+0x30/0x40
[  984.300583][ T6475]  __kmalloc_node+0x30/0x40
[  984.333959][ T6475]  kvmalloc_node+0x81/0x110
[  984.338458][ T6475]  __list_lru_init+0x2d7/0x680
[  984.343220][ T6475]  alloc_super+0x490/0x520
[  984.347633][ T6475]  sget+0x1a5/0x400
[  984.351457][ T6475]  ? v9fs_kill_super+0x60/0x60
[  984.356221][ T6475]  v9fs_mount+0x91/0x4c0
[  984.360455][ T6475]  ? selinux_capable+0x34/0x40
02:27:54 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:54 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x1501, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:54 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  984.365207][ T6475]  ? tsan.module_ctor+0x10/0x10
[  984.370078][ T6475]  legacy_get_tree+0x70/0xc0
[  984.374662][ T6475]  vfs_get_tree+0x4a/0x1a0
[  984.379072][ T6475]  path_mount+0x11ec/0x1d20
[  984.383567][ T6475]  __se_sys_mount+0x24b/0x2f0
[  984.388316][ T6475]  ? fput+0x2d/0x130
[  984.392216][ T6475]  __x64_sys_mount+0x63/0x70
[  984.396818][ T6475]  do_syscall_64+0x44/0xa0
[  984.401241][ T6475]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  984.407216][ T6475] RIP: 0033:0x7f925409f709
[  984.411619][ T6475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  984.431214][ T6475] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  984.439626][ T6475] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  984.447641][ T6475] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  984.455649][ T6475] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
02:27:54 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x11, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

[  984.463643][ T6475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  984.471596][ T6475] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
[  984.525044][ T6501] loop4: detected capacity change from 0 to 87
[  984.536722][    C1] sd 0:0:1:0: tag#5101 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  984.546583][    C1] sd 0:0:1:0: tag#5101 CDB: opcode=0xe5 (vendor)
[  984.552935][    C1] sd 0:0:1:0: tag#5101 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  984.561975][    C1] sd 0:0:1:0: tag#5101 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  984.571021][    C1] sd 0:0:1:0: tag#5101 CDB[20]: ba
02:27:54 executing program 0:
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000440)={0x53, 0xfffffffffffffffe, 0xec, 0x8, @buffer={0x0, 0x2d, &(0x7f0000000080)=""/45}, &(0x7f0000000240)="17be0e1e0b223b6b6b066fe240471f670b2ecbdf5428d990f75d92d1a90a9a3fc902fd4649ff07cdfcfcf645b55a404ace0d824cdcd7f3c500151023503db12c3419ab795c71b54f2665c58c0fb634d2fae62736abc19722e9a62d96cdd63d6a830cb0f05bb8c9655cb0479ddc97d750bdafd01b114f635b42c34341cd4aac5c6576c8cfa54b247ad39fb35a618a43bac6a20096edf8a06eac303119518ea7e058f21a90e0d74e865b3176778b8f56047d4f1a9acea79f4078dfdf3bc0ad07c31574eaf6e353cd12da6fdc615c88d781415a82355af415f05d0d1b03e774fc53bdcfd0e80971bd9f89cff572", &(0x7f0000000100)=""/35, 0xe2, 0x0, 0x0, &(0x7f0000000140)})
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fdinfo\x00')
fchdir(0xffffffffffffffff)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x2, @perf_bp={&(0x7f0000000040), 0x4}, 0x0, 0x0, 0x665, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/ldiscs\x00', 0x0, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, &(0x7f0000000600)=ANY=[@ANYBLOB="000400007b00b27daea9c93bc169d03aa30f5597150000010057c2a1cf7e63e4cdc73b34a0703e86ef586d5152c5f1578414071800000000000000f0ffffff0000000000059cc6b6c700cf2169150f889cb4b8142f2a730000000000b432a5ed0000000000000000f317d0b97bcba7d0c9f61ce623ef9145f1505ae619c8ad15d6823dd58785ea7da38cbbe967b7647acad3ff0f000000000000af5f787c496c654465d7e617c3ee1de79d9c18e420bc4e50f515668f4e32a05978bf2be70c8483b7a8bdccc21d67c5b5d0f4a12777cedd540150afb17ce4dee3a8d0bc5db42c42f52dde3559f0f1603e4fc7b3b5dde69bc86c581f357f746245c5a0222012b9ecee7f237834bdd7bce4f8ced0876391b8f5cb60fad768be535cf080d8b10e9810addb85940e03cf6d8af679251adc88881758f85c7d73149adbc040c2ceb187173273cd424d63e7fe5ac85c96c009c30600cce7617a17b697291e203d2540cd74a3ea75a3405bf25ef48809b48b83d695ff0c07377d126347a98289f6770b0774c51765580e62b21300825dda74e27d31f26e767e670fe5"], 0x30)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, 0x0)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000a40)={0x0, 0xfffffffffffffffe, 0x2a, 0x81, @scatter={0x0, 0x0, 0x0}, &(0x7f00000005c0)="b108498338799c9f47d0f8981b21262c1709e1a199d7f713f3cd0ea9ab43cd77fa77a262b07d868a4dcc", &(0x7f00000001c0)=""/31, 0x3, 0x10011, 0x0, &(0x7f0000000340)})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000840))
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
clone(0x40808000, 0x0, 0x0, 0x0, 0x0)
r3 = gettid()
tkill(r3, 0x0)

02:27:54 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2010, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:54 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 40)

02:27:54 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
r6 = io_uring_setup(0x13be, &(0x7f0000000000))
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0x11, 0x400000, r7)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x7ee3233589471238, 0x0, @fd_index=0x9, 0xac, 0x0, 0xffffffff, 0x0, 0x1, {0x0, r7}}, 0xfffffffb)
syz_io_uring_submit(0x0, r2, &(0x7f0000000480)=@IORING_OP_FILES_UPDATE={0x14, 0x2, 0x0, 0x0, 0x10000, &(0x7f0000000440)=[r0, 0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff], 0x5, 0x0, 0x1, {0x0, r7}}, 0x1)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280)={0x0, 0xffffbffc, 0x0, 0x0, 0xfffffffe}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000340)=<r8=>0x0)
syz_io_uring_submit(r1, r8, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:27:54 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r6}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:54 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x12, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

[  984.756231][ T6522] loop4: detected capacity change from 0 to 87
[  984.782906][ T6529] FAULT_INJECTION: forcing a failure.
[  984.782906][ T6529] name failslab, interval 1, probability 0, space 0, times 0
[  984.790743][    C0] sd 0:0:1:0: tag#5104 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  984.795567][ T6529] CPU: 1 PID: 6529 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  984.805373][    C0] sd 0:0:1:0: tag#5104 CDB: opcode=0xe5 (vendor)
[  984.813996][ T6529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  984.814007][ T6529] Call Trace:
[  984.814014][ T6529]  dump_stack_lvl+0xd6/0x122
[  984.820330][    C0] sd 0:0:1:0: tag#5104 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  984.830370][ T6529]  dump_stack+0x11/0x1b
[  984.830389][ T6529]  should_fail+0x23c/0x250
[  984.833679][    C0] sd 0:0:1:0: tag#5104 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  984.838226][ T6529]  ? __list_lru_init+0x70/0x680
[  984.847235][    C0] sd 0:0:1:0: tag#5104 CDB[20]: ba
[  984.851346][ T6529]  __should_failslab+0x81/0x90
[  984.879411][ T6529]  should_failslab+0x5/0x20
[  984.884090][ T6529]  __kmalloc+0x6f/0x350
[  984.888236][ T6529]  __list_lru_init+0x70/0x680
[  984.892908][ T6529]  alloc_super+0x4bf/0x520
[  984.897326][ T6529]  sget+0x1a5/0x400
[  984.901129][ T6529]  ? v9fs_kill_super+0x60/0x60
02:27:54 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2200, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:54 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x20000, 0x175}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000de000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000440)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
io_uring_enter(r0, 0x588a, 0xcea7, 0x2, &(0x7f0000000340)={[0x2]}, 0x8)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

[  984.905965][ T6529]  v9fs_mount+0x91/0x4c0
[  984.910203][ T6529]  ? selinux_capable+0x34/0x40
[  984.914965][ T6529]  ? tsan.module_ctor+0x10/0x10
[  984.919815][ T6529]  legacy_get_tree+0x70/0xc0
[  984.924395][ T6529]  vfs_get_tree+0x4a/0x1a0
[  984.928808][ T6529]  path_mount+0x11ec/0x1d20
[  984.933371][ T6529]  __se_sys_mount+0x24b/0x2f0
[  984.938053][ T6529]  ? fput+0x2d/0x130
[  984.941961][ T6529]  __x64_sys_mount+0x63/0x70
[  984.946555][ T6529]  do_syscall_64+0x44/0xa0
[  984.951074][ T6529]  entry_SYSCALL_64_after_hwframe+0x44/0xae
02:27:54 executing program 0:
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1c00000, 0x2}, 0x4000a, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x0, 0x6, &(0x7f00000006c0)=[{&(0x7f0000010000)="20000000000100000c000000bf0000000f00000001000000000000000000000000200000002000002000000029c4645f29c4645f0100ffff53ef01000100000029c4645f000000000000000001000000000000000b0000000004", 0x5a, 0x400}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010d00)="ed4100000004000029c4645f29c4645f29c4645f000000000000040002000000000000000500000025", 0x29, 0x1800}, {&(0x7f0000011100)="ed4100000004000029c4645f29c4645f29c4645f0000000000000200", 0x1c, 0x4000}, {&(0x7f0000011700)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c6530", 0x39, 0x9400}, {0x0, 0x0, 0x3fbfd}], 0x0, &(0x7f0000000180)=ANY=[])
r1 = getpid()
getsockname$unix(0xffffffffffffffff, &(0x7f0000000280)=@abs, &(0x7f0000000440)=0x6e)
sched_setscheduler(r1, 0x5, 0x0)
r2 = syz_io_uring_setup(0x42a7, &(0x7f0000000480)={0x0, 0x6e20, 0x10, 0x0, 0x13a}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000240), &(0x7f00000001c0)=<r3=>0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000200)=<r4=>0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x7, 0x7, 0x2, 0x7, 0x0, 0x578, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0xaa6f, 0x0, @perf_bp={&(0x7f00000000c0), 0xf}, 0x8000, 0x7, 0x9, 0x0, 0x37f, 0x6621, 0x7, 0x0, 0x1b, 0x0, 0x7ff}, r4, 0x0, 0xffffffffffffffff, 0x8)
syz_open_procfs(r4, &(0x7f0000000200)='net/netstat\x00')
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x0, 0xb, 0x0, 0x40, 0x0, 0x7, 0x1220, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0xffffffff, 0x1, @perf_config_ext={0x0, 0x81}, 0x8005, 0x4, 0x6, 0x4, 0x267, 0xfffffffc, 0x6}, 0x0, 0x4, 0xffffffffffffffff, 0xa)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0)
r5 = io_uring_setup(0x13be, &(0x7f0000000000))
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0x11, 0x400000, r6)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x7ee3233589471238, 0x0, @fd_index=0x9, 0xac, 0x0, 0xffffffff, 0x0, 0x1, {0x0, r6}}, 0xfffffffb)
syz_io_uring_submit(0x0, r3, &(0x7f0000000300)=@IORING_OP_MADVISE={0x19, 0x2, 0x0, 0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x11, 0x0, {0x0, r6}}, 0x1)
unlinkat(r0, &(0x7f0000000100)='./file0\x00', 0x200)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x300000f, 0x12, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000600)=[{&(0x7f0000000500)=""/175, 0xaf}, {&(0x7f0000000340)=""/83, 0x53}], 0x2, 0xd9f, 0x0)
syz_io_uring_setup(0x6ee1, &(0x7f0000000000)={0x0, 0xd5f4, 0x8, 0x3, 0x1c1, 0x0, r2}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f000011c000/0x4000)=nil, &(0x7f00000000c0), &(0x7f0000000180))

[  984.957050][ T6529] RIP: 0033:0x7f925409f709
[  984.961459][ T6529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  984.981066][ T6529] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  984.989483][ T6529] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  984.997449][ T6529] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
02:27:54 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:55 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
syz_io_uring_setup(0x3ede, &(0x7f0000000240), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100)=<r8=>0x0, &(0x7f0000000140)=<r9=>0x0)
syz_io_uring_submit(r8, r9, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x5}, 0x0)
syz_io_uring_submit(r6, r9, &(0x7f0000000480)=@IORING_OP_OPENAT2={0x1c, 0x1, 0x0, 0xffffffffffffff9c, &(0x7f0000000340)={0x880, 0x21, 0x1}, &(0x7f0000000440)='./file0\x00', 0x18, 0x0, 0x12345}, 0x65859d81)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:27:55 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2500, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  985.005418][ T6529] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  985.013383][ T6529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  985.021351][ T6529] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:55 executing program 0:
pipe(&(0x7f0000000040))
r0 = socket(0x6, 0x3, 0x2)
write(r0, &(0x7f0000000080)="2400000058001f000307f4f9002304000a04f55f08000100020100020800038005000000", 0x24)

02:27:55 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
r5 = io_uring_setup(0x13be, &(0x7f0000000000))
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0x11, 0x400000, r6)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x7ee3233589471238, 0x0, @fd_index=0x9, 0xac, 0x0, 0xffffffff, 0x0, 0x1, {0x0, r6}}, 0xfffffffb)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000340)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2, 0x1, {0x2, r6}}, 0x3)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r7, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r8=>0x0)
syz_io_uring_submit(r1, r8, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

[  985.090431][ T6567] loop4: detected capacity change from 0 to 87
02:27:55 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 41)

02:27:55 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x3f00, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:55 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x13, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:27:55 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:55 executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000340)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000cc91156b3ee220bb2c00000000000000000000000000007d", 0x62, 0x400}], 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="07a34f2bcdbb510fd303403d0ff73f798d44048adb212b0f5ff4e41ab09a69d6cce183692af591b82400947b1fbc6e91c67a09a31b7345b81d185a4111fc213589"])

02:27:55 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0)={0x0, 0xb0b9, 0x0, 0x0, 0xffffffff}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
preadv(0xffffffffffffffff, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
r7 = openat2$dir(0xffffffffffffff9c, &(0x7f0000001780)='./file0\x00', &(0x7f00000017c0)={0x10081, 0x8, 0x5}, 0x18)
statx(0xffffffffffffffff, &(0x7f0000001800)='./file0\x00', 0x100, 0x20, &(0x7f0000001840)={0x0, 0x0, 0x0, 0x0, <r8=>0x0})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000002040)={&(0x7f0000000340), 0xc, &(0x7f0000002000)={&(0x7f0000002080)=ANY=[@ANYBLOB="84060000160020002dbd7000ffdbdf25100000002beb650ce373e59e40866bc78b77d1faf72742807e13c828efcd9d3c95f386c0707817e79a4432240f19f8418fe3405c32df460add71d85a5ddbb11353dfa2c69cad692fd3650c2fe10d080d607480c7e3760599b8a0bebc09da72f46312355c3437f5029f57cc9d91608a98aba0c8d8db72535b66113e863dbc58be0703bcd9aa60408ab5a9df87dc0cafb6ebee20274a5e8242ddcb9835f8dfc0272ea5db47e07f23cd886d1193b0712f3ba15f46f510f495d2646e7a316b21c0b8820336d83efd0011390af1febb8dfc2fcb21010a4375433d6f3256330042a2b21ac6205e382638965ff6a0c6d75cc97bad9798f7a6ea6859174a273f256767130aac2fdec44b83783a93eb015d0dfceaac276388aa1c362537b851f73387cf8862dc191d91d540431ab59337b1c417928dc0e8214d8c0cef1ec47d41d53e10136215f0bfacef60e340191dbbac5dbcae11fe937a861329003b094460b1e6a7bd2c7c391fe7436c353bd8dc4de5648315d20b053041788d093328d6e362c48361f50471050aad80f4e7c1f03355ee158230b8fc96e59455087382b435a8b587851f85d2a57dfe1f1129cdc6c6c55a231a3082ef64de461842066ffd6e53823b8976c7a923c42c1ad8b5d4b0a96a67f09b024580080007004803000008004100", @ANYRES32=0x0, @ANYBLOB="2b8db9b823aab9673979aac6d842c2f039f84ae44bab9c5ad7bf3ba109ac61f80d74dc58fb5e5a7c896e87f8fcc449e73c312e2a7ef24e5fa1bd52b7e2f9d334ee5e60da3ddc38e16eb3195d80917b3bb021238b1e30fdbe42b8f8b4dafc64a05df9f9c741c1750bec29b7a29a0eb23eaa900248d7100a71d1cc620d55dc9afc6d5037555192864bc30c164094a4ca6cd275495f688931083aa093f9f19b7eb1041e09c6c6a15d16d4f734fc8c2b8d1ed826906287d991068ddffc23fa91191dd0dabb016fa6a2dbb20fc6472ff58ee5ddd9e8aa02e97397bcd86d8314c830def98436df32a5278a9b862d528acaa9e93bc9fa2cf1cc650ca0f522d084dcea15094b54b10ced7568e50af8c1902dc05f1e269ddc2589f9322cca0e08008300", @ANYRES32=r7, @ANYBLOB="0c007b0005000000000000000c0030000000000001000000b9a893bbb1197fb42b4413ebd31dfe6a47bb36e85eefce3efee8897a3f5619cfd35c89d31f79558564765c32598a798545de65f74fa5f8851605c52d1f44cf0a020ffc7c9a1c6d49580958f80dd3cebc1469e3dac460a70f632422001b348f79dacbb196718bca91ea9356e2e3952af7d03488f02d5b9897f9e9db906aca353b19aa3ed02fe3da0fea2ebbe147f94c02f6327df39f0d6c046d299ac94ff3e465535e7bfd1aa3880941ebc9f6fe3fcee3d634760b55321560db45d6212b986bfd320376de4bcc501443843f373f317b672b637be9ca8e520aac7d9aff52ffb1cf5cb98f75ea861b51f6f3edda6b4ce2378c99b75d01fb548b32d0f435de45d363789f9ab2501ade091bef9bbaed19b1a458059955b0e256c3063a33599f4de979899f40e9a273ed46e9547c3252b1420fa230a00ad1c014977fbe78bb764487965dab29a25c2574febef460060008003100", @ANYRES32=r8, @ANYBLOB="14008e8005000f000000000008000700060000004f013e80493f3c342c9a96d65fd300e2bd9637bb787c48b633f22a858d41c646f02f7fe7b0639d4cd2718afbe858d3df979d5f5d898775bae4bbc81e4abc354aa441eed31877d49d79ac46a79aa5980b7f42c8dc28db08cd4c976e2f4408040266695bae4abb71c27b88a7ca797078e2c060ef08006c00ffffffff0c0077007f0000000000000010c539028867276be2081def74f2bfedaaaaebcc9ee956649bef6e783e4f2c9465cd9435b6593b2a954bb4af6f3d9a714d71f7412c8b940b59ef622bbad1633b650224c0e2a40d1c0f2a272a263b6ea24d6a3b090000007186bb621f128ae647ec5dd72e32c47231e0de62f4ff121b37db3c66b7651f5c1f5563458617e5839e1debd3acf2e039250fbc0460f0b496f2f404220e5f9d2cb6f0e96008bc7802d01f3a2c07ef88653fe405c6f926d87b5a20381a441b6560be53e62db8ca17b6a2804fe0bdb2efd8ad6c5b889ffd54747300d45416a9ed9be58a8c6175e7f63e6453351d841df57cc0b3ef108c3adc5e48e7936721b61aba65b06c30e887b18d243b4cce9d7a1a2513bbc8c2348965d4b5d8810575fef7b94fcbad27a129a1d1de9d150dee6cd51f58cc29717fa031e2c1efdc81f0a2984bfd4ca8a3d9addae63116ead2c3ae4e623fca811bcd1f88306b515cdb008970ba5a0c008600090000cc5458271b7e3238a90f8a33323a4e0000000000001928f6a491a573e58f7339d5f3a3090a362df51334cc8305849368d1de1dc7cbef0a3b2c2fda9a8185e2eec6e116fb454386a4755f3a9203214e4cd3a8b6a864e11f45"], 0x684}, 0x1, 0x0, 0x0, 0x4}, 0x80)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
vmsplice(r0, &(0x7f0000001700)=[{&(0x7f0000000340)}, {&(0x7f0000000440)="c5432c91a555d439d58ab3b0097ea0cd2066abca869dfc64d79650b61622798d8edce1c6e297b388bda34b9481f5685c4118912b4baab0acc99c1e30c2a7c1489d91cd624f09f6d68604b5d87c53973df6e8f183702ebbbbba67d545daad60e938bc8d3c287f8eb08d616a7e2ec12ff0d41915f04f1a6dd7b75cf9b45c3ea7f5cf30a6ac73f12bf5fc4b2905fb08dbd749355fa506443efe2e41a456937c222657a5222d506286b5f761bbc5c58b81d5eec6c90e0013bb4dc54d247f1aa7892ca5d8cc141c8d34013d171bfd827914baddebffae91bd7c2536a5834e9569ca06a87d0718c0e447c9b8bb7ae842705fed20abfcf988af6593bc49786663ecd0c82d6e51f827796c58023ea5f9f7d6406bcbc7aeeb5145f5d91c29450e6c68c8a9cd09333e81d866d6908ba7a8ae9ec19942db081c10003ce1c7aec69d0ea0ffdee4c5122304c7d49e324f13e89e98705a5018d8f24170f21d8f125795c2bef79416f684b48a1eae7bbb77b27991ea28e5cb722679c0fe0495d55fdc259c6c1bcd0f9f7341ed5fd99e2f304747d2e5e1231efd45f0716f28d7ea757dbca18a41fe8d162f355f23ab90a4d3cf0697da66bdeb9c316c5a08efc144d5bbf365c21d3e8c10dbc0ed0f1a8ce2112a756ff3e21f5d586f0265a9abdb453a912cc20b43de8de2eed7279fdbf9107356c00eeb24939f2d77a57909f3d39d907d9619f8187d15fbd741ebb9b59bad9b73180f5a1fc89b5c701ff6a797dad524d8ecb37ec8ca64db6b21d0546a37ad185ae02e790d116b1279a4838b9973aecbfb1690c37cb4fef2d31c220716be7691ca2c6073f08559985dfac11e974153bf3cef109e0b359d7da97e4816a9c7a743c26114628b17fac1c10b51868386110b2dc99b0b77b6c1ac3808107387c23920f35e1a05c85ce6a0cbbeec9e0ba23a4d610aef942d7eb5eb6094f96746aedc9f4df90f38c738e67f99a0631adf65f77a19aab3f7c49e7a78d859ebe8b87d23ae54e9b595b2f158a2002bdb5ae7d1e8dbc587b416e9b24f0405e2f3909ea8276e408d359ee38c14ed88f41b669d093bb5c9ea3c31127c38c25bc808ffbfea35595542229acd0644de0ad754a6067be9d21a8dbf9886c5a168718dad2ba8d5f2f0225a65c839a6b66389fddf4d79a0dc3066f04af87fb58e732b3a89cb55522e29b33d87f0b19d60fbec5ccc889bd308eff72d19303b1ef3aa9084732d769a7ff9b833c55009d7fd4c69fac43ef0c5f1ec512ec9dc0c59202d0042e3b75c1411b8b3dc675da4ba92cac949084c544e71ffbd01ff1ae3ad21f8c4cf86c13d3df24e36ffa25fee7e968edea104eb85d5c133350fb806ccde2f6a3324be12959addaaf3ab94dcdd8f10a0f19858f07e8ddcffd4f056d063c191cbe4ee8ab4f916023023986c963a08af94f477511b67891da42ae117769c71a34422e717c7f641dd0abb61c5a3effd186a2eb5d0f8c103bff14cbb0440d95916209ef7e76e33e98d13488a81a2b8e41d106bd6365806ee0f831de566a8a7c689a43ab09cba468a1433f175db6e8b1fe30618a4437c9ff2e2abc0cd36a06ec698373cd7168223486e7c07078839f8d77a63ca872c0a084cbf57e56cb28e1a6db2686d394f2e769dde4ccc7fa8d6ed786b9ad283ce7d2b0bdf0dcf449fe412a3ad65e6ec501f0bcbdf3b2c1d74f09f3c457ff385ee1e0290fc2e3d469dad958cfc400c27b8aeb32c1983944972441ec7a0f07584aa4298a7a50a748fb70c939e3b49a8010cdfb2b7aed05eeef51f2d49625d8ad08c95563364633a132c9a14f0f30f29eedf97ca44296a9d3919dfaf82f03de48602f72cedbcf7b56e5989416975f1c31a9e8975e4b213db0251b73232fc174b7951ce401cc5529afca16b5407e823f25f66d5012d5c4f1152834935bcb4119856173ac4823fde1d2ea7eeebc4e23ecf20a30267d44b38ede26803a7b3a4a30f917d1cfe0c1b890ac7a00ffe9a3febf077b2d5dffa3de1b24b34eb34d0d13c664c87c9cf53ce453c1678288c7ceb97d45b4e23d05934934b57345081729e99c1b374ebf314bad768454eb00e92e7d60366b365b8818ab5620296a68492d8653bd165a874a4186ab25d257e9d3ff5a032593c0756aa6059e6dbed5bc625690592b14e612e23b76cd15d08d9cd4f42262d1191cad349819b63dd721a18ab7ed2b12dda646d8c775e7a553fe6bddeed2361a29898910998b0a3494b3619520966891c0a1c1752e4860431d3b478c4fee005d62e4be5424ce8ea0792dc73049bdd9a447bce5e1ed1863028c91fbad800d6f9b01d0d7ba28cfa3fe2d196eb042e11f3a019640627c598f3f222425dbed3439af600b1068b2064148b6958f31baaabc127d0b9c3ef7e5bc618f4dcb2bd750ced0207ce53e386bfba188503486f83043b18d8ed16b305f56181f7a3171aaada70d73697346190c2dff07e468788f6b15d3070bbb177d970211490b11437fa469f8affdb4552f0e5ea5b3413f609d9c72300d6681336b72f9d86bffffe748a4ff1e3d15a2c0e5ee389464da71613cf35ac1b2f935bd077bfe1008b07a715ec8bf96adc8d90860f0ba7ec995dad5ece63a80ce5313f37140c3f5a55ded4559cb16895fcbdd3c5234275fa5100fddb2188b1926b847e49a687fb17a1a7cc6713c4cb79db461388896fc04a0878a1ab15e45cfca74afb379a4268986c13ff61f5f22b92298e49b83ba19a44a9557459d51fbdecc540cdcbddbb60b5f7be5fdc3f9d0a28fdd1e61f3f8fad4a622a9866cf0d62043ccc5092c1a3ed610671c82aad5225df1b3fc261ebf3d8ca849f56bcbdb96ceef434a450eb9a897fff7ce1c774e728100550b6ee598bbb56ffc582e57361922753cf2e13972dfc6283c08fe1a0ae237224a6c148ca0387d2d741729d0d4c0365cfc46ee7e6c729d7f65b3afee9d39b5f81e715e585d9c178a70f9a7f7a275c5e125031a9f1c269cd6b379ca3fe01bce5133bdb9f90fbe72db61c033d5a2e63b7f62ae18a31f4a07dd41e503f014f99435d3fcd00e509646e32ba534a39c5f2a5de49d28ae603c50031c6568fcf7787f594385493e73d8bb3ce856608c87f0f36ae41e12d3e3fd36ef92219723adbf5eb37aa8319b3c8c2f3926ac2fbb9dae285f75bf0b8a670b877691d02983dc8bd8011b86edd8c0186bff8f275f73ca1f23e44216688fadfe6fb0ce15d29ff57b06c9ffabfc5b4ff26f3d7f3988c72360ef8c9c840354920a4b033b282f7f160639af5a7b3b4d352458266cb3012e6dbc6fb5f3a59c73d2b847e75ee5c1c787e2439fd0426feaac5b7a71e7ee430af47030c1b325fee55a7ed522abb4795c51ab25b3a58a3228fdb1d9ee06140766a2202924d267293cf2e81a72db5908e8d4b11341123393f6ebb3bed25ea311f75ae6bc9d6b81045bfc70aef76d9cf40d5322fcf326fcfe2968ef05f5edf2425f278836c26d46f689f2797e192a3da02ba30140bf38206046fb33a246ef6fd3bfbeb6e6170b5f429a1afdf639b5ed1d6bf8554becb0ae3792866bac0ef0bc8187d9ac465ca0cf0081ff599f2d2f7536be967331ccd8dd9a22995248f50803b3348bd4475ac6dc59d8015b51db237cfd82a7d5f0bcab0e77fc4f76a07dacb1952045465a06646397458c1b34cf42ef6dd650bbbe23b229c45bb15f5091dcbaa19d6e46d196ea15412993445b724ff455918d857085dd221b97a11feed17aca1baf65841052b686c3a4f8c3da15e7043e1248d9426390f6e3c96560058e99f529ddb91b0e1f9800b20079793324960e91bf2100eecb0ec9e961e813fb1ff10584a673191421f6419c1a4005b5c96fa822226ae5e96a80274006387554dfd95e134311de80b36d40c38f90f310e43bf36ff8a952fcba03eb6d933051e111defa80a9bb22a32079d95ca7dee67ec86469a988f0490599e1fa0d845aba9687839ff1ceaf89de25daeba18e2fc031db169f3750e3ea87b203087796542094788743289b20c025767ba698eef7d6fd424dd64561ac2d57659d424c676df80ab3e6a26327f5749ff03a2aa9625a11002eb7bf5aa7187500c142d660911bf281caabd8bb88f27d121d09d076bd91fc231a09aa4921b5af237adde1d3f8c950fa46d8e8329bdeb89f46093d7ac681bd5764745bcca1c00cbade5207eb5e5bf3fb2b02e919862f51d2a1f10daf43d0cd46a6c46a51e64198dcb9ac387a89cc29e3cbdd771ec442841acbd1a95432ee52f82028d246f7f4252f92f6f147af434fd57f974dfabadf55e0684b18475a03df594ebed2f7e3dcb815da1d7802b586e4dc5cbab6c8c101371b72d0e883f00dd8c3b0c523bba4cff04916463b32acc1c217214afa4ee617d9f1931145a282945a5a4a6594af20e06cace614b3491f5aa3e5fdfedf6e1f1df28a0834add43bb0fd253a392d50f9ab373168cdd44d32c4930608226ae3e67b5fdfd7ad9cae61fc7ddda547995b535ee339bd2b81ccc6344269cfdb9eca9e780fa587de753760140e103d3636ce83578cdc416fcd992c15d24f341f15f93af8919394f3a3218e92a7663b1f587a971bafe7afc41ca55053cfaec160d019b76a61fb83307fdd735da63fdad01b8967ad94e7abb2c562c9a2f3e1822552bff0130244c7a3a8f1b12876747b7e28fd1bcbce10ff22247a3f6e0eef5a5433796b0ce0da1c2ba98242cb4cae4c04dcd923b6fa91ab9a10eecc7552b8ad1ed866cd8350a3a65719cad3afd2b64314bae2e8390494058e7ee8d2e4756c3944e64e6a43938d16cf715b27f5c96c5a67a8585e68139c6bf232323ef65784a8ca3aebf083895d0c547f526d02f67e2ca759cbd7c10311d2e01533029280f654e870348c238459a563b460b49d2184a7a6110076cbcf7542da2adc95581ec1f6df996ec407e77d167c193fe33d25f106e379bd01a00962d66b64344d8124720213dae16d042dcce1703ada374c86d9a86bba01df569ddcc9651468a6c447ed18c302b768103cdaf0e93d8be4770a5855ede1f47ffccdd096cf9f075da51391775487bf2c7dae6011fcd1685afca4b5b3b4a629bb03d99a764496334e7caf188bc313a12bb7c1b67344fe53dd1f6d82d17f55d06af2b2f3aa97aec90e1375425d811f75c24e196cdf1dc5c8fcb23dc41b0c3cda2b12597daa8ec236e20cd21617012079698583866d4476323007ba1849dc85dfbbf0dc9fa347871c143f1a27c916e64fe3a1c29623288297d75cecdb5bf9979114e8c07a7e68acd3bb58832f838704302e7945c7a9f0be569d928d58fb14309309fb39403afac94bf486432e2371d75038617fe1007319c630bb5ec9b9ab7f3e30503deae8633d010e79a646b547364889ef0c25bb4e9c747cb4d485234f91960ee4fc8e4abe7259a1c6c63e777bd71cfd119052d439f11da9f51b5eb0cfcf2edacc554e242e9221cc1aab662693de6d942cff6cdae6120990f4bc79e8a75c7b4ec0af7d7948b7c806c100ffa8243f55e37d377a9743996fe18487e0c0868e3b31805f189f0397f5370b9188185e8597d70bec6599540114f23eab1e1af3ea542054272f208e2332a792b05727124343530c9472f6bd025abbf6e55d4c7409de78f835c8249201657c5cb92610424801d4b875d739efc3c4d974c4dd872bdf62983205a1b9ec22ed4ce51726233600312683484594aa5d265efb046fc58d3daf113b7352c115b61c68b1b1b3b229dffb51c4a9e34e9cc3f19e300e5dfcc657bd0449545effd61b31dc9b86db54bcbe559df652130a53fe6596c7c7cd21e138e8c", 0x1000}, {&(0x7f0000001440)="6ce387e3e9ece771d629bb13c22f88946ce6ef8d97e42f453d1d095bdc421f9c8d1ef5ec8cdd8e1c54cfb6eb49b8b9b9066a6d4ac3f012956dd8a28bf52a15dde4a265af714f", 0x46}, {&(0x7f00000014c0)="54845aaa8dff07105606be2f1ebb1554cce8840abb0a662aa3f875f91a15736d13e95160bf21aaa741ee20052051591d68cf2ae4615f03f1a9586107e214942ee5be9dc1c926514e5ea6b0e17aa10d4325d1c63143e2620660c26b5d1ab9adbdea7a548f82bc872e6301e52f5070d5102a905bc21f322fb9d2bc671556912cd86bbcd2140d3d1968b53ad8d69559d0dad49caf4e4123f285bfb708f5a215f81d4f0f676264a110e4fbe3cb8c459f481ff954fb840d7369d0dc3afe2fbd9f5fb4ef931615a4cd774d9e80eaef9fd8830c8e1c9e18c60e361aa0b6007532499a99b18192f9cc047b5077e63db7da25e0514de817d9", 0xf4}, {&(0x7f00000015c0)="65ee8f07663054f90d2b4a715c0e30422083b33f4fc2053d6df147710670e2e149fa792380d9d51d7e92b2c1c6dab1d7158cc3928444e2b3fde2db9d3d6bb7f83e32bd6e8d152f4bdc615d2d62b8d809782a3f56795061209c96c872b6c7baaf4187defa209b9323932b7f4e37f00a3cf74772118e48cc9b5cfc8fbd5ad1f4ae8f11972b5e5b55e247345fc68b8c66619b89f8672684ac65f41808a46298", 0x9e}, {&(0x7f0000001680)="89cb919da227bbd4ff54bafad69f979181fb04a041efee6bdb4539ea83bfbdafa62ab89addb8017b7ffc6664b991cdb475af9feddf039cb888c98529ccdafa88a90046760aba13a6a98ed2ba63654220e7dfd0e476172867fe2c52d78f12f479b22a03", 0x63}], 0x6, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:27:55 executing program 0:
link(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000080)='./file0\x00', 0x100000, 0x20)
fcntl$setlease(r0, 0x400, 0x3)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/intel_idle', 0x1, 0x0)
ioctl$SG_SCSI_RESET(r1, 0x2284, 0x0)
fsetxattr$security_ima(r1, &(0x7f0000000100), &(0x7f0000000140)=@v2={0x3, 0x2, 0xf, 0x80, 0xfd, "f9f4a6f8fa3bd8faf195e5e3d3e8311432283d1131ad052215626d84fa3c3edd053e89e5346b66273ed2095784f87d418eecfb86e19590dbd0a1975726283f8c0edd5819e9f341308543fba2816fc0d6c9b96c19a0493f6a22beb85730ec793ba21c9de907b683dd45ed1b434efb36ce5fc6356b73d21b77149d71dfeb092b817a30c1a36a5ca52a13d31f814a2d6571f712853629d648f25b23b01bf35762d488776433af0fb5f614ccf18a24c179668685ea70ec6ab8208076205828c800568de99898c506d2b9cbcae8856ccc078588bec991f84f749382bfb9a4db997da86179517b5f9c3caaad07f114b86aa94e458bc4af95980bdfbf00b0e5b0"}, 0x106, 0x1)
getsockopt$inet6_int(r1, 0x29, 0x0, &(0x7f0000000280), &(0x7f00000002c0)=0x4)
open(&(0x7f0000000300)='./file0/file0\x00', 0x8101, 0x4)
r2 = pidfd_getfd(r1, r1, 0x0)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000380), r0)
sendmsg$BATADV_CMD_TP_METER(r2, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x44, r3, 0x0, 0x70bd27, 0x25dfdbfc, {}, [@BATADV_ATTR_VLANID={0x6, 0x28, 0x3}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_GW_SEL_CLASS={0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x4080}, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x359a00)
ftruncate(r4, 0x401)
fallocate(r2, 0x18, 0x3f, 0x7)
sendmsg$IPVS_CMD_FLUSH(r1, &(0x7f0000000640)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000600)={&(0x7f0000000540)={0x90, 0x0, 0x4, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_SERVICE={0x40, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e20}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0xb}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x5d}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x7}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x5, 0x20}}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e21}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2e}]}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x3}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e24}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7f}]}, 0x90}}, 0x11)
sendto$inet6(r0, &(0x7f0000000680)="a99323c19d4cd7089c28a552942ae3006cae84a17cd3dfb673de49767911c4ed8010139b9b7eead0a93ea56dc834d2586f8a94146304131fa3c9b19fdfc40d27e5ab40daa7d3bdcf843b7748f4e458d8b1034cb6806b173a6d9cd875c10687", 0x5f, 0x80, &(0x7f0000000700)={0xa, 0x4e20, 0x22d4000, @local, 0x54f}, 0x1c)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000740)={<r5=>r1, 0x6, 0x1ff, 0x7f})
sendmsg$IPVS_CMD_ZERO(r5, &(0x7f0000000840)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x12dc7099d05c9d3f}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x2c, 0x0, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x80000000}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xc92d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x401}, 0xc014)
openat$full(0xffffffffffffff9c, &(0x7f0000000880), 0x80000, 0x0)
ioctl$BTRFS_IOC_QGROUP_LIMIT(0xffffffffffffffff, 0x8030942b, &(0x7f0000000980)={0x9, {0x13, 0x9, 0x6, 0xef79, 0x3}})

[  985.231791][ T6601] loop4: detected capacity change from 0 to 87
[  985.251522][ T6605] FAULT_INJECTION: forcing a failure.
[  985.251522][ T6605] name failslab, interval 1, probability 0, space 0, times 0
[  985.264237][ T6605] CPU: 1 PID: 6605 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
02:27:55 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r6, 0x0)
preadv(r6, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r6, 0x8983, &(0x7f0000000340))
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:27:55 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  985.272899][ T6605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  985.282945][ T6605] Call Trace:
[  985.286214][ T6605]  dump_stack_lvl+0xd6/0x122
[  985.290803][ T6605]  dump_stack+0x11/0x1b
[  985.295019][ T6605]  should_fail+0x23c/0x250
[  985.299425][ T6605]  __should_failslab+0x81/0x90
[  985.304178][ T6605]  should_failslab+0x5/0x20
[  985.308741][ T6605]  kmem_cache_alloc_node_trace+0x61/0x2e0
[  985.314524][ T6605]  ? __kmalloc_node+0x30/0x40
[  985.319181][ T6605]  __kmalloc_node+0x30/0x40
[  985.323663][ T6605]  kvmalloc_node+0x81/0x110
[  985.328183][ T6605]  __list_lru_init+0x2d7/0x680
[  985.332933][ T6605]  alloc_super+0x4bf/0x520
[  985.337333][ T6605]  sget+0x1a5/0x400
[  985.341169][ T6605]  ? v9fs_kill_super+0x60/0x60
[  985.345919][ T6605]  v9fs_mount+0x91/0x4c0
[  985.350142][ T6605]  ? selinux_capable+0x34/0x40
[  985.354887][ T6605]  ? tsan.module_ctor+0x10/0x10
[  985.359721][ T6605]  legacy_get_tree+0x70/0xc0
[  985.364319][ T6605]  vfs_get_tree+0x4a/0x1a0
[  985.368716][ T6605]  path_mount+0x11ec/0x1d20
[  985.373208][ T6605]  __se_sys_mount+0x24b/0x2f0
[  985.377881][ T6605]  ? fput+0x2d/0x130
[  985.381760][ T6605]  __x64_sys_mount+0x63/0x70
[  985.386341][ T6605]  do_syscall_64+0x44/0xa0
[  985.390828][ T6605]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  985.396707][ T6605] RIP: 0033:0x7f925409f709
[  985.401107][ T6605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  985.420694][ T6605] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  985.429085][ T6605] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  985.437039][ T6605] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  985.444995][ T6605] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  985.452950][ T6605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  985.460902][ T6605] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:55 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x5400, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:55 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r5, 0x0)
preadv(r5, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
r6 = syz_open_pts(0xffffffffffffffff, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000480)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x9d6, &(0x7f0000000440)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0, r5, r6, r0], 0x8}, 0x8)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r7, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r8=>0x0)
syz_io_uring_submit(r1, r8, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

[  985.478974][    C0] scsi_io_completion_action: 3 callbacks suppressed
[  985.479007][    C0] sd 0:0:1:0: tag#5113 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  985.495414][    C0] sd 0:0:1:0: tag#5113 CDB: opcode=0xe5 (vendor)
[  985.501756][    C0] sd 0:0:1:0: tag#5113 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  985.510767][    C0] sd 0:0:1:0: tag#5113 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  985.519797][    C0] sd 0:0:1:0: tag#5113 CDB[20]: ba
02:27:55 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x5500, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:55 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 42)

