], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0) (fail_nth: 3)

17:11:44 executing program 1:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0x75)
r0 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r0, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r1=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000051c0)=""/197, 0xc5}, {&(0x7f00000052c0)=""/86, 0x56}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r1, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r2)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:11:44 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 13)

[ 1800.442466] FAULT_INJECTION: forcing a failure.
[ 1800.442466] name failslab, interval 1, probability 0, space 0, times 0
[ 1800.445089] CPU: 1 PID: 11433 Comm: syz-executor.5 Not tainted 5.10.240 #1
[ 1800.446573] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1800.448334] Call Trace:
[ 1800.448903]  dump_stack+0x107/0x167
[ 1800.449707]  should_fail.cold+0x5/0xa
[ 1800.450535]  ? __alloc_skb+0x6d/0x5b0
[ 1800.451358]  should_failslab+0x5/0x20
[ 1800.452173]  kmem_cache_alloc_node+0x55/0x330
[ 1800.453152]  __alloc_skb+0x6d/0x5b0
[ 1800.454068]  alloc_skb_with_frags+0x92/0x570
[ 1800.455037]  sock_alloc_send_pskb+0x7af/0x930
[ 1800.456025]  ? sk_alloc+0x350/0x350
[ 1800.456814]  ? perf_trace_lock+0xac/0x490
[ 1800.457716]  ? SOFTIRQ_verbose+0x10/0x10
[ 1800.458600]  ? lock_chain_count+0x20/0x20
[ 1800.459565]  __ip6_append_data.isra.0+0x1cd4/0x3b90
[ 1800.460669]  ? ip_frag_init+0x350/0x350
[ 1800.461571]  ? ip6_sk_dst_lookup_flow+0x6f0/0x6f0
[ 1800.462598]  ? ip6_mtu+0x1e9/0x3d0
[ 1800.463360]  ? ip6_setup_cork+0xfb7/0x1740
[ 1800.464277]  ip6_make_skb+0x2df/0x4e0
[ 1800.465096]  ? ip_frag_init+0x350/0x350
[ 1800.465966]  ? ip_frag_init+0x350/0x350
[ 1800.466827]  ? ip6_push_pending_frames+0xf0/0xf0
[ 1800.467859]  ? ip6_dst_hoplimit+0x199/0x440
[ 1800.468784]  ? lock_downgrade+0x6d0/0x6d0
[ 1800.469822]  udpv6_sendmsg+0x2128/0x2b40
[ 1800.470706]  ? ip_frag_init+0x350/0x350
[ 1800.471577]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1800.472676]  ? SOFTIRQ_verbose+0x10/0x10
[ 1800.473590]  ? lock_acquire+0x197/0x470
[ 1800.474441]  ? find_held_lock+0x2c/0x110
[ 1800.475323]  ? __might_fault+0xd3/0x180
[ 1800.476215]  ? sock_has_perm+0x1ea/0x280
[ 1800.477136]  ? __import_iovec+0x458/0x590
[ 1800.477478] FAULT_INJECTION: forcing a failure.
[ 1800.477478] name failslab, interval 1, probability 0, space 0, times 0
[ 1800.478032]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1800.478062]  inet6_sendmsg+0x105/0x140
[ 1800.478082]  ? inet6_compat_ioctl+0x320/0x320
[ 1800.478108]  __sock_sendmsg+0xf2/0x190
[ 1800.484019]  ____sys_sendmsg+0x334/0x870
[ 1800.484903]  ? sock_write_iter+0x3d0/0x3d0
[ 1800.485936]  ? do_recvmmsg+0x6d0/0x6d0
[ 1800.486784]  ? SOFTIRQ_verbose+0x10/0x10
[ 1800.487660]  ? __lockdep_reset_lock+0x180/0x180
[ 1800.488679]  ___sys_sendmsg+0xf3/0x170
[ 1800.489523]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1800.490526]  ? lock_downgrade+0x6d0/0x6d0
[ 1800.491446]  ? __fget_files+0x2f8/0x520
[ 1800.492324]  ? __fget_light+0xea/0x290
[ 1800.493182]  __sys_sendmmsg+0x195/0x470
[ 1800.494064]  ? __ia32_sys_sendmsg+0xb0/0xb0
[ 1800.494991]  ? lock_downgrade+0x6d0/0x6d0
[ 1800.495919]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1800.496960]  ? wait_for_completion_io+0x270/0x270
[ 1800.498006]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1800.499003]  ? vfs_write+0x354/0xb10
[ 1800.499807]  ? fput_many+0x2f/0x1a0
[ 1800.500594]  ? ksys_write+0x1a9/0x260
[ 1800.501451]  ? __ia32_sys_read+0xb0/0xb0
[ 1800.502345]  __x64_sys_sendmmsg+0x99/0x100
[ 1800.503254]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1800.504359]  do_syscall_64+0x33/0x40
[ 1800.505158]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1800.506267] RIP: 0033:0x7f7277e2bb19
[ 1800.507062] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1800.510992] RSP: 002b:00007f72753a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1800.512629] RAX: ffffffffffffffda RBX: 00007f7277f3ef60 RCX: 00007f7277e2bb19
[ 1800.514167] RDX: 0000000000000001 RSI: 0000000020004d00 RDI: 0000000000000003
[ 1800.515687] RBP: 00007f72753a11d0 R08: 0000000000000000 R09: 0000000000000000
[ 1800.517302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1800.518843] R13: 00007ffca88815bf R14: 00007f72753a1300 R15: 0000000000022000
[ 1800.520416] CPU: 0 PID: 11439 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 1800.521890] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1800.523643] Call Trace:
[ 1800.524203]  dump_stack+0x107/0x167
[ 1800.524958]  should_fail.cold+0x5/0xa
[ 1800.525773]  ? create_object.isra.0+0x3a/0xa20
[ 1800.526729]  should_failslab+0x5/0x20
[ 1800.527540]  kmem_cache_alloc+0x5b/0x310
[ 1800.528400]  create_object.isra.0+0x3a/0xa20
[ 1800.529325]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1800.530407]  kmem_cache_alloc_trace+0x151/0x320
[ 1800.531385]  ? lockdep_init_map_type+0x2c7/0x780
[ 1800.532392]  legacy_init_fs_context+0x44/0xe0
[ 1800.533314]  ? generic_parse_monolithic+0x1f0/0x1f0
[ 1800.534376]  alloc_fs_context+0x4fd/0x840
[ 1800.535266]  path_mount+0xaa3/0x21c0
[ 1800.536045]  ? strncpy_from_user+0x9e/0x470
[ 1800.536952]  ? finish_automount+0xa90/0xa90
[ 1800.537866]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1800.538853]  ? _copy_from_user+0xfb/0x1b0
[ 1800.539743]  __x64_sys_mount+0x282/0x300
[ 1800.540590]  ? copy_mnt_ns+0xa00/0xa00
[ 1800.541399]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1800.542530]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1800.543589]  do_syscall_64+0x33/0x40
[ 1800.544398]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1800.545446] RIP: 0033:0x7f916d656b19
[ 1800.546233] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1800.550020] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1800.551621] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 1800.553148] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1800.554651] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1800.556203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1800.557745] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 1800.559501] hpet: Lost 1 RTC interrupts
[ 1800.563432] loop7: detected capacity change from 0 to 2103296
[ 1800.598636] loop2: detected capacity change from 0 to 2103296
17:11:44 executing program 0:
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', 0x0, 0x1, &(0x7f00000004c0)=[{0x0}], 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='umask=00000000000000000000000,dots,flu'])

17:11:44 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0) (fail_nth: 4)

[ 1800.679386] FAT-fs (loop0): Unrecognized mount option "flu" or missing value
17:11:44 executing program 1:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0x75)
r0 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r0, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r1=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000051c0)=""/197, 0xc5}, {&(0x7f00000052c0)=""/86, 0x56}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r1, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r2)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

[ 1800.739109] FAULT_INJECTION: forcing a failure.
[ 1800.739109] name failslab, interval 1, probability 0, space 0, times 0
[ 1800.741493] CPU: 0 PID: 11554 Comm: syz-executor.5 Not tainted 5.10.240 #1
[ 1800.742975] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1800.744690] Call Trace:
[ 1800.745247]  dump_stack+0x107/0x167
[ 1800.746026]  should_fail.cold+0x5/0xa
[ 1800.746826]  ? create_object.isra.0+0x3a/0xa20
[ 1800.747777]  should_failslab+0x5/0x20
[ 1800.748567]  kmem_cache_alloc+0x5b/0x310
[ 1800.749432]  create_object.isra.0+0x3a/0xa20
[ 1800.750353]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1800.751530]  kmem_cache_alloc_node+0x169/0x330
[ 1800.752564]  __alloc_skb+0x6d/0x5b0
[ 1800.753381]  alloc_skb_with_frags+0x92/0x570
[ 1800.754417]  sock_alloc_send_pskb+0x7af/0x930
[ 1800.755490]  ? sk_alloc+0x350/0x350
[ 1800.756302]  ? perf_trace_lock+0xac/0x490
[ 1800.757229]  ? SOFTIRQ_verbose+0x10/0x10
[ 1800.758177]  ? lock_chain_count+0x20/0x20
[ 1800.759136]  __ip6_append_data.isra.0+0x1cd4/0x3b90
[ 1800.760304]  ? ip_frag_init+0x350/0x350
[ 1800.761235]  ? ip6_sk_dst_lookup_flow+0x6f0/0x6f0
[ 1800.762347]  ? ip6_mtu+0x1e9/0x3d0
[ 1800.763150]  ? ip6_setup_cork+0xfb7/0x1740
[ 1800.764109]  ip6_make_skb+0x2df/0x4e0
[ 1800.764950]  ? ip_frag_init+0x350/0x350
[ 1800.765866]  ? ip_frag_init+0x350/0x350
[ 1800.766766]  ? ip6_push_pending_frames+0xf0/0xf0
[ 1800.767835]  ? ip6_dst_hoplimit+0x199/0x440
[ 1800.768841]  ? lock_downgrade+0x6d0/0x6d0
[ 1800.770014]  udpv6_sendmsg+0x2128/0x2b40
[ 1800.771050]  ? ip_frag_init+0x350/0x350
[ 1800.772108]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1800.773225]  ? SOFTIRQ_verbose+0x10/0x10
17:11:44 executing program 6:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffffff, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r0 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:11:44 executing program 0:
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', 0x0, 0x1, &(0x7f00000004c0)=[{0x0}], 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='umask=00000000000000000000000,dots,flu'])

17:11:44 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x1010, r1, 0x10000000)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x20d315)
r5 = syz_io_uring_setup(0x203a, &(0x7f0000000180)={0x0, 0x80cf, 0x10, 0x3, 0x120, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000040), &(0x7f0000000100))
syz_io_uring_submit(0x0, r2, &(0x7f0000000200)=@IORING_OP_TEE={0x21, 0x5, 0x0, @fd=r4, 0x0, 0x0, 0x40, 0x4, 0x0, {0x0, 0x0, r5}}, 0x2)
r6 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
socketpair(0x6, 0x0, 0x80000001, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
fcntl$dupfd(r7, 0x0, r0)
sendfile(r6, r0, 0x0, 0x4)

[ 1800.774156]  ? lock_acquire+0x197/0x470
[ 1800.775241]  ? find_held_lock+0x2c/0x110
[ 1800.776138]  ? __might_fault+0xd3/0x180
[ 1800.777030]  ? sock_has_perm+0x1ea/0x280
[ 1800.777954]  ? __import_iovec+0x458/0x590
[ 1800.778836]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1800.779921]  inet6_sendmsg+0x105/0x140
[ 1800.780730]  ? inet6_compat_ioctl+0x320/0x320
[ 1800.781673]  __sock_sendmsg+0xf2/0x190
[ 1800.782492]  ____sys_sendmsg+0x334/0x870
[ 1800.783351]  ? sock_write_iter+0x3d0/0x3d0
[ 1800.784216]  ? do_recvmmsg+0x6d0/0x6d0
[ 1800.785038]  ? SOFTIRQ_verbose+0x10/0x10
[ 1800.785915]  ? __lockdep_reset_lock+0x180/0x180
[ 1800.786900]  ___sys_sendmsg+0xf3/0x170
[ 1800.787720]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1800.788701]  ? lock_downgrade+0x6d0/0x6d0
[ 1800.789626]  ? __fget_files+0x2f8/0x520
[ 1800.790515]  ? __fget_light+0xea/0x290
[ 1800.791377]  __sys_sendmmsg+0x195/0x470
[ 1800.792249]  ? __ia32_sys_sendmsg+0xb0/0xb0
[ 1800.793187]  ? lock_downgrade+0x6d0/0x6d0
[ 1800.794164]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1800.795197]  ? wait_for_completion_io+0x270/0x270
[ 1800.796212]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1800.797198]  ? vfs_write+0x354/0xb10
[ 1800.798038]  ? fput_many+0x2f/0x1a0
[ 1800.798812]  ? ksys_write+0x1a9/0x260
[ 1800.799639]  ? __ia32_sys_read+0xb0/0xb0
[ 1800.800512]  __x64_sys_sendmmsg+0x99/0x100
[ 1800.801401]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1800.802496]  do_syscall_64+0x33/0x40
[ 1800.803288]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1800.804353] RIP: 0033:0x7f7277e2bb19
[ 1800.805147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1800.808941] RSP: 002b:00007f72753a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1800.810520] RAX: ffffffffffffffda RBX: 00007f7277f3ef60 RCX: 00007f7277e2bb19
[ 1800.812000] RDX: 0000000000000001 RSI: 0000000020004d00 RDI: 0000000000000003
[ 1800.813477] RBP: 00007f72753a11d0 R08: 0000000000000000 R09: 0000000000000000
[ 1800.814967] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1800.816467] R13: 00007ffca88815bf R14: 00007f72753a1300 R15: 0000000000022000
[ 1800.818363] hpet: Lost 4 RTC interrupts
17:11:44 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 14)

[ 1800.857537] FAT-fs (loop0): Unrecognized mount option "flu" or missing value
[ 1800.864841] FAULT_INJECTION: forcing a failure.
[ 1800.864841] name failslab, interval 1, probability 0, space 0, times 0
[ 1800.867355] CPU: 1 PID: 11558 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 1800.868842] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1800.870615] Call Trace:
[ 1800.871185]  dump_stack+0x107/0x167
[ 1800.871960]  should_fail.cold+0x5/0xa
[ 1800.872773]  ? v9fs_mount+0x5a/0x8f0
[ 1800.873571]  should_failslab+0x5/0x20
[ 1800.874384]  kmem_cache_alloc_trace+0x55/0x320
[ 1800.875355]  ? v9fs_write_inode+0x60/0x60
[ 1800.876358]  v9fs_mount+0x5a/0x8f0
[ 1800.877119]  ? v9fs_write_inode+0x60/0x60
[ 1800.878009]  legacy_get_tree+0x105/0x220
[ 1800.878872]  vfs_get_tree+0x8e/0x300
[ 1800.879659]  path_mount+0x1331/0x21c0
[ 1800.880476]  ? strncpy_from_user+0x9e/0x470
[ 1800.881398]  ? finish_automount+0xa90/0xa90
[ 1800.882328]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1800.883316]  ? _copy_from_user+0xfb/0x1b0
[ 1800.884201]  __x64_sys_mount+0x282/0x300
[ 1800.885056]  ? copy_mnt_ns+0xa00/0xa00
[ 1800.885896]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1800.887006]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1800.888111]  do_syscall_64+0x33/0x40
[ 1800.888903]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1800.890000] RIP: 0033:0x7f916d656b19
[ 1800.890786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1800.894881] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1800.896485] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 1800.898005] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1800.899523] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1800.901029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1800.902545] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
17:11:45 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0) (fail_nth: 5)