02:27:55 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x5600, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  985.619933][ T6630] FAULT_INJECTION: forcing a failure.
[  985.619933][ T6630] name failslab, interval 1, probability 0, space 0, times 0
[  985.632574][ T6630] CPU: 1 PID: 6630 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  985.641286][ T6630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  985.651329][ T6630] Call Trace:
[  985.654591][ T6630]  dump_stack_lvl+0xd6/0x122
[  985.659190][ T6630]  dump_stack+0x11/0x1b
[  985.663384][ T6630]  should_fail+0x23c/0x250
[  985.667793][ T6630]  __should_failslab+0x81/0x90
[  985.672553][ T6630]  should_failslab+0x5/0x20
[  985.677053][ T6630]  kmem_cache_alloc_node_trace+0x61/0x2e0
[  985.682771][ T6630]  ? bdi_alloc+0x2d/0xc0
[  985.687011][ T6630]  bdi_alloc+0x2d/0xc0
[  985.691089][ T6630]  super_setup_bdi_name+0x5b/0x120
[  985.696195][ T6630]  super_setup_bdi+0x45/0x50
[  985.700782][ T6630]  v9fs_mount+0x1cd/0x4c0
[  985.705106][ T6630]  ? selinux_capable+0x34/0x40
[  985.709916][ T6630]  ? tsan.module_ctor+0x10/0x10
[  985.714832][ T6630]  legacy_get_tree+0x70/0xc0
[  985.719420][ T6630]  vfs_get_tree+0x4a/0x1a0
[  985.723826][ T6630]  path_mount+0x11ec/0x1d20
[  985.728325][ T6630]  __se_sys_mount+0x24b/0x2f0
[  985.733055][ T6630]  ? fput+0x2d/0x130
[  985.736965][ T6630]  __x64_sys_mount+0x63/0x70
[  985.741555][ T6630]  do_syscall_64+0x44/0xa0
[  985.745973][ T6630]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  985.751868][ T6630] RIP: 0033:0x7f925409f709
[  985.756276][ T6630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  985.775875][ T6630] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  985.784280][ T6630] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  985.792242][ T6630] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  985.800283][ T6630] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  985.808242][ T6630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  985.816210][ T6630] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:55 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x14, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:27:56 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x5700, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:56 executing program 5:
r0 = syz_io_uring_setup(0x4958, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000340)=@IORING_OP_MADVISE={0x19, 0x4, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
r6 = signalfd4(r0, &(0x7f0000000240)={[0x3]}, 0x8, 0x0)
syz_io_uring_setup(0x3ced, &(0x7f0000000280)={0x0, 0x0, 0x20, 0x4001, 0x3, 0x0, r6}, &(0x7f0000ee8000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000440), &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:27:56 executing program 0:
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
write(0xffffffffffffffff, &(0x7f0000000000)="2400000052001f0014f9f4070009040002000710080001", 0x17)
r1 = socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(r0, &(0x7f0000000000)=ANY=[], 0x96a44f1)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
r3 = syz_open_dev$usbmon(&(0x7f0000000040), 0x3b78, 0x400842)
splice(r3, &(0x7f0000000080)=0x22, r1, &(0x7f0000000100)=0xffffffffffffffff, 0x8, 0x1)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000050e00)={0xa65, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r4=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r5=>0x0}], 0x2, "f8c9daa0dc7210"})
r6 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5, 0x8}, 0x0, 0x0, 0x9, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r6, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r7=>0x0, ""/256, <r8=>0x0, <r9=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r6, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r9}, {0x0, r9}, {}, {r8}, {0x0, r9}, {}, {}, {0x0, r9}, {}, {r8, r9}, {}, {}, {r7}, {0x0, r9}, {}, {0x0, r9}, {0x0, r9}, {}, {}, {}, {0x0, r9}, {r8}, {0x0, r9}, {}, {r8}, {0x0, r9}, {r7}, {}, {}, {}, {}, {}, {r7, r9}, {r8}, {}, {0x0, r9}, {r8, r9}, {0x0, r9}, {r7, r9}, {}, {}, {r8}, {}, {0x0, r9}, {r8}, {0x0, r9}, {r8}, {0x0, r9}, {}, {r7, r9}, {0x0, r9}, {}, {}, {}, {r7}, {}, {r8, r9}, {}, {0x0, r9}, {0x0, r9}, {0x0, r9}, {0x0, r9}, {r8, r9}, {0x0, r9}, {0x0, r9}, {0x0, r9}, {}, {0x0, r9}, {}, {r7}, {}, {}, {0x0, r9}, {}, {r8}, {}, {}, {}, {}, {0x0, r9}, {r8}, {}, {}, {0x0, r9}, {r7}, {0x0, r9}, {0x0, r9}, {0x0, r9}, {r7, r9}, {}, {}, {0x0, r9}, {}, {r7}, {0x0, r9}, {}, {r8}, {r7, r9}, {0x0, r9}, {}, {r8}, {0x0, r9}, {0x0, r9}, {0x0, r9}, {}, {}, {}, {r7, r9}, {}, {0x0, r9}, {r7, r9}, {0x0, r9}, {r8, r9}, {r7, r9}, {r8}, {}, {r7, r9}, {r7}, {r8, r5}, {}, {r7}, {r7, r9}, {}, {}, {}, {0x0, r9}, {0x0, r9}, {r8, r9}, {}, {}, {r7, r9}, {}, {r8, r9}, {r7, r9}, {r8, r9}, {0x0, r9}, {}, {}, {r8}, {}, {0x0, r9}, {r7}, {}, {r8, r9}, {r7}, {0x0, r9}, {0x0, r9}, {0x0, r9}, {0x0, r9}, {}, {0x0, r9}, {}, {0x0, r9}, {r8}, {r7}, {}, {}, {}, {0x0, r9}, {r7}, {r8, r9}, {}, {0x0, r9}, {}, {r8}, {0x0, r9}, {}, {}, {r7, r4}, {r7}, {}, {r7, r9}, {0x0, r9}, {0x0, r9}, {r7}, {}, {r7}, {}, {}, {r7, r9}, {0x0, r9}, {0x0, r9}, {0x0, r9}, {}, {}, {}, {r8}, {r7}, {}, {r7}, {}, {0x0, r9}, {r8, r9}, {}, {0x0, r9}, {0x0, r9}, {}, {0x0, r9}, {r7, r9}, {}, {r8, r9}, {}, {}, {r7}, {}, {r7}, {}, {}, {r7, r9}, {}, {}, {}, {r8}, {0x0, r9}, {r7}, {r8}, {r8}, {}, {}, {}, {0x0, r9}, {0x0, r9}, {r7, r9}, {r7}, {}, {0x0, r9}, {}, {}, {r8}, {r7}, {0x0, r9}, {r7}, {r8}, {0x0, r9}, {r8}, {r8}, {r7, r9}, {}, {}, {r8}, {r7, r9}, {0x0, r9}, {r7, r9}, {}, {r8}, {r8}, {r7}, {}, {r8, r9}, {r8}, {0x0, r9}, {}, {}, {0x0, r9}, {r7, r9}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000000200)={0x0, r7, "5a1357156aec85f28b8dc7d0c4b5be2752e4db520e5d3ed545b402ec4c36bb88afb3488d541f9b5ce3e2feb3b6a62d1d87c0299a93c3c989b20c812f863dbb0d89cadd79c8ae9a2992ac7d84854335a7542eae30d4c6ab20dde9ce0854d61dfb14c6697e04ea6cd3917bbcdbffd63c234f0374711649efbb1a0b25c33d11c01e16ebf1c087f07a64bfff274996d02572cf49369852aa72c65e6dd256b7e8afb38af5249061171488353b095a199d40f7fe15d44c2ea48595457d0e72b3bd7f6a4cfdff41c5ebbe9ac902187033b2bcce055e9a70af02ce382c52ab6e92b43c9e02876e1f01a478adda4701a49eb8daf07dd14f46858bd812397cebff607b8fc2", "76a165e732e0ca1640487e297bd950ddd4d56389a427355458df7406d837e0e4e8de22672dff402860e487226d2d1055eb90ff5b00c4b5976601f094b802e80c2b44fa46f35b4e3596d630de8ea50ccbee02ec2f4893fe7a2320dfe4a1ef3e97c2375b720a43c2daefd39eaa02a7ef0863cb35c8604f64c09216cce86669b8941d9e9d311b8e124c6ba63ca3d986b069b94527267defaf0782b541be6b62e94d247ba898516a8e8bc0566080454ce7a98415208ab68235dde7ef6c4397b7d96f9d7c15c88fb0c5a778440aa52d7ff960489a05ac109172590c18ae7df6dc72e30017caea6561e804706a2d14c39043c3e301a0373d7c19e174d6a1d9a166559dd7582ace6af11525c0423dab4514a908435c76e9f28ed06acab85562a907c7d58f0a171d88f3ef353c2560b497f60d928ffe02ad329314f4c9665271af45c82064e26f1b9565b406988e44e29b4269f26c7d733fc6ecb2b13755e1f639a1fc2136da87debad55acf3fd8de063786ca91a51f7631b8be46ae27258e2759b5f07c5d836691ac434e18763844e96f27935227e16827e3281041d2a8614a2da4632a3168e050b92a6d348cc5ebe91299111a21ea27c9753b3897df96735b950cb566ad6e82f41b313e10ddbd2b90939a2c4b85e66bd1e29bd589e58a0428bc1970bae839156a6b0fb8bbefdc3d204d3f120b36ab8a9049d2333fbb591ae09eb9b4d325fa16286d798674fa111798d8b73ba2cc7cdec013e7ff87d87dc1a7f84314eace2e1a10b2f4a6419d7c74236807a2388492d9504ada9e5dc8f162ffb61f642d943377af887a94b892824142ee80940ea6efbb81541250b367131d07bff873df94d165a51f9103f2fab67f5cd0897ed0f799642c06f02ab3afb4dfb73d176ab36fc887a330f8e7a692ae48fc55690bdc0d5ddf675661dbb41a67cdfdec5733be9622275b82325ea6170387efef396f512c1e9828e4b7a590546baa8cd95131d4527c5d320c3815276a7e41750385151932e336e34480f1d027a9a592fa4c2f49e922178760f5e7412f222ddeaf6d822a00106092591b163b71319ba983368c3686de43dcfad75ef4951cda5f2c866239e94584ccaba3576d636755af50b226d81ee2456d70d88f77cbe223ef26f2a45d85d3da2aa1244eb3594cfa6affdaeba2504e7c3eb132de0fc8f505268ffae2482e346bb42ca15b098f335be2a8441d6c67d0bd2572693710f5a4bf631c6901b63b0abb5834f0fbceab4f192864975e0edb0fb7ec1ff62567d90f6877ad4baaf9b17176b93744ecb00de51ff7411d8a6fbe7c7874cc0a6873425e49683f554a9f3c0961ee4835e496fbf8f9c091eb5ba52cb4fd52fe3e87e4693371e112a3e2d6f4c8ad15f152e63c4df8a59a2bf301729d9975e226929868096c9314b98d9e562b514afbb07037bae9916c5a831298b393e06119bdc74fa3005d1bad439551ae21aea8b917336e3d8b08786f6ce2ed10a76b3aa0fee9b3342b8ff7e9497dfdabbe89b3280846627401d00be00897ac8d969b3e46395ae03e8f976c48aa11e5224ddadec511e5729a69e2d5a4df44cd0843445dd92db216561aa7cc349ae4e6eae94591d00d71f10f8eb74bb7a63054cfe5561b6d4dda31994b1f72812f06d0e3a0b45f01c7be53ee583b0f1f9612783e2d2821fe34cbfc7f324e270e77d62c305e7afecd861dbdcf865f650960b335de71a1af817f4b28df4d7a55c94910bc523f90e0034328f2369849eaaff87c56529f7b6cdd0dd8f979eb95f4fa0436cf0fd07d00cb440146b2cfd66a7f6cec4c357953adcd2e0e164ebd70815c94f364c5d12b0845d16258a40eaae9f4ff7469a32a7ee0b4f12c5bd9bbcc7e7cf481fc1ff3de4e7e20f0badbded021f23578c7e6ced610131df08791962eafba4e8ac1ac9df72d97615095526f2b40f07f37486c0091b6d99d6fda07b74342022a427db74dc711087c84207abe70561de6c0bc04cc2eb302a99ce9bdf2b1a672a94b8ddaa3c080bd929b8e8be5458a725c1ba921311df31134a6ce1be35d619f19795ba77399dc4da090d58cb28e31d052954294011c9f7136be2eb27346c38172616a71e92cfae4717b19d32e66a3b961a81e9762f77d00f9698fcb4601c098fba37608c41535a322fa89075e0a8d36188ea58e8c48f1cdd5ad748811183faad5b78c893eda41f50213a51247b6301248ef999079cf7d06835847c1d7808cfc97e24b5d6bd893d107d869a8d16167a96ff6f49ab868c17410b958c34871e5db7fd3cff23818d1c08354aa7123028933cde63e548dfe10eb5fb1f396af8ad88386d0e5691ba94bcd0c0cad651030b3aee51752252287680ff230b84b0ab5599f9ae46b7b8e8056bb490b10ea8efe92ae0956d82475e106ba1773d91d23528e3584413df6fb10e304f6a74138feb90141e3e7819eebd0720a00b6e7f0337fc3cbb4387f2cd992ecace328cdbc6abffd69b2c63150c7049a47bfa31565f3a1e7d3c0318cbf4cc1f945bf4d57e807552056ab73e1a430e5146a6f1e79bc568619040c44be04088a1578eb927cfbe876219f5d0a96fe2bee5bc1412bf2f28d9c7f7a230442d82159d2c12f768fdf0bc2308479ee34ead9d8b6a1aa0152543ec65c6cdf3f05c417b9330576566c279ab2f051c7cc084845e5e5ffcf9aa367e1a45f1e2631ab107f9543e24db7550241997fd8f8ef7310e7fb5d3dfa67e569328eaca830e1374603710689ffac0c971b2ba88e1861ca39519f9374acd09da6193db8e039ca03751ba379680aadc5494964430d6cccae3e88b2e98173d0aef97b40bb2c83619ece66fdd8ef8e2031a560899caa8b713d4c5a8d959648cce5c06e1032a7b540a0d41048c12de34d2efbaa7e1443ee6953bedc3fd32deb8e693a4569f439d0061a543d0d32b5fa44aa2c4a87566b9a4fd8c020a8fc4c361945f041abf89401c87c7f2b25d2cd3d5afe20593056e023419ca4d09e5acc2abf42d5e0cc5b2b27f0f7f9000e7bd89c3309b15fccfc74fa85cd920d098709b3eadf7d40d95cc6085355472387dae81375acea1d12b7a70dbfc124dffd9cc73a94792d82cd9617ba434ddfe97acd65166410b7ca9a381c9e247cefaec4e616425870540800062762e8530352235f17c95641c1a9a37085c6771f90742c8ed819fd4474d322e7c9de5235c9e7d380f68d2036bf292eeea043d686c156ce0cca1f476c3b5bb929378ef7eccbccb149dea259b773be00be3bfd8d6416b61602d9a0bc6b524d39b398852b604ecec044c9d42dc667f447aad82151a40624b018336ce134deac0e530ba4197bb2530d55df7404d5afb03e15aa5a33184484c56c917052bff2c240031712af01e966c9e3191a81a7492b0122069f099428de1478eaf716ef5f3778d009b8b989d61c2381739b2fe6c7f36279bad09e5180367f491b1305683a879d8cdaac5098e27eb2becc3dca7484efb3520f06ef2d26b79f1b776768b94f7d2606185ba4e893a9e2ca5c6cae7f0a07f952cef46b3099e938232fb16cbd236608c197b771889e26b70edc906f00850e53fae0b952621dc545117b5d7389694ed5d71e827b1c8a325d570c772cde88670348429859313e6a5f25f5ae40ffd1b177e0f806010380b92f7f0c876505b4b691462065346ae901b841b89a832641a8af742e3abf200a03fd9fa6539d86946749b8df7ce166d63fe8a39eac59c544c0e2e5caebfb08298c46f34fde9f4d6a70d684f180656dde2839f7cfa784bcedb3203bf30cba5ed13511ca732fa2423ae78ee46b589179aa7f196fb88ce1202772ecf67b834d1e7da5094c86761226c16ade7eaf1c49f56881d87fe88b7fa055504ade7a00fde82e343378b7aa7119181b799a019d2936f69c31eb7d464c2bc0e464bf5b2149b35420c42136a55e57db351db0cf567896679cc27f4970099c8353a46ab42306314b9792ab27df6e2a540387f17643fe6bcb4f18739964e780e7896e2baa2aec5c8361ca77ee4bf001a87422fca76f269177ad4708990acbdad9d69e5a25729bfd51bc82aecfd9d14350709650b705c18077d810c8bfeebfd8e24e918047d669ad328788c646f763cd84447f1ee3584f11be408f20930c49f19ba4246f091de1b43c9e6d03ccfd6debb0355df95c44b1c083814d4436546380ef483b998885d444ccb7d4f8e4bd6291d066889751ae9c91a242129abcd93604e8016df5915f1e325b3165f1996a33c9cb5673507e839425c643ad1e6fcd9ad05191ec8253ba26ff53191ea487ad2d131f225d1e90f973cae9d369e0353c0d98df79c2f85c1fee5b141a5a8fbc13e58d8b36a5b470a3512de9ebb30a139099bda77a0a9f4d1a2c9214ad1974e048e3f288e0db3c1f165a8546bc84fa295b091367b136b9b319f7c4b72fbb2398080a50e82cd07e1377d5b8c397cefd0c42633a922547b5d333214bb3d4301c40ebcd473fe597d319a008a71792ad7e7586f7357ffb257725e45cd0cbeebf9ca7f811fda72cea45d43d88cab6f5e0259e5023af9360a98c331c64bcc48021f498d3dbf8e838011a1669ebaa83b55b72a53e82a651b34c53824cb6c51ee93662795b27a175bf855f76f7cdfc5a952835991d27217cec91665d38e1665bd80d204d1210d4b8df7557dbe534d07e6d89d63168ce54860c18d8a2dd18f070f21ff0574762ce02bdf77215a51456ddec99431a3cb43aded6151fb46d8b7f621c636bb584a9b1d921150b3c7651222e469897bb2c74a4d6eca0365e69c9aea60addbb9f87b2e549856105102caf5f617aae0594a1a58da48c9684a11aa821505542f5dd7a6cb73e1917bdf8d29eed9acb47ca80276cb5d0ae1041fd05fd8c09e2099cc966889faaa1f8cce64b76d37d12f658a672d2ebd4458710b86f3bd98738a4affe6f93731f2ab16191f59cdb95d549e0e357acbd4779b948f17f161d320c7ba16a080b06ebd0d22fabd25e7405ad09c96ec34dc3459a2e8f7d57ab099bc799f4320709d857dae5edab0ff864e7a91c4375b192001cf378fedcaf29018853666d9493fa9ebb0ea369873e6fba33828ddbca8d4c4bd070b288d134d7708842de33ae4e068090522793a3489352c20f3ad3394f54fa43c5a469c56376a53c4cea1f44e84094c6330b3030d233b28110ea12f7ad20915e0b7ebe25fe88c379bb0a6b197a2f31c349400628f347920c046055857638143248b864d82464b39ab43f28126419f496acea2f58588b43488edc32f8d379f051e05bace5de102e0339368f61b1c3bb17a4c39b878d28fe715535b0f261aa269967e08494b3404fb0c5f189ccb19feca3de4cd2e9f9262eb0e08af128613e8b021047f71407a22a63c54ab0c280c1f4f030df03cd062262ff7bed374556b69d38006719090fcbbde5"})
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r2, 0x0)
preadv(r2, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
r10 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r10, 0x0)
preadv(r10, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
fcntl$F_GET_RW_HINT(r10, 0x40b, &(0x7f0000000140))
splice(r2, 0x0, r1, 0x0, 0x4ffdc, 0x0)

02:27:56 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 43)

02:27:56 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:56 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x15, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

[  986.099252][ T6646] FAULT_INJECTION: forcing a failure.
[  986.099252][ T6646] name failslab, interval 1, probability 0, space 0, times 0
[  986.111893][ T6646] CPU: 1 PID: 6646 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  986.120556][ T6646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  986.130598][ T6646] Call Trace:
[  986.133873][ T6646]  dump_stack_lvl+0xd6/0x122
[  986.138490][ T6646]  dump_stack+0x11/0x1b
[  986.142643][ T6646]  should_fail+0x23c/0x250
02:27:56 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
syz_io_uring_submit(0x0, r2, &(0x7f0000000440)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f0000755000/0x2000)=nil, 0x2000, 0xd}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r5, 0x0)
preadv(r5, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_EPOLL_CTL=@mod={0x1d, 0xd9dc1262224c91b2, 0x0, r5, &(0x7f0000000340)={0x10000000}, r0, 0x3, 0x0, 0x1, {0x0, r6}}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r7, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r8=>0x0)
syz_io_uring_submit(r1, r8, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:27:56 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x9403, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  986.147054][ T6646]  __should_failslab+0x81/0x90
[  986.151828][ T6646]  ? device_create+0xac/0x1d0
[  986.156597][ T6646]  should_failslab+0x5/0x20
[  986.161175][ T6646]  kmem_cache_alloc_trace+0x52/0x320
[  986.166456][ T6646]  device_create+0xac/0x1d0
[  986.170954][ T6646]  ? vsnprintf+0xe8f/0xed0
[  986.175364][ T6646]  bdi_register_va+0x7c/0x3c0
[  986.180185][ T6646]  super_setup_bdi_name+0x93/0x120
[  986.185298][ T6646]  super_setup_bdi+0x45/0x50
[  986.189890][ T6646]  v9fs_mount+0x1cd/0x4c0
[  986.194214][ T6646]  ? selinux_capable+0x34/0x40
02:27:56 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xe102, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:56 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xea02, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  986.199007][ T6646]  ? tsan.module_ctor+0x10/0x10
[  986.203916][ T6646]  legacy_get_tree+0x70/0xc0
[  986.208500][ T6646]  vfs_get_tree+0x4a/0x1a0
[  986.212905][ T6646]  path_mount+0x11ec/0x1d20
[  986.217462][ T6646]  __se_sys_mount+0x24b/0x2f0
[  986.222147][ T6646]  ? fput+0x2d/0x130
[  986.226072][ T6646]  __x64_sys_mount+0x63/0x70
[  986.230754][ T6646]  do_syscall_64+0x44/0xa0
[  986.235236][ T6646]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  986.241137][ T6646] RIP: 0033:0x7f925409f709
[  986.245603][ T6646] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  986.265254][ T6646] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  986.273648][ T6646] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  986.281599][ T6646] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  986.289551][ T6646] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
02:27:56 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xedc0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  986.297502][ T6646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  986.305455][ T6646] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:56 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
r7 = io_uring_setup(0x13be, &(0x7f0000000000))
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r7, 0x11, 0x400000, r8)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x7ee3233589471238, 0x0, @fd_index=0x9, 0xac, 0x0, 0xffffffff, 0x0, 0x1, {0x0, r8}}, 0xfffffffb)
syz_io_uring_submit(0x0, r3, &(0x7f0000000440)=@IORING_OP_WRITE={0x17, 0x2, 0x4007, @fd_index=0x7, 0x2, &(0x7f0000000340)="abc10edb2837154d97536fe9", 0xc, 0xb, 0x1, {0x0, r8}}, 0xfffffffd)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:27:56 executing program 0:
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xf8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f00000003c0)=ANY=[], 0x2a, 0xfffffffffffffffc)
fcntl$getownex(r0, 0x10, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, @perf_bp={0x0}, 0xc420, 0x6, 0x0, 0x5, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x8, 0xffffffffffffffff, 0x0)
unshare(0x20000)
r1 = syz_open_procfs$namespace(0x0, &(0x7f00000005c0)='ns/mnt\x00')
r2 = socket(0x100000000011, 0x2, 0x0)
bind(r2, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000000))
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
migrate_pages(0x0, 0x65, &(0x7f0000000040)=0x8002, &(0x7f00000004c0)=0x3)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000600))
setns(r1, 0x20000)
sendmsg$SMC_PNETID_GET(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000003c0)={0x0}}, 0x0)
memfd_create(0x0, 0x2)
ftruncate(0xffffffffffffffff, 0x7fffffff)
syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x200, 0x1, &(0x7f00000000c0)=[{0x0}], 0x4001, &(0x7f0000000240)=ANY=[@ANYBLOB="636865630a0b006904002c6f366572720185919f238de21bb5c0866ac20134ef0000000100000065726d2c0083924925ff3a7b712f017d2b6596b0028e85ad2e4a5946fa2edb9c38a4a786cd794e4f2300e2d3cc"])

02:27:56 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xfeff, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:56 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

[  986.408151][ T6681] loop4: detected capacity change from 0 to 87
[  986.445483][    C1] sd 0:0:1:0: tag#5116 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
02:27:56 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 44)

[  986.455333][    C1] sd 0:0:1:0: tag#5116 CDB: opcode=0xe5 (vendor)
[  986.461682][    C1] sd 0:0:1:0: tag#5116 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  986.470715][    C1] sd 0:0:1:0: tag#5116 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  986.479748][    C1] sd 0:0:1:0: tag#5116 CDB[20]: ba
[  986.535450][ T6698] FAULT_INJECTION: forcing a failure.
[  986.535450][ T6698] name failslab, interval 1, probability 0, space 0, times 0
[  986.548139][ T6698] CPU: 1 PID: 6698 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  986.556880][ T6698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  986.566929][ T6698] Call Trace:
[  986.570205][ T6698]  dump_stack_lvl+0xd6/0x122
[  986.574805][ T6698]  dump_stack+0x11/0x1b
[  986.578959][ T6698]  should_fail+0x23c/0x250
[  986.583407][ T6698]  ? kvasprintf_const+0xec/0x100
[  986.588345][ T6698]  __should_failslab+0x81/0x90
[  986.593105][ T6698]  should_failslab+0x5/0x20
[  986.597679][ T6698]  __kmalloc_track_caller+0x6d/0x350
[  986.603042][ T6698]  ? put_dec_trunc8+0x10e/0x130
[  986.607970][ T6698]  ? should_fail+0xd6/0x250
[  986.612467][ T6698]  kstrdup_const+0x51/0x90
[  986.616884][ T6698]  kvasprintf_const+0xec/0x100
[  986.621649][ T6698]  kobject_set_name_vargs+0x43/0xe0
[  986.626878][ T6698]  device_create+0x143/0x1d0
[  986.631521][ T6698]  ? vsnprintf+0xe8f/0xed0
[  986.635967][ T6698]  bdi_register_va+0x7c/0x3c0
[  986.640682][ T6698]  super_setup_bdi_name+0x93/0x120
[  986.645787][ T6698]  super_setup_bdi+0x45/0x50
[  986.650370][ T6698]  v9fs_mount+0x1cd/0x4c0
[  986.654699][ T6698]  ? selinux_capable+0x34/0x40
[  986.659457][ T6698]  ? tsan.module_ctor+0x10/0x10
[  986.664308][ T6698]  legacy_get_tree+0x70/0xc0
[  986.668977][ T6698]  vfs_get_tree+0x4a/0x1a0
[  986.673461][ T6698]  path_mount+0x11ec/0x1d20
[  986.677961][ T6698]  __se_sys_mount+0x24b/0x2f0
[  986.682653][ T6698]  ? fput+0x2d/0x130
[  986.686575][ T6698]  __x64_sys_mount+0x63/0x70
[  986.691164][ T6698]  do_syscall_64+0x44/0xa0
[  986.695627][ T6698]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  986.701570][ T6698] RIP: 0033:0x7f925409f709
[  986.705977][ T6698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  986.725620][ T6698] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
02:27:56 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 45)

02:27:56 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x16, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

[  986.734104][ T6698] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  986.742072][ T6698] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  986.750036][ T6698] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  986.758001][ T6698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  986.765965][ T6698] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:56 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xff03, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:56 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

[  986.839914][ T6711] FAULT_INJECTION: forcing a failure.
[  986.839914][ T6711] name failslab, interval 1, probability 0, space 0, times 0
[  986.852562][ T6711] CPU: 1 PID: 6711 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  986.861225][ T6711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  986.871273][ T6711] Call Trace:
[  986.874541][ T6711]  dump_stack_lvl+0xd6/0x122
[  986.879131][ T6711]  dump_stack+0x11/0x1b
[  986.883289][ T6711]  should_fail+0x23c/0x250
[  986.887706][ T6711]  __should_failslab+0x81/0x90
[  986.892504][ T6711]  ? device_add+0x96/0xf40
[  986.894419][ T6714] loop4: detected capacity change from 0 to 87
[  986.897176][ T6711]  should_failslab+0x5/0x20
[  986.907808][ T6711]  kmem_cache_alloc_trace+0x52/0x320
[  986.913087][ T6711]  ? __kmalloc_track_caller+0x33c/0x350
[  986.918627][ T6711]  ? kvasprintf_const+0xec/0x100
[  986.923565][ T6711]  device_add+0x96/0xf40
[  986.927855][ T6711]  ? kfree+0x196/0x1d0
[  986.931910][ T6711]  device_create+0x17d/0x1d0
[  986.936489][ T6711]  ? vsnprintf+0xe8f/0xed0
[  986.940937][ T6711]  bdi_register_va+0x7c/0x3c0
[  986.945603][ T6711]  super_setup_bdi_name+0x93/0x120
[  986.950695][ T6711]  super_setup_bdi+0x45/0x50
[  986.955343][ T6711]  v9fs_mount+0x1cd/0x4c0
[  986.959656][ T6711]  ? selinux_capable+0x34/0x40
[  986.964471][ T6711]  ? tsan.module_ctor+0x10/0x10
[  986.969306][ T6711]  legacy_get_tree+0x70/0xc0
[  986.973927][ T6711]  vfs_get_tree+0x4a/0x1a0
[  986.978327][ T6711]  path_mount+0x11ec/0x1d20
[  986.982858][ T6711]  __se_sys_mount+0x24b/0x2f0
[  986.987629][ T6711]  ? fput+0x2d/0x130
[  986.991507][ T6711]  __x64_sys_mount+0x63/0x70
[  986.996081][ T6711]  do_syscall_64+0x44/0xa0
[  987.000541][ T6711]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  987.006421][ T6711] RIP: 0033:0x7f925409f709
[  987.010818][ T6711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  987.030470][ T6711] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  987.038862][ T6711] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  987.046817][ T6711] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  987.054769][ T6711] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  987.062721][ T6711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  987.070731][ T6711] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:57 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xfffe, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  987.099144][    C0] sd 0:0:1:0: tag#5118 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  987.108988][    C0] sd 0:0:1:0: tag#5118 CDB: opcode=0xe5 (vendor)
[  987.115332][    C0] sd 0:0:1:0: tag#5118 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  987.124359][    C0] sd 0:0:1:0: tag#5118 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  987.133392][    C0] sd 0:0:1:0: tag#5118 CDB[20]: ba
02:27:57 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 46)

02:27:57 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x1ffe7, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  987.219013][ T6726] FAULT_INJECTION: forcing a failure.
[  987.219013][ T6726] name failslab, interval 1, probability 0, space 0, times 0
[  987.231658][ T6726] CPU: 1 PID: 6726 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  987.240329][ T6726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  987.250371][ T6726] Call Trace:
[  987.253640][ T6726]  dump_stack_lvl+0xd6/0x122
[  987.258276][ T6726]  dump_stack+0x11/0x1b
[  987.262463][ T6726]  should_fail+0x23c/0x250
[  987.266887][ T6726]  ? __kernfs_new_node+0x41/0x330
[  987.271917][ T6726]  __should_failslab+0x81/0x90
[  987.276673][ T6726]  should_failslab+0x5/0x20
[  987.281169][ T6726]  __kmalloc_track_caller+0x6d/0x350
[  987.286447][ T6726]  kstrdup_const+0x51/0x90
[  987.290940][ T6726]  __kernfs_new_node+0x41/0x330
[  987.295783][ T6726]  ? p9pdu_readf+0x1767/0x18c0
[  987.300608][ T6726]  ? p9pdu_readf+0x1767/0x18c0
[  987.305358][ T6726]  ? __perf_event_task_sched_in+0x7e7/0x850
[  987.311248][ T6726]  ? _find_next_bit+0x188/0x190
[  987.316166][ T6726]  kernfs_create_dir_ns+0x5e/0x140
[  987.321278][ T6726]  sysfs_create_dir_ns+0xa3/0x1a0
[  987.326297][ T6726]  kobject_add_internal+0x488/0x890
[  987.331515][ T6726]  kobject_add+0xd7/0x150
[  987.335910][ T6726]  device_add+0x31d/0xf40
[  987.340240][ T6726]  ? kfree+0x196/0x1d0
[  987.344299][ T6726]  device_create+0x17d/0x1d0
[  987.348930][ T6726]  ? vsnprintf+0xe8f/0xed0
[  987.353425][ T6726]  bdi_register_va+0x7c/0x3c0
[  987.358104][ T6726]  super_setup_bdi_name+0x93/0x120
[  987.363287][ T6726]  super_setup_bdi+0x45/0x50
[  987.367927][ T6726]  v9fs_mount+0x1cd/0x4c0
[  987.372292][ T6726]  ? selinux_capable+0x34/0x40
[  987.377120][ T6726]  ? tsan.module_ctor+0x10/0x10
[  987.381970][ T6726]  legacy_get_tree+0x70/0xc0
[  987.386551][ T6726]  vfs_get_tree+0x4a/0x1a0
[  987.390958][ T6726]  path_mount+0x11ec/0x1d20
[  987.395494][ T6726]  __se_sys_mount+0x24b/0x2f0
[  987.400166][ T6726]  ? fput+0x2d/0x130
[  987.404101][ T6726]  __x64_sys_mount+0x63/0x70
[  987.408691][ T6726]  do_syscall_64+0x44/0xa0
[  987.413102][ T6726]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  987.418989][ T6726] RIP: 0033:0x7f925409f709
[  987.423394][ T6726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  987.443066][ T6726] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  987.451469][ T6726] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  987.459473][ T6726] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
02:27:57 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x80000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  987.467435][ T6726] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  987.475397][ T6726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  987.483396][ T6726] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
[  987.491421][ T6726] kobject_add_internal failed for 9p-31 (error: -12 parent: bdi)
02:27:57 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x100000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:57 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x21, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:27:57 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xfeffff, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:57 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x1000000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:57 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x1100a8d, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:57 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 47)

02:27:57 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:57 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x22, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:27:57 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x2000000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  987.798805][ T6743] FAULT_INJECTION: forcing a failure.
[  987.798805][ T6743] name failslab, interval 1, probability 0, space 0, times 0
[  987.811500][ T6743] CPU: 1 PID: 6743 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  987.820228][ T6743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  987.830273][ T6743] Call Trace:
[  987.833544][ T6743]  dump_stack_lvl+0xd6/0x122
[  987.838139][ T6743]  dump_stack+0x11/0x1b
[  987.842289][ T6743]  should_fail+0x23c/0x250
[  987.845818][ T6752] loop4: detected capacity change from 0 to 87
[  987.846692][ T6743]  ? __kernfs_new_node+0x6a/0x330
[  987.857884][ T6743]  __should_failslab+0x81/0x90
[  987.862644][ T6743]  should_failslab+0x5/0x20
[  987.867147][ T6743]  kmem_cache_alloc+0x4f/0x300
[  987.871913][ T6743]  __kernfs_new_node+0x6a/0x330
[  987.876780][ T6743]  ? p9pdu_readf+0x1767/0x18c0
[  987.881577][ T6743]  ? p9pdu_readf+0x1767/0x18c0
[  987.886326][ T6743]  ? __perf_event_task_sched_in+0x7e7/0x850
[  987.892200][ T6743]  ? _find_next_bit+0x188/0x190
[  987.897034][ T6743]  kernfs_create_dir_ns+0x5e/0x140
[  987.902133][ T6743]  sysfs_create_dir_ns+0xa3/0x1a0
[  987.907141][ T6743]  kobject_add_internal+0x488/0x890
[  987.912324][ T6743]  kobject_add+0xd7/0x150
[  987.916634][ T6743]  device_add+0x31d/0xf40
[  987.920980][ T6743]  ? kfree+0x196/0x1d0
[  987.925042][ T6743]  device_create+0x17d/0x1d0
[  987.929614][ T6743]  ? vsnprintf+0xe8f/0xed0
[  987.934013][ T6743]  bdi_register_va+0x7c/0x3c0
[  987.938677][ T6743]  super_setup_bdi_name+0x93/0x120
[  987.943769][ T6743]  super_setup_bdi+0x45/0x50
[  987.948340][ T6743]  v9fs_mount+0x1cd/0x4c0
[  987.952653][ T6743]  ? selinux_capable+0x34/0x40
[  987.957399][ T6743]  ? tsan.module_ctor+0x10/0x10
[  987.962267][ T6743]  legacy_get_tree+0x70/0xc0
[  987.966864][ T6743]  vfs_get_tree+0x4a/0x1a0
[  987.971274][ T6743]  path_mount+0x11ec/0x1d20
[  987.975827][ T6743]  __se_sys_mount+0x24b/0x2f0
[  987.980486][ T6743]  ? fput+0x2d/0x130
[  987.984440][ T6743]  __x64_sys_mount+0x63/0x70
[  987.989011][ T6743]  do_syscall_64+0x44/0xa0
[  987.993413][ T6743]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  987.999300][ T6743] RIP: 0033:0x7f925409f709
[  988.003694][ T6743] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  988.023284][ T6743] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  988.031673][ T6743] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  988.039667][ T6743] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  988.047619][ T6743] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  988.055569][ T6743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  988.063519][ T6743] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
[  988.071506][ T6743] kobject_add_internal failed for 9p-32 (error: -12 parent: bdi)
[  988.080492][    C0] sd 0:0:1:0: tag#5056 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  988.090352][    C0] sd 0:0:1:0: tag#5056 CDB: opcode=0xe5 (vendor)
02:27:58 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_DISABLE_BEARER(r0, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000001640)={&(0x7f0000001600)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000100000000000000022c00000018001369623ae7657468315f746f5f6272696467650800"], 0x34}}, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x68, r1, 0x300, 0x70bd2d, 0x25dfdbfb, {{}, {}, {0x4c, 0x18, {0x3f, @link='broadcast-link\x00'}}}, [""]}, 0x68}, 0x1, 0x0, 0x0, 0x10}, 0x8080)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x30, r1, 0x400, 0x70bd2b, 0x25dfdbfb, {{}, {}, {0x14, 0x18, {0xe76, @bearer=@udp='udp:syz2\x00'}}}, ["", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x10000000}, 0x4040000)
r2 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r3=>0x0, &(0x7f0000000100)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r3, r4, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r2, 0x10000000)
r6 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r2, 0x10000000)
syz_io_uring_submit(r3, r5, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r3, r6, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r3, r7, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r8=>0x0)
syz_io_uring_submit(r3, r8, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r3, r5, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r3, r6, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r2, 0x6374, 0x0, 0x0, 0x0, 0x0)

[  988.096704][    C0] sd 0:0:1:0: tag#5056 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  988.105738][    C0] sd 0:0:1:0: tag#5056 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  988.114785][    C0] sd 0:0:1:0: tag#5056 CDB[20]: ba
02:27:58 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 48)

02:27:58 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x3000000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  988.180376][ T6766] FAULT_INJECTION: forcing a failure.
[  988.180376][ T6766] name failslab, interval 1, probability 0, space 0, times 0
[  988.193017][ T6766] CPU: 0 PID: 6766 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  988.201688][ T6766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  988.211776][ T6766] Call Trace:
[  988.215051][ T6766]  dump_stack_lvl+0xd6/0x122
[  988.219666][ T6766]  dump_stack+0x11/0x1b
[  988.223819][ T6766]  should_fail+0x23c/0x250
[  988.228231][ T6766]  ? __kernfs_new_node+0x6a/0x330
[  988.233258][ T6766]  __should_failslab+0x81/0x90
[  988.238014][ T6766]  should_failslab+0x5/0x20
[  988.242541][ T6766]  kmem_cache_alloc+0x4f/0x300
[  988.247399][ T6766]  __kernfs_new_node+0x6a/0x330
[  988.252328][ T6766]  ? kernfs_activate+0x2b9/0x2d0
[  988.257262][ T6766]  ? kernfs_add_one+0x356/0x3c0
[  988.262117][ T6766]  kernfs_new_node+0x5b/0xd0
[  988.266711][ T6766]  __kernfs_create_file+0x45/0x1a0
[  988.271818][ T6766]  sysfs_add_file_mode_ns+0x1c1/0x250
02:27:58 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x4000000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  988.277233][ T6766]  sysfs_create_file_ns+0x9a/0xe0
[  988.282266][ T6766]  device_create_file+0xa7/0x110
[  988.287200][ T6766]  device_add+0x38e/0xf40
[  988.291561][ T6766]  ? kfree+0x196/0x1d0
[  988.295627][ T6766]  device_create+0x17d/0x1d0
[  988.300288][ T6766]  ? vsnprintf+0xe8f/0xed0
[  988.304829][ T6766]  bdi_register_va+0x7c/0x3c0
[  988.309514][ T6766]  super_setup_bdi_name+0x93/0x120
[  988.314624][ T6766]  super_setup_bdi+0x45/0x50
[  988.319211][ T6766]  v9fs_mount+0x1cd/0x4c0
[  988.323600][ T6766]  ? selinux_capable+0x34/0x40
02:27:58 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x5000000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  988.328366][ T6766]  ? tsan.module_ctor+0x10/0x10
[  988.333217][ T6766]  legacy_get_tree+0x70/0xc0
[  988.337806][ T6766]  vfs_get_tree+0x4a/0x1a0
[  988.342214][ T6766]  path_mount+0x11ec/0x1d20
[  988.346716][ T6766]  __se_sys_mount+0x24b/0x2f0
[  988.351415][ T6766]  ? fput+0x2d/0x130
[  988.355383][ T6766]  __x64_sys_mount+0x63/0x70
[  988.359971][ T6766]  do_syscall_64+0x44/0xa0
[  988.364406][ T6766]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  988.370366][ T6766] RIP: 0033:0x7f925409f709
02:27:58 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x6000000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  988.374790][ T6766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  988.394420][ T6766] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  988.402823][ T6766] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  988.410822][ T6766] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  988.418790][ T6766] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
02:27:58 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 49)

02:27:58 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000240)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x2, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3}}, 0xfffffffc)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r2, &(0x7f00000005c0)=@IORING_OP_STATX={0x15, 0x5, 0x0, 0xffffffffffffffff, &(0x7f0000000480), &(0x7f0000000580)='./file0\x00', 0x40, 0x400, 0x1}, 0x9)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f00000de000/0x2000)=nil, 0x2000, 0x2, 0x12, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r6, &(0x7f0000000440)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x6000, @fd_index=0x9, 0x6, 0x0, 0x0, 0x1, 0x0, {0x1}}, 0x101)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)
r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_io_uring_submit(0x0, r5, &(0x7f0000000180)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000db000/0xf000)=nil, 0xf000, 0x2}, 0x8000)
ioctl$sock_inet_SIOCSIFBRDADDR(r8, 0x891a, &(0x7f0000000340)={'veth1_to_team\x00', {0x2, 0x0, @dev}})

[  988.426758][ T6766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  988.434752][ T6766] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:58 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xf1, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

[  988.526792][ T6789] FAULT_INJECTION: forcing a failure.
[  988.526792][ T6789] name failslab, interval 1, probability 0, space 0, times 0
[  988.539445][ T6789] CPU: 1 PID: 6789 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  988.548116][ T6789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  988.558162][ T6789] Call Trace:
[  988.561433][ T6789]  dump_stack_lvl+0xd6/0x122
[  988.566024][ T6789]  dump_stack+0x11/0x1b
[  988.570228][ T6789]  should_fail+0x23c/0x250
[  988.574638][ T6789]  ? __kernfs_new_node+0x6a/0x330
[  988.579660][ T6789]  __should_failslab+0x81/0x90
[  988.584421][ T6789]  should_failslab+0x5/0x20
[  988.588923][ T6789]  kmem_cache_alloc+0x4f/0x300
[  988.593682][ T6789]  __kernfs_new_node+0x6a/0x330
[  988.598620][ T6789]  ? kernfs_add_one+0x356/0x3c0
[  988.603471][ T6789]  ? __kernfs_create_file+0x189/0x1a0
[  988.608849][ T6789]  kernfs_new_node+0x5b/0xd0
[  988.613578][ T6789]  kernfs_create_link+0x68/0x120
[  988.618510][ T6789]  sysfs_do_create_link_sd+0x98/0x110
[  988.623878][ T6789]  sysfs_create_link+0x4d/0x60
[  988.628636][ T6789]  device_add+0x42e/0xf40
[  988.632974][ T6789]  device_create+0x17d/0x1d0
[  988.637577][ T6789]  ? vsnprintf+0xe8f/0xed0
[  988.641990][ T6789]  bdi_register_va+0x7c/0x3c0
[  988.646686][ T6789]  super_setup_bdi_name+0x93/0x120
[  988.651794][ T6789]  super_setup_bdi+0x45/0x50
[  988.656377][ T6789]  v9fs_mount+0x1cd/0x4c0
[  988.660708][ T6789]  ? selinux_capable+0x34/0x40
[  988.665508][ T6789]  ? tsan.module_ctor+0x10/0x10
[  988.670354][ T6789]  legacy_get_tree+0x70/0xc0
[  988.674944][ T6789]  vfs_get_tree+0x4a/0x1a0
[  988.679361][ T6789]  path_mount+0x11ec/0x1d20
[  988.683883][ T6789]  __se_sys_mount+0x24b/0x2f0
[  988.688588][ T6789]  ? fput+0x2d/0x130
[  988.692484][ T6789]  __x64_sys_mount+0x63/0x70
[  988.697076][ T6789]  do_syscall_64+0x44/0xa0
[  988.701499][ T6789]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  988.707405][ T6789] RIP: 0033:0x7f925409f709
[  988.711815][ T6789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  988.731415][ T6789] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  988.739823][ T6789] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  988.747801][ T6789] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  988.755786][ T6789] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  988.763751][ T6789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  988.771712][ T6789] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:58 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:58 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 50)