[ 1801.029316] FAULT_INJECTION: forcing a failure.
[ 1801.029316] name failslab, interval 1, probability 0, space 0, times 0
[ 1801.031829] CPU: 1 PID: 11577 Comm: syz-executor.5 Not tainted 5.10.240 #1
[ 1801.033411] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1801.035168] Call Trace:
[ 1801.035740]  dump_stack+0x107/0x167
[ 1801.036528]  should_fail.cold+0x5/0xa
[ 1801.037363]  should_failslab+0x5/0x20
[ 1801.038184]  __kmalloc_node_track_caller+0x74/0x3b0
[ 1801.039246]  ? alloc_skb_with_frags+0x92/0x570
[ 1801.040237]  __alloc_skb+0xb1/0x5b0
[ 1801.041032]  alloc_skb_with_frags+0x92/0x570
[ 1801.042002]  sock_alloc_send_pskb+0x7af/0x930
[ 1801.042987]  ? sk_alloc+0x350/0x350
[ 1801.043772]  ? perf_trace_lock+0xac/0x490
[ 1801.044651]  ? SOFTIRQ_verbose+0x10/0x10
[ 1801.045516]  ? lock_chain_count+0x20/0x20
[ 1801.046431]  __ip6_append_data.isra.0+0x1cd4/0x3b90
[ 1801.047569]  ? ip_frag_init+0x350/0x350
[ 1801.048470]  ? ip6_sk_dst_lookup_flow+0x6f0/0x6f0
[ 1801.049500]  ? ip6_mtu+0x1e9/0x3d0
[ 1801.050280]  ? ip6_setup_cork+0xfb7/0x1740
[ 1801.051195]  ip6_make_skb+0x2df/0x4e0
[ 1801.052007]  ? ip_frag_init+0x350/0x350
[ 1801.052867]  ? ip_frag_init+0x350/0x350
[ 1801.053735]  ? ip6_push_pending_frames+0xf0/0xf0
[ 1801.054763]  ? ip6_dst_hoplimit+0x199/0x440
[ 1801.055682]  ? lock_downgrade+0x6d0/0x6d0
[ 1801.056610]  udpv6_sendmsg+0x2128/0x2b40
[ 1801.057491]  ? ip_frag_init+0x350/0x350
[ 1801.058371]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1801.059467]  ? SOFTIRQ_verbose+0x10/0x10
[ 1801.060368]  ? lock_acquire+0x197/0x470
[ 1801.061217]  ? find_held_lock+0x2c/0x110
[ 1801.062114]  ? __might_fault+0xd3/0x180
[ 1801.062993]  ? sock_has_perm+0x1ea/0x280
[ 1801.064010]  ? __import_iovec+0x458/0x590
[ 1801.064911]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1801.066035]  inet6_sendmsg+0x105/0x140
[ 1801.066876]  ? inet6_compat_ioctl+0x320/0x320
[ 1801.067833]  __sock_sendmsg+0xf2/0x190
[ 1801.068670]  ____sys_sendmsg+0x334/0x870
[ 1801.069557]  ? sock_write_iter+0x3d0/0x3d0
[ 1801.070459]  ? do_recvmmsg+0x6d0/0x6d0
[ 1801.071299]  ? SOFTIRQ_verbose+0x10/0x10
[ 1801.072178]  ? __lockdep_reset_lock+0x180/0x180
[ 1801.073182]  ___sys_sendmsg+0xf3/0x170
[ 1801.074029]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1801.075018]  ? lock_downgrade+0x6d0/0x6d0
[ 1801.075947]  ? __fget_files+0x2f8/0x520
[ 1801.076819]  ? __fget_light+0xea/0x290
[ 1801.077680]  __sys_sendmmsg+0x195/0x470
[ 1801.078547]  ? __ia32_sys_sendmsg+0xb0/0xb0
[ 1801.079614]  ? lock_downgrade+0x6d0/0x6d0
[ 1801.080538]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1801.081589]  ? wait_for_completion_io+0x270/0x270
[ 1801.082629]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1801.083620]  ? vfs_write+0x354/0xb10
[ 1801.084423]  ? fput_many+0x2f/0x1a0
[ 1801.085202]  ? ksys_write+0x1a9/0x260
[ 1801.086031]  ? __ia32_sys_read+0xb0/0xb0
[ 1801.086921]  __x64_sys_sendmmsg+0x99/0x100
[ 1801.087829]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1801.088933]  do_syscall_64+0x33/0x40
[ 1801.089746]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1801.090846] RIP: 0033:0x7f7277e2bb19
[ 1801.091647] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1801.095664] RSP: 002b:00007f72753a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1801.097287] RAX: ffffffffffffffda RBX: 00007f7277f3ef60 RCX: 00007f7277e2bb19
[ 1801.098818] RDX: 0000000000000001 RSI: 0000000020004d00 RDI: 0000000000000003
[ 1801.100336] RBP: 00007f72753a11d0 R08: 0000000000000000 R09: 0000000000000000
[ 1801.101888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1801.103407] R13: 00007ffca88815bf R14: 00007f72753a1300 R15: 0000000000022000
[ 1801.223189] EXT4-fs warning (device loop2): ext4_multi_mount_protect:340: MMP startup interrupted, failing mount
[ 1801.223189] 
[ 1801.249086] EXT4-fs warning (device loop7): ext4_multi_mount_protect:340: MMP startup interrupted, failing mount
[ 1801.249086] 
[ 1815.903683] FAULT_INJECTION: forcing a failure.
[ 1815.903683] name failslab, interval 1, probability 0, space 0, times 0
[ 1815.906952] CPU: 0 PID: 11584 Comm: syz-executor.5 Not tainted 5.10.240 #1
[ 1815.908631] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1815.911010] Call Trace:
[ 1815.911695]  dump_stack+0x107/0x167
[ 1815.912737]  should_fail.cold+0x5/0xa
[ 1815.913645]  ? create_object.isra.0+0x3a/0xa20
[ 1815.913759] loop7: detected capacity change from 0 to 2103296
[ 1815.914770]  should_failslab+0x5/0x20
[ 1815.914795]  kmem_cache_alloc+0x5b/0x310
[ 1815.914836]  create_object.isra.0+0x3a/0xa20
[ 1815.914855]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1815.914893]  __kmalloc_node_track_caller+0x1a6/0x3b0
[ 1815.914918]  ? alloc_skb_with_frags+0x92/0x570
[ 1815.914959]  __alloc_skb+0xb1/0x5b0
[ 1815.924094]  alloc_skb_with_frags+0x92/0x570
[ 1815.925211]  sock_alloc_send_pskb+0x7af/0x930
[ 1815.926334]  ? sk_alloc+0x350/0x350
[ 1815.927236]  ? perf_trace_lock+0xac/0x490
[ 1815.928242]  ? SOFTIRQ_verbose+0x10/0x10
[ 1815.929235]  ? lock_chain_count+0x20/0x20
[ 1815.930284]  __ip6_append_data.isra.0+0x1cd4/0x3b90
[ 1815.931541]  ? ip_frag_init+0x350/0x350
[ 1815.932556]  ? ip6_sk_dst_lookup_flow+0x6f0/0x6f0
[ 1815.933969]  ? ip6_mtu+0x1e9/0x3d0
[ 1815.934884]  ? ip6_setup_cork+0xfb7/0x1740
[ 1815.936124]  ip6_make_skb+0x2df/0x4e0
[ 1815.937051]  ? ip_frag_init+0x350/0x350
[ 1815.938082]  ? ip_frag_init+0x350/0x350
[ 1815.939076]  ? ip6_push_pending_frames+0xf0/0xf0
[ 1815.940254]  ? ip6_dst_hoplimit+0x199/0x440
[ 1815.941310]  ? lock_downgrade+0x6d0/0x6d0
[ 1815.942377]  udpv6_sendmsg+0x2128/0x2b40
[ 1815.943573]  ? ip_frag_init+0x350/0x350
[ 1815.944649]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1815.945942]  ? SOFTIRQ_verbose+0x10/0x10
[ 1815.946985]  ? lock_acquire+0x197/0x470
[ 1815.947982]  ? find_held_lock+0x2c/0x110
[ 1815.948995]  ? __might_fault+0xd3/0x180
[ 1815.950032]  ? sock_has_perm+0x1ea/0x280
[ 1815.951076]  ? __import_iovec+0x458/0x590
[ 1815.952081]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1815.953382]  inet6_sendmsg+0x105/0x140
[ 1815.954365]  ? inet6_compat_ioctl+0x320/0x320
[ 1815.955478]  __sock_sendmsg+0xf2/0x190
[ 1815.956646]  ____sys_sendmsg+0x334/0x870
[ 1815.957739]  ? sock_write_iter+0x3d0/0x3d0
[ 1815.958783]  ? do_recvmmsg+0x6d0/0x6d0
[ 1815.959761]  ? SOFTIRQ_verbose+0x10/0x10
[ 1815.960776]  ? __lockdep_reset_lock+0x180/0x180
[ 1815.961887]  ___sys_sendmsg+0xf3/0x170
[ 1815.962908]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1815.964108]  ? lock_downgrade+0x6d0/0x6d0
[ 1815.965219]  ? __fget_files+0x2f8/0x520
[ 1815.966130]  ? __fget_light+0xea/0x290
[ 1815.966992]  __sys_sendmmsg+0x195/0x470
[ 1815.967844]  ? __ia32_sys_sendmsg+0xb0/0xb0
[ 1815.968969]  ? lock_downgrade+0x6d0/0x6d0
[ 1815.970101]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1815.971379]  ? wait_for_completion_io+0x270/0x270
[ 1815.972445]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1815.973661]  ? vfs_write+0x354/0xb10
[ 1815.974659]  ? fput_many+0x2f/0x1a0
[ 1815.975626]  ? ksys_write+0x1a9/0x260
[ 1815.976636]  ? __ia32_sys_read+0xb0/0xb0
[ 1815.977736]  __x64_sys_sendmmsg+0x99/0x100
[ 1815.978865]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1815.980232]  do_syscall_64+0x33/0x40
[ 1815.981066]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1815.982439] RIP: 0033:0x7f7277e2bb19
[ 1815.983426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1815.988250] RSP: 002b:00007f72753a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1815.989896] RAX: ffffffffffffffda RBX: 00007f7277f3ef60 RCX: 00007f7277e2bb19
[ 1815.991379] RDX: 0000000000000001 RSI: 0000000020004d00 RDI: 0000000000000003
[ 1815.992868] RBP: 00007f72753a11d0 R08: 0000000000000000 R09: 0000000000000000
[ 1815.994355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1815.995842] R13: 00007ffca88815bf R14: 00007f72753a1300 R15: 0000000000022000
[ 1815.997676] hpet: Lost 5 RTC interrupts
17:11:59 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 15)

17:11:59 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)='PMM\x00PM', 0x6, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:11:59 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)='PMM\x00PMM', 0x7, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:11:59 executing program 0:
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', 0x0, 0x1, &(0x7f00000004c0)=[{0x0}], 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='umask=00000000000000000000000,dots,flu'])

17:11:59 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, 0x0, 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000051c0)=""/197, 0xc5}, {&(0x7f00000052c0)=""/86, 0x56}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:11:59 executing program 6:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffffff, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r0 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:11:59 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
readlinkat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup.net/cgroup.procs\x00', &(0x7f0000000180)=""/94, 0x5e)
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(r1, 0x82307201, &(0x7f0000000200)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r2, r0, 0x0, 0x4)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x20d315)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x6, 0x4000010, r3, 0x8000000)

17:11:59 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0) (fail_nth: 6)

[ 1816.023748] FAULT_INJECTION: forcing a failure.
[ 1816.023748] name failslab, interval 1, probability 0, space 0, times 0
[ 1816.026222] CPU: 0 PID: 11595 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 1816.027726] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1816.029492] Call Trace:
[ 1816.030065]  dump_stack+0x107/0x167
[ 1816.030848]  should_fail.cold+0x5/0xa
[ 1816.031655]  ? create_object.isra.0+0x3a/0xa20
[ 1816.032648]  should_failslab+0x5/0x20
[ 1816.033446]  kmem_cache_alloc+0x5b/0x310
[ 1816.034332]  ? cred_has_capability.isra.0+0x152/0x2b0
[ 1816.035446]  create_object.isra.0+0x3a/0xa20
[ 1816.036366]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1816.037434]  kmem_cache_alloc_trace+0x151/0x320
[ 1816.038414]  ? v9fs_write_inode+0x60/0x60
[ 1816.039277]  v9fs_mount+0x5a/0x8f0
[ 1816.040023]  ? v9fs_write_inode+0x60/0x60
[ 1816.040891]  legacy_get_tree+0x105/0x220
[ 1816.041768]  vfs_get_tree+0x8e/0x300
[ 1816.042722]  path_mount+0x1331/0x21c0
[ 1816.043519]  ? strncpy_from_user+0x9e/0x470
[ 1816.044421]  ? finish_automount+0xa90/0xa90
[ 1816.045532]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1816.046524]  ? _copy_from_user+0xfb/0x1b0
[ 1816.047412]  __x64_sys_mount+0x282/0x300
[ 1816.048455]  ? copy_mnt_ns+0xa00/0xa00
[ 1816.049266]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1816.050408]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1816.051501]  do_syscall_64+0x33/0x40
[ 1816.052285]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1816.053370] RIP: 0033:0x7f916d656b19
[ 1816.054154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1816.057964] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1816.059568] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 1816.061041] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1816.062551] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1816.064050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1816.065527] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 1816.067192] hpet: Lost 2 RTC interrupts
[ 1816.091669] FAT-fs (loop0): Unrecognized mount option "flu" or missing value
[ 1816.120330] loop2: detected capacity change from 0 to 2103296
17:12:00 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x2625, 0x4, 0x20002, 0xfffffffd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
creat(&(0x7f0000000000)='./cgroup.net/cgroup.procs\x00', 0x64)
sendfile(r1, r0, 0x0, 0x4)

17:12:00 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, 0x0, 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000051c0)=""/197, 0xc5}, {&(0x7f00000052c0)=""/86, 0x56}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:12:00 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0) (fail_nth: 7)

17:12:00 executing program 0:
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', 0x0, 0x1, &(0x7f00000004c0)=[{0x0}], 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='umask=00000000000000000000000,dots,flush,no'])

[ 1816.244383] FAULT_INJECTION: forcing a failure.
[ 1816.244383] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1816.247237] CPU: 0 PID: 11619 Comm: syz-executor.5 Not tainted 5.10.240 #1
[ 1816.248667] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1816.250417] Call Trace:
[ 1816.251020]  dump_stack+0x107/0x167
[ 1816.251793]  should_fail.cold+0x5/0xa
[ 1816.252626]  _copy_from_iter_full+0x201/0xa60
[ 1816.253588]  ? __virt_addr_valid+0x170/0x5d0
[ 1816.254541]  ? __check_object_size+0x319/0x440
[ 1816.255527]  ip_generic_getfrag+0xf7/0x230
[ 1816.256425]  ? ip_frag_init+0x350/0x350
[ 1816.257273]  ? SOFTIRQ_verbose+0x10/0x10
[ 1816.258149]  ? lock_chain_count+0x20/0x20
[ 1816.259040]  __ip6_append_data.isra.0+0x1f7b/0x3b90
[ 1816.260125]  ? ip_frag_init+0x350/0x350
[ 1816.261007]  ? ip6_sk_dst_lookup_flow+0x6f0/0x6f0
[ 1816.262030]  ? ip6_mtu+0x1e9/0x3d0
[ 1816.262791]  ? ip6_setup_cork+0xfb7/0x1740
[ 1816.263695]  ip6_make_skb+0x2df/0x4e0
[ 1816.264495]  ? ip_frag_init+0x350/0x350
[ 1816.265377]  ? ip_frag_init+0x350/0x350
[ 1816.266245]  ? ip6_push_pending_frames+0xf0/0xf0
[ 1816.267271]  ? ip6_dst_hoplimit+0x199/0x440
[ 1816.268185]  ? lock_downgrade+0x6d0/0x6d0
[ 1816.269096]  udpv6_sendmsg+0x2128/0x2b40
[ 1816.269978]  ? ip_frag_init+0x350/0x350
[ 1816.270839]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1816.271932]  ? SOFTIRQ_verbose+0x10/0x10
[ 1816.272831]  ? lock_acquire+0x197/0x470
[ 1816.273665]  ? find_held_lock+0x2c/0x110
17:12:00 executing program 6:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffffff, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r0 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

[ 1816.274560]  ? __might_fault+0xd3/0x180
[ 1816.275610]  ? sock_has_perm+0x1ea/0x280
[ 1816.276517]  ? __import_iovec+0x458/0x590
[ 1816.277390]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1816.278476]  inet6_sendmsg+0x105/0x140
[ 1816.279284]  ? inet6_compat_ioctl+0x320/0x320
[ 1816.280231]  __sock_sendmsg+0xf2/0x190
[ 1816.281076]  ____sys_sendmsg+0x334/0x870
[ 1816.281973]  ? sock_write_iter+0x3d0/0x3d0
[ 1816.282844]  ? do_recvmmsg+0x6d0/0x6d0
[ 1816.283663]  ? SOFTIRQ_verbose+0x10/0x10
[ 1816.284526]  ? __lockdep_reset_lock+0x180/0x180
[ 1816.285525]  ___sys_sendmsg+0xf3/0x170
[ 1816.286365]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1816.287324]  ? lock_downgrade+0x6d0/0x6d0
[ 1816.288227]  ? __fget_files+0x2f8/0x520
[ 1816.289073]  ? __fget_light+0xea/0x290
[ 1816.289912]  __sys_sendmmsg+0x195/0x470
[ 1816.290748]  ? __ia32_sys_sendmsg+0xb0/0xb0
[ 1816.291648]  ? lock_downgrade+0x6d0/0x6d0
[ 1816.292557]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1816.293579]  ? wait_for_completion_io+0x270/0x270
[ 1816.294601]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1816.295592]  ? vfs_write+0x354/0xb10
[ 1816.296384]  ? fput_many+0x2f/0x1a0
[ 1816.297153]  ? ksys_write+0x1a9/0x260
[ 1816.297957]  ? __ia32_sys_read+0xb0/0xb0
[ 1816.298823]  __x64_sys_sendmmsg+0x99/0x100
[ 1816.299704]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1816.300780]  do_syscall_64+0x33/0x40
[ 1816.301558]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1816.302638] RIP: 0033:0x7f7277e2bb19
[ 1816.303404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1816.307237] RSP: 002b:00007f72753a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1816.308816] RAX: ffffffffffffffda RBX: 00007f7277f3ef60 RCX: 00007f7277e2bb19
[ 1816.310309] RDX: 0000000000000001 RSI: 0000000020004d00 RDI: 0000000000000003
[ 1816.311781] RBP: 00007f72753a11d0 R08: 0000000000000000 R09: 0000000000000000
[ 1816.313265] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1816.314754] R13: 00007ffca88815bf R14: 00007f72753a1300 R15: 0000000000022000
[ 1816.316603] hpet: Lost 4 RTC interrupts
17:12:00 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x60db, &(0x7f0000000080)={0x0, 0x822f, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r1, r0, 0x0, 0x4)

[ 1816.359949] FAT-fs (loop0): Unrecognized mount option "no" or missing value
17:12:00 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 16)

17:12:00 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, 0x0, 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000051c0)=""/197, 0xc5}, {&(0x7f00000052c0)=""/86, 0x56}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:12:00 executing program 0:
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', 0x0, 0x1, &(0x7f00000004c0)=[{0x0}], 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='umask=00000000000000000000000,dots,flus'])

[ 1816.503440] FAULT_INJECTION: forcing a failure.
[ 1816.503440] name failslab, interval 1, probability 0, space 0, times 0
[ 1816.506025] CPU: 1 PID: 11636 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 1816.507500] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1816.509261] Call Trace:
[ 1816.509835]  dump_stack+0x107/0x167
[ 1816.510609]  should_fail.cold+0x5/0xa
[ 1816.511422]  should_failslab+0x5/0x20
[ 1816.512231]  __kmalloc_track_caller+0x79/0x370
[ 1816.513200]  ? v9fs_session_init+0xa7/0x1680
[ 1816.514137]  ? kernel_text_address+0xf2/0x120
[ 1816.515090]  kstrdup+0x36/0x70
[ 1816.515770]  v9fs_session_init+0xa7/0x1680
[ 1816.516805]  ? lock_release+0x680/0x680
[ 1816.517646]  ? find_held_lock+0x2c/0x110
[ 1816.518527]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1816.519554]  ? v9fs_show_options+0x690/0x690
[ 1816.520500]  ? trace_hardirqs_on+0x5b/0x180
[ 1816.521414]  ? kasan_unpoison_shadow+0x33/0x50
[ 1816.522394]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1816.523470]  v9fs_mount+0x79/0x8f0
[ 1816.524224]  ? v9fs_write_inode+0x60/0x60
[ 1816.525103]  legacy_get_tree+0x105/0x220
[ 1816.525977]  vfs_get_tree+0x8e/0x300
[ 1816.526763]  path_mount+0x1331/0x21c0
[ 1816.527583]  ? strncpy_from_user+0x9e/0x470
[ 1816.528497]  ? finish_automount+0xa90/0xa90
[ 1816.529410]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1816.530403]  ? _copy_from_user+0xfb/0x1b0
[ 1816.531294]  __x64_sys_mount+0x282/0x300
[ 1816.532209]  ? copy_mnt_ns+0xa00/0xa00
[ 1816.533039]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1816.534162]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1816.535259]  do_syscall_64+0x33/0x40
[ 1816.536049]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1816.537128] RIP: 0033:0x7f916d656b19
[ 1816.537923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1816.541853] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1816.543457] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 1816.544958] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1816.546469] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1816.548090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1816.549598] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 1816.598830] FAT-fs (loop0): Unrecognized mount option "flus" or missing value
[ 1816.732009] EXT4-fs warning (device loop7): ext4_multi_mount_protect:340: MMP startup interrupted, failing mount
[ 1816.732009] 
[ 1816.846226] EXT4-fs warning (device loop2): ext4_multi_mount_protect:340: MMP startup interrupted, failing mount
[ 1816.846226] 
17:12:16 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 17)

17:12:16 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)='PMM\x00PM', 0x6, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:12:16 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0) (fail_nth: 8)

17:12:16 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
syz_io_uring_setup(0x3b68, &(0x7f0000000000)={0x0, 0x7002, 0x4, 0x2, 0x10f, 0x0, r1}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000180)=<r3=>0x0)
r4 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r6=>0x0, &(0x7f0000000100)=<r7=>0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, {}, 0x1, {0x0, r8}}, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f00000001c0)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x3, 0x0, 0x0, 0x0, 0x23456, 0x0, 0x0, 0x1, {0x0, r8}}, 0x957)
sendfile(r2, r0, 0x0, 0x4)