02:27:58 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_setup(0x3ede, &(0x7f0000000240), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x5}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1, 0x1ee0272001d264b0, r0, 0x10000000)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_submit(r3, r5, &(0x7f0000000a00)=@IORING_OP_FALLOCATE={0x11, 0x4, 0x0, @fd=r6, 0x0, 0x0, 0xaaf, 0x0, 0x1}, 0x6)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r8 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r7, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r8, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r9 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r9, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r10=>0x0)
syz_io_uring_submit(r1, r10, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r8, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:27:58 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x7000000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:58 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x204, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

[  988.927742][ T6808] FAULT_INJECTION: forcing a failure.
[  988.927742][ T6808] name failslab, interval 1, probability 0, space 0, times 0
[  988.936232][ T6813] loop4: detected capacity change from 0 to 87
[  988.940380][ T6808] CPU: 0 PID: 6808 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  988.955263][ T6808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  988.965351][ T6808] Call Trace:
[  988.968616][ T6808]  dump_stack_lvl+0xd6/0x122
[  988.973197][ T6808]  dump_stack+0x11/0x1b
[  988.977350][ T6808]  should_fail+0x23c/0x250
[  988.981753][ T6808]  ? __kernfs_new_node+0x41/0x330
[  988.986834][ T6808]  __should_failslab+0x81/0x90
[  988.991584][ T6808]  should_failslab+0x5/0x20
[  988.996087][ T6808]  __kmalloc_track_caller+0x6d/0x350
[  989.001353][ T6808]  kstrdup_const+0x51/0x90
[  989.005797][ T6808]  __kernfs_new_node+0x41/0x330
[  989.010630][ T6808]  ? up_write+0x25/0xc0
[  989.014766][ T6808]  kernfs_new_node+0x5b/0xd0
[  989.019341][ T6808]  kernfs_create_link+0x68/0x120
[  989.024261][ T6808]  sysfs_do_create_link_sd+0x98/0x110
[  989.029626][ T6808]  sysfs_create_link+0x4d/0x60
[  989.034374][ T6808]  device_add+0x586/0xf40
[  989.038691][ T6808]  device_create+0x17d/0x1d0
[  989.043317][ T6808]  ? vsnprintf+0xe8f/0xed0
[  989.047715][ T6808]  bdi_register_va+0x7c/0x3c0
[  989.052377][ T6808]  super_setup_bdi_name+0x93/0x120
[  989.057469][ T6808]  super_setup_bdi+0x45/0x50
[  989.062047][ T6808]  v9fs_mount+0x1cd/0x4c0
[  989.066359][ T6808]  ? selinux_capable+0x34/0x40
[  989.071103][ T6808]  ? tsan.module_ctor+0x10/0x10
[  989.075940][ T6808]  legacy_get_tree+0x70/0xc0
[  989.080511][ T6808]  vfs_get_tree+0x4a/0x1a0
[  989.084961][ T6808]  path_mount+0x11ec/0x1d20
[  989.089514][ T6808]  __se_sys_mount+0x24b/0x2f0
[  989.094176][ T6808]  ? fput+0x2d/0x130
[  989.098120][ T6808]  __x64_sys_mount+0x63/0x70
[  989.102702][ T6808]  do_syscall_64+0x44/0xa0
[  989.107173][ T6808]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  989.113085][ T6808] RIP: 0033:0x7f925409f709
[  989.117547][ T6808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  989.137222][ T6808] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  989.145628][ T6808] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  989.153579][ T6808] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  989.161530][ T6808] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  989.169506][ T6808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  989.177460][ T6808] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
[  989.204575][    C1] sd 0:0:1:0: tag#5059 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  989.214422][    C1] sd 0:0:1:0: tag#5059 CDB: opcode=0xe5 (vendor)
02:27:59 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
clock_gettime(0x0, &(0x7f0000000340)={<r6=>0x0, <r7=>0x0})
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000480)=@IORING_OP_LINK_TIMEOUT={0xf, 0x5, 0x0, 0x0, 0x0, &(0x7f0000000440)={r6, r7+10000000}, 0x1, 0x0, 0x1, {0x0, r8}}, 0x320)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r9=>0x0)
syz_io_uring_submit(r1, r9, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

[  989.220758][    C1] sd 0:0:1:0: tag#5059 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  989.229807][    C1] sd 0:0:1:0: tag#5059 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  989.238840][    C1] sd 0:0:1:0: tag#5059 CDB[20]: ba
[  989.347901][ T6835] FAULT_INJECTION: forcing a failure.
[  989.347901][ T6835] name failslab, interval 1, probability 0, space 0, times 0
[  989.360596][ T6835] CPU: 1 PID: 6835 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  989.369261][ T6835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  989.379305][ T6835] Call Trace:
[  989.382571][ T6835]  dump_stack_lvl+0xd6/0x122
[  989.387167][ T6835]  dump_stack+0x11/0x1b
[  989.391316][ T6835]  should_fail+0x23c/0x250
[  989.395733][ T6835]  ? __kernfs_new_node+0x6a/0x330
[  989.400794][ T6835]  __should_failslab+0x81/0x90
[  989.405557][ T6835]  should_failslab+0x5/0x20
[  989.410057][ T6835]  kmem_cache_alloc+0x4f/0x300
[  989.414825][ T6835]  __kernfs_new_node+0x6a/0x330
[  989.419676][ T6835]  ? up_write+0x25/0xc0
[  989.423896][ T6835]  kernfs_new_node+0x5b/0xd0
[  989.428491][ T6835]  kernfs_create_link+0x68/0x120
[  989.433433][ T6835]  sysfs_do_create_link_sd+0x98/0x110
[  989.438808][ T6835]  sysfs_create_link+0x4d/0x60
[  989.443603][ T6835]  device_add+0x586/0xf40
[  989.447935][ T6835]  device_create+0x17d/0x1d0
[  989.452525][ T6835]  ? vsnprintf+0xe8f/0xed0
[  989.456940][ T6835]  bdi_register_va+0x7c/0x3c0
[  989.461622][ T6835]  super_setup_bdi_name+0x93/0x120
[  989.466733][ T6835]  super_setup_bdi+0x45/0x50
[  989.471312][ T6835]  v9fs_mount+0x1cd/0x4c0
[  989.475642][ T6835]  ? selinux_capable+0x34/0x40
[  989.480403][ T6835]  ? tsan.module_ctor+0x10/0x10
[  989.485264][ T6835]  legacy_get_tree+0x70/0xc0
[  989.489927][ T6835]  vfs_get_tree+0x4a/0x1a0
[  989.494340][ T6835]  path_mount+0x11ec/0x1d20
[  989.498893][ T6835]  __se_sys_mount+0x24b/0x2f0
[  989.503575][ T6835]  ? fput+0x2d/0x130
[  989.507485][ T6835]  __x64_sys_mount+0x63/0x70
[  989.512079][ T6835]  do_syscall_64+0x44/0xa0
[  989.516507][ T6835]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  989.522402][ T6835] RIP: 0033:0x7f925409f709
[  989.526825][ T6835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
02:27:59 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x8000000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:59 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 51)

02:27:59 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
r6 = syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_setup(0x1db7, &(0x7f0000000440)={0x0, 0x641d, 0x2, 0x0, 0x19e, 0x0, r6}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000340), &(0x7f00000004c0)=<r8=>0x0)
syz_io_uring_submit(0x0, r8, &(0x7f0000000580)=@IORING_OP_SEND={0x1a, 0x2, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000500)="7d64c2260c7cf8a224c9b2c7455b879d963aa96bd694fd56d15b0874a8badc08968df5073a59008b79d22a4dedc53d226e246abb65756f04dc3a1dd0de2398fee2dff7e8188c5def29e141a19ba0db4c3b6f237192", 0x55, 0x20008011}, 0x1)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:27:59 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x9000000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:59 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa000000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  989.546552][ T6835] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  989.554959][ T6835] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  989.562925][ T6835] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  989.570890][ T6835] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  989.578974][ T6835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  989.586942][ T6835] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:59 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 52)

[  989.699575][ T6851] FAULT_INJECTION: forcing a failure.
[  989.699575][ T6851] name failslab, interval 1, probability 0, space 0, times 0
[  989.712258][ T6851] CPU: 0 PID: 6851 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  989.720926][ T6851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  989.730981][ T6851] Call Trace:
[  989.734264][ T6851]  dump_stack_lvl+0xd6/0x122
[  989.738982][ T6851]  dump_stack+0x11/0x1b
[  989.743147][ T6851]  should_fail+0x23c/0x250
[  989.747564][ T6851]  ? __kernfs_new_node+0x6a/0x330
[  989.752599][ T6851]  __should_failslab+0x81/0x90
[  989.757370][ T6851]  should_failslab+0x5/0x20
[  989.761874][ T6851]  kmem_cache_alloc+0x4f/0x300
[  989.766658][ T6851]  __kernfs_new_node+0x6a/0x330
[  989.771511][ T6851]  ? up_write+0x25/0xc0
[  989.775666][ T6851]  kernfs_new_node+0x5b/0xd0
[  989.780260][ T6851]  kernfs_create_link+0x68/0x120
[  989.785196][ T6851]  sysfs_do_create_link_sd+0x98/0x110
[  989.790571][ T6851]  sysfs_create_link+0x4d/0x60
[  989.795336][ T6851]  device_add+0x586/0xf40
02:27:59 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:27:59 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xb000000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:27:59 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
vmsplice(r7, &(0x7f0000000040)=[{&(0x7f0000000000)="7f", 0x1}], 0x1, 0x0)
close(r7)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
shutdown(r8, 0x1)

02:27:59 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x300, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:27:59 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xc000000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  989.799700][ T6851]  device_create+0x17d/0x1d0
[  989.804293][ T6851]  ? vsnprintf+0xe8f/0xed0
[  989.808778][ T6851]  bdi_register_va+0x7c/0x3c0
[  989.813456][ T6851]  super_setup_bdi_name+0x93/0x120
[  989.818564][ T6851]  super_setup_bdi+0x45/0x50
[  989.823149][ T6851]  v9fs_mount+0x1cd/0x4c0
[  989.827490][ T6851]  ? selinux_capable+0x34/0x40
[  989.832291][ T6851]  ? tsan.module_ctor+0x10/0x10
[  989.837148][ T6851]  legacy_get_tree+0x70/0xc0
[  989.841734][ T6851]  vfs_get_tree+0x4a/0x1a0
02:27:59 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xd000000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  989.846145][ T6851]  path_mount+0x11ec/0x1d20
[  989.850646][ T6851]  __se_sys_mount+0x24b/0x2f0
[  989.855389][ T6851]  ? fput+0x2d/0x130
[  989.859273][ T6851]  __x64_sys_mount+0x63/0x70
[  989.863970][ T6851]  do_syscall_64+0x44/0xa0
[  989.868434][ T6851]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  989.874335][ T6851] RIP: 0033:0x7f925409f709
[  989.878745][ T6851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
02:27:59 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xe000000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  989.898375][ T6851] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  989.906788][ T6851] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  989.914757][ T6851] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  989.922733][ T6851] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  989.930741][ T6851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  989.938712][ T6851] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:27:59 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 53)

02:28:00 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_setup(0x796f, &(0x7f0000000440)={0x0, 0xe38e, 0x29ca1a88400b055b, 0x0, 0x60, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000340)=<r5=>0x0, &(0x7f00000004c0))
syz_io_uring_submit(r5, 0x0, &(0x7f0000000500)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x1, 0x4007, @fd=r0, 0x7, 0x0, 0x0, 0x0, 0x1, {0x1}}, 0x757)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r6, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:28:00 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x10000000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  990.018442][ T6878] loop4: detected capacity change from 0 to 87
[  990.050545][    C0] sd 0:0:1:0: tag#5062 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  990.060408][    C0] sd 0:0:1:0: tag#5062 CDB: opcode=0xe5 (vendor)
[  990.066772][    C0] sd 0:0:1:0: tag#5062 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  990.075802][    C0] sd 0:0:1:0: tag#5062 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  990.084838][    C0] sd 0:0:1:0: tag#5062 CDB[20]: ba
[  990.092207][ T6882] FAULT_INJECTION: forcing a failure.
[  990.092207][ T6882] name failslab, interval 1, probability 0, space 0, times 0
[  990.104840][ T6882] CPU: 1 PID: 6882 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  990.113510][ T6882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  990.123561][ T6882] Call Trace:
[  990.126838][ T6882]  dump_stack_lvl+0xd6/0x122
[  990.131437][ T6882]  dump_stack+0x11/0x1b
[  990.135589][ T6882]  should_fail+0x23c/0x250
[  990.140004][ T6882]  ? __kernfs_new_node+0x6a/0x330
[  990.145031][ T6882]  __should_failslab+0x81/0x90
[  990.149783][ T6882]  should_failslab+0x5/0x20
[  990.154310][ T6882]  kmem_cache_alloc+0x4f/0x300
[  990.159126][ T6882]  ? __down_write_common+0x42/0x830
[  990.164344][ T6882]  __kernfs_new_node+0x6a/0x330
[  990.169236][ T6882]  ? up_write+0x25/0xc0
[  990.173428][ T6882]  kernfs_new_node+0x5b/0xd0
[  990.178016][ T6882]  __kernfs_create_file+0x45/0x1a0
[  990.183122][ T6882]  sysfs_add_file_mode_ns+0x1c1/0x250
[  990.188495][ T6882]  internal_create_group+0x2f4/0x860
[  990.193780][ T6882]  sysfs_create_groups+0x3d/0xf0
[  990.198714][ T6882]  device_add+0x606/0xf40
[  990.203042][ T6882]  device_create+0x17d/0x1d0
[  990.207672][ T6882]  ? vsnprintf+0xe8f/0xed0
[  990.212152][ T6882]  bdi_register_va+0x7c/0x3c0
[  990.216832][ T6882]  super_setup_bdi_name+0x93/0x120
[  990.222002][ T6882]  super_setup_bdi+0x45/0x50
[  990.226594][ T6882]  v9fs_mount+0x1cd/0x4c0
[  990.230924][ T6882]  ? selinux_capable+0x34/0x40
[  990.235696][ T6882]  ? tsan.module_ctor+0x10/0x10
[  990.240546][ T6882]  legacy_get_tree+0x70/0xc0
[  990.245186][ T6882]  vfs_get_tree+0x4a/0x1a0
[  990.249597][ T6882]  path_mount+0x11ec/0x1d20
[  990.254097][ T6882]  __se_sys_mount+0x24b/0x2f0
[  990.258775][ T6882]  ? fput+0x2d/0x130
[  990.262731][ T6882]  __x64_sys_mount+0x63/0x70
[  990.267342][ T6882]  do_syscall_64+0x44/0xa0
[  990.271778][ T6882]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  990.277707][ T6882] RIP: 0033:0x7f925409f709
[  990.282117][ T6882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  990.301722][ T6882] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  990.310146][ T6882] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
02:28:00 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_setup(0x3ede, &(0x7f0000000240), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x5}, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000340)=@IORING_OP_MADVISE={0x19, 0x1, 0x0, 0x0, 0x0, &(0x7f0000ee9000/0x4000)=nil, 0x4000, 0x7e}, 0x4c8e00cf)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r7, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r8=>0x0)
syz_io_uring_submit(r1, r8, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:28:00 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:28:00 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x402, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

[  990.318107][ T6882] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  990.326075][ T6882] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  990.334045][ T6882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  990.342021][ T6882] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:28:00 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x11000000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:28:00 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x12000000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:28:00 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0)={0x0, 0xffffffff, 0x0, 0x200}, &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

[  990.430617][ T6900] loop4: detected capacity change from 0 to 87
02:28:00 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x14000000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:28:00 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 54)

[  990.480401][    C1] sd 0:0:1:0: tag#5065 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  990.490252][    C1] sd 0:0:1:0: tag#5065 CDB: opcode=0xe5 (vendor)
[  990.496594][    C1] sd 0:0:1:0: tag#5065 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  990.505635][    C1] sd 0:0:1:0: tag#5065 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  990.514675][    C1] sd 0:0:1:0: tag#5065 CDB[20]: ba
02:28:00 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

[  990.606549][ T6928] FAULT_INJECTION: forcing a failure.
[  990.606549][ T6928] name failslab, interval 1, probability 0, space 0, times 0
[  990.619180][ T6928] CPU: 0 PID: 6928 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  990.627899][ T6928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  990.637952][ T6928] Call Trace:
[  990.641231][ T6928]  dump_stack_lvl+0xd6/0x122
[  990.645827][ T6928]  dump_stack+0x11/0x1b
[  990.650018][ T6928]  should_fail+0x23c/0x250
02:28:00 executing program 5:
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000004c0)={{{@in6, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0}}, {{@in=@local}, 0x0, @in=@local}}, &(0x7f00000005c0)=0xe8)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000600)={{{@in6=@private2, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in=@initdev}, 0x0, @in=@broadcast}}, &(0x7f0000000700)=0xe8)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000740)={{0x2, r0, 0xee01, r1, 0x0, 0x1b0}, 0x0, 0x0, 0xaf4, 0x9, 0x80000000, 0x3, 0x6, 0x5, 0x6ad, 0x101, 0x0, 0xffffffffffffffff})
r2 = syz_io_uring_setup(0x495a, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r3=>0x0, &(0x7f0000000100)=<r4=>0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000000c0)=@IORING_OP_TEE={0x21, 0x5, 0x0, @fd_index=0x1, 0x0, 0x0, 0x800, 0x0, 0x1, {0x0, 0x0, r2}}, 0x5)
syz_io_uring_submit(r3, r4, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r2, 0x10000000)
r6 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r2, 0x10000000)
syz_io_uring_submit(r3, r5, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r3, r6, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
sendmmsg(0xffffffffffffffff, &(0x7f0000007340)=[{{&(0x7f0000000440)=@l2={0x1f, 0xab6, @none, 0xffe1, 0x1}, 0x80, &(0x7f0000000a00)=[{&(0x7f00000007c0)="9aec3a69bc930a57f236f4bc217598c757a8403197fde8f0d11cde4fd9d46fdd47ae32bdd9750a8cf8cab000604660e67c8771b355731761d3753c", 0x3b}, {&(0x7f0000000800)="03e4bd4520786ad41d1982e3e557057a1ae7833a382f0a397f09b1abda3c000f9080a2", 0x23}, {&(0x7f0000000840)="0dc4f7845703", 0x6}, {&(0x7f0000000880)="8d89c1f006e5833bca24cf71e44e582f488f1277a1a351e834ea4e3681f051693f38e3241dc2d362fa201c4d7918b90fb33b529ea6a1dec36b0e1a031eeb8e9708c740307c425ec965693ed42a1c208f1b4f76c524750a37ce4e43ad16032329162c0dafe9ef90119f2de4bc0c8b67988bad9ce84aceb5bcadccd0c43c7c308aeea5b79ffd908594280d9b0cbf4bc040298c11d9a1dddc48d9a8be0d9440eec59507054789a1dee30ea6bc36c86d6252f6706ecdc59e96ba4e9968c2c35eee48e7b19fe59c0d22815b1a575508", 0xcd}, {&(0x7f0000000980)}, {&(0x7f00000009c0)="ececa4035e14895d6e38877121e29adb559da934035b0b8852b500eebf8e465e8d415d8ae01911167ddc17e509", 0x2d}], 0x6, &(0x7f0000000a80)=[{0x20, 0x113, 0x9, "f2017d07c89889138cc4"}, {0x88, 0x109, 0x0, "e98e77aa42a323e14e7e2e494c29b1c6bd4c6829a67759d0047cdb043d6fcd294320a1154da7d424ff1541bc9fb3d5931edf1391279a4638aee2cf02bac5f3cf232d3f716eefd534a0c8994cc6249dc190888c5b679acabe4deec6e401516979fedf5494edfe13e160a71c1f2858603fdf28a66d"}, {0x1010, 0x10b, 0x5, "7dfe0522356bb40b836a5506cdb5c4b0c856d3978b759e481e2612ac8f4638ce1d1f4f90e3cc40c415368418038a6f825448e9f33ac3abd60d3c3955203158a0cd3913d97e335721186b2b56667370c4a93a1e34c7900766c70eb3febe4772226358559e07ce73f587c80ae3325c2bf1b979cd08a679ade7ec7a274cb0bb0b5247dded451ffac6e237646ff89b8eb049aeec59a6d39822ad7741fbd16114a151a4cbae4187a159b0b0d9d9b528b6403d7e5da9e536051b5a6bcca8561852656c415f540fe5f91463656a0720c71d5be90e82e19bcee3c25724c082d7498a9d2f64d6a5b5a64f2fc995eada9b68de9d1105a5cb9d86f673b06921fb63c607aebf60277f0fa5e8cc8243825b00b79f534ec7cd74ca47aa75ebdad1ae031dd0d9edc7f56382817a06afe84b0bceb81baed05acbbc38dab282fd71e10649547fbaf971f9ff88f0cb483fff1ad845146cf199c95a4bec7b5c109ffbc02938eba6613659b03f65bd686fea746ecae9c62ba9c419d4c62363a5642e432131cca6914a73d96a19b2a4b49c2e4207d27d54b58a2909040bd931c4fd25f6c1c1de3123ffd22c48c7ae447dcc260883c94e87620360e0eb2a3b83e42b3acac2ef5791409b4a2d4055f0d5447d8bf5beb3b3610a53e37309f7de2372bd61718a915964faa8435ef71159451187e638723fb12196b44ef622220edf4cc688999966b69fa54d6a3a48c66db3d39e47d469373d2066bb84537f0793a0cd8312bbf2642a027164461debfab43cb5994b1f7a99484fe3f577af587ef0dee815d06e363ad1b2ba6c184a59aa11cdc8b095ded18923697dd71b395021a6f6a9a9615d2ba85b78d2196f97ce7d80572f68930a50c6f7eeaf572a8c2d48cadb5cb18d10861a5930fefac7e46864aaf0a4697964c839345715139ebcc25e54764f8aa96b7b5df3aeac5557621cde890d88e6169022182851a1e7a80c4a7c8e3e4be39334bc828895f98466b9368a3109f6d9b302d5a522b3bd3155c4fa48fc69822b6a061d0a646e6d5c9bc1614e17d8ea55f4c6e0832de81444562fb79ee5f168beff283443a0c6c2e8581aa463a9af38fd7762734e8f6ce0e3ccc8e32efc73ce2e09147cbf4f8f86d2fce3a78fed8cb530e97dc3122b475d5b72c9fe86c998ff0cbd0ba251e3d2ec135a4d540d243f0db2aaba48d1a2af4fcb71be15f7300840781ab7da35502b173d3843b960c78fc22cece3b82c60facb20e13c0c99c42bcc1b4264b954e3c8c89c1f1ff0b0c945e10c99d81c55d375decf5592a0a13f5c72a2db5b6b118eb4120f8498bb4b4e1fbe8f8ac443c1715f9f461eb2ad085ae61d28e1d6ba5a03cfb3d841594bb03af6ad365701fea548b33fbd9e3a7f59eed76e241dd434a24bb3fd300abfddadedb005b06e72d99a5f19f99666a0cc3b7fdcd60f4cb687bfb450e7e6709ef665e362bd8ec782f182ca03c923c84444e0e68eda72c83952cae0cf082a100d1dd40341f05a24c8c730215ae3694605db86b25f4916a2740e1d7626efa1b96ada58ccda1fe645304a547379863b097c7062ec7105964c4321ff7047fdb905ba8483ab04a6884d83ee1755b6e69b90b84a4c009412d5e7df48e22fd15f123ecc36c0d67ac4173bbcfe02a4c7be3f4c779ee08fb25bb17acf12ed078de1f719af3db16e070c0780ace58e7a0c8b2d48d5ba6242f8c81fecb66c9e3944780edded2f2e5f8a4eb033329db249b226dd656fa1168b97a73b47de1c58d647ae07a1069f294a9240e889e50e68f961c79ceccd1d31233c3bae1beacfcc480b6f51f9827f564808c2ec9f6eceb010563790f3bb1b84a42f4551c283047918c48830dcffce76eadd688d759dde747d9d015def0b551a3d866d5a6141d22c9f8eb77e2ba753f35e9cb53edc82f73c058b6a46d07009bf4934991e0e7974eb1a3562df55aee01911256f7cf8c092b16c502bca82e9e881f67a32af9cca433da6db88e27e384737d8b5c5fb52aaf2742a8d2dd1dc3d530058d5878223de0ee1d490db188da184c31f9d65056cc3a0b59d575853b52fa76ebaae7f26bf5be135b99149c470023581f10525b503a5e3cc990565594bea87f4592ca59015ed87817b114f46fd551f6b5b6ca341146333efcdb416039942a8de86bc341b44f4f69c1c0b704c34a8196c51e1ccc6725fab412be8518e03a78bd93c6631a4c25ac9d17fc32f79e93e6c567b52659d53c1294d2d5781266b5c58bc4e59028562a94029287bce0c1dccb842ca4337dbcd3adc314598251d1ff8e3d3cf34ab01f46441ac8cec72dbe5c7d6ec2207c260a1fffc3eefe3582b239a8fc6a8ec9737b64b8a7380757b3bd7a0bdecc2e6d4567764fa64988a45cfe85abef99722cc676f61c7699a192ee63bb7951fda78bccdb26e32815b5bcce595fd0371342533b1498ec211fd9b115e0d39b252726036cdaaad7237eb9f2dda7cba4e361503da0c954b87129ef817a32682ab5d6e1e44e14c14ef2b4839519cbd9b36af1eb61e1d1027503b7dafac30b2d7f416e592c4b5c8298271a9a839b921ee0b5b651901b97ddffee585a4f62f7b33d5eb638a1765d6600c1284a6a195e88b54f7ed238dad7b7019ff94db5e232d0a85a34f8e428b6a7012398af017bbd93bfedc7f06f253c69c06253db5ea1e9f9e4e2bdc92214b6fc2145203c47c6596014c7b1c675885e4a57914037713352af1107aa4107a0dd594bf081182d36a472dbafb722f4135984a9099f34f0871773b4d1d964c60a9ea679dcdf50460ff574577de547396ca46265a4db7be3a219375171596a4a22c72dc3f2f6228669347f5baa8cca510d397edeb19137482ac13c3f127ebdaff2db787bfb1a0cccaf3e079820433f5a068bf5bf6c4bc2452de3d425e554c83bc8be1b1dcee93d602615f5945aec565b98410aa5f3b02f36da9bb5770fc608acf045e60ab97eaebfd411902272f17091a2c535de18724d4ec9eea08f6b0649165a110ae60e7b4aadff865d5e80c6084aa867f610d2f45fb3c4c64f2a850bd4ccc64b271dd310d8f43edc62a788b910e36e4a639949416333d66a40257c7cd8205ac460df3a76c849d7e9183ad5ed3a695dcb715bde884e08ef137ff70853ea90b0e6f747cd632186c28695a0f1c52424d540e2b142ab967e045c62e3199e517d437ca4365493010e95ebb233cbf022edc5878fc50c0a4dd643e3304e17d8fa0fc8837915283a359446a06d1bd8849b8426f8e7ff15acbceb306ab76985c7cefc253d7f2dd521f8809e7dc40b4937a80350619a3c2d989a5340f9a11acb70efc32643183e14bdb30cde9640a8d85003a976450e6734a90028f24c3c460954d5cea674142882ac17570a93920b7156782ae75c861eadd9660da92cf59ebce9e243973b002d2b6d87fb45e3b6f4d0d69bf064944b05763d504bebf209b15db16a8730c44b24b183ab7c825f1f9fa45eb5b2f801c600d8783cba8ca891726fced1531004cc94f48d89b9b682c36dbef8b30fcd1ab7699b98b1c370bc6b886ecae738dbd17237e17ee36cd764612a94d013e9cb8dd435768c044451350cc9de0cf7c3cb1ec370561427748ab6bee0054acd1d695d3c82b46d2accabba653ee53d4aa612cd62c4ce65f2bce0a4b2254ecd012b9097a323f95105aa99d5df3564b371dada7e358d32401f0387b0555ba785d1fcfca511d9cf5c05ddce0ad5631796000684feb0f9713165af6709d46c8948beec5aac33706444e1354adec98760398230e8f27a54f7db399c23aec1407b13458a84a1d0f3ed5a945296fb6ab6cae9838c365aaf048424ed345d8c247cb2de531d5c66a253a70ed2656b32de8a95ed650fd3f2f7c47c13262c40da072238680989cb1625af9954315e8ff5ad586993c5895af4388a7a649cf0afd363e4417fae45733f6acb7954a2c9c71799eda76d006eae3c6d0ebc4ed5ec3d796fd2a70876559f3c7aa1f8941d0687fabdb733efeb8e046094f9e5d5e3fd43415b670419522fe7058ea57064d3f7195387cbb3a03a549844ce07b70a5f9b864c099b35879137525a433197702652e6c80e7d24a1859a7075ca4a1404e04c8e2b26adf7b31a26ff6cedd6a62e2c960a1e636a245834d419c9ca18926cd57fa31eda02bf184cd2a2733e97ed922e7a85c4b98cc16ad67bcdacdff5b1905772e8d7a43316ce92f9d134b1d3ad844ddf7099d22dd1889d0991709f24ffbe65dd090d4e4fd11e185c6c6a11959de220df493678c41c2abba0b4cb33510d114f874246fa8e2f05842a2da609beb7dab078e2a994c1a5ac06df19be642c5f14d12518d6a74e4c6d2ff860644d3586e8f95294ceebcfa1886b866a5bc17f3f725dd3995b686cbff6ffa8a8bbca3092a7a964b9bec9ba21fb423df1693d602453c1bb6b8a8e2cabc78a05d27c8a4493cb4eb0c08305e7a83d5b5c5615ca9945bef4a109a5b803b7f1cefef7acf87ea74ec18bf6e36a1beb42593ce45231bc3c98eb0d4abc33b2373573d57bccedb36998076f5572444eb630e31750d80060e80c95b63aeb206102a357c310ef86af41b77e157dbe4acbd916c517e8823e23050333b4e954f66b668064e7a5c4e10379d0e3a0abc284ae89535ef15ed6bf1960d77e447e1a86f3d751b5405295cf10bba163d682acfdb567b291ca74ccaa8dd3a51f0e050726479ff8b96345bc020b2b218a3c67f7514d2ba17cf3fb5828b958ad053a3c9be11427bb1226ac900b5ac370d0edc936a3c20075805aacd14644a52fa849481d930b39c040b57d6c24a6c4d72d98c2f5783589ac3638423f7b369379b78c2a2065bce01e92ea98d0c7c33d62c57cabb75cfbf3a38fc35f8ca6ee549b3c04cd525a7e254d6240426307a21110800450d287e752719a1c1a49c4a4bdc9339dbb5f1d89d657783571a40997e10e5f8c8e49685502984dd848db299aa421f3fc40946c327ee34db484d658d45121a93dc34cbf2ab3ab548eb17fed83605f5096bf85d543c6c635f1648d7e9cab9f4204193797585eaddd72ed229b70b103144cbe26e00473faac62ff2690481221849fa7d734f7d03d024ad3d4e101c990fe9339a647225b340dd95e0cfdc6ab797c5e70b55ffd4ee36bd6f1dff1086c02f81324c3c4d2d794afadf0a6800e2f55a88ae2ecef48b740af5a73d18883cb960c366f7a33b492b9a496ac8f74f21f8cdc4c4b05f017455ba50d465a4ff7458b365ed814241cf2f35c288f19bd3995fdffe5c3971c7c69677b63b97fd33c05e2cbeb8edeff23beec777c88949e68600c79f420c146b5b721b3ce5b4c3d5f46d5bf6922365d2046c18735853159d0d965bdfaefaab05774d8203216b692956d4c3ee3e9f6fee6602770d04b9f23472b77beb61903c48b74a9ed96d964fe56a941458cff399899fbb670ee6263d1ed382f28920af8e2b92b491294e53d59a55b45d66de4ae429b883524a81fc4d86ae2bd419a55be44d085ba355cb01d165e9e19bdfa6907a9375ef423be6cc0f0acb9dfe97ac012793c85695f147aab3463a33e63ad9219248f4160b3e51675ecb3a555c2643dc0c76f661fadaffec548cdaf24b708d83c2a27c25782419d41b5036816690f957be63482735df8f9d55e52693e37480356a2563caa2ce8cfee269803337b8ee0f70488dfe524b9bc03db21d227889424968e36d44a1c4c9f230f7ac21c526b208f2240c3d694d6b22c2fae6c057a8b5d3a18d594d72862952e68b3a5fd409fb661ee5157fa439b1a1043e1105f057a05368d9ae2ecef5f3ae30cdf6508cdc3c6579"}, {0x78, 0x109, 0x0, "f3c2b7936772b61ac690d977b4e01bad7048399baa3d8f646ecb3e6180d4848ba4343f1103b020ba6bbaba9ea2ea9c1fde02dd722006007e52c7700e10841a1bfce1c97a1a026fd3731cc5e4b1ae3468537de0b84c710f4cc43bb97c9f787a6549"}, {0x58, 0x10c, 0x80000001, "72b8337ce3839690b3e2e74119e5a211660399dc35a5ebdc932214e9f89d37db801c92a24e2af59a6dc0490ca5861f23e1f69eb0924bba732848bc1392105eaaeae63d"}], 0x1188}}, {{&(0x7f0000001c40)=@alg={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(twofish),vmac(seed))\x00'}, 0x80, &(0x7f0000002ec0)=[{&(0x7f0000001cc0)="86b2a7f549c15441fff23f07f55b59c6beb3e1279a6824d103ad1e2786a7ea661e8df7eb595ad3ddf66dc3fa878b3fd8a53363b5bec44cc96bb4a9b783243a51461f00a1377e57cb97f13fb236cd7ebcd271b23e6ce9049dc9b244e0de37f0", 0x5f}, {&(0x7f0000001d40)="d90a98a492dc7bd0f854b5463b068f96d04e4b676b58452751ed8755313337d1d10caaa5bce561ad974b2e579d0e85027809459423649c6b18ba4b04e9c5b95c2b9c7629939e0fbdb6ca2626a53962e4eca5f4578dcd8b0a918c34b3a0df515ec3f677f986d2eec9b45123b03f10feaf9a04c96e41718469be9d3ed86bc1bbf5b335971e0ca6", 0x86}, {&(0x7f0000001e00)="6a71c07480073a7abc09411b6e0247a9671eea51f65b74c1fd44c702b04bae4946be2927b7f0800a655892e989208f8f95ed1cef3d3a3fe94c4dfe33c6a090ab009107da211f0c9d6833e7582629912d00aca5adb862e87ccc982c09ed8e34a6daae3046ff78f927f3c643bbc119021401ad1c8dd665884553cbc6377623f3042b6b1897c57a5aedf7f0ae2436152d72fc93c64c2b5e2fe93928fa963a4e38d581ba7da5bd1073364af75dc955d1fe4657", 0xb1}, {&(0x7f0000001ec0)="60c51969ebc0605bb43d1320f9d5f87431fe5506692cda975fdd713d8a4eb1cada7874e79cc6aec3478729ac7c295391a2bdc47fc9f6f54b4d43fcd9386b3ead21d978ca9c739ce15d36691b6dd1a72ce8a274422544e3e2485f28b229e5d609b310c8e1caee33775afebd167226625c0929d7584593d47ae4988dc72ee9cf8f2a50ccb6af5034250b9e0a882dcdc89c0bcfdd8d1341e76bf410ac363120b4e8d1c0d09fe922a60fa1e23d243d5f578f93f69c8ac6a8d0539e62b9a2997ffe8fccb21fef70b51a84bab3590a0a5d06e34c8a47afe0bcf0973b24421a8ad3557fb55271454752c48b1ba3d827fa87d39ef15ec2e5a8fd74c401eef8ef59a5f5cfecdc11156ec84e29604711b07d24b14b1dd17757d6d4c4fd246682f3fe31c569d3b8d85f9f0dbeb6132fd5c5f2d189b8597149c333043107086fd91734d15a87c8748ed0296fb3dbacfadb480790094d332452810f3197007dc84f236672bb6ce644cd11b84ed882f10515f2d84f8b0f6c97fd6ed6217b0103648f494b25c642ae68eccdcf3e1aa769ad4ddeebdf28df8ddaead17f1d92a6aa755da7c60639895801821225324e8d1806c117a7f19534f00b3b8ca82a3e1511e98ba44228b04dea08b799ce8daa819f4cacff60c2a7b5804dbc8547029ea4a54a43eef8264c441d8b7393fddeefb637cbd043ac91ad779ec2f0d9782fabeab5add1d9d49f348b01dada8e7dd40662523695d29d89ebf547e50404dcb1830f42635b125d9ab287b0a516cb239c0b3b21186aad5f16c88ae32da6d04f4d31f4cc40a2d159b81eb516895a83eb2d9a6b5540455ad1b27618983cabd9c7863908adab41327b96da69124c8d3d416f8c4b3e91e948f95fe6ed6b3b4b373d93e6375f6242a04189196688e17f993484e5c3892c110c739fb769ff72e7b6c4c48967eb6687854a2a8c4ab906a487441bffefdc1390ca796d32222bcc43a757081496ed40b9eafd7efb4845b8ed057bdba19913cefffdcba585ba77c160fd2da3088f1a2d14dbe83052d1054c036cd57c28aa42b0d270bbc0c35813fb1987d5e44ae3c6e3010163607a7f376f61d9fc1f3e4cccf2d10f382c2ec8829d64a1374d28a5c50bd82e529c19b8a767d474baf7363ec39b6e6670647dfe11f755f687133446606333f580b4957edd5473ee2213d94d98a5689c592d571014d86e028060f19c5a4d309fffc78162f5a95219a116b09a50be5bbf572ce2f83a8aa36412066cb0b1c085e779bec8b9a5439bea44fb4af96734283572ca4173d7d2a4b29d668bed33624345ddcd2680de8e42112577a03661c6ae8e155377bf6e0c87b4b9dc1c7db82b36f73d35da1867f9ddfcf62f8a069b03339139888e68e04226c327f7dda5fea3184b2392e83322638e303b474b713d670cffba1110dfabf01d828a6722d2209f579877f54a1b59960d3eb9237262ea88fba9f3f8956a8a73fb09033b34503557971437e97918d13a37332fe2cfc8f1720b39f1f952990663ec1c77589bdb88068a668cbca89b8a858b52d576ca6b1230a6df872e2c3440ce2eec1dcdfd8efa697e3c3b8eb958eaef67ebd787c344d2ef20ce29ebbcc948f9ae2ecb2526f2feacd1b95909b4939d5155c7011e428ec91c6ee4fd4249abe74c13ea3776f01739090582ee908058fc31558fe038d2e12e78bc15f754e5bfbc89670a985e804de2a3f92925f0bd8a0cfc4ac92345275b0ea1742f5623224554b2301b90dc66e969dea4741b53ee17495fdc5b480cba66d10faf8beadafbe7a50a1a53f5c5ae36d8c4ed562a475bcae65078629e8957ffe5b16ad106a91776e89d3e6447ceba60a2a372f828ee40db23787877e5a5d4481f355562babda3f0da313765d73771e9f5064df36943cb58e609cfc2999f03dd8c5a7746264f14bc96a40c60371f5a914f1431094001ad64a3a2a72a0c5c19ca80cb79b7686a563bf64e909f39002c884fab1e736a43a464311d6e68250164e98e6c12411ed608c58bf348ddda3565a2f1fc12ef9993c127005b3a35fe11c388bca1a65eaf46a194316a34d6f0d1d52c2f5e18bcdd79b7da690ea3092148f8d00b3d62505607e8f814af605cd090f6d91b9388eeee1eddc789ef9c7516dad6ce1e9114163f5cc6c6e9ed127ac1d4f9edc815558d59115ada76e81b3fca95fc10fc865202aaa107cad66e04313ebb06102b1ca8a706e1c27e6fc6993494d1d45563d634ac81b756211d4a3b9f6ec24bd3eb388078f4a2f0c554696272ad22a9ae500106080579237748048c5a2abb71247de4f3ee3b716b6e52a4e3c684a98244194abe2502d56c38d79facab6641ac4e2117e0b0a0e28227752e82bf8108c81efa5ae40f6cbcdcaac81d3ae5c1c0ddecf018d29efec672934a16461e54a5a078d297db991dc5c802f52e475702fca0bef23bdee1ed689f8b8398550c5eb315a71c502c41a89a43ffd4173c6e2f473af67cddf7bc5a0a9b86496a76627b121ebff58a77863138cac5139cd9d4ec07f110d7241403a7bfb5c3f73f7df2b293b52866852b4de13ed01763ddf3b39e4ae2deb4f5b078f3672b13c620372776661614b19f4bffcb28261630a0e12911fbbb3d34074b4f0070cea081faa583ac29291ce39bc36a53f08996cf6ebc57375c5881733d583050604409c7c1662ae382bb56d5e8b5fa9852e7530b90082a943e0a25e78c43e71442b18fb0501792513a89cc83777a9a6e43d35c59ac9359f7f3f1be25484e4d533815c3b498e0d385c49e6947675ef9ee1283083757777e3dae36f08c04a11b9bca2a6ca49c5954b31cc6208a6bf2474b43a395da13378e0d8a3c65533bc397844cfe741d4280626f9331c9638f1e159362d0267a92475197e1b510bb0779111af25fca204ed2d8e5b090aeb27d83c3494954e62d2c156ec488c0e4877e4108c79819392606e714fb971bee1c16460780db5f40c3277d08b86d3f32a73a8d3a1ea8f0af05cd16f804e8c9d9cf491e8aacc636b88e94746757a616f23238281d7baeca007eebae86ec346c5508c64002d2572a1a77cbf2a5e6e992e6727e90bcdb5ad05719a4c59dfb68946dfb1c38c49e6a64cfd9ecf085559c0d750404ef6e3c5e0828c5bb1e407ba0a141c02b5153c776af5dc840f20a8ff6e91c4d3b55996a5980d5ac1a1dfb28bff3503b4b2aa3f10703010c5048bf95606be8386a1c932ace6b19c35cd3b996d6a936c0374b305461f7c692572841224c8022e1352d1cdc05f51a3dc0b09bf6385988a897a196d7e2f454f968a5d5d5856e82e9915f702ce8d4d77f83397321da30dd35b4bfe9a30a98ee516375165c368e98cb13d2a0111b62a9ab3989f91bd72c35bc1fc1be72e96e044cdfa102fff6f8a1fde34cc64a618a2ef70b8727fb0dce7c775e860a5b4bc62edd719e4cd1cf12204ab93e336afe6bf13baff3690bfcfe4485be7e5ce5027001f8fbced698b7a6c875466c39346c0be5c97f6f9cae7eb9f011c86e435ec6f5d8978212569dd322147e185ca1b40b7f761f2f6bd58d4a4dbf050335edec52ac8c65b544b13a32e5dbdc7e323ee6a296b35123e399fa1f2cee5fb2048bd6fd2bc5c557b5cbac8894cf7f0e859e686925ac5e722bad06c1b6c789402f1c2f5f0e2d71b43eee4a2d28e68d49b23c61014f98f052bc59f19ca6f8eedcd8abb3d07eafebb71246fe5d408318f84b4436a17fb530d1c5e4a98efff127ea296503e141dc3cf38b21dad0e7e83d3531dbb0d1b38e531eb887b38fa4aa1f80a795109e48b75a0c7a4bafbcf255fab8674da27585ec35c58599e3edbe2e3791c0be0fca3f2e18b8b7acd74b2ea67f13f99c05d6b276ce0ef3d3be6290751294d118006b2499793de6c742c570eb2939e5e9f229c673c34509ff8a0a292bdabf1b2ef9df26f64112d451be1f31c03d95c01148bca9c6312a53401acea0e0f71543d0a94a71709f42a93835089430f24f2140eadf26f181e498316b4dc955fad0624d1418c7edec517dbaa3efdd0403dfda9a75b035ba478fb067ae3d7e6331b7eda34364025be9381151b95c85df620b6f027a1fe9420bbf70a91ca89400ba63289fa52e68110d5812e83129b0e1275506066bf9fc7f9dec8e825933598f7fdecc08bea525adf6f8f48d0d22128d3c7ef0d37ee476c73b93809b26df992709baa20a583b63d64faadbe2d0718589420a32d2d97174ea68a2b1d3830381ebc640d16b8673dafe556f11f2c9b7038e585e5b1b7a8a991ca50065e2d51142e74aaf444135b857a4e56292dacf9d2b74e419f2862d64d061a6357ce04ebd63b67fbcf1a513b9bda1c2ff01ecf7c0971527644e783db4303aef0fde58b6eef9a5f961938007dfb8bd73943b35048e62486e57721659938ee61c58260a05f1aee30738cdc6ec223c9a708c40ea9993185be264f5d346da18547fccd20b70e64be49267964600a5e4ae99c18a1c31b177140f40019108cadac783380518a9e8f13a215671366679266e34dcdad9af8219e6d9321b2d090d3e16ffb352e529b31a006a142aa4a3fc94627e4dda7ef96763b11f55fed9acd7f094a7148e8470cf63ad746c7035b41b4db0ddf4c38ca36becbe20f71c823d3a012d1d0df6c4826d61220efff46bb9c241f4281f4c149ec8673da0b1fde6b7bba48c696bfb76c88dcc6205a5d701506c93e91a5ee1532c7d63e2ca7859f67bc52f8bb0b5d3bf4e8836a9aaf87d4fe3624daa78d6d7211d26da22dfde4b85a9cd537b037d93c63f2db93d0789866bf57f8ad0f8f0a9e52936b2ec78c749158396e86dc5c3cc5ab83974107025359e1eb74ab8972805071305173e34b3a880252797669331f2f66afb0672e4728d16a9cfb7c71801f2a90887ecf419fbf1e6e69b346efde44389162de64b9ec7d55f920c69284f11040c42ae937d0cda17a4c38d3e9f21eef7f6268e681d1548f4a40715e9feedbafcc0ae21b18a027a72db2fb09aea9c6c761dbffdfb6b9decffdb2862e7f826119b04e694fb9ea1ffd37250308a7d87a8bb73f437ef71f742bc56221a91f336444dcce84d170e6d3777b173c456fc8bcc316457ad6829239be4df6a56c485fbc1a89c7752168f070613f7d97c7ef2aaddb8ad33600e25d2231f803e007138dd955862636aa29d57fa10b3d0c6e1310574d1f7a28ded31a96a6d5dce4038ab6dc6b0c41b504f9b74bf9d72524ff23ac87581bbf60cab109fc833af5fdde40bface67f784cd4374c95688e6aa38b6d41f3f0bf89bb76af32de7c2dd092235a4fa3dcedc1c2e88c8af939a1c39ab61e8f5211d75f38d9325e5a2201849a83cd860ab0a29a79ea2785e16dafd6ee2dc6d36f2d3a6a8a05bd2e173b0d854561fcfc6774525a0d8e3d59db81a09e96679e7ac79f7c5b8019566b2cba3766fe49208cb6227b4da57e90fc6f61b682d13af3908c5c9be9c4bfa8b7add6d2bccc17534f04f58d5d0436b88203f1e21196c84e193f2862a0ad975258ffc72cdba1b70a712f7f257759a9daed6d00ad63be28ddba3d90c20ef2fcda7422efc611f64affc8fe6c8fd740570b7aa0261e822fecce9604086fe4c51f9f993f10e80d4a0f96a109f979fe2d12f8aefea4edd7db259e7888d94a6253e0b4bfe4fc27e663508afc5c824352e4ea3e3bb77fc4574f28ffb68c7988715903ef9ede432b9d38463f811fa29317a0accc8d98d23463fe10ecf0a53a27524ad1086eaeb2c83cd26a9f56e299cdb2d949575ced25a977388c41cb309005c538623829c7318ac16528ec9f8b0863a744b7fa140ca6f6703ae84b3", 0x1000}], 0x4, &(0x7f0000002f00)=[{0x28, 0x1, 0x6e, "9cf3048678df4dd6fd06edb89cdc67ac11"}, {0x30, 0x113, 0x0, "1b46840165abf32ff66dbe05771624626ec2fd4498f850cd6ae68f650b95f193"}, {0x108, 0x29, 0x0, "6e073e3adfbadf6f2676603bc8c04b1faadd2f93538ee2cb3fe684c8ab08dcfd5163e101ffa7e9e7fd5393a348c94dcafff1f602ae0e6b8cdeeeeb377de0f0f811c7dc62450e03924448660e2396c0c7c31c7f4d4d28d4cb86ad9dfcc2198bb4d7642bb3b98b568508c6be2b6e92b5203e251a6c910d3d832424ec089e714a27426822d9dd72d2d6bb83fbc8347a2138939788c25c90b064b9a92dbf5a82e61d8adc4ed315378f5157783b83eb152679c80770644460e2b9103f86e55f01eb00ece4bbd31532b909055b84478fc7aa2f183b20b771b6c50cf2fc367289e68c0df0b6a04dc18f2a04adfde81125ebf4ae6f546b29"}, {0x58, 0x10d, 0x1000000, "3d7874d28b0dfb5340a106de89eaaf42406892b8174ce6ac309baa518b21961b6216654fd371affb38c4c818ba3132e7d6c68870fd7174a4026efaa59b3a21c2649d9fcdd2"}, {0x38, 0x10d, 0x400, "de6e1f90416f22f6f444f5f5eb9435cd33d32a4faf11f7ca5296fd3d4917d805d15ebfa5c70c2b"}, {0x20, 0x29, 0x200, "57dfeaba357d0c7596"}, {0xd8, 0x118, 0xa7a, "32c09159af5086377b433a58d5245649a59686f30afbaec9d53cb748f063d6bb714c7d1447a18394d049f268a6229b1f0f9138017710aefc6ba5bf42b68630af50f2702ca3d8c3adb0ee89cc4e3995b718ea7c8a42e09314383dc0d93c40563bc7e0c2ab2568f9eef5abf45230dd8c2c434326b3c6c588b277cd8d26307a6a513dfae310628f8f166698a6cfe9c313dcad4ab8f93968e7111fda70eeb833fc9d6fbc47b09ff1ec4eddacd26c3472e89b674a730520b02770329160f8e6d7744530ea7fb7"}, {0xa8, 0x110, 0x0, "9857300cb6400a3f12fcc726b8317b50dd4e1b41061a47683be6d25d668eaf097fb8a5799918d03189e76f5f18c26bc9a920b58a55862b2a3641b0f82e2c32358172d256565221726c0684c86b0e245bd2f34667af11a7e160da7d8fc70ecdf92995e6e0df333485c69e0161562febcb468828ad028328b978d0d64918911972092b77856c926436704c700c7f3a3007e3c376736c"}, {0x40, 0x10c, 0x5, "94b892bfb2f6e824ee706a533a0cd60c401d1211a34511b4b2aa43868cff472f36d5ee98ccc28e3f7bcab0"}], 0x3d0}}, {{&(0x7f0000003300)=@generic={0x23, "3045062a1f885ee16a9af36531e5ae95a83b5f0e455877bf75ac4adc0235fec1c2f54b5e299c43bd9e5c4c26787b24bad42ff9bfd7791e2f9ac01ce13042a8bb2e4d5c6d55784c9a98682db315a666d57339011e2fc357d0cfda32b278795e40b3badb35ce29b54219fe6ada3573afc61456675308a561403a9e4f282ac5"}, 0x80, &(0x7f00000035c0)=[{&(0x7f0000003380)}, {&(0x7f00000033c0)="30d3787d05eeae68f183b0c7eaadb3be992257d33af3fb5a64b2e611cb26f377a8584141ea214852fdbee01bf28e072bf100e809ca25363ceb09df1ce2eb6d", 0x3f}, {&(0x7f0000003400)="65555f8650885afc66765f5697921e9f9764b4014f2ade3cc63d89a78241b445a3b3f9a75f2ca34aa5bd2262af15e945ceb6cd5fe526e109f8656603297a9f58a39da57193d834ccc073259a3f58c51fbba6da49a0f9c57040cea359fd3b046b12a589d6084679247588bbd310a069d1e3cfd6b677b67607ca37bf89d63d11c5ff838330bedd8d61b467b5447f7553bc89509c2a508562ad86122aee6c0c702a3c044d1b4edfc4d246d4", 0xaa}, {&(0x7f00000034c0)="00ba153a00d6de20655e2f7d93c54eb820f33bb1eb34e7805ad21e084d2a9aea6d66e905f3cde33dc9a9f79df7302594851cffb006ddb9aca0d4fecab742550d62d7c01bad0a9342fedc53450c4529d0b724202c1a3f4b970992425b008f4ff1f1b4fbb989b1317997ef090e0e58bf301421e5ae645ede96360abd70fbc2504683a20b758e7e3f2f87daa6cdce779a33865e01d6e728d78a5dab4e9b5d9bd64f99861e92d3a5", 0xa6}, {&(0x7f0000003580)="4ba12f6840e17c27a6", 0x9}], 0x5, &(0x7f0000003640)=[{0x60, 0x10e, 0x80000000, "7611421ee5a6e919e9bf36293b6517962c69181305aba51083389509b28939a4156131db5f427a0d14bea6bb92d5ccde56bd567cb6ce0ffe1a0be9e5217047e3cce6d687e04f514da186c89232939fe9"}, {0xb0, 0x105, 0xad37, "c8d7508dfbcdcc642a2916006b65ba80133607fe5132a6e38aa49f1c309f155fe9eb56ecdae3b955330be187b8a6ed107ec2a4f0bf85883f07f1c4f0aaac5f4ecf31f85fbe7b436911ffd1d52de3ee358e21c52c78bf785f996b1aa0d1f8bb0b7eca3678b8e8585939fbe8f0ce3b21b5c8eedce44c5fafc7922c46bbc2c05c7ec62486470aa10c5e1376668b6a7d4809c1df44ec73f15af5108f06b218"}, {0xd0, 0x10f, 0x401, "ba9c72f9e10c3f55789619c43cc645d38d648e7c598ceb7a00dcfb1fe572ebd187197c9efc0cdb04d8fcb8fed64df21bafdad531cb56d12d91fe116431c657c7d46f5ad98d3e1eac4b4fde8b5f5ee895ca71160f8366423409baa228473d9f05d14bea6a1e0028dbd99d4f117efd8a42b78acb6821a93af566f3914fee5cf768ed52252f5b8d826b591593f028ff0734f7dd285b23a9941139d8dff19564a8a5652142846ffa186ec36ca94af263c3c4e31eda22587ed9a2f50bca1f46"}], 0x1e0}}, {{0x0, 0x0, &(0x7f0000003c80)=[{&(0x7f0000003840)="98011e4f919acae77f96a204f90df9b3a811902f189faff79157f3f2c56f808bc708ea2d36eb44b26149eda468a6b8c28bfacc39fa76dafd762422d48c009814c0714eefeb958075a2fc037fc0c8780c6dbc3252c2f8830ca8437bf5cdae34315cf3f3bf71d901b3e247bcfd497dd5b4d93ad25c758af78e8ca35f82fc67500a3e71add2f8d4ca6ef89fc5a2b77291c8be95a1026f235c92fd710648027f8aa8404be87dd96072d3b52ef2e3af880ae1f31ca739cdf03b", 0xb7}, {&(0x7f0000003900)="c1789857763086faf775184c24490e05bc6cf682f83b0a50ccd4653840eb1ad0775055d57ea5ba8db7487dcf92496518e4beecc49880b9d60cc2f0bf50687716578decdae48a3fddd99110aaf45dfdc6292d5bc8609356ae60073be787a4cb38ebd50fdb95b25996210ff2bd906e7c19", 0x70}, {&(0x7f0000003980)="8a602a382656ba5e2f4a032ea5b3fea3397be6a67a2f5b5bc0a253bcef84bc3fa7a0690d7c7ccdb9220d395dfb553c7ba8b947488e72fa409fdcd06c570a0e221369f7f2b972bae4f7200c54efa6cf73b00840322243943bb9776b7fe699701102196999fd49216dbf126993e02a825d53e48aaacad4f67a063c21cec3b7dad5660d0601cc36627eb55c92b8281ac46ac904a8dd00f8ab12c9a839a57963dc27722ca7fcdccc2407165e887bd55c834065ddd1c9496f7920b516cb4b78b90d1ac6ec8d2820d0eb523872bb90a2b7e99038af029fb9ffe79c8d0f62e674a19a4576a54c", 0xe3}, {&(0x7f0000003a80)="cff8033c434b5abe921aaded8fefe430cb61507a77ccca", 0x17}, {&(0x7f0000003ac0)="ed03f1d6022a3348ca9c8104e0c13c6005cce499333ec57dcbd995f5916877e1c1139d3e2454d251678ac2995fa5adffa25f386b2bcc0e68830a8ccf00004f4a745c6158d9be8b9aef966d275f4ad07da29f30ffdde6a9a528aa825642930e752c72943aff5b3d0a15b7ed8fa2ba2670aa16dadae8ec35b6ee34b5659760ea4ad5605147dc1c97eefd12e5644ab984880a986afaf58ca83c80683fd9742663413f7edde2b05d6d36095735dc04fb5f43787c6a19aaafc4f9d1845628407714f6d22d9c666a4bde9c7d48143c", 0xcc}, {&(0x7f0000003bc0)="8ca56f2cd8109eaa4cc40b27ea838566729a1aa21f47f3ccd8d75b3bd3a8ed39f1bba72c47a35e2f1b1c4d4a4908c6b41512e9f8e0bbb89603a13c9548441a95f54b92be7e8d4ba802db13029ae99fae01f88585bba6f52e84ce3350ab4d1f5551c54c537b17b6647d45c48888c38c00766035b6e6cb3307f5ef28d5c5bad50f2bdf27b5f779e9b0482a5e1287be5a2d5addccd757559745d8f02bd9280a403748f112180f6a5bb7fead6974dc145ef9cd1114235757b5a658c327", 0xbb}], 0x6}}, {{&(0x7f0000003d00)=@caif=@dbg={0x25, 0x6, 0x7f}, 0x80, &(0x7f0000004e80)=[{&(0x7f0000003d80)="db98f2018a236db0709f5d8cbd2e804499134980b0ff25459826ae74d71b76750d615de1156762cb1d840b3b183652c3d567da5dd7673a60c5e5d99e17d7f42d962199ac71f90f731c5fa856c4500447f02f7643f8a317f20695811100b4368414ab1e63a40813c7654579a5c81fa68b071af2e3b2414f35d84b1a6d870e0151355ce1d8bbdf4f799de17497a4a551d32fe7b0fb253fba8e92bb94301ac54de764cbf712f83c92e6ae68b98810e24755a6ae64f0259a169694587066f5a005daa2fd2fd0fdb722ad317ae5ac62f249fbba3326c2660a951a1411b285216a908122f95c8f503d633dac1f886f02d481c25e9b2c497f4f23651d2a624ff692b00b1e50ef6574829e45704ccc38f5df873fd67e37220167091655994ae0e3ffc28ebac586debab05b6350aede9b047ad69ce5b87838bbfe5497820bb9c0a0b0973d0eaac82ca4b484d24ec2f8be03629178b5a1ba04a66785b7af9cc8e730397668882fad5425a80085290fedb6ee05af96c88c28887c4eb8d7c037cacfcd0997ba82d9488e491c8c2ed155942eaadacfbcdedacc0eb1cc7df9c661ed9c81282bb845ca01531b6c3287666a17cf03c2b286d9207323599b9ac202cab604d218a8fb6ab9975cd0e053ac9a369405ae39bb9bd0ed90ed4f8b02caaf0d8ee8464b91f8fdb3b8ac7d0d00c49fe24502316f8ae5d3e845af0a68f3c8baf1e311f8c5618238bed1e3304b822b5b0d523815b168c036fe77a45dee6b4f8d9babdec0b439b49ab44a0f7956ff4fef46c42308ed3ffad7abd89fed250c1361fd17527719d8d06af6cd9c8f12b3fbf045334b715c8472d012c7710d5e8ae108199077fb73bb6c10a7a344271317f5570d298516b07e0f7bd2b05e544bed99acd784c5d2647abdf8266e3ef0df1ad65ccc72e3061fcc6d225c3620f6847d5113aaf4ab069e0766de78863e07c03f99596eb8b1ec856f1be7bb0dfaf7325f391de77b17833a47c732f783172c6c6300087b6f7f2478a3af165d9c4a9e20152cf8b5a31c13b08bf0f8b2c64bcc9f049fab24a4328d981fc1e0adaedeeb379b938034125fc87e57eeb1cafa3eec9d4fa131737af3f33f1b07309caef67d47e11783cc7448d91b8c0abd65cf755c7f9b9dc973480dd109aff3e7c076b1190f711360a1cce68e986f62f3333b29dc5162b832ea6c1926f9db376c97404debb378d12552952ade2167a3c2c0783cf4aca3fb2ed452865682b292ea48caa4ac31296d8ea1ed0c85d93f38d501b06b0fb0af3d478a73893fa8016076705e293c45779ce1158d13939d5cda17ea89dad47a56cb140b68f80d9716bd07987c2da58c78ef362256e9ea62edf84b951033a2f7b888480a9e6a1d33d00f545b800066e5442438d34b3c88bc3325885eece5662a4ee7818de44df7e36c69cbc5c077174999ca0198c1255bb850648be101c94a1ebe02fe970316227b05300f25ee54d9875f516ce7784d0b9b3a86c0c8f97fd7d0f47c4d18d1238294b65cf74d531f005f4a4baa585b8f596302ada6a06df4be1ad311f5a5a3fd56187e424a39e34591d0191daa16fb64df877c14f63d7a71986eded4de788baadb46e29ea23a65d52b60fb3197d9b3123a90364c46355744faab8018b453c5f5fac5d317e4aea09e901bc4113a5fdceba218786b56430cee3cef4067e21561fe7018102decdf5c97395f5b5ee5a582636bc9042765aadda341bd82cffc5fa86c99697269cbfbf4647e90916460cdd070ce97f1c836c29971df81bba0f1abb7525c54295582bf7ee26ae37c62917639ebebfe494ae15203c83857e3f239ba49adabcad4372099dcf8fca957dbea7aaf875069423828923d1ac03d8768cddb669cc6af4b50e45d12979fedfced31f034e5d30d84af0fbe991fbe04fff5704e8ae8277825e25a557f582b59ad544508046c7cad07300d4577d0e2e0724a902509efa3fb8facb1a534f8b87a8562a052c064c56851a00372b0c155c7fdc5a4dfe7851cea841e0dbde671536cbfe0ba803a548e6927c64a1fd77deff3d4f6fca77903e47e50e4039791f8a2b5c165b9783f3f20d7bcd3ed641b5143dd5b8933372cd9e51e5bef6f2f4f8ad46b2a1071ea6c2d46d9a1486b7c6703142eced8eed4570f18d0f8673894ecd5b6561d9db57ebe4aefb92e41400c9a535cc0af916df96f468301bb51e25d7fa954b04719148fa3341099c320cd30cc7ef0b432a0e688e4ccbb20799793a992a4ff0562c03b1818ee58f9d5d3afd04279c2eed47e7a153d2bc83f775074cf35b06958cf018d3174e5a177ddb0c45c1fc977ea5cabeb491e27e782dd1656fb9951574232de320972158ade815075ab250bc9adf6d27a727542f87cc549ee5791b0219f12a81dff6e40e91e972bbf7ab1a48b277db4855d7e906c0dab72002e65684e09107e0df80c588a609346227d08296780899fde45231a8602765e0e533a46b13f0ef262e74a67691c6ba124c77349365483de6337df66f219f086f60c1bf71fd83f0938cbbffa28913b4eab458329c5f7bd00b2167c2e6300e61b209da3d3b2b81f9537f05dda10872920fcc001c066d67f4479bdfc3d9d83038f1cc2944a0e8118936eb6f9b364ace9af5a2d1b7225baa5536bf26a7543814f58922db3ac5d3e5166f5b300282a128a59a278986e084d4a08bbd7df20b076affd49a0541b72cfc646259bd16f902aba06a99316598edfaaffb998a538c4d52f66ad8742c4f9c59a28c2af5848507d2cd407877750b5209483f7a8e895b90e01f2803ed3ddfe397bc3bd8acafb3d743db9b777fe4849c054a1a416e7b0541a0d45eb5676c1a4ece329f29ea9e982d7a27ad0be158f0daf05b2d2496d6751ed3b785f0a39c7b6f5353e5f9e8b6dcf1ae03ba6cd890aebf3cf3bb0b1cea47878753fe63d3e25df865d7778f1569c061fd3d4803beee7b00e4153cd63ca42f96b7699504b4ad52b91e7f12ee6ea42173fcb6e0c83c5a979dd5a0667c5c611835c1422444603d2c842575bd1293d5a2e72c390642c81106d0cd0be6064fa832ae6636db72121ec1e4f675f985f0cefb974967c2d161e45d0a470adcf09678c900ac14eb03c37155ef19fe618d287fe329aa9de36f00004b3cd44153e00db2188c7cda0a43d38e0a8842122b46c8e8a0d97bfc54e9f084ac85be4670cdcb1b17d1b8b94b550c8568a7c9e86aa172c728ed66b82f011613f6e9bbf5d9c68e1a265482190d1626e362f205723b2408a5686e919fbf310afc4ef34aaba9bdd2ef87a7b8ce0690b36d714fb72dc34bc0a59050cbe97bdef67a5a668263bbc9b0bdd9f7d7ee127ba82a027bf00a43a17ca345f640d9a61c494802aaf704a280d4cdd5c07c6c27a277be582b8e692d226bfeea3bfabc067c770c8c985420a724e58a15b158de32e080034c88ca207afbd3f0a0b53075f2db8e288c39e93e01c949daa73bc04b33ec2612dc6e837de64c8bccc3979b91b7bcbae5cd004450ad98347ca8082f23c0cea9d5d4304343ac93f28053312206f193cab402df38dddfa938c3f00bc940965a3bb7a1a8ea10a02de4b42db38223527cba95735357b581e5050f147be3c180a32d55b0409c3820df4b0311f921c281848b32357c4a34fcb9bd6446587dc993ac7eeaefe6af7674566d86b6cb834435768538098689d16f31b6c5e731251aaee33b00b92899218d966848eb441f74f9f3d4a904f2c72d2eda87f1c229add6ca59a8b4b755fedd0e9b47b1cf73c426c8f043266d852f49643a0ca386718fe92fea6ec4f4f26fcbbfbc9ea5fc12ee90d1f1defb14209df6f6b7a00387682ed57aa778e0e1aaa90c1c707d7b4ea3e2b1036046bda0a21ef9fa32ada3f294e9bfe627e9d769f2860163417de753c431256698efa0a6a13c3949ec3c352ec9780d7913a29ca909553263c068345b39738c11f84e88b1f8a3c71146a6adb4c9d86d2715fe10849d41c942aa64e828bf19d73090b378929491e0182e81539f8ed32c16650295ca878e658bb5a25e3db244d2b394211b609e2d10443f7175687f74dea9320bfdefc36ee472d208dfb34de9541bb50721fa652e72e80bb08ead6d6d2c8b20e7379b1a750241378fe05063b96d07d555e7a7f1f1a89ad17acf697831cac78c6dc46624a2f28534df9cf4425b0bb81654c92b87562b95707a68adc3f0f11c8a1bd177042ad1a8736ae5f9c831c4e1b3ff8b8bd8af5b8cf13e433bbb000a537b1e9ee93f1b3c1c563197dffd50e03c5d34767fce233d3658db8398aca26415f69c2c3970c1b7352ddcecea6f3f6ad8f73c3ec69237670badab0f602b84a778480b2af745668a039d137a45406b8029e20bbb20d8edff5177270cf047d2daa5da6697b8e5d83e740aaee494c195c4bfd1191574f3656e1ec4799269f6f2db3cef5bd2c45abedd4e28f39f38ea92c74b53d77f414788f0d977d11d5ba70f7a07491ab772869d4f42331ec287df3feeb116531ca3d55f61bc0eabc638de2d5d0976c035ce576875fef868319afccc67415cc4674aeff612344c0ac6de296d09eee3170df1c4a8e3c1fdc955bccd48faf4e12320c43e2159bc20652d0fa79f0c2e8a78a6d17ab5ade6c4a30db6ffe1d90aa6918c2408787f762909b8096fd670daab222978df99d2e9c50ec796774d8455e4e1a04cd767b87ed52154450934aa1251d82dd97f9e53d77928e9a352dc8817bf05abdd064f50ccb141160f2f0051b813b975bdb6da5130cf6e8ad1217d4963858b1d38f51f222ab03fddae0ccf0ee8626db21eca25c92e7708d4dbed8314c37b780dcb6811c023e4d6a8690157b9ed49745c0c9300cbab3e6009cc657e301abab1bd4c0476b56dc386be515afb4653b3ac1da4324adb176e5ce9887da0d0e13a9220c3fb77bca5607dc0a11fcb65a94d4ab43ab9d468f43d1bbe04c78d78cef6051163103790ff727c76c319e9c41bdc28ce3b493072913c00c580c904a6e174721098d323508f61940c75f8cab965786b07a0c6fb0db455b60e0a647b8e972f644da0df0b2f53542dac9b97785a1e71b658a477a9002bd9bb1b2c86de166e11ed63f688db2b4515cc54a4b36d3003365deedae8426bb6fe591103601f4caeec9a3933d0e410aa0c42f7278395933fffa1b48e0aac444ff7ad2a4cdd77a8062491344456213176d98679005094fb5ccea66f5331f2256d375f1bf8d49171abf9049534ea826242c24b5051af40241a71526a931442fac01cb81b7fe72fbb276cd91111199069af90f0c6e07b58ddc03d0d668b72d8b5d5990fa6bb33e706c970cc9bfbb3aabde0c54a6765143194c1e9ad7798005f79c40e35044603089ada7ef8dc939aaafc713d024993be161e2da1ba307801491248f7932ef942600c0629dfb5e796e92f49bf1c9437677e6a61ae2d560259c2cd1d1cb9da69d4827d4b31a28a96c5c1653090f6cac2bb830c90d6c8beeebc36b1efe8137354869c77d6a4b271f75367b884c0b66280d9e0e9e7c1160318ddb3cdd5a8d3e96e7517fb7821affe8bf5c31b29615bf22371878a09ee427ab3e2aa08aaafb339cbece8acba627a8365a292bee6ae4d6e3af9264995556eb24c1f4bc331a14d1c71def8a3a9959e8b5fb2366dbb0ffa56284ee6082d952ee7db46e2ced0a865dcb463901c59384ac8ce9d42fc9aac4178a802fdc4503ddcc92efc8f45ec50df16dcd3545c4f7396e98c1ec5cd4d5abc865f41495c5e768cad0eee65c26ade268ac7448ef748cfc28e3befbdfe82c6c8343eb4b8094950de0a6fcc0fdd6c557d215bc4e04d5", 0x1000}, {&(0x7f0000004d80)="06649eab23f99838cf453a8ae4963ffedc3d73862a131568793c762648112f75192020cc61383f4997c1f3ff1e041ac5348f2511c1e4acec0c6fc6878094c1ec6e213fd0721f3557f70e6df267d2e8a446634f5fee4e48c78790197e59be74248f38f0dff1e66f457fd391cebd30841456bb80e49bd3fcf50ce4a35d5363f9ea293302fe5df849874a0176228a35b5a2c960c068665583a37239fe6fc3ccec9734e0c7859986711662d496efceb0f979dfab0c2a023f9b83a4d498499bd54d301b3b16ec21837a120c61cf76ecd91ee3a0dcf0995e9f5763c6d8efc70b92797adb69f4805535b95070610225f3446264e0114959397926d737", 0xf9}], 0x2, &(0x7f0000004ec0)=[{0x1010, 0x102, 0x6, "6ccd2459d59a226fdfe57a0c5c3bec0649dc98ffcfe831d323093786ed3b99fa38afa35a9e590063b436f62eb2455bdb6a2eddbdc2b462bc00793ea2221aadb3adf06284556ca2636a22110a4d10a13dbddbf5403541a581fb9111a379a368febbf4f340c0e38bc54a630f53a40fde721ea58ee89a0f380857a48a8d360931a63a2402abf242d964c42a77046fdf59eb36e06e9b802da5a4359d61259272fe7c14a6da8ab19f0da7f398d55f80522f95b90ed4315f6195f65830d408d7fb94e7157f333739329ff2c072f10ff849073554422ffbeb0a1046c2d4dfc443cb4a5d45b9e8b53972a05e81f72e4996e28bdb928597a963c8b877f1ef4eb4401303fd90b157675ea1bcf46df1bd64d60664171cd99b599e9a925cde77a76769311098cfafd0ad9494d09a9ef4f81ee213e87c63e423ec4a12e5fd8b98f4f20e9a71c75eae1a293d574a709ca775ff9ff8df0485c2acb1882a740e5d7186b0b5700a3a758c2130ca1ad8e57fd7cf8529a4b67e6634316a6708f4bb3b6383301f06471dbbb56782e8b81453ce8b33af9ff8edde924693c83273d69b50324bb7d5e1ff8e422eefdb8de7008d497b00b18581c146449c36f4080b5d82cb83d0c63e71389fdb38e166ff1c921a0bafeb54ed72ce90dc2264d7948c9598dce9a5f40e554151bd9e44a61e7640c5e88c359f2caa21cd00b7f2e725fc3e8cf6b5d7f5cf2f68fcf2f5592e993278b1f1d09b5bde43539f813485f0b0f9760925892dd351f789df2a283a6bd08b74b1407f549701c7d068fb9687c074a0274914795eed9e3849a2cdd34626113d5647626baa3e4b4713989f962f77e155f8a93d39881d9eaa234cd1aa1c814bab9a53f3d87de3eba17754170e8cf018fbedfcefb75ebcc0c39eef2d0a8ecfc3686ba9f1329235757be1b24c997329374a7414cc0d2e55c94cab9acef5cbe935d4d740bd623d98c8771fbd6a386e241d3369fb1f5b1f7a54ee7f7c3b37ddf6d794d1a7e5dad674d51ce4574569217c763825eabe953d225d1f1908b4dfcd56196ef159c254ee15d3674077312c3ac4d4c31b756249b2c7122b263673db42a48633a33224cb145847ffc5220bc726b88f2e28d1e2c5d97256722b681fb56cbf2250ec377c1799251c582dde225a242675e0d137851f4398634b251521e34cc03214ffa84042c3f4d02a14db27647daaeec9b44737b020ea524e45a349f6fd8d199d49659afa9d5e2403c23f266d03ba1bde0778ca9a3fe714fc394603e7bc2084e8958cf0e8d541d0a83f02d451f7d8e2a866f742e624a0d0e7433f6066c2b08081ba11bb420cce4da951315d7aa75314aae234b14412f208d2b195498b68383ef619e9d3eee1481e0b6ce6b06da245ffcb500d0b690bf67a1c399f0dacec09358a8bf476f244dc1a4bfdac4f48a800caf009418c0e0bc4f7d3f583a62108c7acd45065f163fa3748d3726ad3aacf4bb0e3b56eb5f59153c9809fa05aed2e26d522493381ce1ac7e52503078b838d004bb7e9c921220ba77b5ea9ea7d6600429db6a5bac3babf7042851825cd13ca71bd71a1f55e18389324382706d0809216dc667ba618d20cfe2ea5eec7d8cfe7ae8790a76fefc8cdee56ade2ec6861d8d4458f8f48f71f3241afe56435dc8ba830c1ac32a9064fd57479194b0cd51a77081538f0c863ec246fe8e47fe2d690dea306792af84a445fab7870f622db79fcf3ffaefdd60d2f27fe948026c8a3d57b81332cf208a031aba10bbdfa9af03e3c65ae6b75413f9d9f80715ccf853880d62453aa9f5801a4480e29c6e6cba21b31ded4a130c7a3c9a6d33b179060bc144525fb15d06fc010de4f25c750ada2b0a0a6e0828b9b498c69676fadd7e50a7b69a45efb0c08c8bef077e6ff2eb8e759daa66f3d11ac1d1038de0fbcd6db16b72ad405b82c07037581d29b69bb8c000fb851a460a3c6c173708093e95a32cef739224405385d6bf2446271590d0d7c448f09fe74c7248688eeea47838c05468c884eb417c614673bb7968cd4fa8619284cdb45c05473ecc943a59e8df4727152c465d2ca80277983d676be2e88c9d9d31ef74150dfc5f2e8a383ae3ab01c8fdf3417d10627c8704c173bfacec62ab05ff60069c8b9e3f076737b4a4bbfceebe7171e0e1462b727643e6f67b49b2fecfa3157a50ebc5b9a0d7395b77af74346496f4588b7d6e20bb6bbafa6edacd9eb244c841b14fea45ea259fd5a92ae001a44f6a072308f96055483e484a94de592f6859f2feaef83fa0d9a0bc2e3ac7e008f59a497787e9dba29d430b104407cfc1e7fd6a9561d1e6bfeadcaa60dd38e36cf5a68345acf59bc53c63a013289b51ffd1d0e448e39b92b85b92a88746199900a45dac1e83de94691306948f16e096b47cf250459d18acf27acf91ba5f9c89ae49a094ce7b6b38b255d67dec594c5f30368a1cc4e7199f98582051badf56198c081a687e9bfce8dc0d7f9319127187d68b37aa7604e1fe7a38ec6205f04a3b55990b8ac9c72bf32c6eaec94965795e963f02d57ffddc6a34cd32754e69772bfcb9e37d0d007079ff9b8eb06ad9dd2bd423c6ef4858de31133b4502fcdb64faf66a57fb10e1d9ed6094364ba542c9f3f57aaa40be771cf34a4d5f540532f8565681ad84acf43f128421bc4d1a9af4e99326e2d46c740226661fd10474265fc9042447bec7ac6de2e494dd392f6bb763fd7763bebbff619e626ba36e8d918933189a17c0a519602771cfda02ab62c48f26bb0b418d2945bf97f703f261fcc84c1961cd4dd3161d50051f94862d631fad852353e69f0ae7727fca5f05139f863bd2c26ada705acdd8c3ee8f35e29ba72a627c9801a4f0d45577caa1e7dbe966ea505b667916e75b65a9e391a9a1be51ecc0234d678010f5e89766b897a8908c9e8aec9c3f7d826564a7ac29255dcb07045dec2e087af95f9ef427d6726b7ca2db2f25a0e751b4efe30296eaf1ff6f767afa6670f486af20e1549848eb07a2318875676b8b96e9f993373133daadc821b8096c0c0e7062addfe9bd8d33ec9edf6980878f6e51caa4cd92210a4fef31c5021dcc76090ea1e24808846a86640f6d6bb3677e86b7a56fb6e690a3edf35beaa8ab629d167f9d5910f1228c084d6342dd84b0f482d966f4f85ceaf2144669bc9a3406dc62bfb4fccd4ad1b9f55366468c933bb6a9939496acaee36a723daee1860da3b6b3be0bed86246697068c0c24b7ceb028b68573854d688e5f30febc801b5742abbc163f845de069854bf94e47f02670b81bd2fb49b83e6de4a4f0f4ffccd514f9511687220dccc7fde3f4b3d4830c6844aca467e23bac73caff84dcf4795656c026ec43a35a1beef8f0f249aadc03f5e13abba2924d400361924080f0c7b7783ceb7963442e5079a6824414e42e71fce9190ef0dcad7b786df81db9baa38d4776c7c7200bc7f8d734071b542cbb7c65c786ead89f42dc4ec01fc92df352e65db82d0dc4a8a9f435e4b910ebb2312a58f73a1aaeafdd42bd6f9693324ce5f467956106eb9d5b083dff664a9622b0be7bc5941f1da7e152281ae9511aca43f3f6ea6298f522f9085241f803b6e20a1025645bdd2e236f460e693269509b5b62da01a5dfdb332d446c70b12dc6f8998d24908ec2239f896d74ffb2bf18ebcd238a575726ca6dc9729d72f8347720c28f3fef79abd45fe5fc4c0de07fabee370fa479e99d88cd59f64e6b96e8ebb754d4bcdfe70e47a95d4dbd88aabf44266aff515d714bb19b29a4089b1a22dd1f7ba453a7ba7deed7ebda899f044d4b19420a900564026e8fd0d551ead964b084e9d93e2ec88ca7130e5ee3d9236681cf2711ed6a5e360bc9e3eb2539d7b1fab668ca51e94f06f767dfdb3800828142a3cbad3667779cc87e998adfe14c35629bcd7d83d5e73baba92f8c127dee980fa8308d2474c435f155b065ccae7ee8ce868dab628d9217f8ac0999bc404543ee5f9d6cbd4bd3f9263f2491d216b695bc2e200c676ceb1cd4d380183680c71aea512ca059974043bee0da6b277a531905958ef8da23fafbcd671caced0fb0a7260d2e6645f3ad75995a844c834289fca463bcf7385b0f6d22c625d8558f6a4369071e978068e616929589c6d30981e8f7444cdbb77d306c9569d99788bd9c0f2299e480ada4be419ffc94b3d86d93c821de15ba4f3ca9dbf49a2c44a0517fb66939db3099551b0c30013efd47e4cb6d116dd31d032825f0c85919e74cb77a58b2c27de0f73d62b24b25b85981ba5497756115c8964f76687975ea11f8c7ff05f0162914e44b9d1737639206b0198932c4bb14a654bb6f9cd54431ff35dc77acec116cdb539f9b66b0a2a04f7e755121062f89f653e75672a8f371d20178a9f8e2922287a1c863c6ba3fdbbe179ccb5d4d9b1fa865fda66deb9043028600cb6de3498985d34ccce01eb66f7efed5137789201d53da91c0dba908a092b5c5bbda87ffd69708ee3aea90400a925906bd214bf28443381f3b19a62c030eb685b89ad4b467d7331e93faca6eec671a80e2132fe5192470175092a185e8d0b1c8dd3fb668ddca2438da22995e907aa0373a6b6dbe0e9800806362b58d5eec85f2941f838c6d247a7473d79bf20d228256ea47682e66c198a1bb518a36f031f886079fb0b77ba5cdfa51d4f84a4b4c0cc23caf8ad9ff6743acd8442a45c285dfd3801b01ebdd0200a2e17b66c93f57290d8e726354dbbec4a29682ce908dd85000f6a3c4c1dcb06dcb742ef1327e41c34dae1c94b00fa66d89040f7fe9bbee3bf634cb057e28342d2a3397b3ac061fa0f4f999e460f4fc137554c59c28502bbf342901d7268cda9fbe8ae70add9a72b96c5b6808a80c3df3e40b0fbe206841231021978278a2edda8852ea0a80873a7909aebe3063bd41fb3e0a5161e70bc976cb2808105e5b5f182d9cf9ed35d26c234bb581a36350161533a5fcf8cf36e60a0a8a93628c559f00f696f6083f5421f607eb8b53d0582491bad10941659995d02e660cd15cbf147656f35b4e2efad89f8c4e296dc671cae277c6467f249eeb9d7c78a5e9660a88bc6ea9084569331a6aab409188d508d02a36a3b9c470b07c1ea3563134d135d2fc2754e1b886ea0f92a4987c04ea8a630fd433fd94eb446719c2539e32bdd4f3f1faa03b7301f06c07b53909861a148cef9cc708ebf5ab3bec28a1e5ab514c488baedc15683c77ce9100552f21512ce0b1e63123ea7cbf9beb53554e0a2b3fae0667bac53f89ee7fedfe7d6f22921108db70e64e8a4d830d3b44779207c9e9809ec81e2917d1560aae8a32a1283da225f0e8f945f29dc88831df164d717a0a6904501e464d03618fecb73bc695f6df9dae3c004d120b4e0ab7aea2c04fcba79b4335b59b783ddca416b23195f1fa713f2bc6e994e126ffac917ccbf4924b909603bc9a6f950f9f3f22c7d7e653e80e1b192fc15e959455c90cfebad41de5f983449e1e3fabd19332d2f8face6faba2de84b788ef28a8b8e2859a4459338080486d51a92c37d02751394661ee6822251890ca3eda813587d04f97d03ae5632c252fd1082dc21b4cd4397a9b053a871000eb22219aa5e614d7df87a429e10e118aac3605226668ce72e9897fe9fe19c19d370a672abefb781a6612c972ed5ac64e331f18a9ea806d340234de5bf2fcc5fcf5e38dba5167fd053ec78c19d7b50841e48bdff4238d0071f48d371ee58db80e5d0f5fcc66a54484a01e4ebe3f38e4aa1601260acda935c714566ce323fd1da2c95d87178273f7436f3eca51e44d5"}, {0xf8, 0x101, 0x794, "f67f251a5d9a9b9932ecbe59949ad5b4a72b9770f11a015c99de9b64bc0e88a0ea4760a9b3e15a75f95356763513905dc1b2eb019257802c70e1381586ed3c3a21fa55b72b023981840d6cbb4cda1ec4b4472bae17749d28433c44fe27b8039590ffe33566bc38adc9e72975b778fbbdfd6706a1c384003da219ff5b77c7803b9047b61115ee023aa0dbadfd8353d17b2a7d30db397e745ea3caf678fdf9f1c4f9d01d7b5dafa18049f95bc595ca41a89bd3f35419bd1f8f5f6c9368e1593e6bd7af495ba2815bfba70d318ebd559db414a253bce6607d49f56551522732d8d71405031c02b0"}, {0xe0, 0x110, 0x80000001, "d8dac7ae776aef8d87ea5dda1eff28f96735a72560eb364934bc4f20e847fd9725b6605e7eff696805bd2507573e1314257254b11fd37d4ebf46dea73a8c9da5c115dc0e3b11f8d61d97e2592cef7d69c5debe00f1ce3ee0db012c53ad855edb03b5f3f5a833d17e015ee7ca5984033528dc40148987818898d5ce12664573ef97187e47a0326ae31b57a54625e2b8b794eeec3b12f2c82da727b41b0c1374994c3ce73080c6b7a250c092ea71b7fd4cceb9e8dd6b1d71fc47fa717afda01b2c9270796d327ea1fdc69f5d3f7b95510c"}, {0x4be, 0x10b, 0xda3, "dd7bb9c7f41f03d4816133f55f2755543d95b0bc272d8dd32838ade6f8b453ca06acc169e74df33a63a30b584c8a5f9e7eb51630a838ff8a1d806e5edbd6d69cbb7a797d857d6425a223065153052392d7a0d9170a87555b4569beb14fbe09f33a32a25ec6d26612ccae10aa308c44756dcc6e80eeaab480b439384b548bcefe4b3352025bab4a0d5d7a78120a869c39a40484f6604f8e8fdb2090d795f9bd7e00b09ba519f7427023651dec55e456b3508cd4984bfad9bc9a86c059516a35a4e694a4b926466c6883d401432e15f1562e0dc951783f20b204d3245e9d9ab0af26ff28fae62e8605ae59b6fb6eb3740f8da0ff61f82cb11afb66cb737e1858fd78fc57ad9886077a79e3ed1c31d7e1972c2432cadde2213d755d0e3179b3f8d07fbac58cf5a5a1eb77f22e25e3f2a618c3d6ca3dc796ef73835cffd1ee17cc073952a96b4a65588fe98a14d73f341542736bc4d52007d860ccb055950fa9a2d7a679f395fe6b049f50aabb11d98296e0074036be617697621751b978bbe84acbc03da548479c221f6f41c122a82fa9ce27459b88aa800b3544a7ae35622a6fe4373b2a3a56bfcd8ef944254dfd9d50fc9214d50dfacb1616ee712464cbfc1fe350f64ee9755936ebb570a4583cab972421505a837727373ba764af027082c277b409117e446de8548382d4834568f435b35c27053bfbb80d8737f18cc98119b9837c3717df40cde485de822218c53d3bb530914699d499fa43a68b15d14de3f50cc6706fb20d62e8f518aecec36325b0cecb897f75d310bf5d743a29965eef4633ef693ab634c86d1581239f2e2e9261594626ab72863d227eaa4424399bd0f2be2c33b8f424dc5ac100a5b5bc65fddf6c56361ac28b3f2dd7fe90b3c62c4c9d8dc9aa1d0c54b0fa0623aa05031a86c880d76e4d8147263f9fdda09cf97fcb6548a0c320050ea5ae594bf9023a85bc4784105334c2ab1a12f7b7f5750b06908b2e34739be061dde2c4ff1c55f010728cb0bf763c942ad9ea24eebcf9e30aa9e3587353b52ec23594b51f77ba890cbb677c39ff71ced3fdc374145a6a7c03e7f4e54f0241fc7d6bdb73a424477020346a4658158212b9fd676a4538d38d4d6924d05ae9b88c063c1dce44eab92ac3a41102d517e8afd3bf67bc1a764b6974134caff7c66faefbd9bf18136fa9dd0b6d7ce632506267674fc4d4e0f4a1b7872b0b5eb1f3bf327901b6056bc775fc1b33fc16f0f7109b166251b8d0321e68b5357c9932e32bbf6376b71f062374a66c450f73570671b3fbc8345705f4991dcf22c01b2a42b8b3d9d710c9b3b5dfd10ec13fd00c75e428de6e715fafe008abdd5c62c077a551a0c64a6bbdb2c9cef7a2e798cb64f3d41277c3f5347e77d83d3bdb33ca5507bed9b649492ce61165288cd9d129f3fcfd353af8793c6454d9e4f8f1f3a2a67455319b61f60899615708cdff7909ba5cfc0d13945a4d9809ef448f04856095428adc48a4b2d80e9e747e25728a742add61e0c342e3817e475a3bed3a591b13535c56972743ea919dbcb45da9c7a8d7fc026a660960f70aa0392af6c5f1f91e4a30a2344bd5a356030d66f4c2e13bf0f88d93cc74455d918198c3e0103fc28760a91dfefe5869669ff5828e66044822b258ffd023d32b5a2fbad296b378ffdd92bda67c69ddb57aa522c7af317c0641d5b53ff0fb55ba0dd8ee7ba1017f6b03c569090439307204649d6da8bcc9b9f79167dddff322694e668ffb433f74617681ff29c371c918de847af2c4045c0a38a2880500f5e927cc830ae4f4f22171ed14010cdae851c535668f5fa13f7504f6db36014bae59aefe0f6c5e98582dae7c563d5deaf658596aedf9ffb61cb444d7d1d6b5b633c9a19407817f2809cafec8df0b231558f802f938d067f754b6921a85222f535b9b5744fb1abf9b528f16aa19f980d6427c051b51105a5f610b490fa15cea9f9cb61adc2a905bcf19923c25a98494cfe94289474aab5b68f11215d9700f7cdd65ba72dfb1096a96da16fb0f926054d8903be79b030cc540129aaa503ff924f6413dbeaa1b5ca9f3ba902dfa00082e40a601c18183d509af9d18706213607f6c55f101a423cd53a32556fc9d2351cb539613298cc20dfc4053b3cc67e735faf1f7c9cf0c77a14a15841f864df05661dc10be9ddcac5419a633c22ee7d13ce07b4c4800a53e116cbc0400eda9477bfc4bb76b0c77cc060f45302491a25169b420df2ad6d0422b34dbe9e6094b95ab8cfeff60b0b2f9300e59f932bdfac514451b8f945c57d21dc858ebf75d066fb6bd91496335b89c03e7be145b4a73a6260d14308f150e0a96a05ee5c1a08c9a7da58f5274c5b951a9b5cd598dbc19878948d7b26bc0d1a1869995c10d256936c6a6a320504b109c6567135d82eef711fdc75e39874687d52e038a320cb8f581e22e70cbe494c1b781516cd5f681258794d5a3850492421a47b51aef609fd10c315e7ec4bf57a09aa65bbaa76d79aff62221ee27c16d584695a3afb953905e248eb264cfad43742f3f507c918a615c0230465d31cbcc75cb28f51a269ec6f450db411aacbe4c6543abba2986bef77f11245af06e20ba7307c84a4eb9919b13a17b2c26e9f7095a4b35ef3837f41facd49aac82e7262d33bdde24007a6b20d1fcd2ef2e6d54c9c2e632bf08cdefed383d71016ceaf7614425fa9c40ecc3d8a1b00310036c8af902080a4cbd13299872624f34d958f408cd3ad1d1be9758569b25ab9ea0cfb565f9a1087eed4c5327aa8b651a013f7895472a5b01b9a3732d07f191d409db3ea298982f8d64967c1b5a516c82ca27e6c1be5212516afe111c2aaa1c63bee50f4bddee75afa72c043a0fe0890fc438379f09aa043c36d0a37c0c104afab22a0e5c71650cd6b64964a4d0584985f3a18e585fd0d9320a0cbf8462643171ed5ff34d4f4ad5d893339601d955d047960bad637032974fdf7f825b1ad0dd78f10497ad7d8004099e0186f983489c6d24efb80480fb954a7358be410f033677bd418403da87d78457c2a952f10edd4e3b776efa07d353eec308bb9935b43abcb9d8f66f2e4b3440cc657e652a0a6424f02e435a3c2d3ce636a31c752e1eef4d333909a602fd482acbf154521bb06bc72e342b0c38176a6169e4aa5a976049f664657430314b121a1515ede7d32dfea60598f04dad2e398e72263608b6d7f7fbd53eec9f126707e0abf8bb2ba3b3f2f3152aa6e0ed64870b70b4516d70d6872c2f1484473b6f11189ab9be9b8e09d7a934397096319f699608c2025926b286ba50d8364f10e1224507018ee50cf639d4f7f2f1356896ffefc7f4d2680e0bb44f0c56634efd168e51f74df832513df2cc9fb271f0f41323b3c2f192e41e11fa003cd2322d33bf4b12dcfdb91a44404993a9880dfacf027df2aaf6899ea3cc4ff7fafac3d33eb38e7c7481003aaa5a0e2a2bd9926977f69583fa5e009107a5378a0de8379da6711d751e2bc2c949c9ca71355a663c64e12249a53711264eee9f9a3482feeef36ad6722e59d1e3980862b5e15bc6b8562ce75206d9ed8f97d73e02128f92f355b87af6a19cbfa96b050bd054c947b9dae439c677034e56504e5292c3ca8fa082f6e27558c4dbfcf9d6f0896ba8a9cc729670cabb0ee6c68c20dee08472dc082e612cce2c84de5caa923550e13799f4a223328c43191db8902959f8ba063dcf24dd45a71bcc2ee248971a788843f56df80252c4219aca04439c37a5f6ae0fe25600e9dafd2696623c6796eea2cb2a91fe0df2561f9c821b7f75b137f39cd65c45a4da112541f862f37414e603a75d3406d5036dfbf7dd1b0b88d2ff2ec2870fe97bff3385805883daa3125b79c6ecb8993cbc90cddc6cd2cc804087b2ba5e40c43b657a0b4f8a03342c3cda11a37d06c24658997beaf20697d2c51b8ed7cbf4038a6db4b7843e1799fbfb2e3055eacf21929eb199be11edc75a533f095d6f4ab7220e05b8cc566a06bc1580c7efd7c7b7ec574c59031f735d42cd54eee0d8db1884b086dfa9f5baf38ac6e37974c08a3767ef9ff4638d9434a18d0a8fced6ac5caa03dd85fe44c06b821c6f2360e72b33abe9b65b6d399fb9d0c34a8d0c8b30dc091aed7de035580e1a466cde67444181c097f29cff7fbc15c322e7c6d81a3a722052fa58ad828e11b949a829e4d23ff34593a206f7a9066ea7c3203c66f65b4a9426fbbaf42a2f58fe5472b2a0b37b220d2fc12517647694d4a34f2dacf42078e54e998d87f7b1121613ea10c0b42d43422d107094ed2dd0832336d5d576bbba50c2cd1b7c249d60a6fdf0f5204142eb990e6713b71645bdd086091668f390403e08bcdd5c885bb692cc89996f99d32bd96bb33dcaf2a458a6564a03c6ddca328d5f86a52be6b77cc0f7aeb0b5982f0800d6b75fcd388c91328dd9730c671542b25e913bb30cf89a4072e2d3d688b09096707be1d455950fbe15e039b30169211620427a376a3376a9592ff237d9fdc64dd4d6fb63a7c279ecfbcadebb7073a3ae8ec3777b5c2a4f4b13041e5fcdbd5da5ad9613756512b76ab203ae67b4f71c39ecaf6e35daf29d89204b6431d3ee5d9d58489684f96dcc90a34b20c283097b0ce72ce8bc7aa1dd2bc2451a573ef22d6a3b6d3510a27626c34e0686e71df9d11e54525269f7e0a2e46926de32097c91bebdbec4f897302533a52cb37c302bbeebcd93e76b3af0e9d02cffd003208cccfcced5994a2e54dbf7197f43f8b05e0f91537703c7cd27d1958067ed81cd9f118a27da7097317d8941dc86867ca99cba75b48e3c9ee5d2888d60bd2f5ddb89a8e163f7504da1d453ed7f7b3f43213fd39e9c2947373e5c51253eddcf117bb85678637a4599aac77543fe480fcb13f18277d3b47ff01d9a4d40d0753e9f45a7db934d8227041091ccdd55a3d2f50c2a67618332955835d195d4dad6649692e8a206f0471da8d493c261d3ad58ef61b0f8788ad629ccdd078712fc81b3650305c912fe842c677890640012891e3592b1128065931ab89eb330706c78eb5926103f65c05a4afb6f66876505a58dd58e5311b7b978b2ee28ef2e7aa558cc67f85338edacf2ab4ce1cfc58c1f59abc42498711a965c5d90fb416befe12a3ff725f3a03ca2c40cf0f49eaaf4cc553d643c88efd4574357953592238632d1a7c7bf9535c8ddc84652e4a3a20e97772523ee1cc7b09e4054d8a858661f7619ebd9174c183f52d9f33adc9702a87042a3acdcad46b5fe08a52b5026886df2affda8fa1cf1592e3382b87dafccda1a4481a6b488593924893633fcaad13ebf297a5aa69cc1d7dc6407eaed458faab414896500b3fec3486a7f87db4b3d1c90c6e531ed28fdcc4e8539d08e56f483dcdb3d24d9a7b358d676ff8891c8db780431e9ebf2f056bf16790980cb561ee3741bdfa050434a2b142f8f24ee0cefa7b169d661c3ecf169004ffdab5bf47fd1c6c61a5070735f201994af25edbffb88d239b1eab65203ad88cc6cff072105b9f668115cf1f612f48ef42d04d09683141bab8846e1ce46ad921c3ceec55ac6c9b2e64ed7f27d80025cc4348043cd73cf0d687b46afbb199585378a822d8450809fba119b3726de6cb655a0c162ad2d83105ec3714ced376e906ea0d7a9da6864f3782ba645b491a6e76bd2678a053d2d9849a25d2f5c6abd3174d6d8084f9851b9ff6c9b9a7a3b5d01249b45473f6ace888425041e562c613e8e04294f508e3b64a091f8236f9fd180ce76576bdb97c4f81b7a83cbb43a01dafd7a101a"}, {0xc0, 0x111, 0x0, "d13f51602bf8b9d9b17288f3493a7331d764b7b06dc35509583812bb647b3f291cdab3e3067c53792c1e553a865ea546fc28b652bf0d11f06f449bc9d26941a3840bb337927131e2c2386d305bd34fd8f09d6a58fc88b9a880179af2850026450b64def3d56c227f4d462b2b6b2df507111550095a9228b92ca0df21d5aff2e3c886c4987431aadeb2378fd8628031c34595600ca1f9d94dc200f93bc28fb1e703d66acd609b369a40eb3c"}, {0x28, 0x109, 0x8, "d4a5bd6d9079f60c08fe854d7f306e6f0f6ba4"}, {0x88, 0x10d, 0x5, "dd4ae7da112c3001b1640c2a6ae4b95550d7bd80eb61498c1514c9ce050286f30738b6b10879c12f0c25ee5f8a113177baeb9b64599531ce91d7312e3df995bf84e10be00c423fb12687b792a5f2b9b2aff4ccfe893b3b46601088b30179faaa31a767e257909e06c509925dd4a5cf8df091cac33ffadc"}, {0x30, 0x29, 0x401, "068c1182127bb75c6f02dffcdeaa5a00adf2900a43038b5c8650"}, {0xe0, 0x113, 0x8, "beba8b4c85c2a42dffd54b912dccdaa3e3f3e2ce5e7b5ee2cfa7ca526a9abc3aa32da2cdf1745fc7162ce321bda46193a4ce3fe954acedd6c9303097138185723268bc7dd934a3ae01847efc213c21031d4b928c924089087a0381ef0ec97d4010a9c62070e3d8b7c1250acdf738d59d7cefe9d29c990bbb632fb93cb1f817088e41a7bbb139d76a11f844664efbabd7f08b76e31fd361ea3ac7523d5564c631cc48cc343252d93fddfeefaf936432465d0852e9f620a91c08033e30309f1b345eb600e1088177d16586c86c5ffed1"}], 0x2478}}], 0x5, 0x3d90e669e2120f71)
syz_io_uring_submit(r3, r7, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000007480)={0x0, 0xd6de, 0x10}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r8=>0x0)
syz_io_uring_submit(r3, r8, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r3, r5, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r3, r6, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r2, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:28:00 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x406, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:28:00 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x15010000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  990.654435][ T6928]  ? __kernfs_new_node+0x6a/0x330
[  990.659463][ T6928]  __should_failslab+0x81/0x90
[  990.664227][ T6928]  should_failslab+0x5/0x20
[  990.668732][ T6928]  kmem_cache_alloc+0x4f/0x300
[  990.673507][ T6928]  __kernfs_new_node+0x6a/0x330
[  990.678443][ T6928]  ? up_write+0xb5/0xc0
[  990.682633][ T6928]  kernfs_new_node+0x5b/0xd0
[  990.687223][ T6928]  __kernfs_create_file+0x45/0x1a0
[  990.692328][ T6928]  sysfs_add_file_mode_ns+0x1c1/0x250
[  990.697692][ T6928]  internal_create_group+0x2f4/0x860
[  990.703074][ T6928]  sysfs_create_groups+0x3d/0xf0
[  990.705451][ T6930] loop4: detected capacity change from 0 to 87
[  990.708014][ T6928]  device_add+0x606/0xf40
[  990.718481][ T6928]  device_create+0x17d/0x1d0
[  990.723091][    C1] sd 0:0:1:0: tag#5066 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  990.723127][ T6928]  ? vsnprintf+0xe8f/0xed0
[  990.732953][    C1] sd 0:0:1:0: tag#5066 CDB: opcode=0xe5 (vendor)
[  990.737299][ T6928]  bdi_register_va+0x7c/0x3c0
[  990.743631][    C1] sd 0:0:1:0: tag#5066 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  990.748243][ T6928]  super_setup_bdi_name+0x93/0x120
[  990.757253][    C1] sd 0:0:1:0: tag#5066 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  990.762317][ T6928]  super_setup_bdi+0x45/0x50
[  990.762336][ T6928]  v9fs_mount+0x1cd/0x4c0
[  990.771337][    C1] sd 0:0:1:0: tag#5066 CDB[20]: ba
[  990.775883][ T6928]  ? selinux_capable+0x34/0x40
[  990.775969][ T6928]  ? tsan.module_ctor+0x10/0x10
[  990.794845][ T6928]  legacy_get_tree+0x70/0xc0
[  990.799509][ T6928]  vfs_get_tree+0x4a/0x1a0
[  990.803985][ T6928]  path_mount+0x11ec/0x1d20
[  990.808517][ T6928]  __se_sys_mount+0x24b/0x2f0
[  990.813203][ T6928]  ? fput+0x2d/0x130
[  990.817211][ T6928]  __x64_sys_mount+0x63/0x70
[  990.821957][ T6928]  do_syscall_64+0x44/0xa0
[  990.826401][ T6928]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  990.832362][ T6928] RIP: 0033:0x7f925409f709
[  990.836769][ T6928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  990.856363][ T6928] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  990.864812][ T6928] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  990.872792][ T6928] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  990.880754][ T6928] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  990.888765][ T6928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  990.896728][ T6928] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:28:00 executing program 0:
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x13, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda", 0x0, 0x0, 0x0, 0x0, 0x0})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r0, 0x0)
preadv(r0, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f00000018c0)={<r1=>0x0, ""/256, <r2=>0x0, <r3=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0, ""/256, <r5=>0x0, <r6=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{<r7=>0x0, r6}, {<r8=>0x0, <r9=>0x0}, {<r10=>r5, <r11=>0x0}, {<r12=>0x0, <r13=>0x0}, {0x0, <r14=>0x0}, {<r15=>0x0, <r16=>0x0}, {0x0, <r17=>0x0}, {<r18=>0x0}, {<r19=>0x0, <r20=>0x0}, {<r21=>0x0}, {<r22=>0x0, <r23=>0x0}, {<r24=>0x0, <r25=>0x0}, {<r26=>0x0, <r27=>0x0}, {<r28=>0x0, <r29=>0x0}, {<r30=>0x0, <r31=>0x0}, {<r32=>r5, r6}, {<r33=>0x0, <r34=>0x0}, {<r35=>0x0, <r36=>0x0}, {<r37=>0x0, <r38=>0x0}, {<r39=>0x0, <r40=>0x0}, {<r41=>0x0, <r42=>r6}, {0x0, <r43=>0x0}, {<r44=>0x0, <r45=>0x0}, {0x0, <r46=>0x0}, {}, {0x0, <r47=>r6}, {<r48=>0x0}, {<r49=>0x0}, {<r50=>0x0}, {<r51=>0x0, <r52=>0x0}, {<r53=>0x0}, {}, {<r54=>0x0, <r55=>0x0}, {}, {<r56=>0x0}, {<r57=>0x0, <r58=>r6}, {<r59=>0x0, <r60=>r6}, {0x0, <r61=>0x0}, {<r62=>0x0, <r63=>0x0}, {0x0, <r64=>0x0}, {<r65=>0x0, <r66=>0x0}, {<r67=>r5, <r68=>0x0}, {<r69=>0x0}, {<r70=>0x0, <r71=>0x0}, {<r72=>0x0}, {<r73=>0x0, <r74=>0x0}, {<r75=>0x0, <r76=>0x0}, {0x0, r6}, {<r77=>0x0, <r78=>0x0}, {<r79=>r4, <r80=>r6}, {<r81=>0x0, <r82=>r6}, {0x0, <r83=>0x0}, {<r84=>0x0, <r85=>0x0}, {<r86=>0x0, <r87=>0x0}, {<r88=>0x0, <r89=>0x0}, {<r90=>0x0}, {<r91=>0x0, <r92=>r6}, {<r93=>0x0}, {<r94=>0x0, <r95=>0x0}, {<r96=>0x0, r6}, {<r97=>0x0, <r98=>0x0}, {}, {<r99=>r5, <r100=>0x0}, {<r101=>0x0, r6}, {<r102=>0x0}, {0x0, <r103=>r6}, {r5, <r104=>0x0}, {0x0, r6}, {<r105=>0x0, <r106=>0x0}, {}, {<r107=>0x0, <r108=>0x0}, {<r109=>0x0, <r110=>0x0}, {<r111=>0x0, <r112=>0x0}, {<r113=>0x0, <r114=>0x0}, {<r115=>0x0}, {<r116=>0x0, <r117=>0x0}, {<r118=>0x0, <r119=>0x0}, {<r120=>0x0, <r121=>0x0}, {<r122=>0x0, <r123=>0x0}, {<r124=>0x0, <r125=>r6}, {<r126=>0x0, <r127=>0x0}, {<r128=>0x0, <r129=>0x0}, {<r130=>0x0, <r131=>0x0}, {<r132=>0x0, <r133=>0x0}, {<r134=>0x0, <r135=>0x0}, {<r136=>0x0, <r137=>0x0}, {<r138=>0x0, <r139=>0x0}, {0x0, <r140=>0x0}, {<r141=>0x0, <r142=>0x0}, {<r143=>0x0, <r144=>0x0}, {0x0, <r145=>0x0}, {0x0, <r146=>r6}, {0x0, <r147=>0x0}, {<r148=>0x0, <r149=>0x0}, {<r150=>0x0, <r151=>0x0}, {<r152=>0x0, <r153=>0x0}, {0x0, <r154=>0x0}, {<r155=>0x0, <r156=>0x0}, {<r157=>0x0, <r158=>0x0}, {0x0, <r159=>0x0}, {<r160=>0x0, <r161=>0x0}, {<r162=>0x0, <r163=>r6}, {0x0, <r164=>r6}, {<r165=>0x0, <r166=>0x0}, {<r167=>0x0, <r168=>0x0}, {<r169=>0x0}, {<r170=>r4, <r171=>0x0}, {<r172=>0x0, <r173=>r6}, {<r174=>0x0, <r175=>0x0}, {<r176=>0x0, <r177=>r6}, {<r178=>0x0}, {0x0, <r179=>0x0}, {r5, <r180=>0x0}, {<r181=>r4, <r182=>r6}, {r5, <r183=>0x0}, {<r184=>0x0}, {0x0, <r185=>r6}, {<r186=>0x0, <r187=>0x0}, {0x0, <r188=>0x0}, {<r189=>0x0, <r190=>0x0}, {<r191=>0x0, <r192=>0x0}, {<r193=>0x0, <r194=>0x0}, {0x0, <r195=>0x0}, {<r196=>0x0, <r197=>0x0}, {<r198=>0x0, <r199=>r6}, {0x0, <r200=>r6}, {<r201=>0x0, <r202=>r6}, {0x0, <r203=>r6}, {<r204=>0x0, <r205=>0x0}, {<r206=>0x0, <r207=>0x0}, {<r208=>0x0, <r209=>0x0}, {<r210=>0x0}, {<r211=>r5, <r212=>0x0}, {<r213=>0x0, <r214=>0x0}, {<r215=>0x0, r6}, {<r216=>0x0}, {0x0, <r217=>0x0}, {<r218=>r5, <r219=>0x0}, {<r220=>0x0, <r221=>0x0}, {0x0, <r222=>0x0}, {<r223=>0x0, <r224=>r6}, {<r225=>0x0}, {0x0, <r226=>0x0}, {0x0, <r227=>0x0}, {<r228=>0x0, <r229=>0x0}, {<r230=>0x0, <r231=>0x0}, {0x0, <r232=>0x0}, {<r233=>0x0, <r234=>0x0}, {<r235=>0x0, <r236=>0x0}, {<r237=>0x0}, {<r238=>0x0}, {}, {0x0, <r239=>0x0}, {<r240=>0x0, <r241=>0x0}, {0x0, <r242=>0x0}, {r4, <r243=>0x0}, {<r244=>0x0, <r245=>0x0}, {0x0, <r246=>0x0}, {<r247=>0x0, <r248=>r6}, {r4, <r249=>r6}, {<r250=>0x0, <r251=>0x0}, {<r252=>0x0}, {0x0, <r253=>0x0}, {<r254=>0x0, <r255=>0x0}, {<r256=>r5, <r257=>0x0}, {<r258=>0x0}, {}, {}, {<r259=>r4, <r260=>0x0}, {}, {<r261=>0x0, <r262=>0x0}, {<r263=>0x0, <r264=>0x0}, {<r265=>0x0, <r266=>0x0}, {}, {<r267=>r4, <r268=>0x0}, {<r269=>0x0, <r270=>0x0}, {r4}, {<r271=>0x0, <r272=>r6}, {<r273=>r5, <r274=>0x0}, {r4, r6}, {<r275=>0x0, r6}, {<r276=>0x0}, {<r277=>0x0}, {<r278=>0x0}, {<r279=>0x0, <r280=>0x0}, {<r281=>0x0}, {}, {0x0, <r282=>0x0}, {<r283=>0x0, <r284=>0x0}, {<r285=>0x0}, {<r286=>0x0}, {<r287=>0x0, <r288=>0x0}, {<r289=>0x0, <r290=>r6}, {<r291=>0x0, <r292=>0x0}, {<r293=>0x0, <r294=>0x0}, {<r295=>0x0, <r296=>0x0}, {<r297=>0x0}, {<r298=>0x0, r6}, {<r299=>0x0, <r300=>0x0}, {<r301=>r5, <r302=>0x0}, {<r303=>r5, <r304=>0x0}, {<r305=>0x0, <r306=>0x0}, {<r307=>0x0, <r308=>0x0}, {<r309=>0x0}, {<r310=>r4, <r311=>0x0}, {0x0, <r312=>0x0}, {<r313=>0x0, <r314=>0x0}, {<r315=>0x0, <r316=>0x0}, {<r317=>0x0, r6}, {<r318=>0x0, <r319=>0x0}, {<r320=>0x0, <r321=>0x0}, {<r322=>0x0, <r323=>0x0}, {<r324=>0x0}, {<r325=>0x0, <r326=>r6}, {<r327=>r4, <r328=>0x0}, {<r329=>r5, <r330=>0x0}, {<r331=>0x0}, {<r332=>0x0, <r333=>0x0}, {0x0, <r334=>0x0}, {<r335=>0x0, <r336=>0x0}, {<r337=>0x0, r6}, {<r338=>0x0}, {0x0, <r339=>r6}, {<r340=>0x0, <r341=>0x0}, {<r342=>0x0, <r343=>0x0}, {}, {<r344=>0x0, <r345=>r6}, {<r346=>0x0, <r347=>0x0}, {<r348=>r5, <r349=>r6}, {r4, <r350=>0x0}, {<r351=>0x0, <r352=>r6}, {<r353=>0x0, <r354=>0x0}, {}, {<r355=>0x0, <r356=>r6}, {<r357=>0x0, <r358=>0x0}, {<r359=>r5, <r360=>0x0}, {r4, <r361=>0x0}, {<r362=>0x0}, {<r363=>0x0, <r364=>0x0}, {<r365=>r5}, {r4, <r366=>r6}, {0x0, <r367=>0x0}, {<r368=>0x0}, {<r369=>0x0, <r370=>r6}, {<r371=>0x0, <r372=>0x0}, {<r373=>0x0, <r374=>0x0}, {<r375=>0x0, <r376=>r6}, {<r377=>0x0}, {<r378=>r5, <r379=>0x0}, {<r380=>0x0, <r381=>0x0}, {<r382=>0x0, r6}, {0x0, <r383=>0x0}, {0x0, <r384=>0x0}, {0x0, <r385=>0x0}, {r4, <r386=>r6}], 0x0, "2156816c73038c"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f00000561c0)={0x1fffe000, [{0x0, r304}, {r281, r127}, {r305, r117}, {r299, r147}, {r122, r383}, {r303, r87}, {r157, r347}, {r204, r367}, {r172, r38}, {r332, r36}, {r90, r304}, {r26, r95}, {r357, r187}, {r90, r95}, {r338, r243}, {r211, r333}, {r35, r312}, {r254}, {r271}, {r342, r194}, {0x0, r76}, {r265, r227}, {r297, r188}, {r283, r16}, {r70, r36}, {r184, r304}, {r378, r153}, {0x0, r46}, {r287, r20}, {r359, r356}, {r77}, {r165, r231}, {0x0, r239}, {}, {0x0, r292}, {0x0, r114}, {r138, r217}, {r134}, {r277, r164}, {r346, r78}, {r285, r195}, {0x0, r334}, {r62, r34}, {r250, r27}, {r355, r183}, {r215, r356}, {r54, r106}, {}, {r228, r222}, {r373, r110}, {r277, r45}, {0x0, r326}, {r254, r197}, {r261, r87}, {r184, r114}, {r189, r131}, {r155}, {r33, r372}, {r49, r131}, {r44, r316}, {r24, r236}, {r143, r200}, {r196, r145}, {r204}, {0x0, r219}, {r365, r144}, {r210, r46}, {r37}, {r105, r40}, {r233, r205}, {0x0, r207}, {r250}, {r265, r46}, {r310, r14}, {r109, r137}, {r325, r339}, {r220}, {r223, r135}, {r56}, {r128, r166}, {r310, r119}, {r298, r175}, {r362, r161}, {r228, r156}, {r186}, {r327, r311}, {r228, r197}, {r8, r245}, {r369, r268}, {r276, r85}, {r277, r112}, {r48, r98}, {r238}, {0x0, r221}, {r331, r83}, {r72, r156}, {r235, r341}, {r238, r282}, {r244, r64}, {r181, r251}, {r118, r319}, {r276, r185}, {r150, r209}, {r91, r82}, {r152, r87}, {r1, r274}, {r32, r188}, {r88, r164}, {0x0, r34}, {r298, r232}, {r10, r11}, {0x0, r361}, {0x0, r17}, {r286, r66}, {r230, r260}, {r12, r29}, {0x0, r27}, {r65}, {r378, r23}, {r244, r123}, {r138, r71}, {r136, r85}, {r19, r266}, {r307, r288}, {r201, r121}, {r39, r328}, {r189, r13}, {r254, r323}, {r10}, {r365, r123}, {0x0, r25}, {r57, r76}, {r15, r149}, {r198, r242}, {r97, r154}, {r213, r251}, {r176, r133}, {r18, r83}, {0x0, r290}, {r126, r203}, {r254, r306}, {r273, r95}, {r362, r209}, {r309, r199}, {r75, r361}, {r22, r168}, {r315, r370}, {r377, r385}, {0x0, r272}, {r225, r125}, {0x0, r349}, {r15, r205}, {r174, r358}, {r141, r243}, {r263, r168}, {r70, r326}, {r322, r360}, {r102, r386}, {r337, <r387=>r58}, {r310, r173}, {r115, r142}, {r340, r92}, {r318, r242}, {r132, r95}, {r113, r354}, {r73, r312}, {r93, r202}, {r293, r379}, {r70, r129}, {r69}, {r267}, {r90, r14}, {r165, r38}, {r81}, {r371, r103}, {r189, r14}, {r247, r27}, {r91, r358}, {r267, r29}, {r258, r197}, {r65, r249}, {r96, r229}, {r91, r177}, {r109, r153}, {r244, r347}, {r67}, {r250, r296}, {r160}, {r250, r248}, {0x0, r74}, {}, {r269, r323}, {r363, r25}, {}, {0x0, r188}, {r35, r203}, {r247, r203}, {r317, r246}, {r371, r61}, {0x0, r154}, {r353, r112}, {r375, r294}, {r99, r197}, {r116, r55}, {r313, r82}, {r148, r87}, {r22, r214}, {r101, r319}, {r299, r142}, {r51, r319}, {r327, r311}, {r12, r179}, {r375}, {}, {r169, r358}, {r57, r328}, {r359, r159}, {r107, r372}, {r348, r146}, {r283, r217}, {r348, r341}, {r220, r177}, {0x0, r280}, {r120, r146}, {0x0, r89}, {r48, r58}, {r44, r147}, {r313, r374}, {r157, r246}, {r340, r384}, {r128, r288}, {r299, r199}, {r62, r66}, {r291, r217}, {r97, r284}, {r138, r190}, {r291, r114}, {r109, r249}, {r10, r294}, {r53, r163}, {r50, r46}, {r252}, {r193, r308}, {r269, r385}, {0x0, r192}, {r299, r280}, {r313, r386}, {r96, r360}, {r271, r202}, {r72}, {r18, r83}, {r369}, {r15, r68}, {r362, r364}, {r94, r185}], 0x4, "eb6ff0489fb843"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f00000571c0)={0x3, [{r65}, {}, {}, {}, {r283, r74}, {}, {r57, r257}, {0x0, r46}, {}, {}, {0x0, r180}, {r191, r158}, {}, {0x0, r280}, {}, {r162, r104}, {0x0, r302}, {}, {}, {}, {}, {}, {}, {}, {r281, r171}, {r276, r183}, {r10, r142}, {r310}, {r278, r226}, {r32, r78}, {r331, r40}, {r281}, {0x0, r190}, {0x0, r227}, {r198}, {r18, r60}, {r21}, {}, {}, {}, {}, {r320}, {}, {}, {r99}, {r101, r292}, {r335}, {r324}, {r275, r314}, {}, {}, {0x0, r296}, {r130, r129}, {r357}, {0x0, r290}, {r28}, {0x0, r140}, {r113, r3}, {}, {0x0, r334}, {}, {0x0, r251}, {}, {r111}, {r81, r384}, {r84}, {r295}, {}, {0x0, r296}, {r75, r345}, {}, {0x0, r139}, {r86}, {}, {}, {r362, r321}, {}, {}, {r21}, {r216}, {0x0, r219}, {0x0, r74}, {}, {}, {}, {r337, r60}, {r7, r133}, {r380, r209}, {}, {r281, r214}, {r351}, {}, {}, {r228, r47}, {}, {0x0, r339}, {r79, r133}, {0x0, r46}, {0x0, r264}, {}, {0x0, r224}, {r320}, {r307, r45}, {r143, r290}, {0x0, r147}, {r240, r239}, {0x0, r212}, {}, {r263, r241}, {}, {0x0, r203}, {r39}, {0x0, r270}, {0x0, r262}, {}, {0x0, r262}, {r124}, {r289}, {0x0, r321}, {r54, r194}, {r259}, {}, {r28, r311}, {0x0, r127}, {}, {0x0, r125}, {}, {0x0, r58}, {r301}, {}, {r355, r80}, {0x0, r234}, {r59, r9}, {}, {r353}, {0x0, r253}, {}, {0x0, r236}, {}, {0x0, r234}, {r223}, {0x0, r366}, {r310}, {}, {r259, r182}, {}, {r169, r354}, {r204}, {r344}, {}, {r346, r131}, {0x0, r280}, {0x0, r361}, {0x0, r173}, {}, {0x0, r300}, {r237, r63}, {}, {r170, r311}, {r329}, {r206}, {}, {r310}, {r247}, {}, {r143, r11}, {0x0, r341}, {r157}, {}, {0x0, r3}, {}, {r70, r203}, {}, {r279}, {r233}, {r344, r100}, {}, {0x0, r43}, {}, {r167}, {r2}, {}, {}, {}, {0x0, r352}, {r41, r205}, {r62, r58}, {r130}, {r256, r356}, {0x0, r55}, {r279, r319}, {}, {r238}, {r353, r321}, {}, {r346}, {0x0, r356}, {0x0, r42}, {0x0, r151}, {r67, r52}, {}, {r322}, {0x0, r330}, {r220}, {0x0, r376}, {0x0, r135}, {r24}, {0x0, r108}, {r335}, {r157}, {0x0, r343}, {}, {r26, r255}, {r4}, {0x0, r135}, {}, {r70}, {}, {r116}, {0x0, r349}, {}, {}, {r196}, {r322, r347}, {r160}, {r369}, {0x0, r123}, {0x0, r203}, {0x0, r156}, {}, {r132, r381}, {r10, r159}, {r44}, {r50, r242}, {r309}, {r382, r336}, {r256}, {r35}, {}, {r208}, {r279, r110}, {r368}, {r67}, {r178}, {}, {r218, r25}, {r261, r284}, {r30, r209}, {}, {r75, r236}, {r120, r31}, {r54, r104}, {r348, r350}, {}, {r193, r387}], 0x5, "51485030d8b26a"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0)
r388 = syz_open_procfs(0x0, &(0x7f0000000000)='net/netlink\x00')
pread64(0xffffffffffffffff, 0x0, 0x0, 0x300)
r389 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r389, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
preadv(r388, &(0x7f0000001800)=[{&(0x7f0000000040)=""/98, 0x62}, {&(0x7f00000000c0)=""/53, 0x35}, {0x0}, {&(0x7f00000001c0)=""/49, 0x31}, {&(0x7f0000000240)=""/137, 0x89}, {&(0x7f0000000640)=""/231, 0xe7}, {&(0x7f0000000300)=""/73, 0x49}, {&(0x7f0000000740)=""/4096, 0x1000}, {&(0x7f0000001740)=""/142, 0x8e}], 0x9, 0x9, 0xfff)
clone3(&(0x7f0000007080)={0x60021100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