17:12:16 executing program 6:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffffff, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r0 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:12:16 executing program 0:
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', 0x0, 0x1, &(0x7f00000004c0)=[{0x0}], 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='umask=00000000000000000000000,dots,flus'])

17:12:16 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x0)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000051c0)=""/197, 0xc5}, {&(0x7f00000052c0)=""/86, 0x56}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:12:16 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 1832.310261] FAULT_INJECTION: forcing a failure.
[ 1832.310261] name failslab, interval 1, probability 0, space 0, times 0
[ 1832.313088] CPU: 0 PID: 11654 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 1832.315090] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1832.317367] FAT-fs (loop0): Unrecognized mount option "flus" or missing value
[ 1832.317417] Call Trace:
[ 1832.317453]  dump_stack+0x107/0x167
[ 1832.317479]  should_fail.cold+0x5/0xa
[ 1832.321646]  ? create_object.isra.0+0x3a/0xa20
[ 1832.322934]  should_failslab+0x5/0x20
[ 1832.324011]  kmem_cache_alloc+0x5b/0x310
[ 1832.325151]  create_object.isra.0+0x3a/0xa20
[ 1832.326393]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1832.326654] FAULT_INJECTION: forcing a failure.
[ 1832.326654] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1832.327815]  __kmalloc_track_caller+0x177/0x370
[ 1832.327837]  ? v9fs_session_init+0xa7/0x1680
[ 1832.327858]  ? kernel_text_address+0xf2/0x120
[ 1832.327884]  kstrdup+0x36/0x70
[ 1832.327906]  v9fs_session_init+0xa7/0x1680
[ 1832.327934]  ? lock_release+0x680/0x680
[ 1832.335997]  ? find_held_lock+0x2c/0x110
[ 1832.336947]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1832.338088]  ? v9fs_show_options+0x690/0x690
[ 1832.339084]  ? trace_hardirqs_on+0x5b/0x180
[ 1832.340098]  ? kasan_unpoison_shadow+0x33/0x50
[ 1832.341165]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1832.342360]  v9fs_mount+0x79/0x8f0
[ 1832.343204]  ? v9fs_write_inode+0x60/0x60
[ 1832.344164]  legacy_get_tree+0x105/0x220
[ 1832.345117]  vfs_get_tree+0x8e/0x300
[ 1832.345984]  path_mount+0x1331/0x21c0
[ 1832.346882]  ? strncpy_from_user+0x9e/0x470
[ 1832.347881]  ? finish_automount+0xa90/0xa90
[ 1832.348865]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1832.349945]  ? _copy_from_user+0xfb/0x1b0
[ 1832.350933]  __x64_sys_mount+0x282/0x300
[ 1832.351891]  ? copy_mnt_ns+0xa00/0xa00
[ 1832.352798]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1832.354033]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1832.355246]  do_syscall_64+0x33/0x40
[ 1832.356113]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1832.357316] RIP: 0033:0x7f916d656b19
[ 1832.358194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1832.362507] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1832.364265] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 1832.365917] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1832.367607] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1832.369268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1832.370939] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 1832.372635] CPU: 1 PID: 11658 Comm: syz-executor.5 Not tainted 5.10.240 #1
[ 1832.372944] hpet: Lost 3 RTC interrupts
[ 1832.374367] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1832.377258] Call Trace:
[ 1832.377888]  dump_stack+0x107/0x167
[ 1832.378775]  should_fail.cold+0x5/0xa
[ 1832.379667]  ? copyin.part.0+0x112/0x140
[ 1832.380642]  _copy_from_iter_full+0x319/0xa60
[ 1832.381701]  ? __virt_addr_valid+0x170/0x5d0
[ 1832.382746]  ? __check_object_size+0x319/0x440
[ 1832.383839]  ip_generic_getfrag+0xf7/0x230
[ 1832.384713]  ? ip_frag_init+0x350/0x350
[ 1832.385659]  ? SOFTIRQ_verbose+0x10/0x10
[ 1832.386627]  ? lock_chain_count+0x20/0x20
[ 1832.387613]  __ip6_append_data.isra.0+0x1f7b/0x3b90
[ 1832.388810]  ? ip_frag_init+0x350/0x350
[ 1832.389771]  ? ip6_sk_dst_lookup_flow+0x6f0/0x6f0
[ 1832.390907]  ? ip6_mtu+0x1e9/0x3d0
[ 1832.391780]  ? ip6_setup_cork+0xfb7/0x1740
[ 1832.392784]  ip6_make_skb+0x2df/0x4e0
[ 1832.393686]  ? ip_frag_init+0x350/0x350
[ 1832.394642]  ? ip_frag_init+0x350/0x350
[ 1832.395585]  ? ip6_push_pending_frames+0xf0/0xf0
[ 1832.396719]  ? ip6_dst_hoplimit+0x199/0x440
[ 1832.397733]  ? lock_downgrade+0x6d0/0x6d0
[ 1832.398771]  udpv6_sendmsg+0x2128/0x2b40
[ 1832.399728]  ? ip_frag_init+0x350/0x350
[ 1832.400684]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1832.401869]  ? SOFTIRQ_verbose+0x10/0x10
[ 1832.402673]  ? lock_acquire+0x197/0x470
[ 1832.403602]  ? find_held_lock+0x2c/0x110
[ 1832.404580]  ? __might_fault+0xd3/0x180
[ 1832.405538]  ? sock_has_perm+0x1ea/0x280
[ 1832.406570]  ? __import_iovec+0x458/0x590
[ 1832.407625]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1832.408826]  inet6_sendmsg+0x105/0x140
[ 1832.409723]  ? inet6_compat_ioctl+0x320/0x320
[ 1832.410775]  __sock_sendmsg+0xf2/0x190
[ 1832.411687]  ____sys_sendmsg+0x334/0x870
[ 1832.412643]  ? sock_write_iter+0x3d0/0x3d0
[ 1832.413621]  ? do_recvmmsg+0x6d0/0x6d0
[ 1832.414552]  ? SOFTIRQ_verbose+0x10/0x10
[ 1832.415388]  ? __lockdep_reset_lock+0x180/0x180
[ 1832.416488]  ___sys_sendmsg+0xf3/0x170
[ 1832.417407]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1832.418503]  ? lock_downgrade+0x6d0/0x6d0
[ 1832.419504]  ? __fget_files+0x2f8/0x520
[ 1832.420451]  ? __fget_light+0xea/0x290
[ 1832.421373]  __sys_sendmmsg+0x195/0x470
[ 1832.422342]  ? __ia32_sys_sendmsg+0xb0/0xb0
[ 1832.423448]  ? lock_downgrade+0x6d0/0x6d0
[ 1832.424453]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1832.425582]  ? wait_for_completion_io+0x270/0x270
[ 1832.426733]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1832.427812]  ? vfs_write+0x354/0xb10
[ 1832.428690]  ? fput_many+0x2f/0x1a0
[ 1832.429546]  ? ksys_write+0x1a9/0x260
[ 1832.430287]  ? __ia32_sys_read+0xb0/0xb0
[ 1832.431250]  __x64_sys_sendmmsg+0x99/0x100
[ 1832.432250]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1832.433457]  do_syscall_64+0x33/0x40
[ 1832.434333]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1832.435503] RIP: 0033:0x7f7277e2bb19
[ 1832.436378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1832.440646] RSP: 002b:00007f72753a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1832.442396] RAX: ffffffffffffffda RBX: 00007f7277f3ef60 RCX: 00007f7277e2bb19
[ 1832.444037] RDX: 0000000000000001 RSI: 0000000020004d00 RDI: 0000000000000003
[ 1832.445782] RBP: 00007f72753a11d0 R08: 0000000000000000 R09: 0000000000000000
[ 1832.447447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1832.449072] R13: 00007ffca88815bf R14: 00007f72753a1300 R15: 0000000000022000
[ 1832.454123] loop7: detected capacity change from 0 to 2103296
[ 1832.464564] loop2: detected capacity change from 0 to 2103296
17:12:16 executing program 0:
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', 0x0, 0x1, &(0x7f00000004c0)=[{0x0}], 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='umask=00000000000000000000000,dots,flus'])

[ 1832.577076] EXT4-fs warning (device loop2): read_mmp_block:114: Error -117 while reading MMP block 64
17:12:16 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0) (fail_nth: 9)

17:12:16 executing program 6:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffffff, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r0 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:12:16 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x4401c0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r1, r0, 0x0, 0x4)