02:28:00 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x20000000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:28:01 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r7, 0x0)
preadv(r7, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
r8 = accept$inet6(r7, &(0x7f0000000180), &(0x7f0000000480)=0x1c)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000440)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x5, 0x0, r8, 0x0, 0x0, 0x0, 0x2, 0x0, {0x3, r9}}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:28:01 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040))
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'erspan0\x00', &(0x7f0000000180)=@ethtool_sfeatures={0x3b, 0x8, [{0x9}, {0xff, 0x5}, {0x95a, 0xffff}, {0x0, 0x9}, {0xc323}, {0x80000001, 0xbb82}, {0x1, 0x10000}, {0x8}]}})
setrlimit(0x1, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff})
r1 = open(&(0x7f00000000c0)='./bus\x00', 0x1c1042, 0x0)
pwrite64(r1, &(0x7f0000000140)="01", 0x1, 0x4010040bffd)
ftruncate(r0, 0xf0ff)

02:28:01 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x408, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:28:01 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x20100000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:28:01 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
r2 = creat(&(0x7f0000000080)='./bus\x00', 0x39)
io_submit(0x0, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x1a00001a}])
fcntl$setstatus(r1, 0x4, 0x4400)
dup3(r1, r0, 0x0)
io_setup(0x40000000008, &(0x7f0000000240)=<r3=>0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0)
io_submit(r3, 0xf, &(0x7f0000000540)=[&(0x7f00000000c0)={0xf04aef, 0x3d8, 0x4, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a00}])

02:28:01 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 55)

[  991.201702][ T6979] FAULT_INJECTION: forcing a failure.
[  991.201702][ T6979] name failslab, interval 1, probability 0, space 0, times 0
[  991.214323][ T6979] CPU: 0 PID: 6979 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  991.222989][ T6979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  991.233037][ T6979] Call Trace:
[  991.236309][ T6979]  dump_stack_lvl+0xd6/0x122
[  991.240898][ T6979]  dump_stack+0x11/0x1b
[  991.245155][ T6979]  should_fail+0x23c/0x250
[  991.249583][ T6979]  ? __kernfs_new_node+0x6a/0x330
[  991.254658][ T6979]  __should_failslab+0x81/0x90
[  991.259436][ T6979]  should_failslab+0x5/0x20
[  991.263941][ T6979]  kmem_cache_alloc+0x4f/0x300
[  991.268783][ T6979]  ? __down_write_common+0x42/0x830
[  991.274000][ T6979]  __kernfs_new_node+0x6a/0x330
[  991.278846][ T6979]  ? up_write+0x25/0xc0
[  991.282991][ T6979]  kernfs_new_node+0x5b/0xd0
[  991.287572][ T6979]  __kernfs_create_file+0x45/0x1a0
[  991.292673][ T6979]  sysfs_add_file_mode_ns+0x1c1/0x250
[  991.298047][ T6979]  internal_create_group+0x2f4/0x860
[  991.303326][ T6979]  sysfs_create_groups+0x3d/0xf0
[  991.308261][ T6979]  device_add+0x606/0xf40
[  991.312580][ T6979]  device_create+0x17d/0x1d0
[  991.317157][ T6979]  ? vsnprintf+0xe8f/0xed0
[  991.321669][ T6979]  bdi_register_va+0x7c/0x3c0
[  991.326381][ T6979]  super_setup_bdi_name+0x93/0x120
[  991.331480][ T6979]  super_setup_bdi+0x45/0x50
[  991.336063][ T6979]  v9fs_mount+0x1cd/0x4c0
[  991.340402][ T6979]  ? selinux_capable+0x34/0x40
[  991.345161][ T6979]  ? tsan.module_ctor+0x10/0x10
[  991.350007][ T6979]  legacy_get_tree+0x70/0xc0
[  991.354626][ T6979]  vfs_get_tree+0x4a/0x1a0
[  991.359035][ T6979]  path_mount+0x11ec/0x1d20
[  991.363529][ T6979]  __se_sys_mount+0x24b/0x2f0
[  991.368199][ T6979]  ? fput+0x2d/0x130
[  991.372139][ T6979]  __x64_sys_mount+0x63/0x70
[  991.376748][ T6979]  do_syscall_64+0x44/0xa0
[  991.381164][ T6979]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  991.387060][ T6979] RIP: 0033:0x7f925409f709
[  991.391535][ T6979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  991.411215][ T6979] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  991.419615][ T6979] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  991.427577][ T6979] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  991.435540][ T6979] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  991.443506][ T6979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
02:28:01 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:28:01 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x22000000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:28:01 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0})
lstat(&(0x7f0000000540)='\x00', &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0})
getresgid(&(0x7f00000000c0)=<r9=>0x0, &(0x7f0000000100), &(0x7f0000000140))
setresgid(0xee01, r9, 0x0)
setxattr$system_posix_acl(&(0x7f0000000340)='./file0\x00', &(0x7f0000000440)='system.posix_acl_default\x00', &(0x7f0000000600)={{}, {0x1, 0x3}, [{0x2, 0x4}, {0x2, 0x1, 0xffffffffffffffff}], {0x4, 0x4}, [{0x8, 0x2, r7}, {0x8, 0x2, 0xee01}, {0x8, 0x6, r8}, {0x8, 0x4, r9}, {0x8, 0x4, 0xee00}, {0x8, 0x4, 0xee00}, {0x8, 0x3, 0xee01}, {0x8, 0x0, 0xffffffffffffffff}], {0x10, 0x5}}, 0x74, 0x2)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:28:01 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x25000000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:28:01 executing program 0:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000100))
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

[  991.451465][ T6979] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:28:01 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 56)

02:28:01 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r7, 0x0)
preadv(r7, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
r8 = openat$incfs(r0, &(0x7f0000000340)='.pending_reads\x00', 0x14240, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r7, 0x6, &(0x7f0000000480)={0x6, 0x0, &(0x7f0000000440)=[r0, r8]}, 0x2)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index, 0x0, {}, 0x0, 0xa}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:28:01 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x500, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

[  991.565869][ T6998] FAULT_INJECTION: forcing a failure.
[  991.565869][ T6998] name failslab, interval 1, probability 0, space 0, times 0
[  991.578588][ T6998] CPU: 1 PID: 6998 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  991.587340][ T6998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  991.597419][ T6998] Call Trace:
[  991.600693][ T6998]  dump_stack_lvl+0xd6/0x122
[  991.605277][ T6998]  dump_stack+0x11/0x1b
[  991.609431][ T6998]  should_fail+0x23c/0x250
[  991.613844][ T6998]  ? __kernfs_new_node+0x6a/0x330
[  991.618882][ T6998]  __should_failslab+0x81/0x90
[  991.623641][ T6998]  should_failslab+0x5/0x20
[  991.628128][ T6998]  kmem_cache_alloc+0x4f/0x300
[  991.632886][ T6998]  ? __down_write_common+0x42/0x830
[  991.638067][ T6998]  __kernfs_new_node+0x6a/0x330
[  991.642903][ T6998]  ? up_write+0x25/0xc0
[  991.647043][ T6998]  kernfs_new_node+0x5b/0xd0
[  991.651618][ T6998]  __kernfs_create_file+0x45/0x1a0
[  991.656711][ T6998]  sysfs_add_file_mode_ns+0x1c1/0x250
[  991.662095][ T6998]  internal_create_group+0x2f4/0x860
[  991.667434][ T6998]  sysfs_create_groups+0x3d/0xf0
[  991.672355][ T6998]  device_add+0x606/0xf40
[  991.676669][ T6998]  device_create+0x17d/0x1d0
[  991.681249][ T6998]  ? vsnprintf+0xe8f/0xed0
[  991.685650][ T6998]  bdi_register_va+0x7c/0x3c0
[  991.690378][ T6998]  super_setup_bdi_name+0x93/0x120
[  991.695515][ T6998]  super_setup_bdi+0x45/0x50
[  991.700111][ T6998]  v9fs_mount+0x1cd/0x4c0
[  991.704425][ T6998]  ? selinux_capable+0x34/0x40
[  991.709198][ T6998]  ? tsan.module_ctor+0x10/0x10
[  991.714093][ T6998]  legacy_get_tree+0x70/0xc0
[  991.718665][ T6998]  vfs_get_tree+0x4a/0x1a0
[  991.723063][ T6998]  path_mount+0x11ec/0x1d20
[  991.727610][ T6998]  __se_sys_mount+0x24b/0x2f0
[  991.732272][ T6998]  ? fput+0x2d/0x130
[  991.736210][ T6998]  __x64_sys_mount+0x63/0x70
[  991.740791][ T6998]  do_syscall_64+0x44/0xa0
[  991.745211][ T6998]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  991.751095][ T6998] RIP: 0033:0x7f925409f709
[  991.755492][ T6998] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  991.775082][ T6998] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  991.783475][ T6998] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  991.791480][ T6998] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  991.799457][ T6998] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  991.807424][ T6998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
02:28:01 executing program 0:
r0 = syz_io_uring_setup(0x1c05, &(0x7f0000000080), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000100))
r1 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x4000000000000002, &(0x7f0000000280)=0x5, 0x4)
bind$inet6(r1, &(0x7f0000000080)={0xa, 0x44e20}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x20040218, &(0x7f0000000100)={0xa, 0x4e20}, 0x1c)
r2 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0x4000000000000002, &(0x7f0000000280)=0x5, 0x4)
bind$inet6(r2, &(0x7f0000000080)={0xa, 0x44e20}, 0x1c)
sendto$inet6(r2, 0x0, 0x0, 0x20040218, &(0x7f0000000100)={0xa, 0x4e20}, 0x1c)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r3, 0x0)
preadv(r3, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
sendto$inet6(r3, &(0x7f0000000140)="07ab9a5c563fcd7ec7f424d3a23e1678816dc9f1d3d920255ec0b966b7283d4f3072a141d205734044198cc0d1d51963d8c66cbebb63a2108e5ce5d3be1cbb9592beb351f950c612e471a84111a095b36c7a5cccee5618deb11491c5f8398e67041a008f8a7c9fcbd9c7ff8dcd25ff6057d32b044bcf55d46469788cbfed098c7146e30d8c00851f9796966a172356dffe5bd071fd75b72ee14172285c1e156736991cba76ba601987ef848926246f272a6ea386c611", 0xb6, 0x885, &(0x7f0000000040)={0xa, 0x4e24, 0x459, @empty}, 0x1c)
listen(r2, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

02:28:01 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r8, 0x0)
preadv(r8, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000340)=@IORING_OP_FADVISE={0x18, 0x3, 0x0, @fd=r8, 0x401, 0x0, 0x7ffe, 0x2, 0x1, {0x0, r9}}, 0x4)

02:28:01 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x3f000000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  991.815374][ T6998] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:28:01 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x40000000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  991.888180][ T7019] loop4: detected capacity change from 0 to 87
[  991.923334][    C0] sd 0:0:1:0: tag#5081 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
02:28:01 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:28:01 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 57)

02:28:01 executing program 5:
r0 = syz_io_uring_setup(0x4957, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0xeb}, &(0x7f00000dc000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000340)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000480)=ANY=[@ANYBLOB="2a05dd7c0000344c3373b4ee71005dd4d8563121c100060053120000070700"/47], 0x2a)
r3 = mmap$IORING_OFF_SQES(&(0x7f00000dd000/0x2000)=nil, 0x2000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x3, 0x0, 0x0, 0x0, &(0x7f0000000440)}, 0x6)
syz_io_uring_submit(0x0, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_setup(0x3ede, &(0x7f0000000240), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x5}, 0x0)
syz_io_uring_setup(0x1370, &(0x7f0000000080), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000180)=<r7=>0x0, &(0x7f0000000100)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f00000001c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x2000}, 0x0)
r9 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r9, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r10=>0x0)
syz_io_uring_submit(r1, r10, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1, 0x0, {0x3}}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:28:01 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x54000000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  991.933193][    C0] sd 0:0:1:0: tag#5081 CDB: opcode=0xe5 (vendor)
[  991.939500][    C0] sd 0:0:1:0: tag#5081 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  991.948515][    C0] sd 0:0:1:0: tag#5081 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  991.957528][    C0] sd 0:0:1:0: tag#5081 CDB[20]: ba
02:28:01 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x3, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
r6 = syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
io_uring_register$IORING_UNREGISTER_FILES(r0, 0x3, 0x0, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000240)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x4004, @fd=r6, 0x2, 0xfffffffffffff021, 0x1, 0x9, 0x0, {0x0, r8}}, 0x1)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:28:01 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x55000000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  992.000881][ T7034] FAULT_INJECTION: forcing a failure.
[  992.000881][ T7034] name failslab, interval 1, probability 0, space 0, times 0
[  992.013563][ T7034] CPU: 1 PID: 7034 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  992.022303][ T7034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  992.032356][ T7034] Call Trace:
[  992.035638][ T7034]  dump_stack_lvl+0xd6/0x122
[  992.040226][ T7034]  dump_stack+0x11/0x1b
[  992.044376][ T7034]  should_fail+0x23c/0x250
02:28:02 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x56000000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  992.048842][ T7034]  ? __kernfs_new_node+0x6a/0x330
[  992.053873][ T7034]  __should_failslab+0x81/0x90
[  992.058679][ T7034]  should_failslab+0x5/0x20
[  992.063185][ T7034]  kmem_cache_alloc+0x4f/0x300
[  992.067984][ T7034]  ? __down_write_common+0x42/0x830
[  992.073228][ T7034]  __kernfs_new_node+0x6a/0x330
[  992.078118][ T7034]  ? up_write+0x25/0xc0
[  992.082265][ T7034]  kernfs_new_node+0x5b/0xd0
[  992.086852][ T7034]  __kernfs_create_file+0x45/0x1a0
[  992.091965][ T7034]  sysfs_add_file_mode_ns+0x1c1/0x250
[  992.097342][ T7034]  sysfs_merge_group+0xc5/0x1a0
[  992.102204][ T7034]  dpm_sysfs_add+0x9d/0x1d0
[  992.106790][ T7034]  device_add+0x9b6/0xf40
[  992.111124][ T7034]  device_create+0x17d/0x1d0
[  992.115769][ T7034]  ? vsnprintf+0xe8f/0xed0
[  992.120183][ T7034]  bdi_register_va+0x7c/0x3c0
[  992.124862][ T7034]  super_setup_bdi_name+0x93/0x120
[  992.129972][ T7034]  super_setup_bdi+0x45/0x50
[  992.134565][ T7034]  v9fs_mount+0x1cd/0x4c0
[  992.138917][ T7034]  ? selinux_capable+0x34/0x40
[  992.143660][ T7034]  ? tsan.module_ctor+0x10/0x10
[  992.148488][ T7034]  legacy_get_tree+0x70/0xc0
[  992.153119][ T7034]  vfs_get_tree+0x4a/0x1a0
[  992.157520][ T7034]  path_mount+0x11ec/0x1d20
[  992.162020][ T7034]  __se_sys_mount+0x24b/0x2f0
[  992.166674][ T7034]  ? fput+0x2d/0x130
[  992.170589][ T7034]  __x64_sys_mount+0x63/0x70
[  992.175159][ T7034]  do_syscall_64+0x44/0xa0
[  992.179655][ T7034]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  992.185533][ T7034] RIP: 0033:0x7f925409f709
[  992.189933][ T7034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  992.209558][ T7034] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  992.217944][ T7034] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  992.225890][ T7034] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  992.233839][ T7034] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  992.241787][ T7034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
02:28:02 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x600, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

[  992.249746][ T7034] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
[  992.292321][ T7056] loop4: detected capacity change from 0 to 87
[  992.318087][    C1] sd 0:0:1:0: tag#5083 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  992.327959][    C1] sd 0:0:1:0: tag#5083 CDB: opcode=0xe5 (vendor)
[  992.334323][    C1] sd 0:0:1:0: tag#5083 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  992.343387][    C1] sd 0:0:1:0: tag#5083 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  992.352411][    C1] sd 0:0:1:0: tag#5083 CDB[20]: ba
02:28:02 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x57000000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:28:02 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
write$binfmt_aout(r0, &(0x7f0000000440)=ANY=[@ANYBLOB="08012000a4ab765b421915261e30af084be1ffffff00"/57], 0x2c)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:28:02 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 58)

02:28:02 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:28:02 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x604, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:28:02 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r2, 0x0)
preadv(r2, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket(0x11, 0x800000003, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'sit0\x00', <r6=>0x0})
sendmsg$ETHTOOL_MSG_COALESCE_GET(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)={0x20, r4, 0x1, 0x0, 0x0, {0x16}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}]}, 0x20}}, 0x0)
accept4(r0, &(0x7f0000000140)=@can={0x1d, <r7=>0x0}, &(0x7f00000001c0)=0x80, 0x80800)
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000200)={{{@in, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in=@local}}}, &(0x7f0000000300)=0xe8)
r9 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000440)='syz0\x00', 0x200002, 0x0)
r10 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r10, 0x0)
preadv(r10, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
tee(r9, r10, 0x81, 0x8)
sendmsg$ETHTOOL_MSG_RINGS_SET(r2, &(0x7f0000000400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x74, r4, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@ETHTOOL_A_RINGS_RX_MINI={0x8, 0x7, 0x3ff}, @ETHTOOL_A_RINGS_HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x7}, @ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x8}]}, 0x74}, 0x1, 0x0, 0x0, 0x20008080}, 0x4000)
sendmsg$ETHTOOL_MSG_RINGS_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r1, 0x1, 0x0, 0x0, {0x7}, [@ETHTOOL_A_RINGS_RX_JUMBO={0x8}, @ETHTOOL_A_RINGS_RX_MINI={0x8}]}, 0x24}}, 0x0)

02:28:02 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index=0x3, 0x0, {}, 0x0, 0x5}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

[  992.749241][ T7075] loop4: detected capacity change from 0 to 87
[  992.759399][ T7079] FAULT_INJECTION: forcing a failure.
[  992.759399][ T7079] name failslab, interval 1, probability 0, space 0, times 0
[  992.772035][ T7079] CPU: 0 PID: 7079 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  992.780758][ T7079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  992.790800][ T7079] Call Trace:
[  992.794069][ T7079]  dump_stack_lvl+0xd6/0x122
02:28:02 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x614d37a3, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:28:02 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x8cffffff, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  992.798657][ T7079]  dump_stack+0x11/0x1b
[  992.802832][ T7079]  should_fail+0x23c/0x250
[  992.807238][ T7079]  ? __kernfs_new_node+0x6a/0x330
[  992.812277][ T7079]  __should_failslab+0x81/0x90
[  992.817100][ T7079]  should_failslab+0x5/0x20
[  992.821620][ T7079]  kmem_cache_alloc+0x4f/0x300
[  992.826380][ T7079]  ? __down_write_common+0x42/0x830
[  992.831623][ T7079]  __kernfs_new_node+0x6a/0x330
[  992.836608][ T7079]  ? up_write+0x25/0xc0
[  992.840754][ T7079]  kernfs_new_node+0x5b/0xd0
[  992.845339][ T7079]  __kernfs_create_file+0x45/0x1a0
[  992.850568][ T7079]  sysfs_add_file_mode_ns+0x1c1/0x250
[  992.855538][    C1] sd 0:0:1:0: tag#5085 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  992.856025][ T7079]  sysfs_merge_group+0xc5/0x1a0
[  992.865851][    C1] sd 0:0:1:0: tag#5085 CDB: opcode=0xe5 (vendor)
[  992.870640][ T7079]  dpm_sysfs_add+0x9d/0x1d0
[  992.876972][    C1] sd 0:0:1:0: tag#5085 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  992.881442][ T7079]  device_add+0x9b6/0xf40
02:28:02 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0x1}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000029c0)=[{{&(0x7f0000000500)={0x2, 0x4e22, @multicast2}, 0x10, &(0x7f0000000900)=[{&(0x7f0000000540)="4949ea88021150c95eeebcac53cad2053bc2a69438167a7124298caf6f4ba9d771deca770458c013bfbae0f79b0681b9039681375de36ecabc7524a370ab", 0x3e}, {&(0x7f0000000580)="6794a644531e3a81c8f20cd70b642c1c16a65fc42358aa6fd29db413a9d595877a4fe6db623f0b0c07e53fbc436e4e53a77de1a76be931c09b04badfc95190f9dc58c9a619ef1755e82b78b3f81c682e40e76d", 0x53}, {&(0x7f0000000600)="3d25f9ff8fdf820298db854c2320ee9dbf177fc4fd19b1172cb1aa477974d1475d86b07d9276722f5f73a1d1b7b70eb4f7ba7eff71a558e3af5c4f0aa0a87614729fe6525ce81ea90273f7be3eb803924ea8932f259a377fee793aaa59248f3537a023abdfba32e10e22ed7d667f3d6555ed577284efd2e76f4a4a88a527210a500dec615ce3857a49970eb610a06218a94a3d593cb8bb251b13871677668787783992a180cc61225264d04248f276e20fbfbf0335ca8e03bfddaf4171abda3e57914f7afd001ef31465be24bcc5d4c517186dc81153a352d3d2a685d7a1da75ca3f71e1f3857ad3919f279dba784010c9", 0xf1}, {&(0x7f0000000700)="465a349016faa07c57dda3a380bdcbfcd90807be01edccec5b8c8e740f2c2c68715729d20d097a458a7752bb7e40e7fa6a61dcc5800817f28accb9d6a11fd63ae498d282c76a4aaf0518a68f101522146b7118e9", 0x54}, {&(0x7f0000000780)}, {&(0x7f00000007c0)="36f0d43ea74b91aa45076639a5affe68dfe2b10ed4bf8301139b0d8e6515baa116395a60e162917b06bfb5b427502924f7cd81a6d135fa37c225d9c54bf52c35b1bc2148f5f2c341cdeace1f1392890da73703a26ef1a0c62001db58a9e9358069def5f506499f12198734c6e0bcff4fc44cbfb9fd", 0x75}, {&(0x7f0000000840)="ddcc4c09c8374382fca49c454dfbcdc7d2232fd70b525dd34045ea41a41d375dfd7bc4b19c1d8a3062ed35851f687cfa0734d728215ffa9de70acd3ed38dc4f2d110e47e8f47c1abfbdd2448afd7d3e56c33da18932cb17fe438e3e1c9e17b1b2dbe5988596120ecb75dc8862626b6aecf2b182886f999f5b6ea973d23901aadea637ca4c213551e07bde4f8419bc7648e801806fb6dc59e667316ce3d372b14", 0xa0}], 0x7, &(0x7f0000000980)=[@ip_ttl={{0x14, 0x0, 0x2, 0x6}}], 0x18}}, {{&(0x7f00000009c0)={0x2, 0x4e20, @broadcast}, 0x10, &(0x7f0000000bc0)=[{&(0x7f0000000a00)="bf0add73d803ab65325786df0837d9ee88ffa542db531b728129d0eb9da34a245c079a51dbe1ead05dc6de514a8da0f5e097d2938bd7460e7a1503030ec5b6a07f19a1e503d2f327aa2243473b3db4193a172b8113e5884c1697926e5f648d4db289a6aade53421bba3e8d1cf2bfece990289ae0", 0x74}, {&(0x7f0000000a80)}, {&(0x7f0000000ac0)="c8148411b7da26c7269f34dd1c5998a86a6951707ff6ca8c42095752f591ee93c000f29be9536f73c3add7f2d88199993d50f18545fc5051a9db351f6d0090ff0e3002fa62829d396719ac", 0x4b}, {&(0x7f0000000b40)="cb40c54172d9068099819169ea4f3e005d1c201af1f9c2877baff41ba3ce22906de5f357fa5413769f4336af8e54e6bbe75d31104022a885dfe12b3d33b5fa994864aa60ac44628a949545c10caa8672cf7c068bf7aec6e904aa1311b3f33ce186", 0x61}], 0x4, &(0x7f0000000c00)=[@ip_retopts={{0xa8, 0x0, 0x7, {[@timestamp={0x44, 0x14, 0x82, 0x0, 0xb, [0xffff7ffb, 0x75d2, 0x283, 0x9]}, @timestamp_addr={0x44, 0x54, 0x20, 0x1, 0x9, [{@remote, 0x2}, {@broadcast, 0x1}, {@local, 0x8931}, {@dev={0xac, 0x14, 0x14, 0xa}, 0x10001}, {@multicast1, 0xffffffff}, {@dev={0xac, 0x14, 0x14, 0x1d}, 0x3f}, {@broadcast, 0x8001}, {@rand_addr=0x64010102, 0xfffffffa}, {@loopback}, {@rand_addr=0x64010102, 0x65ff}]}, @generic={0x44, 0x8, "986065e89707"}, @cipso={0x86, 0x25, 0xffffffffffffffff, [{0x2, 0x8, "e4d3bf6c0e55"}, {0x2, 0x8, "e1c5edd7e6d0"}, {0x0, 0x7, "a80112a4d6"}, {0x5, 0x8, "cabc13404340"}]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private=0xa010102, @broadcast}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @broadcast, @local}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x9}}], 0x100}}, {{&(0x7f0000000d00)={0x2, 0x4e22, @loopback}, 0x10, &(0x7f0000001240)=[{&(0x7f0000000d40)="55e881eff0dfc746aaeda13a7f3faafecc3d90cc46c9c0c86a83d7862f8aaedfbf0b72bfb6498e99be1aded453360c6fc30062b27ba445219334664e2879d4488c8be34e2962ee347cb62ff9584cd67d9bd7191f1ba3ca8fd6865f92a412ed046f74743b43c34a8e6fc672121497a675107363", 0x73}, {&(0x7f0000000dc0)="6c30f756db49c43a328135d92d262a68103cf20f3f664ee4b7c5d146e6c0dd59101b5b57d8d643d5bc4a297c7b41a2aa18400f5e2d5dd7c1300dfe01f456f2315e50ae60027565a8524d4fb53fed567daf40465a93d85ebad8919b96e55204291cdbde4701455ad237bda4405171c14d5f7a1eab721fb5136e63ab528810d01d5ce3c87b592111aeadf76b1e36ac81556c86e65bd761e9a999d2e13adbd8e944f23de6ee2450c8d4", 0xa8}, {&(0x7f0000000e80)="2a6fa00c687245a74cae14b9e584482724b5d26bfaac192d545fa0e0febd7f3e4007eea9296b2f263e4778021bb6b6ce0eb523affdf50d97800a5bf5793527879e4df6da45131c948bddb527438541a14f9f32e068c25b8ecf41a5741d284f51e3e6d02dd3b3a1f103a301029a4593939866ecca3b89bfd1998ba952fa21c8019f16fdea775000a85970137d39c91bbc62b279d68f9ac5113c6ff20f2527812d78665f0e09ee9e007610571f9ac894e80681437045bd35d803ca244e09d0e0ea3f827f7636f34b19d3b6e37e8c6d696fd25dead22735f782db4d55336978c8ed98f348ef2901", 0xe6}, {&(0x7f0000000f80)="89af7dcd0ed077598218726e2c535711e2a061f9ab977ae34d7fafc8d1e9955013d61b84e866a927e9c19d05e9e350ad549000bcc5", 0x35}, {&(0x7f0000000fc0)="82f928ce29a6e1e57abf0fd70cbf95d1d16399a89416116c8422ee448f0b9f50fea6037644a0fa38ba8a9ba0780165176a93bf9a0e7d9f6b110c3fd523454c130e557c6f0281756ca395dc818cec50b495617473f446d65751cb7ad7e2d11e76e68f4eb86f06760093e3f52878bca01bbf32a0b507278707eb15266b3e398f319df63d211d098b834f8389b69a37f4913906077b39e5f4dcbfd492511bfe6e152dabac8081af441869180806cfa227d00060d987514fa3f1a9fab83bd797e6ea130094ea674555af382417647777cae1eee57a4e79b08fa5abef57cf1b5d86b646d89621ae73aeeae9415b3a8b472e603651a8cba3af31", 0xf7}, {&(0x7f00000010c0)="a853418ca6fb98ab0efd7f078ec3cd0aa36f2071ea9208521684b1f1213a068b6dbdcf78decc7d52b8062f7b71e8cd6dcc871671467a28e8eaf5b42a8f1f89825ec1055e2bd4b777fc31e0b6c94e80cbf1c41e4b6902e67950298830d5d50c84949900cb2d57a23f8adfa21b841e", 0x6e}, {&(0x7f0000001140)="308db0e0d49a958d44c60786805c895d2b50ff5bed119977b4d29bb264bc1359acacdf882f637e5fff7cacd9cc29c4a1b206ec1bda6167d9ba1d2ae998ddc26fd7e5ae96d402f8e635405249d0c1bb132aced0413eceebd72988faa814052733825794f99864ea8f2eaf7982c5a2484a3ee6a4ef3041fdee68ec7927a0fdca892064036407fab71d53568776780f384a2c1b7587b0dfac879c17bc83e77b14fb16bcb15e04e56bd243f402e2dc1901731c370d09dddbf87c18b45526abea84597c8d46d160e4f0c1e55a868c54882f67781e915593fad8b0bcdf4a7ba3f5a4074627ae85159555", 0xe7}], 0x7}}, {{&(0x7f00000012c0)={0x2, 0x4e22, @multicast1}, 0x10, &(0x7f0000002840)=[{&(0x7f0000001300)="79cf6a1650941c5ba159959cfeba3ce81ff6b4880841be97763c2c01de7b9d0bd1e5c140400bf729d52cb516c581d13385327206c470fce97cf2f9f39685e0ed6181f1197d6205", 0x47}, {&(0x7f0000001380)="56a0b03cd5dbce01f3823a63589951a904257c6450b1563cb653dcb3b7e48be76eec00706fa1de500f0194292c9272bbe6c5978ea10bad383afdd1482cfee476db3629374879284ee156e6758f1ca51ed21991b3a6389e039b9fe091173e19ce42468710b934d9ebbaae2de13350d2ada29c72047a553a894ab21b003065ea9302eff8c35546f5c944fad19b425474d914fc18397a126f5808717695e469", 0x9e}, {&(0x7f0000001440)="f18be5a2a3546c10e111119ef749d3cdaa1ec0a352fceda3f4312882f0a72846bb4a3f1293f96af1a51cdc02da2a1a38621a507342179a689d56760d45aee883a729c66593c0fc74e0c9c369", 0x4c}, {&(0x7f00000014c0)="588ace3d7d03143bfcc0878f62c007c75bfbd910d509769256c72601f69f46f9ccae43f0c6b57eea8611528d4b89270289d9bf", 0x33}, {&(0x7f0000001500)="775dc237b06510e2348a425cfe99e823737a0373bda783d93f5243162916eda1875a11072696e9df04d091b6979011039653377934a8e4660253b4a71b8a99dc78f14c6b619ca4410cea0f801473e8e2bdd394ceb45415b6a766a73b005d94a805b30b0f54634a6e4c8f833230f6b1be336ff0e4f79c2562b9783e1bf7cf56ce69f7cf8180aedf10856846fdd1386d3fba11eff8", 0x94}, {&(0x7f00000015c0)="b5b4fb32d18f8992e746fed0", 0xc}, {&(0x7f0000001600)="9c9e28b532239643bb2a474e909d8fa1357e6770eb99460b11599c9e27bc2685dd86643f3d16a1027722720a7717d56ecbb0", 0x32}, {&(0x7f0000001640)="6d1f24b96318459f1b9f08171a1c300a48f7e8574ed9e0a8a75b425d97f8dc96ca697fd8e5ac32728e531025c1c6540368545c1dc279389e0342a78ee60feaa108ddcfcd6e56e581c8e4b99000cb3845da9b09034f2279748e692cdc187e5b7141f26d6ce0058ad572dd8c42360f0678300b6c3bf0182e45281f188030297bd60ff18314c733ccd529f8e1e787718e2c3ec9a26842e040b0dc5881622fe427c6ac6a796fda0c15c5d65a87b9ca808c92d0ce9d07f5d10496af1298ecf9dec8afce0d8a6c462b75c01dda9076df625798a5d509dfcc7090b0eb803d9887322aa52be6ec89b0f38b496238d1f6aa587b6d04d2c11d81b2a5109d520aefd045b130c8fc44a5cc8e83ec892874661583ad87d72dc376b650bb39d04421f9be4362eb5587097b50b9ca86c5835e1c87b1303eb11bddc1f08014d0c8056055d3aa49fc2d2ebaf0ddbeed1867c7ac60bd1968746f455ad2e1aa52a50858477a98c727331fea71137ae279419a905fcb22124a0ab432b823eaca8b9c27ff2816693999e03841fc00b24ddb66f68e30fab5ba6bd8d4a9d9a78741374093d07bba26d9b5a45554b744f09cf248d7734260670075dd5d3d7c7c062d448ff97f3fedbb1e3433ae5a68797fe71e70f84bb7daf9e3ed48c442f56c2a1ac0437571ef461e460992990269b2e5807ba0054fcbace417b55dd52298aabd20e47041ff5d33af22969765d3299086798127904c321a74398cae0100698360de7e7c49af35291a10b67e1760c0abbdb4203a4603e0bf2274768582984233c39f4a671567b8dc84f89dc985bd2d365e8ea7d0f64de2e6ba12e7609d2fa6dc63e83605eed6935c409bd2d69493febeeb27496d44116f6196c8d26f2a0742bfed5b8b209dddedf7c3ffa81473330a9ecf1c3d1aef3825eaddbe3c0134955ebe7aebecdea89d1d160aa05b73b5a37647fd6dc2ff244d617c865e1f90405f5806666a1080b1034f5adec271b7cfcba95c819103b66c86c175fdc297643e1a955891ae2d479010cce70375b9fd3a4856bca0f6f0e93c575977b8ad72485c3b6aab93253158f886b2fa900bdd61c84f9272b7d3e6bacac8b828b33bb4676602db1f628b0f303a29392bf83ce95bbc8c6db0afd59f9b56d926158c71a85b5421408d1b4e650cbb849b68f14d19a16c6e22f3274ee8aca0e65d62350066a19b47daaee8049e4523013db32c6c43b05ce2d5736be6d4bf2e633ca8e0ed23a903570ab40ea6601ab1660b2ea4f8b427f734839379b7e150a3fbfa75a8f43d5a3050f5fa1ee3ed051f508ef99426ba6a30ef853c7d680353a655fdda307214cbb9107658f15013cb576cc7f944ad923f7bb172d3e9e0abab1111ce726c28cd26e987ef93270d2e2bb6959d2bae96a2cfa53a1b48a66d1423d5c00b81a26f4d8da613efdefed73683bab8127f516e51c79d137f5b48856d08cb3ae619fb06e83b9f44cb989ffb62e03a0ab67346e76e62c1cf7c5b0680fb087cf203320ee685ad9db2f997ca6f19150d4620455b9504415dbed3250d97ee6a5c8630807fa7aaefc40419df140bbf29abfe1a0d85cc98cb75c5d76127692c2f91551bb2edb91a45b1c6653652ea621d6f648c57b9966c3a0ac403c7692fe1a71d92252ea21b7e36bf39684632c31ff7b85cd77e6e46bec3175d875489c5b4e3530237480c7c87589ad6cce824b36ef22939b13e760248a95fb8ce617f3bbd58ddc6cd5dc2161dbd47bd71602e74014888fe089271153d405af426beb064271d63dc7f7aeaeb97d76404f99533924bbdc1f3d71521fee303311d5aed4cc0d75bd01b3498de71ff9226f51ae6c659061f0b1b95c4dc6dbeb80648a04d2aa2b2cf66fc7fb335dd4cad7d57270d0934c78c1848d907a8c8e3bff5f46f998ebb58556c66bed9f2cede607dc86a674b3ef0e7f00e80c18b5d09733e5676d0b3fac68af16326cd483933fece51e439ec379a6658ca8014efd614d7d11e76150cf185b9f7957918c862f2c05c4b511e15ce3b9c2cb9fa177bbcbdeaa5e12d8f951a6fbfdd15be0d7fd5e85a0af20c6f59270ad7e490b564b44f2ce43a6f4a38cff9739c5566e1922b99ac4c01696cdd08e0556fbee8f47256763d14f1ca51ea1810c4a5448273b186af706d9150ee44a29d69466ef1d514a1a556c7c6e94176fe37e6f212bfcd088836c99c13a8764c3d5f8c2ec89715784570b07a4499c903c772041730d98d01eda993a840f6dcc75a58ce696404282e4ad7adf2e898a0ce7b1e589d4d23c97c76f55689d3e5d36d71c53e120d7ee60f4844967b74fd24b2edb946bc22d7277bc87498a8b70aef16cc15da0094a7d76cb5b79cf4cd4aacebbae83f16585cfd8ffa7583b189cbb64184260693ff18dbd4aecda4507f30715fb6043998225c397abe26ab81efbec1419b55441bbef82244d917a05d1fe25334d985579c2c0043a31dcf95ddaaa0a69c223117e200e2bd9b2997d4b7100431d60ce9887302e416978ed5adfd4d591183ad37077d011c01e2f7447387cb18a5770a5781bd48a53ae19028fdf09e93d2652a6c2a102bc4fd440ad0df2854e20af587fbb869f596f5d88e622ef737b5f9f777c8ba8c16396cff162ae9ed9c66b48c2c82763145e47e121ae2af11f6e12ed461c7dc19902439eb7a59f888a72ed21f2e48210f2e4216c58147d6bd718fe3ea0bf3d852d7b79c03e8872c9ff0585819b97ee441fc145b0c4a0165194cf558b61f8274585e3263a557dd3579a5f86444fcdd7b73fabdf2cda38c2e2118e997bc9da7ec2aa6a31ec5d8c799ead7658f743c62df357fe4c56b7d0c166faf031c3f6c73ebb067ad14327931a667fc21b5b28ea8eb0f7879fb86fd1b583002622347a54886b42dfdfb91534bbf53df7be9a79e1df7e592c02980b7df9f7e7ad788fe9f142e654dfe09ef31bd0d3760e9cba15f9d097f760d5729ddb71de092c1bf12d6dd6a7652ea094c4ecc771fc289a012083c6dff0e89ebf3ae87987b3e8baa562995c8e4221bf820b770aa75fb37582c0b48b9efd85e2cc12144f50c301d7a107fba76e9a744ba5c3631c11a563a92aa5c0f0b092c65b889ac7c2f6c95cc1fb37287e748452443a5e4f7f34db2ecc4d3d5771fc17c28aed99bae67085f7865d6093bf089f1e1cd3a113908a21e3d9b8475e4630e01ce1ee639716f50f4c67c5b8a166274dd57517b231a01e4b95beed727ac8a440c643c0ea7fde22f32b26339d8953bea27534ea953a16bd76073c1d94bdfe0a8106777bab8ffccae12a1bd84fce239b5ddb5040298573dbe60cd0c6283f7b05b6591a226bec79bb7d70686edd3767f096133a880c1b16f2ee4c397ccfc5e516c5a68819721fcc9c479d40c4e490fb96e1b0f6ce238210e6394e303b4aeab52118a5dfd8949b4614908ce9d82993558e5b3d6a23792016d4aee3a13020b37246c7f9c1c48bf6429f9d050320a73179c21439864cfb3966accd24a594b35e8b92d2cc4375d879309ea2ee0c0269ab191b0e6b513293294360e363298931e2a4a1fcb08a64f82e8f679310227a7784e363bc59ed1076e661060a84ddf35d96e575f8838639b7c88334dda11110e599c04e9766f0a94ecdc77882897f65f17540835a81a21f23682c284c0f8305f803709874b2f2c508151e9a314a116f9e6db18b99aa321820eafc6ecc17d0d78d56fa717097ac31b58652e98d98db91495be86f8835db9a69c19e27290070a3d1482127e6956fad5e2e150a840627bab6c41f54c2f449023c2d79f893b1ce1a3c9dc10a010944c2e4756ecc132d46ffc1fa2b5cff20bff80efb0e1ff0bae4de9e076ae765688e96b143684ec8270623a46e016aaab2e8b12564b12a8577da183e1fecddb4825e4eece32090522860dcc6e53a0690e1277356d28a0662cb142174e9513f1638565dc8144034db3c4ad84b7835862a07e277e839dd2a62dc80051bdc1b79d84cbde489370d5e63a9ee5e786785d80112549a64253e5d6018d6d009b07defa177654322b3f25e1c15c7ca643e4460b556a1666c1f1a2de6991fca00f494ff610eb1e449c10938047b054352460b3b47c46886b193b95614a3cc792a9d1a9ad4bd1070d4707f142e552e1561cf52a23e6e110b2d4ae8f624afde7788ea6f7d2023347297bff950056477e659a7a387632b2ba0af5e30ec4c8b8c142739fac17039b8bc0315edec6c3a37a494731e208ded81f0a68defbfdc08fbfac4aff4f32ba1711c43465afa68b5a324f2e3410573845af2ea32f7b12d4bf08a602c7395440b14a0a36db728fa13fb44e4e7201928e80ce2441aa3dd39ee5ce209b53a49bfa044dda15ee69a5f18614363a76efe461bc2966db9d5b04c6fbc47f9817284336244f7c3a78621c0999218c2be526aa02bdc5d71b22b857e4e804f4f57a1f0ba9277284ccd2514b2b49c7d60e67a9d82f74869bcdd05e6e9259bfadd129492a2486db744890c3bdf8419cdee7b10751c86cc33e8f0a8bb23b16b1628d267c765212319204be52a40360f6ce53a75f917523b556d842ec577e64c054d4429142f1f5ce1370247be75181cc5701f9972f74bd4127da14d06fcecde08ecb5ab04c5fd9ad01ebb8863b603c3b2bee3f4c7e774b3ad39bd4eeeac36cfdfc2c3fd521eb8574f68490f1ade643bc2849b8962c5f3f313abb17da7e3dee2994c4fce8581b77ece35bc597c04401201401b2fe50ca8617a4262796c1239209f6340752380946aaf898e5a37d8bd3c833d339813756ae5abca4dbdf8ecd4cb070223ed68a30689a461b1e6f6b1b916cbb784ddcbf89d0a5f6219f787f132b9b8498c6052ea40dbc1a0ba2b6990c774046262faa5a506d2d1dc82d67c54b664237e5c6ac1ec81d9fef7db4ec4d0fb7bdf546d331d1e06879f383a69cbc3500000618a39d6f7d936851666cc23408d299e5b588f60e887961e74e0585c62419147628aaa7e2017bca892fcc57b6c2af23fd84f67d962e708c82b07b1ad03948b4c9d1e6114eb1be74b6d331d4453242d2987665b507d4a68f6ad99354b966a88630c7f5cf9ac7eb0063989ade9d21b73871c5a705c7303a8255c156c3585003ad6b1450e4b867db4a4b0ad5ce211c56e1382b455f8b7eb8744e2713f7773d937acafa0c8ec1e8a1b89098176a80ce819affe223d1650bff8ddbf159f10e51e9b2080e1de9d7c4d7abbbe48b4569062861d6fb87aa66eacd7498b867a77c94d1f7d95d4e72e07f9fe967962a49705e6cf26d1c0c70aedb8df4bb11350bd03613acb27065dfdbf853ec45c5d5f1c706fcd60f6ec17ccce4042f3522c5da548ec8806b0efeb31a9563eea97811c27e07c0f7fb282ffc6f4fc4b95a93bb7e92cd7411b123006ccfa96002904003201e312f1608703178877267154cf8bf8852aaf296a7da08a7a6fda3b9ff8e547ba63a32ff87295e2444570912da77690aac6b024604cb76f365a1de3c6e0d489223948b2f9caa60ce5b03a2aee61ff9bf918e19520e7700664a10f2aff9de18c1debbfabcc3839138ed011adb74a87395a86ff8155efccb7cecdcf7e2e8a18919350f72feb3ba0c6db35edb7bd1e27a4c69fc101f96dd4dbfb3ad95c50c7d5be432505d05ca12df86c98fda5c8e4276b917bc0fdc14acf396a11776d40fd981a12762a2ce25004d2568ab9e490ee53d5405f3a1816ed573ef20daa01e3bd8d85ee7cccf0ea69ab9590488c281b7d7dfd70de449f7ddc1d44dc48defb4360e7f088e4a8a6a578555d24d3722538636ddbf561f31362eac0ea0f51bdab97bb9baf391", 0x1000}, {&(0x7f0000002640)="4c2fd11630205e8a0805141a9fc04fa92732d14125c0219241a6ce20cc5b8f00cafa480c21d52d60edea2818cc6b48540082bcaf801a77588217f43ef2d360b2c8732d073af1a05d888d33d12786412a83b9522c00d8017e730e8611b75fa869db050193ac275f4ca33f64e16a39bddd13049ec5d58ea92686a7b09c68bfde484adb3cd93d6c21e3ed2075d321c6cb2800d7a1a16f6a486af4a5acf78899560fbf387d58a2a0a451c668cb8ff31114abdd42e925e94057592d992aa75b2e55777cf67fdad9ee4e39d6a27f55f3b9c3a86bf50d9ad9a371", 0xd7}, {&(0x7f0000002740)="2150357ad7b714ea3283295281aac56c1a503ea1f63cdabd6430cba02368185b28a5c553f540a4f028db85f94a10db41940f8159a5afe64ae3ecab940f080319c8922260b74ad1572e4190ea7a7c26fc2561ed406d4023cb6718b681d7bda1f00b464afc8251c531fb4421e82fc450419f47e8e46a088dd01bd305ddaba0ebdd08da0c5a86c954e2dd97830aebdbf6dd18327cbaa6ac3551f966358b64cd5aebd28875f568598774d3fac8773d8f467f66422a8212ecbf4a4187e9301b1bc206e1548e1b828eab92108ea38945bc12673b546780afb50b8bb46a3599828df34f82", 0xe1}], 0xa, &(0x7f0000002900)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x9}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x6}}, @ip_retopts={{0x8c, 0x0, 0x7, {[@end, @timestamp_prespec={0x44, 0xc, 0xbf, 0x3, 0x1, [{@empty, 0x6}]}, @ssrr={0x89, 0x23, 0x67, [@loopback, @remote, @rand_addr=0x64010100, @multicast2, @empty, @dev={0xac, 0x14, 0x14, 0x2d}, @empty, @local]}, @timestamp_prespec={0x44, 0x2c, 0x21, 0x3, 0xa, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}, {@private=0xa010102, 0x100}, {@empty, 0xff6}, {@empty, 0x7ff}, {@loopback, 0x7}]}, @ra={0x94, 0x4}, @rr={0x7, 0x7, 0xd3, [@multicast2]}, @end, @ra={0x94, 0x4}, @lsrr={0x83, 0xf, 0x2c, [@multicast2, @remote, @loopback]}]}}}], 0xc0}}], 0x4, 0x80)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)
r7 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
process_madvise(r7, &(0x7f00000004c0)=[{&(0x7f0000000440)="9fbf3d5432cde181cf7aa663c21369dc66474352440559c14f8a66055b10970bd60d3360ef805b1e68956c007290e264a3b165d48e7ac0cc07653f4e5ce8bd3732b7402a26de1ebf2b2b53dc79638e9febdb1047f2a92428403ee59c4b8cd4a60563abbe788f1c51e3de87b3d352f15601", 0x71}], 0x1, 0xf, 0x0)

[  992.890448][    C1] sd 0:0:1:0: tag#5085 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  992.894753][ T7079]  device_create+0x17d/0x1d0
[  992.903773][    C1] sd 0:0:1:0: tag#5085 CDB[20]: ba
[  992.908320][ T7079]  ? vsnprintf+0xe8f/0xed0
[  992.917834][ T7079]  bdi_register_va+0x7c/0x3c0
[  992.922547][ T7079]  super_setup_bdi_name+0x93/0x120
[  992.927702][ T7079]  super_setup_bdi+0x45/0x50
[  992.932333][ T7079]  v9fs_mount+0x1cd/0x4c0
[  992.936655][ T7079]  ? selinux_capable+0x34/0x40
[  992.941406][ T7079]  ? tsan.module_ctor+0x10/0x10
[  992.946242][ T7079]  legacy_get_tree+0x70/0xc0
[  992.950816][ T7079]  vfs_get_tree+0x4a/0x1a0
[  992.955218][ T7079]  path_mount+0x11ec/0x1d20
[  992.959707][ T7079]  __se_sys_mount+0x24b/0x2f0
[  992.964435][ T7079]  ? fput+0x2d/0x130
[  992.968318][ T7079]  __x64_sys_mount+0x63/0x70
[  992.972978][ T7079]  do_syscall_64+0x44/0xa0
[  992.977734][ T7079]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  992.983617][ T7079] RIP: 0033:0x7f925409f709
[  992.988014][ T7079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  993.007604][ T7079] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  993.016014][ T7079] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  993.024035][ T7079] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  993.031993][ T7079] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  993.039945][ T7079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
02:28:03 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x8d0a1001, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  993.047894][ T7079] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:28:03 executing program 0:
set_mempolicy(0x1, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
set_mempolicy(0x1, &(0x7f0000000000)=0x4, 0x40)
set_mempolicy(0x8000, &(0x7f0000000040), 0x4)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000c80)={0x1, &(0x7f0000000c40)=[{0x6}]}, 0x10)

02:28:03 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 59)

02:28:03 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f0000000340)=@IORING_OP_CONNECT={0x10, 0x1, 0x0, 0xffffffffffffffff, 0x80, &(0x7f0000000440)=@l2tp6={0xa, 0x0, 0x1f, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x8, 0x1}}, 0x200)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
r6 = syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000)=<r7=>0x0, &(0x7f0000000140)=<r8=>0x0)
syz_io_uring_submit(r1, r8, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r9, 0x0)
preadv(r9, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
syz_io_uring_submit(r7, 0x0, &(0x7f00000004c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd=r6, 0x0, 0x0, 0xfff, 0x3, 0x1, {0x0, 0x0, r9}}, 0x8001)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:28:03 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x94030000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  993.170212][ T7115] FAULT_INJECTION: forcing a failure.
[  993.170212][ T7115] name failslab, interval 1, probability 0, space 0, times 0
[  993.182873][ T7115] CPU: 0 PID: 7115 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  993.191574][ T7115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  993.201676][ T7115] Call Trace:
[  993.204973][ T7115]  dump_stack_lvl+0xd6/0x122
[  993.209571][ T7115]  dump_stack+0x11/0x1b
[  993.213717][ T7115]  should_fail+0x23c/0x250
[  993.218134][ T7115]  ? __kernfs_new_node+0x6a/0x330
[  993.223182][ T7115]  __should_failslab+0x81/0x90
[  993.227940][ T7115]  should_failslab+0x5/0x20
[  993.232501][ T7115]  kmem_cache_alloc+0x4f/0x300
[  993.237358][ T7115]  ? __down_write_common+0x42/0x830
[  993.242588][ T7115]  __kernfs_new_node+0x6a/0x330
[  993.247438][ T7115]  ? up_write+0x25/0xc0
[  993.251575][ T7115]  kernfs_new_node+0x5b/0xd0
[  993.256210][ T7115]  __kernfs_create_file+0x45/0x1a0
[  993.261311][ T7115]  sysfs_add_file_mode_ns+0x1c1/0x250
[  993.266667][ T7115]  sysfs_merge_group+0xc5/0x1a0
[  993.271512][ T7115]  dpm_sysfs_add+0x9d/0x1d0
[  993.276006][ T7115]  device_add+0x9b6/0xf40
[  993.280334][ T7115]  device_create+0x17d/0x1d0
[  993.284995][ T7115]  ? vsnprintf+0xe8f/0xed0
[  993.289406][ T7115]  bdi_register_va+0x7c/0x3c0
[  993.294102][ T7115]  super_setup_bdi_name+0x93/0x120
[  993.299202][ T7115]  super_setup_bdi+0x45/0x50
[  993.303819][ T7115]  v9fs_mount+0x1cd/0x4c0
[  993.308156][ T7115]  ? selinux_capable+0x34/0x40
[  993.312915][ T7115]  ? tsan.module_ctor+0x10/0x10
[  993.317758][ T7115]  legacy_get_tree+0x70/0xc0
[  993.322336][ T7115]  vfs_get_tree+0x4a/0x1a0
[  993.326740][ T7115]  path_mount+0x11ec/0x1d20
[  993.331228][ T7115]  __se_sys_mount+0x24b/0x2f0
[  993.335887][ T7115]  ? fput+0x2d/0x130
[  993.339766][ T7115]  __x64_sys_mount+0x63/0x70
[  993.344416][ T7115]  do_syscall_64+0x44/0xa0
[  993.348901][ T7115]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  993.354859][ T7115] RIP: 0033:0x7f925409f709
[  993.359257][ T7115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  993.378842][ T7115] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  993.387237][ T7115] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  993.395196][ T7115] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  993.403149][ T7115] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  993.411100][ T7115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  993.419111][ T7115] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:28:03 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x97ffffff, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:28:03 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x700, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:28:03 executing program 0:
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xe6, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0}, 0x10}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"})
r2 = syz_open_pts(r1, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x1b)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000200)=0x2)
read(r2, 0x0, 0x2000)
dup2(r0, r2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r3, 0x0)
preadv(r3, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
dup3(r3, r3, 0x80000)