[ 1832.648796] FAT-fs (loop0): Unrecognized mount option "flus" or missing value
17:12:16 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 1832.722551] FAULT_INJECTION: forcing a failure.
[ 1832.722551] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1832.726186] CPU: 0 PID: 11783 Comm: syz-executor.5 Not tainted 5.10.240 #1
[ 1832.727913] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1832.730407] Call Trace:
[ 1832.731115]  dump_stack+0x107/0x167
[ 1832.732214]  should_fail.cold+0x5/0xa
[ 1832.733150]  ? __virt_addr_valid+0x346/0x5d0
[ 1832.734314]  __alloc_pages_nodemask+0x182/0x600
[ 1832.735528]  ? __alloc_pages_slowpath.constprop.0+0x2200/0x2200
[ 1832.736976]  ? __virt_addr_valid+0x170/0x5d0
[ 1832.738067]  ? __check_object_size+0x319/0x440
[ 1832.739197]  alloc_pages_current+0x187/0x280
[ 1832.740261]  skb_page_frag_refill+0x27c/0x490
[ 1832.741365]  sk_page_frag_refill+0x4a/0x1d0
[ 1832.742433]  __ip6_append_data.isra.0+0xda2/0x3b90
[ 1832.743670]  ? ip_frag_init+0x350/0x350
[ 1832.744674]  ? ip6_sk_dst_lookup_flow+0x6f0/0x6f0
[ 1832.745847]  ? ip6_mtu+0x1e9/0x3d0
[ 1832.746726]  ? ip6_setup_cork+0xfb7/0x1740
[ 1832.747767]  ip6_make_skb+0x2df/0x4e0
[ 1832.748696]  ? ip_frag_init+0x350/0x350
[ 1832.749680]  ? ip_frag_init+0x350/0x350
[ 1832.750668]  ? ip6_push_pending_frames+0xf0/0xf0
[ 1832.751838]  ? ip6_dst_hoplimit+0x199/0x440
[ 1832.752882]  ? lock_downgrade+0x6d0/0x6d0
[ 1832.753925]  udpv6_sendmsg+0x2128/0x2b40
[ 1832.754927]  ? ip_frag_init+0x350/0x350
[ 1832.755910]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1832.757147]  ? SOFTIRQ_verbose+0x10/0x10
[ 1832.758170]  ? lock_acquire+0x197/0x470
[ 1832.759124]  ? find_held_lock+0x2c/0x110
[ 1832.760121]  ? __might_fault+0xd3/0x180
[ 1832.761113]  ? sock_has_perm+0x1ea/0x280
[ 1832.762163]  ? __import_iovec+0x458/0x590
[ 1832.763165]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1832.764413]  inet6_sendmsg+0x105/0x140
[ 1832.765350]  ? inet6_compat_ioctl+0x320/0x320
[ 1832.766439]  __sock_sendmsg+0xf2/0x190
[ 1832.767386]  ____sys_sendmsg+0x334/0x870
[ 1832.768379]  ? sock_write_iter+0x3d0/0x3d0
[ 1832.769392]  ? do_recvmmsg+0x6d0/0x6d0
[ 1832.770339]  ? SOFTIRQ_verbose+0x10/0x10
[ 1832.771321]  ? __lockdep_reset_lock+0x180/0x180
[ 1832.772449]  ___sys_sendmsg+0xf3/0x170
[ 1832.773386]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1832.774500]  ? lock_downgrade+0x6d0/0x6d0
17:12:16 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 1832.775531]  ? __fget_files+0x2f8/0x520
[ 1832.776716]  ? __fget_light+0xea/0x290
[ 1832.777669]  __sys_sendmmsg+0x195/0x470
[ 1832.778654]  ? __ia32_sys_sendmsg+0xb0/0xb0
[ 1832.779679]  ? sched_ttwu_pending+0x20b/0x360
[ 1832.780781]  ? do_raw_spin_unlock+0x4f/0x220
[ 1832.781838]  ? sched_ttwu_pending+0x20b/0x360
[ 1832.782939]  ? sched_set_stop_task+0x2a0/0x2a0
[ 1832.784038]  ? trace_event_raw_event_x86_fpu+0x390/0x390
[ 1832.785366]  __x64_sys_sendmmsg+0x99/0x100
[ 1832.786381]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1832.787594]  do_syscall_64+0x33/0x40
[ 1832.788472]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1832.789679] RIP: 0033:0x7f7277e2bb19
[ 1832.790570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1832.794886] RSP: 002b:00007f72753a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1832.796677] RAX: ffffffffffffffda RBX: 00007f7277f3ef60 RCX: 00007f7277e2bb19
[ 1832.798361] RDX: 0000000000000001 RSI: 0000000020004d00 RDI: 0000000000000003
[ 1832.800033] RBP: 00007f72753a11d0 R08: 0000000000000000 R09: 0000000000000000
[ 1832.801706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1832.803395] R13: 00007ffca88815bf R14: 00007f72753a1300 R15: 0000000000022000
[ 1832.805450] hpet: Lost 4 RTC interrupts
17:12:16 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
syz_io_uring_setup(0x494a, &(0x7f0000000180)={0x0, 0x4fae, 0x8, 0x0, 0x2a9, 0x0, r1}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000100))
r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000000))
sendfile(r2, r0, 0x0, 0x4)

17:12:16 executing program 0:
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', 0x0, 0x1, &(0x7f00000004c0)=[{0x0}], 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='umask=00000000000000000000000,dots,flush,'])

[ 1832.911125] FAT-fs (loop0): bogus number of reserved sectors
[ 1832.912561] FAT-fs (loop0): Can't find a valid FAT filesystem
[ 1833.134362] EXT4-fs warning (device loop7): ext4_multi_mount_protect:340: MMP startup interrupted, failing mount
[ 1833.134362] 
17:12:30 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0) (fail_nth: 10)

17:12:30 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)='PMM\x00PMM', 0x7, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:12:30 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:12:30 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 18)

17:12:30 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x0)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000051c0)=""/197, 0xc5}, {&(0x7f00000052c0)=""/86, 0x56}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:12:30 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105142, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x20d315)
openat(r3, &(0x7f0000000000)='./cgroup.net/cgroup.procs\x00', 0x80082, 0x119)
sendfile(r1, r0, 0x0, 0x4)

17:12:30 executing program 6:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffffff, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r0 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:12:30 executing program 0:
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', 0x0, 0x1, &(0x7f00000004c0)=[{0x0}], 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='umask=00000000000000000000000,dots,flus'])

[ 1846.646703] FAULT_INJECTION: forcing a failure.
[ 1846.646703] name failslab, interval 1, probability 0, space 0, times 0
[ 1846.647133] FAULT_INJECTION: forcing a failure.
[ 1846.647133] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1846.648239] CPU: 1 PID: 11811 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 1846.651784] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1846.652908] Call Trace:
[ 1846.653262]  dump_stack+0x107/0x167
[ 1846.653744]  should_fail.cold+0x5/0xa
[ 1846.654263]  ? create_object.isra.0+0x3a/0xa20
[ 1846.654879]  should_failslab+0x5/0x20
[ 1846.655389]  kmem_cache_alloc+0x5b/0x310
[ 1846.655931]  create_object.isra.0+0x3a/0xa20
[ 1846.656506]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1846.657198]  __kmalloc_track_caller+0x177/0x370
[ 1846.657898]  ? v9fs_session_init+0xa7/0x1680
[ 1846.658496]  ? kernel_text_address+0xf2/0x120
[ 1846.659088]  kstrdup+0x36/0x70
[ 1846.659515]  v9fs_session_init+0xa7/0x1680
[ 1846.660082]  ? lock_release+0x680/0x680
[ 1846.660607]  ? find_held_lock+0x2c/0x110
[ 1846.661154]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1846.661801]  ? v9fs_show_options+0x690/0x690
[ 1846.662392]  ? trace_hardirqs_on+0x5b/0x180
[ 1846.662974]  ? kasan_unpoison_shadow+0x33/0x50
[ 1846.663572]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1846.664245]  v9fs_mount+0x79/0x8f0
[ 1846.664717]  ? v9fs_write_inode+0x60/0x60
[ 1846.665271]  legacy_get_tree+0x105/0x220
[ 1846.665842]  vfs_get_tree+0x8e/0x300
[ 1846.666342]  path_mount+0x1331/0x21c0
[ 1846.666856]  ? strncpy_from_user+0x9e/0x470
[ 1846.667425]  ? finish_automount+0xa90/0xa90
[ 1846.667995]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1846.668617]  ? _copy_from_user+0xfb/0x1b0
[ 1846.669171]  __x64_sys_mount+0x282/0x300
[ 1846.669697]  ? copy_mnt_ns+0xa00/0xa00
[ 1846.670207]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1846.670907]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1846.671596]  do_syscall_64+0x33/0x40
[ 1846.672083]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1846.672747] RIP: 0033:0x7f916d656b19
[ 1846.673279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1846.675686] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1846.676687] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 1846.677637] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1846.678580] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1846.679531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1846.680477] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 1846.681470] CPU: 0 PID: 11804 Comm: syz-executor.5 Not tainted 5.10.240 #1
[ 1846.683076] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1846.685006] Call Trace:
[ 1846.685620]  dump_stack+0x107/0x167
[ 1846.686481]  should_fail.cold+0x5/0xa
[ 1846.687380]  _copy_from_iter_full+0x201/0xa60
[ 1846.688417]  ? __virt_addr_valid+0x170/0x5d0
[ 1846.689461]  ? __check_object_size+0x319/0x440
[ 1846.690532]  ip_generic_getfrag+0xf7/0x230
[ 1846.691509]  ? ip_frag_init+0x350/0x350
[ 1846.692429]  ? skb_page_frag_refill+0x2eb/0x490
[ 1846.693513]  __ip6_append_data.isra.0+0x11b2/0x3b90
[ 1846.694692]  ? ip_frag_init+0x350/0x350
[ 1846.695633]  ? ip6_sk_dst_lookup_flow+0x6f0/0x6f0
[ 1846.696738]  ? ip6_mtu+0x1e9/0x3d0
[ 1846.697555]  ? ip6_setup_cork+0xfb7/0x1740
[ 1846.698544]  ip6_make_skb+0x2df/0x4e0
[ 1846.699420]  ? ip_frag_init+0x350/0x350
[ 1846.700342]  ? ip_frag_init+0x350/0x350
[ 1846.701270]  ? ip6_push_pending_frames+0xf0/0xf0
[ 1846.702389]  ? ip6_dst_hoplimit+0x199/0x440
[ 1846.703382]  ? lock_downgrade+0x6d0/0x6d0
[ 1846.704374]  udpv6_sendmsg+0x2128/0x2b40
[ 1846.705333]  ? ip_frag_init+0x350/0x350
[ 1846.706270]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1846.707454]  ? SOFTIRQ_verbose+0x10/0x10
[ 1846.708421]  ? lock_acquire+0x197/0x470
[ 1846.709322]  ? find_held_lock+0x2c/0x110
[ 1846.710257]  ? __might_fault+0xd3/0x180
[ 1846.711200]  ? sock_has_perm+0x1ea/0x280
[ 1846.712175]  ? __import_iovec+0x458/0x590
[ 1846.713116]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1846.714304]  inet6_sendmsg+0x105/0x140
[ 1846.715192]  ? inet6_compat_ioctl+0x320/0x320
[ 1846.716210]  __sock_sendmsg+0xf2/0x190
[ 1846.717099]  ____sys_sendmsg+0x334/0x870
[ 1846.718042]  ? sock_write_iter+0x3d0/0x3d0
[ 1846.719007]  ? do_recvmmsg+0x6d0/0x6d0
[ 1846.719910]  ? SOFTIRQ_verbose+0x10/0x10
[ 1846.720858]  ? __lockdep_reset_lock+0x180/0x180
[ 1846.721929]  ___sys_sendmsg+0xf3/0x170
[ 1846.722829]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1846.723884]  ? lock_downgrade+0x6d0/0x6d0
[ 1846.724866]  ? __fget_files+0x2f8/0x520
[ 1846.725793]  ? __fget_light+0xea/0x290
[ 1846.726720]  __sys_sendmmsg+0x195/0x470
[ 1846.727639]  ? __ia32_sys_sendmsg+0xb0/0xb0
[ 1846.728615]  ? lock_downgrade+0x6d0/0x6d0
[ 1846.729589]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1846.730687]  ? wait_for_completion_io+0x270/0x270
[ 1846.731778]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1846.732818]  ? vfs_write+0x354/0xb10
[ 1846.733666]  ? fput_many+0x2f/0x1a0
[ 1846.734499]  ? ksys_write+0x1a9/0x260
[ 1846.735361]  ? __ia32_sys_read+0xb0/0xb0
[ 1846.736300]  __x64_sys_sendmmsg+0x99/0x100
[ 1846.737263]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1846.738432]  do_syscall_64+0x33/0x40
[ 1846.739275]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1846.740429] RIP: 0033:0x7f7277e2bb19
[ 1846.741264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1846.745362] RSP: 002b:00007f72753a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1846.747069] RAX: ffffffffffffffda RBX: 00007f7277f3ef60 RCX: 00007f7277e2bb19
[ 1846.748647] RDX: 0000000000000001 RSI: 0000000020004d00 RDI: 0000000000000003
[ 1846.750239] RBP: 00007f72753a11d0 R08: 0000000000000000 R09: 0000000000000000
[ 1846.751824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1846.753411] R13: 00007ffca88815bf R14: 00007f72753a1300 R15: 0000000000022000
[ 1846.755324] hpet: Lost 4 RTC interrupts
[ 1846.763191] FAT-fs (loop0): Unrecognized mount option "flus" or missing value
[ 1846.770007] loop7: detected capacity change from 0 to 2103296
[ 1846.793109] loop2: detected capacity change from 0 to 2103296
17:12:30 executing program 3:
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0xb55c, 0x8}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000240)={0x2000}, &(0x7f0000000280)='./file0\x00', 0x18}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
r4 = socket$inet6(0xa, 0x800, 0x1)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r3, 0x0, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x4, 0x0, @fd=r4, 0xcd11, 0x0, 0x400, 0x0, 0x1, {0x0, r5}}, 0x9)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r7 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r7, r6, 0x0, 0x4)