02:28:03 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x4, 0x1010, r0, 0x8000000)
syz_io_uring_setup(0x3ede, &(0x7f0000000240), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100)=<r7=>0x0, &(0x7f0000000140)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x5}, 0x0)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r6, r8, &(0x7f0000000340)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x2, 0x0, @fd=r0, 0x3, 0x0, 0x80000000, 0x4, 0x1, {0x0, r9}}, 0x3)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r10=>0x0)
syz_io_uring_submit(r1, r10, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:28:03 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 60)

02:28:03 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:28:03 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xa3374d61, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  993.635056][ T7136] FAULT_INJECTION: forcing a failure.
[  993.635056][ T7136] name failslab, interval 1, probability 0, space 0, times 0
[  993.647738][ T7136] CPU: 0 PID: 7136 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  993.656402][ T7136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  993.666448][ T7136] Call Trace:
[  993.669716][ T7136]  dump_stack_lvl+0xd6/0x122
[  993.674296][ T7136]  dump_stack+0x11/0x1b
[  993.678436][ T7136]  should_fail+0x23c/0x250
[  993.682834][ T7136]  ? __kernfs_new_node+0x6a/0x330
[  993.687845][ T7136]  __should_failslab+0x81/0x90
[  993.692619][ T7136]  should_failslab+0x5/0x20
[  993.697106][ T7136]  kmem_cache_alloc+0x4f/0x300
[  993.701853][ T7136]  ? __down_write_common+0x42/0x830
[  993.707032][ T7136]  __kernfs_new_node+0x6a/0x330
[  993.711900][ T7136]  ? up_write+0x25/0xc0
[  993.716048][ T7136]  kernfs_new_node+0x5b/0xd0
[  993.720625][ T7136]  __kernfs_create_file+0x45/0x1a0
[  993.725756][ T7136]  sysfs_add_file_mode_ns+0x1c1/0x250
[  993.731110][ T7136]  sysfs_merge_group+0xc5/0x1a0
[  993.736002][ T7136]  dpm_sysfs_add+0x9d/0x1d0
[  993.740489][ T7136]  device_add+0x9b6/0xf40
[  993.744802][ T7136]  device_create+0x17d/0x1d0
[  993.749374][ T7136]  ? vsnprintf+0xe8f/0xed0
[  993.753772][ T7136]  bdi_register_va+0x7c/0x3c0
[  993.758448][ T7136]  super_setup_bdi_name+0x93/0x120
[  993.763541][ T7136]  super_setup_bdi+0x45/0x50
[  993.768111][ T7136]  v9fs_mount+0x1cd/0x4c0
[  993.772425][ T7136]  ? selinux_capable+0x34/0x40
[  993.777170][ T7136]  ? tsan.module_ctor+0x10/0x10
[  993.782003][ T7136]  legacy_get_tree+0x70/0xc0
[  993.786686][ T7136]  vfs_get_tree+0x4a/0x1a0
[  993.791149][ T7136]  path_mount+0x11ec/0x1d20
[  993.795693][ T7136]  __se_sys_mount+0x24b/0x2f0
[  993.800426][ T7136]  ? fput+0x2d/0x130
[  993.804308][ T7136]  __x64_sys_mount+0x63/0x70
[  993.808901][ T7136]  do_syscall_64+0x44/0xa0
[  993.813304][ T7136]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  993.819197][ T7136] RIP: 0033:0x7f925409f709
[  993.823590][ T7136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  993.843209][ T7136] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  993.851613][ T7136] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  993.859563][ T7136] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  993.867515][ T7136] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  993.875512][ T7136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  993.883461][ T7136] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
[  993.900657][ T7135] serio: Serial port pts0
02:28:03 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xc0ed0000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:28:03 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f0000000580)={0x0, 0x4ff7}, &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000008c0)=@IORING_OP_OPENAT2={0x1c, 0x1, 0x0, 0xffffffffffffffff, &(0x7f00000001c0)={0x80000, 0x18}, &(0x7f0000000900)='./file0\x00', 0x18, 0x0, 0x12345}, 0x1)
pwritev2(r0, &(0x7f0000000340)=[{&(0x7f0000000440)="cd1399d7c603155c89633f852c4a2f8b1fd2fc54b6a52ea3501a8cea17467faeeef81af9a3aaff8fbdb25c5e0798e55f75372908a05ff0194f0d626c8177de1e403fc72356cfe19b18db5d24f520c51ada6069ef1a208b55cbce6b31be3193360612039e9382c5822e83146bafb18062536fc29cd1c67b47e83b26e75c867ecc6cd3b1dbf273296b2b36e27f6ab7410e5a4fc746a0902bd2ed3f393e172f901dd8038bc2961d954f424ad15c", 0xac}, {&(0x7f0000000500)="99485a7c2bcda78486c51205cbe6ab5a20e7605a324ddb85f7bb60146491256fa553e2f748376d34f10f30a5664943c67361a147a3926affb43b7ff7b280994d97dc2d710230c22f2f3b59b5d7b47ed96d90", 0x52}], 0x2, 0x7, 0x8, 0xc)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000300), 0x80000, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r5, 0x4004f50d, &(0x7f0000000600)=0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r6, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_setup(0x6560, &(0x7f0000000640)={0x0, 0x2644, 0x2, 0x2, 0x261, 0x0, r0}, &(0x7f0000ee7000/0x3000)=nil, &(0x7f0000ee5000/0x4000)=nil, &(0x7f00000006c0), &(0x7f0000000700)=<r8=>0x0)
syz_io_uring_submit(0x0, r8, &(0x7f0000000880)=@IORING_OP_SENDMSG={0x9, 0x5, 0x0, r5, 0x0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000000740)="070d3642a8250ac01365abaf2bc865573620346424cbb797b6092e8de1412a3986eeeec76a1fcbb4c77c8460d9306ba8ddea0f44a5aec8c48b87abf61010e0be0fbe29e8759167aefa0d4310ecb85cde712152a77099e545b2e8655ff69964329e4ffaa97bee646eb34cdfcbdb93d8d359ea1ecea9071867e4f0236d641faf6f542dd101c27a781174a11cbbcfd2b2c1cf537e70e74e96a176fec15437a8d8528024095fd7e5af68b98e5b79", 0xac}], 0x1}}, 0x8)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

[  993.933368][ T7150] loop4: detected capacity change from 0 to 87
[  993.972528][    C0] sd 0:0:1:0: tag#5088 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
02:28:03 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 61)

[  993.982364][    C0] sd 0:0:1:0: tag#5088 CDB: opcode=0xe5 (vendor)
[  993.988707][    C0] sd 0:0:1:0: tag#5088 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  993.997752][    C0] sd 0:0:1:0: tag#5088 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  993.997755][ T7166] FAULT_INJECTION: forcing a failure.
[  993.997755][ T7166] name failslab, interval 1, probability 0, space 0, times 0
[  993.997791][ T7166] CPU: 1 PID: 7166 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  993.997823][    C0] ==================================================================
[  993.997811][ T7166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  993.997848][ T7166] Call Trace:
[  993.997843][    C0] BUG: KCSAN: data-race in data_push_tail / dentry_name
[  993.997854][ T7166]  dump_stack_lvl+0xd6/0x122
[  993.997871][    C0] 
[  993.997875][ T7166]  dump_stack+0x11/0x1b
[  993.997876][    C0] write to 0xffffffff84128393 of 1 bytes by task 7166 on cpu 1:
[  993.997894][ T7166]  should_fail+0x23c/0x250
[  993.997893][    C0]  dentry_name+0x306/0x380
[  993.997912][ T7166]  ? __kernfs_new_node+0x6a/0x330
[  993.997915][    C0]  pointer+0x58e/0x830
[  993.997935][    C0]  vsnprintf+0x8a1/0xed0
[  993.997937][ T7166]  __should_failslab+0x81/0x90
[  993.997953][    C0]  vscnprintf+0x29/0x80
[  993.997968][    C0]  vprintk_store+0x606/0xb80
[  993.997972][ T7166]  should_failslab+0x5/0x20
[  993.997986][    C0]  vprintk_emit+0xac/0x390
[  993.997992][ T7166]  kmem_cache_alloc+0x4f/0x300
[  993.998002][    C0]  vprintk_default+0x22/0x30
[  993.998011][ T7166]  ? __down_write_common+0x42/0x830
[  993.998020][    C0]  vprintk+0x7f/0x90
[  993.998031][ T7166]  __kernfs_new_node+0x6a/0x330
[  993.998037][    C0]  _printk+0x76/0x97
[  993.998052][    C0]  should_fail+0x223/0x250
[  993.998067][    C0]  __should_failslab+0x81/0x90
[  993.998082][    C0]  should_failslab+0x5/0x20
[  993.998092][ T7166]  ? up_write+0x25/0xc0
[  993.998100][    C0]  kmem_cache_alloc+0x4f/0x300
[  993.998111][ T7166]  kernfs_new_node+0x5b/0xd0
[  993.998118][    C0]  __kernfs_new_node+0x6a/0x330
[  993.998134][ T7166]  __kernfs_create_file+0x45/0x1a0
[  993.998141][    C0]  kernfs_new_node+0x5b/0xd0
[  993.998153][ T7166]  sysfs_add_file_mode_ns+0x1c1/0x250
[  993.998164][    C0]  __kernfs_create_file+0x45/0x1a0
[  993.998182][    C0]  sysfs_add_file_mode_ns+0x1c1/0x250
[  993.998179][ T7166]  sysfs_merge_group+0xc5/0x1a0
[  993.998198][    C0]  sysfs_merge_group+0xc5/0x1a0
[  993.998211][ T7166]  dpm_sysfs_add+0x9d/0x1d0
[  993.998217][    C0]  dpm_sysfs_add+0x9d/0x1d0
[  993.998232][ T7166]  device_add+0x9b6/0xf40
[  993.998237][    C0]  device_add+0x9b6/0xf40
[  993.998256][    C0]  device_create+0x17d/0x1d0
[  993.998274][    C0]  bdi_register_va+0x7c/0x3c0
[  993.998256][ T7166]  device_create+0x17d/0x1d0
[  993.998293][    C0]  super_setup_bdi_name+0x93/0x120
[  993.998310][    C0]  super_setup_bdi+0x45/0x50
[  993.998311][ T7166]  ? vsnprintf+0xe8f/0xed0
[  993.998327][    C0]  v9fs_mount+0x1cd/0x4c0
[  993.998331][ T7166]  bdi_register_va+0x7c/0x3c0
[  993.998347][    C0]  legacy_get_tree+0x70/0xc0
[  993.998361][ T7166]  super_setup_bdi_name+0x93/0x120
[  993.998369][    C0]  vfs_get_tree+0x4a/0x1a0
[  993.998384][    C0]  path_mount+0x11ec/0x1d20
[  993.998401][    C0]  __se_sys_mount+0x24b/0x2f0
[  993.998411][ T7166]  super_setup_bdi+0x45/0x50
[  993.998421][    C0]  __x64_sys_mount+0x63/0x70
[  993.998441][    C0]  do_syscall_64+0x44/0xa0
[  993.998459][    C0]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  993.998430][ T7166]  v9fs_mount+0x1cd/0x4c0
[  993.998483][    C0] 
[  993.998487][    C0] read to 0xffffffff84128390 of 8 bytes by interrupt on cpu 0:
[  993.998486][ T7166]  ? selinux_capable+0x34/0x40
[  993.998503][    C0]  data_push_tail+0x138/0x470
[  993.998519][    C0]  data_alloc+0xbc/0x2b0
[  993.998533][    C0]  prb_reserve+0x920/0xbf0
[  993.998548][    C0]  vprintk_store+0x53a/0xb80
[  993.998561][    C0]  vprintk_emit+0xac/0x390
[  993.998564][ T7166]  ? tsan.module_ctor+0x10/0x10
[  993.998577][    C0]  dev_vprintk_emit+0x1c9/0x1ed
[  993.998585][ T7166]  legacy_get_tree+0x70/0xc0
[  993.998599][    C0]  dev_printk_emit+0x7e/0xa2
[  993.998607][ T7166]  vfs_get_tree+0x4a/0x1a0
[  993.998621][    C0]  __dev_printk+0xfa/0x103
[  993.998640][    C0]  _dev_printk+0x84/0xb0
[  993.998655][    C0]  scsi_print_command+0x4c2/0x540
[  993.998677][    C0]  scsi_io_completion+0xfe6/0x10c0
[  993.998625][ T7166]  path_mount+0x11ec/0x1d20
[  993.998695][    C0]  scsi_finish_command+0x1ba/0x1d0
[  993.998710][ T7166]  __se_sys_mount+0x24b/0x2f0
[  993.998714][    C0]  scsi_complete+0x1aa/0x1e0
[  993.998731][ T7166]  ? fput+0x2d/0x130
[  993.998738][    C0]  blk_done_softirq+0x69/0x90
[  993.998752][ T7166]  __x64_sys_mount+0x63/0x70
[  993.998761][    C0]  __do_softirq+0x12c/0x26e
[  993.998778][    C0]  run_ksoftirqd+0x13/0x20
[  993.998791][    C0]  smpboot_thread_fn+0x22f/0x330
[  993.998807][    C0]  kthread+0x262/0x280
[  993.998774][ T7166]  do_syscall_64+0x44/0xa0
[  993.998827][    C0]  ret_from_fork+0x1f/0x30
[  993.998834][ T7166]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  993.998846][    C0] 
[  993.998850][    C0] value changed: 0x0000000100003fe9 -> 0x000000010020656d
[  993.998862][    C0] 
[  993.998859][ T7166] RIP: 0033:0x7f925409f709
[  993.998865][    C0] Reported by Kernel Concurrency Sanitizer on:
[  993.998873][ T7166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  993.998872][    C0] CPU: 0 PID: 10 Comm: ksoftirqd/0 Not tainted 5.15.0-rc2-syzkaller #0
[  993.998891][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  993.998903][    C0] ==================================================================
[  993.998903][ T7166] RSP: 002b:00007f9251e17188 EFLAGS: 00000246
02:28:04 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xdaffffff, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:28:04 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:28:04 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r5, 0x0)
preadv(r5, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
io_uring_enter(r5, 0x4ab7, 0x68e8, 0x1, &(0x7f0000000340)={[0x3ff]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r6, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

[  993.998916][ T7166]  ORIG_RAX: 00000000000000a5
[  993.998923][ T7166] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  994.007948][    C0] sd 0:0:1:0: tag#5088 CDB[20]: ba
[  994.020482][ T7166] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  994.020496][ T7166] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  994.020507][ T7166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  994.574057][ T7166] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:28:04 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x804, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:28:04 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 62)

02:28:04 executing program 0:
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xe6, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0}, 0x10}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"})
r2 = syz_open_pts(r1, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x1b)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000200)=0x2)
read(r2, 0x0, 0x2000)
dup2(r0, r2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r3, 0x0)
preadv(r3, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
dup3(r3, r3, 0x80000)

02:28:04 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xe1020000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  994.679298][ T7195] loop4: detected capacity change from 0 to 87
[  994.685888][ T7193] serio: Serial port pts0
[  994.687393][ T7196] FAULT_INJECTION: forcing a failure.
[  994.687393][ T7196] name failslab, interval 1, probability 0, space 0, times 0
[  994.702910][ T7196] CPU: 1 PID: 7196 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  994.711573][ T7196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  994.721615][ T7196] Call Trace:
[  994.724957][ T7196]  dump_stack_lvl+0xd6/0x122
[  994.729533][ T7196]  dump_stack+0x11/0x1b
[  994.733669][ T7196]  should_fail+0x23c/0x250
[  994.738088][ T7196]  ? __kernfs_new_node+0x6a/0x330
[  994.743117][ T7196]  __should_failslab+0x81/0x90
[  994.747861][ T7196]  should_failslab+0x5/0x20
[  994.752347][ T7196]  kmem_cache_alloc+0x4f/0x300
[  994.757094][ T7196]  ? __down_write_common+0x42/0x830
[  994.762286][ T7196]  __kernfs_new_node+0x6a/0x330
[  994.767181][ T7196]  ? up_write+0x25/0xc0
[  994.771316][ T7196]  kernfs_new_node+0x5b/0xd0
[  994.775893][ T7196]  __kernfs_create_file+0x45/0x1a0
[  994.780989][ T7196]  sysfs_add_file_mode_ns+0x1c1/0x250
[  994.786368][ T7196]  sysfs_merge_group+0xc5/0x1a0
[  994.791203][ T7196]  dpm_sysfs_add+0x9d/0x1d0
[  994.795695][ T7196]  device_add+0x9b6/0xf40
[  994.800030][ T7196]  device_create+0x17d/0x1d0
[  994.804605][ T7196]  ? vsnprintf+0xe8f/0xed0
[  994.809086][ T7196]  bdi_register_va+0x7c/0x3c0
[  994.813796][ T7196]  super_setup_bdi_name+0x93/0x120
[  994.818918][ T7196]  super_setup_bdi+0x45/0x50
[  994.823490][ T7196]  v9fs_mount+0x1cd/0x4c0
[  994.827809][ T7196]  ? selinux_capable+0x34/0x40
[  994.832552][ T7196]  ? tsan.module_ctor+0x10/0x10
[  994.837384][ T7196]  legacy_get_tree+0x70/0xc0
[  994.841962][ T7196]  vfs_get_tree+0x4a/0x1a0
[  994.846357][ T7196]  path_mount+0x11ec/0x1d20
[  994.850907][ T7196]  __se_sys_mount+0x24b/0x2f0
[  994.855568][ T7196]  ? fput+0x2d/0x130
[  994.859521][ T7196]  __x64_sys_mount+0x63/0x70
[  994.864094][ T7196]  do_syscall_64+0x44/0xa0
[  994.868498][ T7196]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  994.874377][ T7196] RIP: 0033:0x7f925409f709
[  994.878775][ T7196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  994.898370][ T7196] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  994.906792][ T7196] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  994.914744][ T7196] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  994.922694][ T7196] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
02:28:04 executing program 5:
r0 = syz_io_uring_setup(0x8db, &(0x7f0000000480)={0x0, 0x1, 0x20, 0xfffffffc, 0xfffffffc}, &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f00000016c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
r5 = io_uring_setup(0x3828, &(0x7f0000000000)={0x0, 0x0, 0x8, 0x0, 0xffffffff, 0x0, r0})
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0x11, 0x400000, r6)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x7ee3233589471238, 0x0, @fd_index=0x9, 0xac, 0x0, 0xffffffff, 0x0, 0x1, {0x0, r6}}, 0xfffffffb)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000340)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x2, 0x0, 0x0, 0x0, {0x80}, 0x0, {0x0, r6}}, 0x8)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000100)=@IORING_OP_OPENAT={0x12, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x4}, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000180)=@IORING_OP_RECVMSG={0xa, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000001680)={0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000000440)=""/38, 0x26}, {&(0x7f0000001700)=""/228, 0xe4}, {&(0x7f0000000580)=""/4096, 0x1000}, {&(0x7f0000000400)=""/64, 0x40}], 0x4, &(0x7f0000001600)=""/70, 0x46}, 0x0, 0x40000001, 0x0, {0x1}}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:28:04 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xe7ff0100, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  994.930651][ T7196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  994.938663][ T7196] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:28:04 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 63)

02:28:04 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xea020000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  994.989872][    C0] sd 0:0:1:0: tag#5090 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  994.999720][    C0] sd 0:0:1:0: tag#5090 CDB: opcode=0xe5 (vendor)
[  995.006066][    C0] sd 0:0:1:0: tag#5090 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  995.015101][    C0] sd 0:0:1:0: tag#5090 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  995.021888][ T7212] FAULT_INJECTION: forcing a failure.
[  995.021888][ T7212] name failslab, interval 1, probability 0, space 0, times 0
[  995.024122][    C0] sd 0:0:1:0: tag#5090 CDB[20]: ba
[  995.041853][ T7212] CPU: 1 PID: 7212 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  995.050520][ T7212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  995.060637][ T7212] Call Trace:
[  995.063907][ T7212]  dump_stack_lvl+0xd6/0x122
[  995.068498][ T7212]  dump_stack+0x11/0x1b
[  995.072647][ T7212]  should_fail+0x23c/0x250
[  995.077063][ T7212]  ? kzalloc+0x1d/0x30
[  995.081132][ T7212]  __should_failslab+0x81/0x90
[  995.085946][ T7212]  should_failslab+0x5/0x20
02:28:05 executing program 5:
r0 = syz_io_uring_setup(0x1ba9, &(0x7f00000002c0)={0x0, 0x80, 0x2, 0x0, 0x1f9}, &(0x7f00000d9000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000340)=<r2=>0x0)
open$dir(&(0x7f0000000100)='./file0\x00', 0x301, 0x12)
syz_io_uring_submit(r1, r2, &(0x7f0000000440)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x77359400}, 0x1, 0x0, 0x1}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:28:05 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xf6ffffff, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  995.090448][ T7212]  __kmalloc+0x6f/0x350
[  995.094601][ T7212]  ? kobject_uevent_env+0x1a7/0xc40
[  995.099817][ T7212]  kzalloc+0x1d/0x30
[  995.103725][ T7212]  kobject_get_path+0x7c/0x110
[  995.108532][ T7212]  kobject_uevent_env+0x1be/0xc40
[  995.113555][ T7212]  ? kernfs_put+0x39/0x300
[  995.118033][ T7212]  ? __list_add_valid+0x28/0x90
[  995.122947][ T7212]  kobject_uevent+0x18/0x20
[  995.127443][ T7212]  device_add+0xa9e/0xf40
[  995.131766][ T7212]  device_create+0x17d/0x1d0
[  995.136402][ T7212]  ? vsnprintf+0xe8f/0xed0
[  995.140815][ T7212]  bdi_register_va+0x7c/0x3c0
[  995.145496][ T7212]  super_setup_bdi_name+0x93/0x120
[  995.150603][ T7212]  super_setup_bdi+0x45/0x50
[  995.155187][ T7212]  v9fs_mount+0x1cd/0x4c0
[  995.159516][ T7212]  ? selinux_capable+0x34/0x40
[  995.164290][ T7212]  ? tsan.module_ctor+0x10/0x10
[  995.169197][ T7212]  legacy_get_tree+0x70/0xc0
[  995.173778][ T7212]  vfs_get_tree+0x4a/0x1a0
[  995.178188][ T7212]  path_mount+0x11ec/0x1d20
[  995.182775][ T7212]  __se_sys_mount+0x24b/0x2f0
[  995.187529][ T7212]  ? fput+0x2d/0x130
[  995.191465][ T7212]  __x64_sys_mount+0x63/0x70
[  995.196097][ T7212]  do_syscall_64+0x44/0xa0
[  995.200509][ T7212]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  995.206401][ T7212] RIP: 0033:0x7f925409f709
[  995.210803][ T7212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  995.230401][ T7212] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  995.238919][ T7212] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  995.246886][ T7212] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  995.254853][ T7212] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  995.262818][ T7212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  995.270782][ T7212] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:28:05 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:28:05 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xfdffffff, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:28:05 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x2e6}, &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x3, 0x0, 0x59c, 0x0, &(0x7f0000000440)="d2f48d2121c1f81efd870dff10f6417dd5cde3ae442339b4d0e31b5f6d9e5314cf1dce189565c470", 0x5, 0x0, 0x1}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x5}, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r6, 0x0)
preadv(r6, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000340)=@IORING_OP_WRITE_FIXED={0x5, 0x5, 0x0, @fd=r6, 0x665e00, 0x8, 0xc78, 0x18, 0x1, {0x3}}, 0x3)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(0x0, r7, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x3)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:28:05 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 64)

02:28:05 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x820, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:28:05 executing program 0:
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xe6, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0}, 0x10}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"})
r2 = syz_open_pts(r1, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x1b)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000200)=0x2)
read(r2, 0x0, 0x2000)
dup2(r0, r2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r3, 0x0)
preadv(r3, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
dup3(r3, r3, 0x80000)

02:28:05 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xfeff0000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  995.563926][ T7244] serio: Serial port pts0
[  995.573265][ T7243] FAULT_INJECTION: forcing a failure.
[  995.573265][ T7243] name failslab, interval 1, probability 0, space 0, times 0
[  995.585887][ T7243] CPU: 1 PID: 7243 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  995.594573][ T7243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  995.604693][ T7243] Call Trace:
[  995.607958][ T7243]  dump_stack_lvl+0xd6/0x122
02:28:05 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_FLAGS(r1, 0x114, &(0x7f0000000340)=0x1, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f00000db000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
r8 = syz_open_dev$vcsu(&(0x7f0000000440), 0xdb, 0x8000)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd=r8}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x6478, &(0x7f0000000480)={0x0, 0xcd0f, 0x82eb1d87a1c3d859, 0x3, 0x9b, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000dc000/0x2000)=nil, &(0x7f0000000500), &(0x7f0000000540)=<r9=>0x0)
syz_io_uring_submit(r6, r9, &(0x7f00000005c0)=@IORING_OP_TIMEOUT={0xb, 0x2, 0x0, 0x0, 0x7, &(0x7f0000000580)={0x77359400}, 0x1, 0x0, 0x1}, 0xfffffffa)

02:28:05 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xfeffffff, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  995.612576][ T7243]  dump_stack+0x11/0x1b
[  995.616734][ T7243]  should_fail+0x23c/0x250
[  995.621149][ T7243]  ? kzalloc+0x1d/0x30
[  995.625229][ T7243]  __should_failslab+0x81/0x90
[  995.629986][ T7243]  should_failslab+0x5/0x20
[  995.634499][ T7243]  __kmalloc+0x6f/0x350
[  995.638650][ T7243]  ? kobject_uevent_env+0x1a7/0xc40
[  995.643876][ T7243]  kzalloc+0x1d/0x30
[  995.647807][ T7243]  kobject_get_path+0x7c/0x110
[  995.652569][ T7243]  kobject_uevent_env+0x1be/0xc40
[  995.657604][ T7243]  ? kernfs_put+0x39/0x300
[  995.662051][ T7243]  ? __list_add_valid+0x28/0x90
[  995.666961][ T7243]  kobject_uevent+0x18/0x20
[  995.671472][ T7243]  device_add+0xa9e/0xf40
[  995.675784][ T7243]  device_create+0x17d/0x1d0
[  995.680419][ T7243]  ? vsnprintf+0xe8f/0xed0
[  995.684824][ T7243]  bdi_register_va+0x7c/0x3c0
[  995.689507][ T7243]  super_setup_bdi_name+0x93/0x120
[  995.694604][ T7243]  super_setup_bdi+0x45/0x50
[  995.699177][ T7243]  v9fs_mount+0x1cd/0x4c0
[  995.703558][ T7243]  ? selinux_capable+0x34/0x40
[  995.708357][ T7243]  ? tsan.module_ctor+0x10/0x10
[  995.713216][ T7243]  legacy_get_tree+0x70/0xc0
[  995.717798][ T7243]  vfs_get_tree+0x4a/0x1a0
[  995.722202][ T7243]  path_mount+0x11ec/0x1d20
[  995.726713][ T7243]  __se_sys_mount+0x24b/0x2f0
[  995.731378][ T7243]  ? fput+0x2d/0x130
[  995.735261][ T7243]  __x64_sys_mount+0x63/0x70
[  995.739843][ T7243]  do_syscall_64+0x44/0xa0
[  995.744341][ T7243]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  995.750236][ T7243] RIP: 0033:0x7f925409f709
[  995.754639][ T7243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  995.774305][ T7243] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  995.782704][ T7243] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  995.790659][ T7243] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  995.798614][ T7243] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  995.806566][ T7243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
02:28:05 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xff030000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  995.814518][ T7243] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
[  995.853946][ T7265] loop4: detected capacity change from 0 to 87
02:28:05 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
syz_io_uring_setup(0x3ede, &(0x7f0000000240), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x5}, 0x0)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000340), 0x80800, 0x0)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000440)=@IORING_OP_READ_FIXED={0x4, 0xa, 0x4000, @fd=r6, 0xffff, 0x6, 0x10001}, 0x200)
r7 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(0x0, r7, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000240)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x1, &(0x7f00000004c0), 0x1, 0x1}, 0x0)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
shutdown(0xffffffffffffffff, 0x0)
syz_io_uring_submit(r1, r8, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r9=>0x0)
syz_io_uring_submit(r1, r9, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0xfffffffd)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:28:05 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 65)

[  995.887626][    C1] sd 0:0:1:0: tag#5094 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  995.897468][    C1] sd 0:0:1:0: tag#5094 CDB: opcode=0xe5 (vendor)
[  995.903812][    C1] sd 0:0:1:0: tag#5094 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  995.912854][    C1] sd 0:0:1:0: tag#5094 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  995.921904][    C1] sd 0:0:1:0: tag#5094 CDB[20]: ba
02:28:05 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:28:05 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xffff0000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  995.933190][ T7279] FAULT_INJECTION: forcing a failure.
[  995.933190][ T7279] name failslab, interval 1, probability 0, space 0, times 0
[  995.945821][ T7279] CPU: 0 PID: 7279 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  995.954534][ T7279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  995.964584][ T7279] Call Trace:
[  995.967854][ T7279]  dump_stack_lvl+0xd6/0x122
[  995.972442][ T7279]  dump_stack+0x11/0x1b
[  995.976600][ T7279]  should_fail+0x23c/0x250
[  995.981020][ T7279]  __should_failslab+0x81/0x90
02:28:05 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f0000000440)={0x0, 0x0, 0x4}, &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f0000000140), &(0x7f0000000280)=0x8)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
r5 = io_uring_setup(0x13be, &(0x7f0000000000))
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0x11, 0x400000, r6)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x7ee3233589471238, 0x0, @fd_index=0x9, 0xac, 0x0, 0xffffffff, 0x0, 0x1, {0x0, r6}}, 0xfffffffb)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000500)=@IORING_OP_WRITE_FIXED={0x5, 0x3, 0x4000, @fd=r0, 0x2, 0x7cb, 0x5, 0x8, 0x0, {0x1, r6}}, 0xfffffffd)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000, 0xd}, 0x0)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r7, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index, 0xfffffffffffffffd}, 0x1000000)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:28:05 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xfffffe00, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  995.985785][ T7279]  should_failslab+0x5/0x20
[  995.990283][ T7279]  kmem_cache_alloc_node_trace+0x61/0x2e0
[  995.996048][ T7279]  ? __kmalloc_node_track_caller+0x30/0x40
[  996.001854][ T7279]  __kmalloc_node_track_caller+0x30/0x40
[  996.007526][ T7279]  ? alloc_uevent_skb+0x5b/0x120
[  996.012460][ T7279]  __alloc_skb+0x187/0x420
[  996.016874][ T7279]  alloc_uevent_skb+0x5b/0x120
[  996.021711][ T7279]  kobject_uevent_env+0x863/0xc40
[  996.026761][ T7279]  ? __list_add_valid+0x28/0x90
[  996.031617][ T7279]  kobject_uevent+0x18/0x20
[  996.036139][ T7279]  device_add+0xa9e/0xf40
[  996.040492][ T7279]  device_create+0x17d/0x1d0
[  996.045078][ T7279]  ? vsnprintf+0xe8f/0xed0
[  996.049485][ T7279]  bdi_register_va+0x7c/0x3c0
[  996.054171][ T7279]  super_setup_bdi_name+0x93/0x120
[  996.059270][ T7279]  super_setup_bdi+0x45/0x50
[  996.063851][ T7279]  v9fs_mount+0x1cd/0x4c0
[  996.068302][ T7279]  ? selinux_capable+0x34/0x40
[  996.073061][ T7279]  ? tsan.module_ctor+0x10/0x10
[  996.077905][ T7279]  legacy_get_tree+0x70/0xc0
[  996.082475][ T7279]  vfs_get_tree+0x4a/0x1a0
[  996.086887][ T7279]  path_mount+0x11ec/0x1d20
[  996.091371][ T7279]  __se_sys_mount+0x24b/0x2f0
[  996.096027][ T7279]  ? fput+0x2d/0x130
[  996.099940][ T7279]  __x64_sys_mount+0x63/0x70
[  996.104518][ T7279]  do_syscall_64+0x44/0xa0
[  996.108923][ T7279]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  996.114866][ T7279] RIP: 0033:0x7f925409f709
[  996.119258][ T7279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  996.138918][ T7279] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  996.147309][ T7279] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  996.155318][ T7279] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  996.163267][ T7279] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  996.171236][ T7279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  996.179191][ T7279] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
02:28:06 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xffffff7f, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  996.242637][ T7300] loop4: detected capacity change from 0 to 87
[  996.262622][    C1] sd 0:0:1:0: tag#5095 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  996.272462][    C1] sd 0:0:1:0: tag#5095 CDB: opcode=0xe5 (vendor)
[  996.278807][    C1] sd 0:0:1:0: tag#5095 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  996.287852][    C1] sd 0:0:1:0: tag#5095 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  996.296887][    C1] sd 0:0:1:0: tag#5095 CDB[20]: ba
02:28:06 executing program 0:
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xe6, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0}, 0x10}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"})
r2 = syz_open_pts(r1, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x1b)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000200)=0x2)
read(r2, 0x0, 0x2000)
dup2(r0, r2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r3, 0x0)
preadv(r3, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)
dup3(r3, r3, 0x80000)