17:12:30 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0) (fail_nth: 11)

17:12:30 executing program 0:
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', 0x0, 0x1, &(0x7f00000004c0)=[{0x0}], 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='umask=00000000000000000000000,dots,flus'])

[ 1846.829588] EXT4-fs error (device loop2): ext4_fill_super:4967: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 1846.834080] EXT4-fs (loop2): get root inode failed
[ 1846.834715] EXT4-fs (loop2): mount failed
17:12:31 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 1846.905271] FAULT_INJECTION: forcing a failure.
[ 1846.905271] name failslab, interval 1, probability 0, space 0, times 0
[ 1846.907229] CPU: 1 PID: 11839 Comm: syz-executor.5 Not tainted 5.10.240 #1
[ 1846.908398] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1846.909617] Call Trace:
[ 1846.910018]  dump_stack+0x107/0x167
[ 1846.910587]  should_fail.cold+0x5/0xa
[ 1846.911162]  ? __alloc_skb+0x6d/0x5b0
[ 1846.911729]  should_failslab+0x5/0x20
[ 1846.912294]  kmem_cache_alloc_node+0x55/0x330
[ 1846.912984]  __alloc_skb+0x6d/0x5b0
[ 1846.913538]  skb_segment+0x9d8/0x3aa0
[ 1846.914108]  ? perf_tp_event+0x5ce/0xc00
[ 1846.914745]  ? perf_tp_event+0x5ce/0xc00
[ 1846.915381]  ? skb_zerocopy_iter_stream+0x800/0x800
[ 1846.916122]  ? perf_trace_run_bpf_submit+0xf5/0x190
[ 1846.916879]  __udp_gso_segment+0x127b/0x1e40
[ 1846.917536]  ? __sk_receive_skb+0x830/0x830
[ 1846.918197]  udp6_ufo_fragment+0x9f2/0xc80
[ 1846.918851]  ? inet6_csk_xmit+0x680/0x680
[ 1846.919469]  ? ipv6_gso_pull_exthdrs+0x24e/0x470
[ 1846.920188]  ipv6_gso_segment+0x47b/0xff0
[ 1846.920820]  ? sit_ip6ip6_gro_receive+0x110/0x110
[ 1846.921544]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1846.922337]  skb_mac_gso_segment+0x273/0x570
[ 1846.923011]  ? sit_ip6ip6_gro_receive+0x110/0x110
[ 1846.923853]  ? skb_network_protocol+0x650/0x650
[ 1846.924541]  ? skb_crc32c_csum_help+0x80/0x80
[ 1846.925207]  ? lock_acquire+0x197/0x470
[ 1846.925804]  ? __dev_queue_xmit+0x1c6/0x2690
[ 1846.926481]  __skb_gso_segment+0x32d/0x6d0
[ 1846.927133]  validate_xmit_skb.constprop.0+0x4f6/0xcd0
[ 1846.927911]  ? SOFTIRQ_verbose+0x10/0x10
[ 1846.928514]  ? netdev_core_pick_tx+0x1d1/0x2f0
[ 1846.929214]  __dev_queue_xmit+0x825/0x2690
[ 1846.929855]  ? down_read_non_owner+0x2b2/0x480
[ 1846.930543]  ? netdev_core_pick_tx+0x2f0/0x2f0
[ 1846.931234]  ? lock_downgrade+0x6d0/0x6d0
[ 1846.931858]  ? lock_acquire+0x197/0x470
[ 1846.932450]  ? ip6_finish_output2+0x3e0/0x1cf0
[ 1846.933146]  ? lockdep_hardirqs_on_prepare+0x129/0x3e0
[ 1846.933935]  neigh_connected_output+0x382/0x4d0
[ 1846.934659]  ip6_finish_output2+0xb23/0x1cf0
[ 1846.935338]  __ip6_finish_output.part.0+0x4f7/0xbc0
[ 1846.936100]  ip6_output+0x302/0x9e0
[ 1846.936665]  ? __ip6_finish_output.part.0+0xbc0/0xbc0
[ 1846.937441]  ip6_local_out+0xd2/0x4c0
[ 1846.938019]  ip6_send_skb+0x117/0x460
[ 1846.938609]  udp_v6_send_skb+0x7b7/0x1620
[ 1846.939371]  udpv6_sendmsg+0x216b/0x2b40
[ 1846.939985]  ? ip_frag_init+0x350/0x350
[ 1846.940595]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1846.941359]  ? SOFTIRQ_verbose+0x10/0x10
[ 1846.941991]  ? lock_acquire+0x197/0x470
[ 1846.942592]  ? find_held_lock+0x2c/0x110
[ 1846.943210]  ? __might_fault+0xd3/0x180
[ 1846.943824]  ? sock_has_perm+0x1ea/0x280
[ 1846.944477]  ? __import_iovec+0x458/0x590
[ 1846.945101]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1846.945873]  inet6_sendmsg+0x105/0x140
[ 1846.946469]  ? inet6_compat_ioctl+0x320/0x320
[ 1846.947143]  __sock_sendmsg+0xf2/0x190
[ 1846.947731]  ____sys_sendmsg+0x334/0x870
[ 1846.948363]  ? sock_write_iter+0x3d0/0x3d0
[ 1846.948992]  ? do_recvmmsg+0x6d0/0x6d0
[ 1846.949581]  ? SOFTIRQ_verbose+0x10/0x10
[ 1846.950197]  ? __lockdep_reset_lock+0x180/0x180
[ 1846.950916]  ___sys_sendmsg+0xf3/0x170
[ 1846.951509]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1846.952204]  ? lock_downgrade+0x6d0/0x6d0
[ 1846.952849]  ? __fget_files+0x2f8/0x520
[ 1846.953469]  ? __fget_light+0xea/0x290
[ 1846.954073]  __sys_sendmmsg+0x195/0x470
[ 1846.954725]  ? __ia32_sys_sendmsg+0xb0/0xb0
[ 1846.955444]  ? lock_downgrade+0x6d0/0x6d0
[ 1846.956102]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1846.956833]  ? wait_for_completion_io+0x270/0x270
[ 1846.957558]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1846.958248]  ? vfs_write+0x354/0xb10
[ 1846.958824]  ? fput_many+0x2f/0x1a0
[ 1846.959372]  ? ksys_write+0x1a9/0x260
[ 1846.959941]  ? __ia32_sys_read+0xb0/0xb0
[ 1846.960564]  __x64_sys_sendmmsg+0x99/0x100
[ 1846.961212]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1846.961978]  do_syscall_64+0x33/0x40
[ 1846.962540]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1846.963310] RIP: 0033:0x7f7277e2bb19
[ 1846.963873] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1846.966630] RSP: 002b:00007f72753a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1846.967761] RAX: ffffffffffffffda RBX: 00007f7277f3ef60 RCX: 00007f7277e2bb19
[ 1846.968815] RDX: 0000000000000001 RSI: 0000000020004d00 RDI: 0000000000000003
[ 1846.969869] RBP: 00007f72753a11d0 R08: 0000000000000000 R09: 0000000000000000
[ 1846.971031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1846.972135] R13: 00007ffca88815bf R14: 00007f72753a1300 R15: 0000000000022000
17:12:31 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x0)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000051c0)=""/197, 0xc5}, {&(0x7f00000052c0)=""/86, 0x56}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