02:28:06 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x900, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:28:06 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xffffff8c, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:28:06 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/usblp', 0x40800, 0xc0)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000001c00)=@IORING_OP_SENDMSG={0x9, 0x1, 0x0, r5, 0x0, &(0x7f0000002f00)={0x0, 0x0, &(0x7f0000001b40)=[{&(0x7f00000001c0)="04c951d28bd742d31adc", 0xa}, {&(0x7f0000000500)="b7dc6f0bf3bab08300d678faf6fe4a34def05fabba6ea6170b007e59a688b4976ce3a187ba1ac47e6bd9df41c707f706498616487decba11f91b7b0c060c35a9d9e7725258efb2bfcf318c6d753eb6907eb0ca7e4336e2d2a5bb2cb2596a5f8dd0803eb5f1f4ab28d882261d10cbbae54fdb10e68239377c5f79ab35c11ab185a86be4b9efd9c06efc9670b65bc72afb87de40b0312985f767a7019d140715d6bcd90b2e4074d56599b44ccb0234ac64eda20f5f12ea285c3f047d1d12ba34fb53257f83eabd50223f8af0125dc544", 0xcf}, {&(0x7f0000000600)="ff794a5d7c48dcafbd55a13ef5211c71ce89e1cda077155931fadb9962553f00de6a9e85e2f74c9998397ef2fcc1adf1bb5fdea29fdf54641867443fb94ca1fdc466b2a199530cd1f8f8f2f3db9cbd69d434f341ac4f29a889f739390d70374816c687dd244bae752b18a61e3d1a60df6b75c6848a6e4cb66d56f9a1b60bfbf9faea0a7a554213a212cd09b45667de1318422795ec642a36f6fb46254f5e09eddbc129625278c02081636a4987833d83edd07bed84759067ed64bfc4e17c65c9ff7da49fc87a263df9cff233", 0xcc}, {&(0x7f0000000700)="206b1145cbd5de2d9e9f42b63af28f3fd4ae3b2851db68ece91609f83de984b20248325799d784fba5ee09cd940ecd794ace0a6498bd1c782327285f370175fb68d904071e07a9fdaa078fb20fa278907791953ffb7c3f1358ee61bc3b27a972bcac4c1bafbc49c16ddaf36b293aba1e948d03c9e4c6a779321dbeb584e44cd878f4b9e1d60fd2a21ddd893c8ee8fed258b859d4593f5d3e77e2018938099203c145cf8be003fbf97a790c67f7b55dd36be435c7990f61b120d14a4f9a716ee76a05eda4bafd56198c9d08cc54e934", 0xcf}, {&(0x7f0000000800)="d3b1cd13450ab3ea8e682ac6d61824b25a2c03429440c81787adf060d0002a3dffca9768917c9c9d973da63733d5557cbe4dd52b35ef64f38a4ea3fea65506033db600f8883798fd2c133679a781347fd713ab77f878b8a3fb58d34dd007eb3ac492d1450d45155673b13979c7bc520b3c06fb087477404d22b03e78b1a624eed16baf20a5be04bfdd4c8b1bd1b8044cf62ef34747424805534e5f4a87bb5ce5088b202cda5c7ba1d54791a8bea4dce5b04353d5d9053f77f9258579d618d8", 0xbf}, {&(0x7f00000008c0)="5d1eeb8160737ec831af0570a1e2992774d155b66f71", 0x16}, {&(0x7f0000000900)="8d4893e12be3546ed8509492b4f8ff63b8624f8fcbc3d7667963c5c987168909e7136cacd0b78f3e0e0a2811848ffca8f1a69d2c71b2145e1d3dee94aa23c7759afe1f2eea3a37514ef1096ce0bda6ea0bc0b06c9f04835406b447e9f29639f4b2322dcf3f8738a2183fd70132fd3ea40adcba6d492bd3a26422be2d944451629583955cf5a93a65243818f91b0e45e0578a54f4bcb6b11747d575337a153892b5de91bbd0afdccf752fb1710f4056d85048d21136339c418d4e435d4776183e1b5ba5673f75480a5c34315851fe9037e3fc89038f3da263a5287f4a856f69555e220972e7494800704dfc", 0xeb}, {&(0x7f0000000a00)="3127fa753ef2ddf95e1d071c9589ef258d6baa3f7d01362194a4b4e5aea5d02efac39400053f2e479311b899bd6e8620223a1ed7f7dd9294a89e0ef296e3883c9b6e55bf8c6065b18e9f10b127069ac01de5a6c3ff5685460c54bb5cb4d195335cd0089dc064fe761a3b4c486c837847b55b48df2c94a1669d92b6b7d518334230ab629a9c32bde44236f931cb740afe5127d962197940faf9e7e86fd6a8bbfc6e1839ada748b622ac7df964003081c8fea6b057b491f3874d19a8c37112cab7bc70c68b340e7a1d8508046493a4fb5de3547fa54ed64f", 0xd7}, {&(0x7f0000000b00)="c9c4e6418a5aad92e69c8f253f5220c002d4ecd554aad2dd08eae8c4c7220ee771eb3dd6be36a8e21c1a7514afed445174e88d494f1915aad9a0992dc348a87ec3c62155673cb0a93c6344c9f86515dcecf72db3f81f8e444a505dea48ba68c0ec14145f43cdb1caf8c2b3dc8ed6e87d7713320dddaec214456d987ea07c0fad8a92119a8463f2cdea1665e1f0adbaddaa71cc2690301fea199b7fec4852e4f38be0db207c78aa6ebe986ef75779cd16f57c815c2ebd4b17bece466dea4c2250402242500406a642ce778e8b2c55581724d70381cb8372081759dc9182ed73fb6e03d1e1ed28b30a6760c4549676dc53cef0ac64a804ac6ea2f35a7396b2c09d47dc65c5a23902ee3039139702228f99b787f27b85dcbd42157cf885ce79b844f91bce08e39a8a29685cdfa57a793a55bde71eb7ecf6c95ec1aed645c38cbcba8025599d89a6f266f2acb2d0605f8a35cd062369cb807bcc04e1ca843f416f71101d4f7eb188577141d453ed27ea1e0de86c5e9acead220fed02359a26d6d658cb74409be40ed5bd8a845f7577fe9916ca201c01c012ce9c0d68189c0384516fc258169c558af3b3ea1edbae33db649c8c484e61419eb2c945b575018cff18dc098c5f0a99ca2ca0d74a2fac1f79eb33026828dd1021eb4d06cdcd14d138aa1473d9a899b527537ba6d7bdda089d28c044db864928a383fbea93f565bb3308920ba309e0a6d9af0e083f261857d8e9bace13506fc4f360db504ab35392fb0977098e30ad77f3f4f7f0bcc4afa77bf6b2a9fa4b50d1e2403b811deed22dc792e3192ff9e96fa86790e9f5bd51624894c11e14ca54fb6dfa710c418302bc95f454f9b348aec47812616994070ad75f027246fdf2a42984665f5c2a981b0f36d290f926421cd076903f2a6216e5886b284b4059bd90b4fab9af5e24b122be1f7d5dddeb76833d71bb0aff5131110118603d66ef0b0ebce3ce3e03470823689c9c51b1a1a7922ef269ab8cf99103d7747d8ff03c993cb85cde710e70c9cf282f2676c51303ad4002efd6636bafbdc18c1654853f0038c9d4126d1625c3062dec90b4a01ffc02c2d3114293588b4ddf884afe0f8d00389ef2f16edd4fad11647a292adc116355756a352f53dfd5e0a8eb132e4e0c0ffc31eafc0c51cc4e469c1b7665b57adb397884eca89c45728448091b61d3c593a2ee1b1609844469530422e6dc9d84da6c8efe5b2bab1fd885254c2facdcec2ecd8a82bb28dd6119d6838fa4fb8e1506d63fb3adcfbc3bcf13944a8b907717de2e139ad552ed01a7da714525a97199f74736a661ac5b10f4128249554a6301544103b93dc0eccad57152718a715bb66ebd9713550f1257342f0e87aa84bd0f3b7640510256adc194b8daaecd480331d77e4b8e1968f56ee640cec246f097e214c3bf0e9ffc3e7c07b34213fcd9ac9cdc55c2bd87fc8bf2d3f7e292891cfcef803da1749c56f7095a174df765548a6e979902ca93c8b90cfbcc8a50ad2b9205ee737761b73cfc20f4a71953ff8607f7a5c4248565a2e40ea756e3c5dbba403cc404dcfc80d73b91ab2db8519c2704dca63a7b9d2a1f49aa5cc12cedddb4efeef49e60efd9ab755f726b812ec3383a0c9aa6c17f79abe5a211c15179424df5d965d7b87fef2fecaa0efdda272da4bf70014ed77a2abf48aa520a23050643bd3beef2b431186deddf13b0a7779d4ffeabaf19ba161aa654f3d4acd054e3d06e4e5a9741fd72b239ab734465e117a3ab002c0becd0902db9c4a71d2303f90ea2c1c18c79043d778ca691a4604c1f23dc0d6552347b189e4d708d09cca35062c9b8aa983991fc8b4494153c937ee33abda482af300a202850890d328cca87559124ab50f5e03ba13982db24fbb0c7733f95b22e7666371ba8abdeb6332fa784c6082f6f9836f27bc7a715d44373797cda3c3f86d7ee3f1430c7df8ab50350acb40515442d6c0c076ef7bbc13b5517b9c552436a09951e2d8b4b3f1b56945d12444a09cb90bd8bca7733e8addcc8dff8c8d113de5ca5278b745e2f5706f688016a5313ef6aee84ae03b1fe572d09e1a4c898a87cf0105cc38cc66438fcd6247a3b2d793a9b753ef8086eca573c755072e57524994befcc2fed09be088ff1718ebb892f3fa6c2227d2f609e186248ad6ba89909f832dab1998880b914eeb5968324314f690b713b056823e1e07a5614ac19377542ab8ea10ee379c424c33d03a149f81ac2003261ceeae441e8e05a138b8668a3f6de0f4931101fc2aae641a15e555458723d15627598af5e21c92f085321a25df22d20327e6e9b9ff766cc8f766b5b79e0fb7344361d8adf2c811b57db1a4c9f170ec035c5146ac34512e981aabfb4c6bacbc0d21a4d7ff2586e561b640ae90e2d50f55f70d91e8acb73b7831f348cd5f0dbdd7c631c208ce7a9a31d8dde118d8e8d940dce5960722a440abed192bc36086ccabbd123ff31e667c00e5f86d5d33bb91521239a192f1cd17ec2454c4b4ddc193a1eb9dafc06992fbc9630ffbcd706bad1816b28826bc11e698c6ba7968bbd294b479e789b31608b8b04952fd34a0a7f261890f83dd0b2345e2683fa74cfb73f1e40dbb956bd2a05dae0aea27504079290601a92910164ecda68b54c48f51cfb1c86d6d8a1c423f606657d6cbba68ded56b4b0e525b82bc41a92d10bcb3b968329ac761283d733754a064d1bed0aaaeb1c9c95c02bbc6cf70970e9ffc59c95f84a626e47ef8fbff6d95dc03f72e23d2002dc7ac62c35258816dbe16d3a59a76342712717eff3ce3fed335d5c7412acde1af1ac2afbaa41eaf94fd292f355bafb999c7cc51522ae805cc48424d5263f9e8af7471c631b887bc4d353a98fa063f845e0985783c70be4b0768a175f29a98241c5931809530d8fb8be018312ac41f53e80851c27d998ca000d54034f137ccd850fd465ddd32e37b00540c2a90ee580be1f21fec3950c2784d00cf81f0e1ba70c4d2ee4775f4c1b77689b37d1b5abc9b50e8f7b30aa64ad9945104f564027f7acb50e5791b5b2d88d8989afbc25b2ff285b1dd4c6063381d8c6ab09810ee62525388ff0d6a89b7078ec504636b00bdd4cea867901139dc60a94f651a2bc7ba4417b728d0a9a76019738b31498e4205383777429254dff559169fc84ca2c86c896c0dfc2b7e65a9ace649fb9d6550e2023510f3709282c5d42d56a1e310a647b315fb0e7895b359701078438eb90f10070a545c60ebc89de9629dd3db8bdf05958b5b9b7e24e3bc368d0ab17ec500587fea5e2b3a4f0fcb1ad469c1211a13ad5030dd9e68f511da388d19f1039577f46895732d397c43aef460f8c1595e4c8faa1e1ba3a2edf668be9ca1c5745fb2756c5c5282aeb108e09b2a868580ed86f7c4a203711e6f1c8cd3904eca6db1369733f4b2ea989f1413edd22b95df9c6a5d917b9545aa4783b91a85cc11fd9394d056500f1e6ad00ae7551278ec64b3d439c3d667c187b66ff772ec0e13e46bfb7972a185313522d907c6615a56ebb25d27608335d9ae2501119e76275c8bf61b0af740dd3639aea5ba4a11c808dc480412abdb8113af4751f35cd2bd430bbc602aedd9fa6a07649510ef4c146f61b28b1f4ddea6b71fc3444a0b9789617965f2033cb7fcda8abb08d28f7c62c202a992e1f78abcfde5ee6dbf5017fd88f68cc9dd47280d2ef083ed27a670cf5753779f60a3ed17395ee1f3fffc299b91cb6f9dc0dda3a393d023ac4170174e27b81ef7e691c59de317df9a047c7b42b7a0550ceaefcd03d5eeb7fbcc9db8d073cba57e1ef8213b10c7db729f1431ee5626bdf4663f838b717f0b09fbf61b454e02df5e05a5394e56945fa1c25deed5e607cf607f9abcde1adc2df1399bd3e10377f6eb6644d3970e4c904061e06f0c461946d24fad1250724a116d1eadf936cf7d6a686d5e804fda90c365ad490f262b63dcf5d8d144432134d913c2ac9c47d77ed366a442a502db13aed4be947a7d6dfdb3b7c346c511491bffb89d50ab5fc60441d27b7f3aa42848f054a5c8c967f027538ba527187e3d9068b431ecb6b9d0a9acc47ce3322675c4a3ed5d381eb44e006297966af8397825178fed6289fd771d9a65335c394f21b8c3dfd2de7ad8bcecc86767c0eff0d82227aaa4d8d64c63d1c3f26d1bcd6b6cdb00822449a7b9e41943a9e6b46b5e748d0b8a66f01d0337b4633d9e745b373e6f7563c898a7e0c9adc554ba6207bbed07ad403cfcd46466d39ec73521ae2dfc89f8bad4c9daae5eb4ae9e2f5b07be3f9d60a42e440bf4dbe2739473cb42580ac9cdca87a46a1b3463024abecd6daeaabaabaabacfb1fb9aef4816c9bf4915cad7a4d096aeaaa03c437a4cd955d7e637fdfcb69b2ffec169105adb18468c9ecf7e1d11471387f7ebcc2f4cc9cc4c60edd6eebaaec790d244382b662780a83c2d74f25c010499f9c58d09d7b256ddac2dea59c4cca95c8e26009b71d56511af594b69618b84fbeb76dd1fad91eb5913d9dcb1a65f5f314cdb568fba6ef28dedd6b68fd6faccc66f32e09b91498518fc6bf0b83838a5190f0d6ba8a44dc3cba4ad56810b76909baede9752341b4217ef17520bc6e3dfe6cfa8d895abf68fffeac3cca1b1ccb83f9c14bbd079a6f225741ca475b5489daa5e6a0422cd86409618860b0fffc86022521b99d6d9c3f746b3c705c3c9c0a2e9b81e13b117efe80bb4330a5c7e08a9a5a7f35a4fb7a1768d63f1f8d8de6c7a9fae18233ee091bcecd622d84e5e970a2c34eaaff29a882aa6fed8e0eb3bbf405a577546248cab4a0c2701a13c9c03bdfdbc36213e04477bc3c9610698b4f8ad5c717898f3be1a6759b8bfdcbf18594726ba7bd9b85eb89a866abb58f406c236e4c1ffb8af9b2cdc9f716cca31677f28c731643ee234d17760bb8e3f6ac1b3a186a708efb518747bab9eb10fde15604769670f7ff33f0f360d43c9c4e66e7df09e02bc790c858054813997eb21ee956eb893bc61400d6cd670c80cfb67568a92f4a37dd8be4d85746d825f2d369a0ee0479e67adae0981e19f0a95819576efd5636a167ec7655e2f3e85234c799c626883b365d3787b79e793f8bbe04a996aed0e0c8b821174d94f9479fdfaa3bda84718fe62c6b15e4ba97b1c63838c6ca2a2ff08275e446655ca72b1b8a6ab62d0295b9eba7780d35a08e8b6d1bd5bf76bb5a9889b7e37f7b390919ea105d73f63a35d88b4f2e5dd03f24d91b6ac835a3848188fcac6a4c0a5353955e8d86a4b2a4a3ec08e2f057957794d8d585b84e03f0ffb0b699f9519b579a38e20709b7bd65dab4c3402b7777f5217d9791ac4aabebcd58f67aae1c8a420d5668f333671e369ec04dfcc26ae70d9786b165981813dc6ab93fa4c1baefffac4578e9cc2621350f237941979f7c2ae60c97317556f4f27ff550a0041fbdd4d864c61269d0c077b8441f168a2e2b7660e45d72f036d6c49382c9bfb7f6efb79d267b56d9207519a8912c85c0bc8770ec3b12e63bffc4b52958302859437aed1b1f127738344ccd5051a91fe38186dac8e49c78c706c05c9e169a26b8f70bb55cd2bb12e2b5491116dace2eb35d96e40f4939789e443aa035175bbf3d37789f0c86069f50b1a54548cf33fcd613ceb5c340236c404298b8491a406a2abb0c363905f2e94f7889e2ccc212c97a3ec9589431484c935942922cf23d527c0d1dec91ac7a638232de1e577516920099a532a8b90bf7349f8a8c82bebcd8f57437b005ad53547b100a9f5081fc2ec80ed2660a64296f96e861399f80b2", 0x1000}, {&(0x7f0000001b00)="e737e3d11d9412cc5b6a89f0ec4fd3f5121ea91501147850b0c958e30bb0de", 0x1f}], 0xa, &(0x7f0000005700)=ANY=[@ANYBLOB="a00000000000000088000000dda90000c457c41df532cb42caa464df6fb8699813ce49112ee550dceec82f0fd20a09f16293ddc5772bcfa632a303f1b89696396379c31a1863118d2d4897d474d2ae709685f5e891c0bc78631af1de93ef4601f1902cae28e4b379c9ac2f1b44c6d422f20f50d3bf3f651adbd536ca4518423c6f76e0dfcb8d226e452e7134c2b978605c9bc1a620c7a8c534e47b567af6000010000000000000000301000002000000c0000000000000000a0100000002000017439925b75fa7542180de0bedf9c70746919be6442d788ba0ac308bebcc88da320ba27e000a50061bf67f63666d9fed6b3227534d3cee63c1ddec0a1408b57b62cadebeb828c2806a9a6b5d3820741108357b96864f8aa5e0cd1ac5f0cafa3b60fb28a4b6f77b8e740a98b08d709c3c07c259ec78dac8dd200658e6c2f9dae143a33b44ce6dbd7fafd729c7c63bf8a4d7e0fb901eeae7230743c4c1b0c45e218c089ae852c1cb60942bc89e0000000068000000000000003a000000554c0000accd71decc3e9563e3772ef2045f449e0a4e0f0d2e634bf773b2e82b26dfea2899c817375a7c589393e2cbe3440b5b7bb08415b86e7db9027cf2d64abe49842d53dfd9861cabf7e0ebf929c990c67780a427ec000000000048000000000000002900000005000000da50f894adc0b039eb7387d4349e87357d5cc0ae4b708d47b9f6cc673cc124d17bc481832c61cccd63d09516498b22fb39f16851b323bc0010100000000000001901000002000000dfe5fcbddd0f9dd8126b341190e1d97f093cd40623090d467ed5415276f5784d90db0b3344067978bc3c196a1698d4c5ac9daaba26185a7a52b325401da6cbf775557097ae575da9ce83cd3ce57051fab85030ac5a76cef3d3e526f7353abfc1311de126aba091143e54b98df5eb51a1a309aeabd6f6eb1bd7ceecc09bbaf0fa23e53fd1405d02d76a4d906de2edd3a68e1b9ea656eb1cdf758062fc41da5273e06a20c12b62b7b9dd09eb47090aa0ff3d757be00cc8285138ca2e45700635448faa59b4a559e5d58d4ca296373d2d870cb182cf14a1cb74f292350324a18f057895f619620fc20a726e2bc3d883cbf1426c47b710dc224759198bab1c2e7be08ef88920e351327197658a384bbd52cd72780ab41d8464bf59f076210a58e82011a52318349c94aef2ae612d1effd0aa59325a0c3d940c956e3ca080d7b68540f8d4f1f7f7147b1b583ebd3a49d2212ec1541428bf71d7c8443ae1055c5981592f34e7b7fbe41caec0eeab17c22f761fbd5ac2971e272f051ed60447fd92285863fcf626859ed40b2130b4aeba769b339e5f2a0e3ffdddb2af941557a9db91aa868aabbd913e0e2322394112c1a0fbdf7b7a537382f6c34be4a6a7127ab67bde6b1ea70eecb8e78ca4e5989f233c44caa8722288a7aab92a73989bb1a365a0797f80646afb3a81b59d8c5a4c3b7f1ee8980c78c1fda71b1e8523f2417c460084f4bf5e1e02cf25a775acf9653238d972c17af1b3ea7318aaf23b8d7692138b9e3467b775b44c5fb4b8ed9e36d144435ba7e5d9c2a67b558a7a5aeb2252ef7b942cdd5ebbd80bf7dd2aa2855c7b769ebf40853ed772264031584347b4e0fe020013be12f1385dc0092a9b840240220c3a7d06fac888069e979feb4238411bdfd258d4f60eb71c3edf1926bf4770d254856e11890ef6d9669ca7ac357cd0fac7fad54afbb73705345f31e2094931764c80612dfc5da1fe13130a02a09e339dfecb571fe719ca7d05d7d3bf5b90a5345a143668b0e74462e6aa81237803057e9f760b2f941e27ba561819f635ff899c278df2fe52b9cea324b460f927706bfc4c1c463efa6fa06be62a205e72a3f2696b677d681d1b2f970cd048a5f794d1c4b4c09b9750b737cb1780c05147edf1c2d7614abcf19dff3cd26986c8f8a51ec3a51ee1be0174946f98fb5350f7b64ea28af7572db7c9a52128a498d896e37c927233cb75781e722f769c1da3daa99957c9cf56ea30ba1c6fa655b81d49e5305e22dce5d63955d5cb9bab2c0d28e2b819d1651351a8e706ae31bafb71647d81b9a476b42f669e36b64b3d64ebe6178261832a82f8de33e033e9500df1d0b560f4a6c29f1e87bef5bf25431929d8a5e5312f2623bb1cde404f1cd9e3f4ef0f3f5fabf647d5c7dbf58360c35c30b88d5aae59312192b940dbb8f9643b3c3077114a3c236c6e79a52c5099e80045a0cf83e5b2c8fab15da27d8c23ceb7c5430b4316a6af3225da40a3d741c6fabc3e9246752a54391b18b422320598365ddea23a2c41f64ae2c96a5ffce3ed870becebe79a09a6a2d57d5f92963ebda3c8fdf01c80da646918a7a97c9095414f8a13235a0ea6fdd100dc3094277bd551d59178e06b9b0c2bfecf097cc3eafcdf32773407824e9d7112b39711add6928857b0ae3f348f6f2453d6e7bf78d571eb53b5ac3161b8a776c8ee788f6e1395289764328869622dd3ea08b9ec303c14eb91f411d76d2f24c99ae715c59357c52e5b6119c0c50487fb1ac9d3fa7f2f35ffa33c60e194e51907d0e3beb55b6f92ad888821a92f7b1c4af04510172a47458562ee5eca9e5068cc1ba44064a4eaa1e3d46c81b00ae7e2cb271f8264f68d1256e8409e2add17e30d1ea28981c2ea72bf4310e5ec3683ce393f6f784a1f8f6c5c673e61b933f49c9b970d83b144e7af7b57e833b64fe49d451ecb79c15f1b166cef5a87e857cc8733d6418960dee6461fe5e80ece419522b813fbaba83c2798c2823bb7cde5c81d9bcf454e2c71c4d8d896f8ada0305b72864807a9a92ae37f0efe50ca2be69ddb1d7b09e71d6e498237313fa495841cefe660a8060b31390241fd895139b81704a425289385f53135762470fa4a14fa02efbce0603e84d2573d1a32922a17d9a402cf822b392aa66320bd1a860a99486e6e1a74009984f356a92fb5dc6afd33faffba232f60251b18fae65794206abdd827c1daca837dcec246c9059ca8d4c603c10b763b5b48eb7d229648eb9471b2dfbf02a1024ddef3a2ff1af26a160ec93d0e15f768dd865bbfe36eb17b8425a26e42c8e7a76bb289877efe3c9bfbb101413fc3abee4779245f21af0500371b7da7c7d6ae824f5a9a24d9655b1263085daed6da460144de99053afcae7cad17c89187fbcb293cb37cb0c4bf3001534306d9d218df45664df2e1702a7e2a2e95ff4485990c9e286cf85da59140e5a26685f91f7a8824db5c06ca7b2169255e65b6e70d20e8138f6527a96a7ea6be97bb27ae9a016ab7f3c7db82057d4fc2024e6baf8bc147579d257e5b0f511fd22d816137e7fe888896c11c5789329917093ee73cb4ebea60444cb61029d25486b8ea05a4eded55328fb2d830dc078e0924a3ef8fd7bb8aa6715beb27dd032a2d049c42959d745ec10abd71a02b873b9b99922a132d54250f9324cbe122d1cc7c19d58e6e89e6084c4c55536c5ceb80eda5e394cc695f460fe5d48c7b48614e30de4ffe8ac569602f453acd5968ea4b4748e6d696ed46529120d34af66c795e67b0a2b46428947e7c6d2362f708acf3e75138e14bf79d92a1a482635ed0cbb16682fa1c321bc6236c7c0fb317438ea00e2737883d0c1a26306002f4c94db6d9360b278252b6536f1484543eff3f622b47eff32eadf7a1aa14e2d647e98055477aa99f2a882b94a964c6e6a7b58c4ef6b4574a7047988f0494b9cfc45d551383d3d021428c61dd7f6f5575822d3499cc9e9bb3ecf561ce4d94b66109164a0f9ab821fd47f15f59e7c4d117be0be4f98a35c64d0ab1af1275f845fd131ad0e064a699cd8c2acd51848634af3cc5c77966ede7d6aeb52f64b08cc91a189a35618728c16be755d8e09ba258d052ae11904ce2a1902fbe8d676cae0d39dccd735b5462561223e5ace5af2f177b932d641ef4e38d5211f62c103ce92ef6abe1f64447ee99537a210fa38bd91ac9e1840ed6cce98100a1e309c94972c716348c7d9ea0031784e55f17531c6a0efa072fc6fc33874ed3b8094d817dabc8010502bf70647f8bf5cc00c6d7e61161d4b8b813ff80750fa8e4b0213733d1d1bf444d47cd34981bdc438fc220b4dff0bf9a407ebf38e238860850ad4af00fd57d1fecacdb58645ac26286f6cc86415b92e40f9399d19c078cacd3b2a7b185ea4f73ce5d04cab7b72884f2af389a0bba62559c4c6af86de4800a4016b8b1c8d3ebbf66971cff1fd7ec7b9ba385973f3ea14af4a2c36babcbb1fbbe1163860cfd43f830b23cbd507fe426cc32ec29776b7ed90754aff7edf48125513ad2f44254e35cb5ff309a0eb81bc19bdd355c883f826307cc7632edd22e20e38055b271aea7442ae65c07aa38808a674d6af98fac95709c76c8e6e9e9ee1bd3a669e43c3e58f073a82464e4290238e19eccfeebcf2bf80dafb258b6b86d41c49d58788b94c4338883c56603702cdb007644a4afe185d687dbe7db5bd0a31950aae95114e2e489e8f758f54409bbd9bfa41c5f7563137c5e4fd823475788705a28a0e06818a37b6565da147a3c3214d7685b0c776c9105001d53b82202276f1c82b4cd53da7fbfabafd03dc88f270d6b1e9527073e5618f3ff64bb9ad3c3e1dd6af1194da148b795033c7c8ca813a25b17f9285723bc4edd283c71849d8a95d6dea7e46f757e99aae8b95690bb81abf3a3be5928f291a8242f661d81e566d1f1008ec126a3571c9969539ef459b983f8c31bf70b41005555ba323fa83a683f17cfba1807c88962e4f8cb2a3cfb0dd4c7b85699fcb8d18655919c07f1363bf964f2dab52de27a0def52f6a1f109328e5067293293547649425f4faee7031210e4cac0b76cc5151154267ceaf3e0b60330a3c654600ee9134fe42adf4417c2c4274121c8287668153ccfb358ae3d248936310fb2423dd05b8f64e550242321e2360f9b2ddd36b0df4ccd52ecd3fe45b6323c3694bd1374bf3e6ae8b2764f9777bab60fa4fd845d43c5ce58c8155d364ad7a9f03275df86574b2ed5d9841954e75402c97e12a7978aace1f2f428ac217c450f79b39fd1ca1be614e1273b11c5c2c1ab54872d14b1f740402e86f56e6002747697ce00c7ed4cbe5cd5fe6aa55577955c4a27f44e393008917883be8d60347204f8318486a291b794efb91ebe215f0e9aad99eedf158786852caac00cf7d7d69a4f63f5af4582d96684e4731f29160ea51a9ae03a99a02f9f66fae7688e7a5e4fc34f640135b2881c0d66d4e1fb8aaa9a880392b8ff5dbb74480e09474fa463f33f0c97536f75c4ee276a101b7ee8268faa9a46067059de55cae9c150fe21597bb34a0e630d37bb34a9adbc771796611b8d4a76a29d5db696602cbb3129571cd71584081001bc929df19f1f9ecd9072788a594a195bebbc26435015b72e2c4fb00e40eba4ac97a8ff9a15f6501c3dfef9dccc8d1e9075cab651a9b6621e31e056d35cc5832ca4f7a5fbc959b84f3e6c6590e56f487f824ffad962a77d47b08f8f84a14bb09d16584403fd21482237131ae867a7031f4c7a70ea7f749f6915cdccf3d68b808839b7eca3ae9027dde8d7655c75064ccbdeec2d04783d2da322da2a9c25dce190ee5b62de0f354fa7a64a1868cb17ed631aaa54464a62e2b5c242003484bb643f54ee587c39454441b4963ea96cee12615fc8bb8f197343aace5050c13defbc50b3b82e04b2ecd460e2eb19321f102474615e381f9c8d737b4839276fee5960b5ec41e176a4447ef650983d9f3dfb70263d8b46f5a0dd432804c2812acc961a74ea50a27767733799643beaddec779b83f964faec6d133b064e7a358e99e002ddcfe0b369c7f94edad8e7effbd0e023c6f2734f6d11268f0326e85d9706c4f5a0cbb125d45e7bfb649cb3580e9749e23b49f84b382ca943c467468ccd8739711e06605b9725913a622ac1575420ea3c78c87ae672981cf029515f6e335c3df498893bc12c6e1e93a4397f2452917416129880d3e59d9c968419aa434aec51b97f1aae9a0d65088441c45df0992363d0ecc5da1b033c453d1b174fe6a19e1b34943ac54c9f03399d59b8746beba278885c7f521f28eb1b7b4ebf32af68972046d7fd7e6b9ef37e88fd25e3c22a02a658bd716189ef7fec94225943d74a36916be6eb2cb2b005bc5b2c4e936c1c71d30773533f1b8b38b87158f3dfee35ec4f85d33f2d0da8a8e52bd2686a0880053b7d5f936640df25f922a5f6affd7404e1e2df588f65ef8cb0f320769f72b6e11f1fe15cf1f475e915a928b44cc199f93bf579e34992602f7cc680c36122595aa5cae7e9bdb2054d87af6b428194b31aa417e16f6e76afcc516b2f96b7ef53a3a5bc76e8841523d3ec654334c804c69d42112d6bdd83d007e5bfcd973492abf1ef7105f98b981a82057199449150c625a3eb0aa3b27ec993642326f37dab5ba8ebe7138168c9c5dd30dcc033e31191c7830877b7e2312f5e3bc32198d79a7a808484608251c4b501d6334b40251847e666e6adaccaddc235c42d48b897ec443948f2cbaea6bbcb2449662a7d9ff000000000000000ff000000000001001954120e4511c4e73177000070d4153f5835a205dd95a1f78bc8ceccf4c0ddcbdb2286cc39049f0e1c5f29be8518f8a830bf3baab753ac88c7ce1a0872e045979e398b606edd2d90fb46be04c2a21f9ee88af821948ac20c4cab2fe9f35bd886f475aa2f8ce8c2659c164028bf198557cebadb9d322263cb2a645cd1b7c548b6157e85ccdb5bf34c1d508ac228fd278b4e143b135370e64a4c8aa1145a79a2ee52d416fe9667fe1deb86dee59f3deb7f0479f4f7b7bd1700087b4c732141583750a58047771cc398bbae6838ca7ccb3289a93014387aa1791c83428849f7054e78000000000000000901000020000000f16aa074dce423a3ef723d334e3b707507206a9f8406ccd0d8f8e2f8ca3f4cfc930a31fe685ce820ae0e639f29ae1194bfefdede3500746b8314fbf9efbb3a5d8399c79c2679fe9b618753317c65943d6a0955bfdb87d65c559217f34ef518984588280e5800000010000000000000008800000069bc000018000000000000000f010000060000001a0000000000000000002fb3ec6b14295217165c0a59ab6f15a04283e0ce2da9ed9920fe007ee0a359b8"], 0x13c0}, 0x0, 0x40000, 0x1, {0x0, r6}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r7, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000)=<r8=>0x0, &(0x7f0000000140)=<r9=>0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000001c40)=@IORING_OP_TIMEOUT={0xb, 0x5, 0x0, 0x0, 0xa, &(0x7f00000004c0)={0x0, 0x3938700}}, 0x4)
syz_io_uring_submit(r1, r9, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_submit(r8, r7, &(0x7f0000000440)=@IORING_OP_TIMEOUT={0xb, 0x3, 0x0, 0x0, 0x4, &(0x7f0000000340)={0x77359400}, 0x1, 0x1}, 0x40)

02:28:06 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:28:06 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 66)

[  996.455832][ T7320] loop4: detected capacity change from 0 to 87
[  996.463614][ T7324] serio: Serial port pts0
[  996.474185][ T7323] FAULT_INJECTION: forcing a failure.
[  996.474185][ T7323] name failslab, interval 1, probability 0, space 0, times 0
[  996.486827][ T7323] CPU: 1 PID: 7323 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  996.495555][ T7323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
02:28:06 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xffffff97, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:28:06 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000340)=@IORING_OP_POLL_REMOVE={0x7, 0x2, 0x0, 0x0, 0x0, 0x23456, 0x0, 0x0, 0x1, {0x0, r5}}, 0x7fff)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r6, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:28:06 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xffffffda, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  996.505603][ T7323] Call Trace:
[  996.508877][ T7323]  dump_stack_lvl+0xd6/0x122
[  996.513467][ T7323]  dump_stack+0x11/0x1b
[  996.517619][ T7323]  should_fail+0x23c/0x250
[  996.522166][ T7323]  __should_failslab+0x81/0x90
[  996.526921][ T7323]  should_failslab+0x5/0x20
[  996.531415][ T7323]  kmem_cache_alloc_node_trace+0x61/0x2e0
[  996.537129][ T7323]  ? __kmalloc_node_track_caller+0x30/0x40
[  996.542924][ T7323]  __kmalloc_node_track_caller+0x30/0x40
[  996.548543][ T7323]  ? alloc_uevent_skb+0x5b/0x120
[  996.553475][ T7323]  __alloc_skb+0x187/0x420
[  996.557912][ T7323]  alloc_uevent_skb+0x5b/0x120
[  996.562670][ T7323]  kobject_uevent_env+0x863/0xc40
[  996.567748][ T7323]  ? __list_add_valid+0x28/0x90
[  996.572580][ T7323]  kobject_uevent+0x18/0x20
[  996.577071][ T7323]  device_add+0xa9e/0xf40
[  996.581385][ T7323]  device_create+0x17d/0x1d0
[  996.585991][ T7323]  ? vsnprintf+0xe8f/0xed0
[  996.590393][ T7323]  bdi_register_va+0x7c/0x3c0
[  996.595056][ T7323]  super_setup_bdi_name+0x93/0x120
[  996.600172][ T7323]  super_setup_bdi+0x45/0x50
[  996.604753][ T7323]  v9fs_mount+0x1cd/0x4c0
[  996.609071][ T7323]  ? selinux_capable+0x34/0x40
[  996.613815][ T7323]  ? tsan.module_ctor+0x10/0x10
[  996.618827][ T7323]  legacy_get_tree+0x70/0xc0
[  996.623402][ T7323]  vfs_get_tree+0x4a/0x1a0
[  996.627813][ T7323]  path_mount+0x11ec/0x1d20
[  996.632302][ T7323]  __se_sys_mount+0x24b/0x2f0
[  996.636977][ T7323]  ? fput+0x2d/0x130
[  996.640855][ T7323]  __x64_sys_mount+0x63/0x70
[  996.645427][ T7323]  do_syscall_64+0x44/0xa0
[  996.649872][ T7323]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  996.655750][ T7323] RIP: 0033:0x7f925409f709
[  996.660147][ T7323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  996.679792][ T7323] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  996.688195][ T7323] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  996.696147][ T7323] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  996.704102][ T7323] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  996.712110][ T7323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  996.720076][ T7323] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
[  996.744019][    C1] sd 0:0:1:0: tag#5098 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
02:28:06 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xfffffff6, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:28:06 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 67)

02:28:06 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

[  996.753854][    C1] sd 0:0:1:0: tag#5098 CDB: opcode=0xe5 (vendor)
[  996.760170][    C1] sd 0:0:1:0: tag#5098 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  996.769217][    C1] sd 0:0:1:0: tag#5098 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  996.778255][    C1] sd 0:0:1:0: tag#5098 CDB[20]: ba
[  996.827448][ T7352] FAULT_INJECTION: forcing a failure.
[  996.827448][ T7352] name failslab, interval 1, probability 0, space 0, times 0
[  996.840061][ T7352] CPU: 1 PID: 7352 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  996.848708][ T7352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  996.858742][ T7352] Call Trace:
[  996.862004][ T7352]  dump_stack_lvl+0xd6/0x122
[  996.866606][ T7352]  dump_stack+0x11/0x1b
[  996.870810][ T7352]  should_fail+0x23c/0x250
[  996.875204][ T7352]  ? skb_clone+0x12c/0x1f0
[  996.879596][ T7352]  __should_failslab+0x81/0x90
[  996.884339][ T7352]  should_failslab+0x5/0x20
[  996.888817][ T7352]  kmem_cache_alloc+0x4f/0x300
[  996.893558][ T7352]  skb_clone+0x12c/0x1f0
[  996.897781][ T7352]  netlink_broadcast_filtered+0x4fd/0xb60
[  996.903475][ T7352]  ? skb_put+0xb9/0xf0
[  996.907577][ T7352]  netlink_broadcast+0x35/0x50
[  996.912329][ T7352]  kobject_uevent_env+0x8c9/0xc40
[  996.917381][ T7352]  ? __list_add_valid+0x28/0x90
[  996.922288][ T7352]  kobject_uevent+0x18/0x20
[  996.926802][ T7352]  device_add+0xa9e/0xf40
[  996.931169][ T7352]  device_create+0x17d/0x1d0
[  996.935812][ T7352]  ? vsnprintf+0xe8f/0xed0
[  996.940205][ T7352]  bdi_register_va+0x7c/0x3c0
[  996.944875][ T7352]  super_setup_bdi_name+0x93/0x120
[  996.949977][ T7352]  super_setup_bdi+0x45/0x50
[  996.954627][ T7352]  v9fs_mount+0x1cd/0x4c0
[  996.958933][ T7352]  ? selinux_capable+0x34/0x40
[  996.963671][ T7352]  ? tsan.module_ctor+0x10/0x10
[  996.968572][ T7352]  legacy_get_tree+0x70/0xc0
[  996.973225][ T7352]  vfs_get_tree+0x4a/0x1a0
[  996.977662][ T7352]  path_mount+0x11ec/0x1d20
[  996.982164][ T7352]  __se_sys_mount+0x24b/0x2f0
[  996.986817][ T7352]  ? fput+0x2d/0x130
[  996.990830][ T7352]  __x64_sys_mount+0x63/0x70
[  996.995471][ T7352]  do_syscall_64+0x44/0xa0
[  996.999880][ T7352]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  997.005750][ T7352] RIP: 0033:0x7f925409f709
[  997.010140][ T7352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  997.029724][ T7352] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  997.038112][ T7352] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  997.046099][ T7352] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  997.054050][ T7352] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  997.062017][ T7352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  997.069966][ T7352] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
[  997.124114][ T7361] loop4: detected capacity change from 0 to 87
[  997.138641][    C0] sd 0:0:1:0: tag#5099 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  997.148485][    C0] sd 0:0:1:0: tag#5099 CDB: opcode=0xe5 (vendor)
[  997.154834][    C0] sd 0:0:1:0: tag#5099 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  997.163879][    C0] sd 0:0:1:0: tag#5099 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  997.172958][    C0] sd 0:0:1:0: tag#5099 CDB[20]: ba
02:28:07 executing program 0:
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xe6, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0}, 0x10}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"})
r2 = syz_open_pts(r1, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x1b)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000200)=0x2)
read(r2, 0x0, 0x2000)
dup2(r0, r2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r3, 0x0)
preadv(r3, &(0x7f00000001c0)=[{0x0}], 0x1, 0x9, 0x0)

02:28:07 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xfffffffd, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

02:28:07 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280)={0x0, 0x0, 0x10}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000340)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

02:28:07 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 68)

02:28:07 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000140)=<r1=>0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
ftruncate(r2, 0x2008000)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xa00, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000}])

02:28:07 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

[  997.340629][ T7378] loop4: detected capacity change from 0 to 87
[  997.352382][ T7380] FAULT_INJECTION: forcing a failure.
[  997.352382][ T7380] name failslab, interval 1, probability 0, space 0, times 0
[  997.365019][ T7380] CPU: 0 PID: 7380 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  997.373690][ T7380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  997.383802][ T7380] Call Trace:
[  997.387062][ T7380]  dump_stack_lvl+0xd6/0x122
[  997.391716][ T7380]  dump_stack+0x11/0x1b
[  997.395908][ T7380]  should_fail+0x23c/0x250
[  997.400306][ T7380]  ? __d_alloc+0x36/0x370
[  997.404619][ T7380]  __should_failslab+0x81/0x90
[  997.409366][ T7380]  should_failslab+0x5/0x20
[  997.413857][ T7380]  kmem_cache_alloc+0x4f/0x300
[  997.418627][ T7380]  __d_alloc+0x36/0x370
[  997.422819][ T7380]  d_alloc+0x2a/0x130
[  997.426813][ T7380]  d_alloc_parallel+0x46/0xb50
[  997.431562][ T7380]  ? selinux_inode_permission+0x2da/0x3f0
[  997.437307][ T7380]  ? selinux_inode_permission+0x335/0x3f0
[  997.443012][ T7380]  ? security_inode_permission+0xab/0xc0
[  997.448639][ T7380]  ? __d_lookup+0x3c8/0x400
[  997.453127][ T7380]  __lookup_slow+0x80/0x280
[  997.457616][ T7380]  lookup_one_len+0xe6/0x190
[  997.462219][ T7380]  start_creating+0x137/0x250
[  997.466879][ T7380]  debugfs_create_dir+0x21/0x330
[  997.471801][ T7380]  bdi_register_va+0x164/0x3c0
[  997.476549][ T7380]  super_setup_bdi_name+0x93/0x120
[  997.481643][ T7380]  super_setup_bdi+0x45/0x50
[  997.486217][ T7380]  v9fs_mount+0x1cd/0x4c0
[  997.490535][ T7380]  ? selinux_capable+0x34/0x40
[  997.495281][ T7380]  ? tsan.module_ctor+0x10/0x10
[  997.500114][ T7380]  legacy_get_tree+0x70/0xc0
[  997.504727][ T7380]  vfs_get_tree+0x4a/0x1a0
[  997.509126][ T7380]  path_mount+0x11ec/0x1d20
[  997.513614][ T7380]  __se_sys_mount+0x24b/0x2f0
[  997.518331][ T7380]  ? fput+0x2d/0x130
[  997.522211][ T7380]  __x64_sys_mount+0x63/0x70
[  997.526898][ T7380]  do_syscall_64+0x44/0xa0
[  997.531305][ T7380]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  997.537199][ T7380] RIP: 0033:0x7f925409f709
[  997.541593][ T7380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  997.561184][ T7380] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  997.569575][ T7380] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  997.577530][ T7380] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  997.585482][ T7380] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  997.593438][ T7380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  997.601418][ T7380] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
[  997.621176][    C1] sd 0:0:1:0: tag#5101 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  997.631039][    C1] sd 0:0:1:0: tag#5101 CDB: opcode=0xe5 (vendor)
02:28:07 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r5, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
r6 = syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x3a1e, &(0x7f0000000440)={0x0, 0x1503, 0x2, 0x2, 0x3c0, 0x0, r6}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000340)=<r8=>0x0, &(0x7f00000004c0))
syz_io_uring_setup(0x3ede, &(0x7f0000000240), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100)=<r9=>0x0, &(0x7f0000000140)=<r10=>0x0)
syz_io_uring_submit(r9, r10, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x5}, 0x0)
syz_io_uring_submit(r8, r10, &(0x7f0000000800)=@IORING_OP_WRITEV={0x2, 0x3, 0x4000, @fd_index=0x2, 0x1, &(0x7f00000007c0)=[{&(0x7f0000000500)="a44382deab36708244636abcf3267a20fdea8ef54bac272e08f705960153a085a00ab3fedcc726ada6b1b8a15c1897b379ee5581427e8d5478b7318551d49db4baa55e4d81f8abb2d4b72471b6a8483134692aedeccd041db80f31c0c3ba617a7497ddc24f90920da12adea99783d8341c3cff0000342cbece3068e112d162591734d81fd75bba06be174f", 0x8b}, {&(0x7f00000005c0)="7106d5c8", 0x4}, {&(0x7f0000000600)="65baf6c1f39ea504cbdcef9ee7797a40accd552828d5db2e058613e547dd5f0744659ec60e726902ad9a1c7ab8aed2bd182d5aee707c38c56b9a4fb765cfddad27db72d4d5e2c7e529ad3cbed9cbdf492635f56e4ff7d211826ec36e11158f7bcd22f75bf3c52945caab36a3dc1c29cb1e9d155eecc5be37efbc961b805b582c3616c1b50dcc6b601a9a70a69cf38f39d7637bbd4fd34b5b5f7f91", 0x9b}, {&(0x7f00000006c0)="47749997f40061d769739517ad029c92307d9c45fa59fda52809e39462f023eb0c24b7e46b7d053be05e168c0e4884d81e9a9ea353cea825f011ce24214a8bba8891812c808e465a050443535abd359d738e5c1fbf37714380c1674a9ec7b8f58d926166f3e8163113317c1b8c3cef8edbbf833dc19713c5f2699cbedf0f6643b290c95ca573bcf7a2709f48705f142fa8e1f1ed9061e8bce76bc2e792acd3f218c131564f7f838fe57df49c9cf38cbf64cdf0817140faf8edb49013157cfd36f82db248b2ddb65790cba13f2a051021826b3a05a3d64f9e06498df75a87373760e7cf62256500be07a693be4078b58437f7383f36a413", 0xf7}], 0x4, 0x2, 0x1, {0x1}}, 0x8)

[  997.637362][    C1] sd 0:0:1:0: tag#5101 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  997.646401][    C1] sd 0:0:1:0: tag#5101 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  997.655445][    C1] sd 0:0:1:0: tag#5101 CDB[20]: ba
02:28:07 executing program 3:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 69)

02:28:07 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0xfffffffe, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  997.686782][ T7383] serio: Serial port pts0
02:28:07 executing program 4:
r0 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0xaea1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={<r4=>0x0})
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000440)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r8}, {0x0, r8}, {r7}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {r7, r8}, {0x0, r8}, {}, {r6, r8}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {}, {}, {r6}, {0x0, r8}, {}, {}, {r6, r8}, {r7}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r6, r8}, {}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r7}, {0x0, r8}, {r7}, {}, {}, {r6, r8}, {0x0, r8}, {r6}, {}, {r7}, {}, {}, {r7, r8}, {}, {}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {r6}, {}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {}, {}, {0x0, r8}, {}, {}, {0x0, r8}, {}, {r7}, {0x0, r8}, {}, {r6}, {r7}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {}, {0x0, r8}, {r6, r8}, {0x0, r8}, {r7, r8}, {r6, r8}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {r6}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r7}, {}, {0x0, r8}, {r6}, {0x0, r8}, {r7}, {0x0, r8}, {r7, r8}, {0x0, r8}, {}, {r7}, {r7}, {}, {0x0, r8}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {r6}, {0x0, r8}, {r7, r8}, {0x0, r8}, {r7}, {r6}, {}, {}, {}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {r6}, {r6}, {0x0, r8}, {r6, r8}, {}, {}, {}, {}, {r6}, {0x0, r8}, {r7}, {r6, r8}, {0x0, r8}, {0x0, r8}, {}, {}, {}, {}, {r7}, {r6}, {}, {r6}, {}, {0x0, r8}, {r7, r8}, {0x0, r8}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6, r8}, {r7}, {r7, r8}, {}, {}, {}, {}, {r6}, {r7}, {}, {r6, r8}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {r7}, {}, {}, {r7}, {0x0, r8}, {0x0, r8}, {r6, r8}, {r6}, {}, {0x0, r8}, {0x0, r8}, {}, {r7, r8}, {r6}, {}, {r6}, {<r9=>r7}, {0x0, r8}, {0x0, r8}, {}, {r6, r8}, {}, {}, {r7}, {r6, r8}, {0x0, r8}, {}, {0x0, r8}, {r7}, {r7}, {r6}, {0x0, r8}, {r7, r8}, {r7}, {0x0, r8}, {}, {}, {}, {r6, r8}], 0x1, "2156816c73038c"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f000005aac0)={{<r10=>0x0, 0x1800000000, 0x6, 0x101, 0x8001, 0xbb, 0x5, 0x200, 0x5671bec5, 0xff, 0x71000, 0x6, 0x1, 0x5, 0xfc0}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005bac0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {r6}, {}, {}, {r10}], 0x4, "0ce5321a532cc0"})
sendfile(r1, r2, 0x0, 0x8400fffffffa)

02:28:07 executing program 5:
r0 = syz_io_uring_setup(0x495a, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, r0, 0x10000000)
r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x1)
syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0)
syz_io_uring_setup(0x1370, &(0x7f0000000080), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000180)=<r5=>0x0, &(0x7f0000000100)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f00000001c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0)
r7 = io_uring_setup(0x13be, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x40})
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r7, 0x11, 0x400000, r8)
syz_io_uring_submit(r1, r2, &(0x7f0000000340)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f00000dc000/0x4000)=nil, 0x4000, 0x0, 0x0, {0x0, r8}}, 0x0)
r9 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x28072, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r9, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r10=>0x0)
syz_io_uring_submit(r1, r10, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r5, r4, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index=0x4}, 0x0)
io_uring_enter(r0, 0x6374, 0x0, 0x0, 0x0, 0x0)

[  997.724150][ T7405] FAULT_INJECTION: forcing a failure.
[  997.724150][ T7405] name failslab, interval 1, probability 0, space 0, times 0
[  997.736828][ T7405] CPU: 0 PID: 7405 Comm: syz-executor.3 Not tainted 5.15.0-rc2-syzkaller #0
[  997.745510][ T7405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  997.755566][ T7405] Call Trace:
[  997.758841][ T7405]  dump_stack_lvl+0xd6/0x122
[  997.763435][ T7405]  dump_stack+0x11/0x1b
[  997.767594][ T7405]  should_fail+0x23c/0x250
02:28:07 executing program 2:
pipe(&(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x1000000000, &(0x7f0000000080)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

[  997.772005][ T7405]  ? new_inode_pseudo+0x5c/0x1c0
[  997.776944][ T7405]  __should_failslab+0x81/0x90
[  997.781702][ T7405]  should_failslab+0x5/0x20
[  997.786207][ T7405]  kmem_cache_alloc+0x4f/0x300
[  997.790990][ T7405]  new_inode_pseudo+0x5c/0x1c0
[  997.795803][ T7405]  new_inode+0x21/0x120
[  997.800016][ T7405]  debugfs_create_dir+0xc0/0x330
[  997.804952][ T7405]  bdi_register_va+0x164/0x3c0
[  997.809734][ T7405]  super_setup_bdi_name+0x93/0x120
[  997.814836][ T7405]  super_setup_bdi+0x45/0x50
[  997.819487][ T7405]  v9fs_mount+0x1cd/0x4c0
[  997.823816][ T7405]  ? selinux_capable+0x34/0x40
[  997.828579][ T7405]  ? tsan.module_ctor+0x10/0x10
[  997.833504][ T7405]  legacy_get_tree+0x70/0xc0
[  997.838108][ T7405]  vfs_get_tree+0x4a/0x1a0
[  997.842525][ T7405]  path_mount+0x11ec/0x1d20
[  997.847029][ T7405]  __se_sys_mount+0x24b/0x2f0
[  997.851704][ T7405]  ? fput+0x2d/0x130
[  997.855590][ T7405]  __x64_sys_mount+0x63/0x70
[  997.860173][ T7405]  do_syscall_64+0x44/0xa0
[  997.864614][ T7405]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  997.870539][ T7405] RIP: 0033:0x7f925409f709
[  997.874928][ T7405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  997.894515][ T7405] RSP: 002b:00007f9251e17188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  997.902902][ T7405] RAX: ffffffffffffffda RBX: 00007f92541a3f60 RCX: 00007f925409f709
[  997.910853][ T7405] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 0000000000000000
[  997.918802][ T7405] RBP: 00007f9251e171d0 R08: 0000000020000180 R09: 0000000000000000
[  997.926749][ T7405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  997.934734][ T7405] R13: 00007fff03c32e3f R14: 00007f9251e17300 R15: 0000000000022000
[  997.942738][ T7405] debugfs: out of free dentries, can not create directory '9p-56'
[  998.021391][ T7434] loop4: detected capacity change from 0 to 87
[  998.039118][    C0] sd 0:0:1:0: tag#5102 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  998.048988][    C0] sd 0:0:1:0: tag#5102 CDB: opcode=0xe5 (vendor)
[  998.055329][    C0] sd 0:0:1:0: tag#5102 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c
[  998.064363][    C0] sd 0:0:1:0: tag#5102 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d
[  998.073419][    C0] sd 0:0:1:0: tag#5102 CDB[20]: ba
02:28:08 executing program 0:
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xe6, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0