[ 1847.011103] FAT-fs (loop0): Unrecognized mount option "flus" or missing value
17:12:31 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 19)

17:12:31 executing program 0:
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', 0x0, 0x1, &(0x7f00000004c0)=[{0x0}], 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='umask=00000000000000000000000,dots,flus'])

[ 1847.111431] loop2: detected capacity change from 0 to 2103296
17:12:31 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x20d315)
r2 = openat(r1, &(0x7f0000000140)='./file1\x00', 0x248100, 0x1a2)
r3 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r4 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r4, r2, 0x0, 0x4)
r5 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0xb55c, 0x8}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000100)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000240)={0x2000}, &(0x7f0000000280)='./file0\x00', 0x18}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r5, 0x8000000)
syz_io_uring_submit(r8, r7, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
r9 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
pwrite64(r9, &(0x7f0000000140)='3', 0x1, 0x10001)
r10 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r7, &(0x7f0000000040)=@IORING_OP_CLOSE={0x13, 0x4, 0x0, r9, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r10}}, 0x2)

[ 1847.154359] FAT-fs (loop0): Unrecognized mount option "flus" or missing value
17:12:31 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0) (fail_nth: 12)

[ 1847.173266] FAULT_INJECTION: forcing a failure.
[ 1847.173266] name failslab, interval 1, probability 0, space 0, times 0
[ 1847.175098] CPU: 1 PID: 11861 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 1847.176250] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1847.177478] Call Trace:
[ 1847.177874]  dump_stack+0x107/0x167
[ 1847.178413]  should_fail.cold+0x5/0xa
[ 1847.178969]  ? create_object.isra.0+0x3a/0xa20
[ 1847.179627]  should_failslab+0x5/0x20
[ 1847.180186]  kmem_cache_alloc+0x5b/0x310
[ 1847.180775]  create_object.isra.0+0x3a/0xa20
[ 1847.181427]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1847.182158]  __kmalloc_track_caller+0x177/0x370
[ 1847.182831]  ? v9fs_session_init+0xe9/0x1680
[ 1847.183476]  ? kernel_text_address+0xf2/0x120
[ 1847.184262]  kstrdup+0x36/0x70
[ 1847.184727]  v9fs_session_init+0xe9/0x1680
[ 1847.185343]  ? lock_release+0x680/0x680
[ 1847.185979]  ? find_held_lock+0x2c/0x110
[ 1847.186682]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1847.187396]  ? v9fs_show_options+0x690/0x690
[ 1847.188192]  ? trace_hardirqs_on+0x5b/0x180
[ 1847.188844]  ? kasan_unpoison_shadow+0x33/0x50
[ 1847.189580]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1847.190329]  v9fs_mount+0x79/0x8f0
[ 1847.190843]  ? v9fs_write_inode+0x60/0x60
[ 1847.191442]  legacy_get_tree+0x105/0x220
[ 1847.192027]  vfs_get_tree+0x8e/0x300
[ 1847.192582]  path_mount+0x1331/0x21c0
[ 1847.193140]  ? strncpy_from_user+0x9e/0x470
[ 1847.193769]  ? finish_automount+0xa90/0xa90
[ 1847.194400]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1847.195067]  ? _copy_from_user+0xfb/0x1b0
[ 1847.195669]  __x64_sys_mount+0x282/0x300
[ 1847.196256]  ? copy_mnt_ns+0xa00/0xa00
[ 1847.196825]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1847.197580]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1847.198332]  do_syscall_64+0x33/0x40
[ 1847.198974]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1847.199719] RIP: 0033:0x7f916d656b19
[ 1847.200408] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1847.203199] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1847.204306] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 1847.205333] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1847.206487] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1847.207515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1847.208724] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 1847.257290] FAULT_INJECTION: forcing a failure.
[ 1847.257290] name failslab, interval 1, probability 0, space 0, times 0
[ 1847.259714] CPU: 0 PID: 11869 Comm: syz-executor.5 Not tainted 5.10.240 #1
[ 1847.261187] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1847.262945] Call Trace:
[ 1847.263519]  dump_stack+0x107/0x167
[ 1847.264307]  should_fail.cold+0x5/0xa
[ 1847.265121]  ? create_object.isra.0+0x3a/0xa20
[ 1847.266099]  should_failslab+0x5/0x20
[ 1847.266937]  kmem_cache_alloc+0x5b/0x310
[ 1847.267841]  create_object.isra.0+0x3a/0xa20
[ 1847.268776]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1847.269875]  kmem_cache_alloc_node+0x169/0x330
[ 1847.270889]  __alloc_skb+0x6d/0x5b0
[ 1847.271686]  skb_segment+0x9d8/0x3aa0
[ 1847.272501]  ? perf_tp_event+0x5ce/0xc00
[ 1847.273399]  ? perf_tp_event+0x5ce/0xc00
[ 1847.274322]  ? skb_zerocopy_iter_stream+0x800/0x800
[ 1847.275391]  ? perf_trace_run_bpf_submit+0xf5/0x190
[ 1847.276484]  __udp_gso_segment+0x127b/0x1e40
[ 1847.277434]  ? __sk_receive_skb+0x830/0x830
[ 1847.278402]  udp6_ufo_fragment+0x9f2/0xc80
[ 1847.279330]  ? inet6_csk_xmit+0x680/0x680
[ 1847.280226]  ? ipv6_gso_pull_exthdrs+0x24e/0x470
[ 1847.281250]  ipv6_gso_segment+0x47b/0xff0
[ 1847.282165]  ? sit_ip6ip6_gro_receive+0x110/0x110
[ 1847.283207]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1847.284339]  skb_mac_gso_segment+0x273/0x570
[ 1847.285282]  ? sit_ip6ip6_gro_receive+0x110/0x110
[ 1847.286324]  ? skb_network_protocol+0x650/0x650
[ 1847.287312]  ? skb_crc32c_csum_help+0x80/0x80
[ 1847.288275]  ? lock_acquire+0x197/0x470
[ 1847.289124]  ? __dev_queue_xmit+0x1c6/0x2690
[ 1847.290078]  __skb_gso_segment+0x32d/0x6d0
[ 1847.290999]  validate_xmit_skb.constprop.0+0x4f6/0xcd0
[ 1847.292120]  ? SOFTIRQ_verbose+0x10/0x10
[ 1847.292989]  ? netdev_core_pick_tx+0x1d1/0x2f0
[ 1847.293972]  __dev_queue_xmit+0x825/0x2690
[ 1847.294903]  ? down_read_non_owner+0x2b2/0x480
[ 1847.295890]  ? netdev_core_pick_tx+0x2f0/0x2f0
[ 1847.296877]  ? lock_downgrade+0x6d0/0x6d0
[ 1847.297760]  ? lock_acquire+0x197/0x470
[ 1847.298619]  ? ip6_finish_output2+0x3e0/0x1cf0
[ 1847.299617]  ? lockdep_hardirqs_on_prepare+0x129/0x3e0
[ 1847.300744]  neigh_connected_output+0x382/0x4d0
[ 1847.301772]  ip6_finish_output2+0xb23/0x1cf0
[ 1847.302742]  __ip6_finish_output.part.0+0x4f7/0xbc0
[ 1847.303821]  ip6_output+0x302/0x9e0
[ 1847.304886]  ? __ip6_finish_output.part.0+0xbc0/0xbc0
[ 1847.305998]  ip6_local_out+0xd2/0x4c0
[ 1847.306833]  ip6_send_skb+0x117/0x460
[ 1847.307645]  udp_v6_send_skb+0x7b7/0x1620
[ 1847.308566]  udpv6_sendmsg+0x216b/0x2b40
[ 1847.309445]  ? ip_frag_init+0x350/0x350
[ 1847.310337]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1847.311450]  ? SOFTIRQ_verbose+0x10/0x10
[ 1847.312361]  ? lock_acquire+0x197/0x470
[ 1847.313212]  ? find_held_lock+0x2c/0x110
[ 1847.314101]  ? __might_fault+0xd3/0x180
[ 1847.314997]  ? sock_has_perm+0x1ea/0x280
[ 1847.315930]  ? __import_iovec+0x458/0x590
[ 1847.316828]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1847.317939]  inet6_sendmsg+0x105/0x140
[ 1847.318789]  ? inet6_compat_ioctl+0x320/0x320
[ 1847.319746]  __sock_sendmsg+0xf2/0x190
[ 1847.320588]  ____sys_sendmsg+0x334/0x870
[ 1847.321474]  ? sock_write_iter+0x3d0/0x3d0
[ 1847.322385]  ? do_recvmmsg+0x6d0/0x6d0
[ 1847.323238]  ? SOFTIRQ_verbose+0x10/0x10
[ 1847.324116]  ? __lockdep_reset_lock+0x180/0x180
[ 1847.325130]  ___sys_sendmsg+0xf3/0x170
[ 1847.325968]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1847.326973]  ? lock_downgrade+0x6d0/0x6d0
[ 1847.327913]  ? __fget_files+0x2f8/0x520
[ 1847.328775]  ? __fget_light+0xea/0x290
[ 1847.329630]  __sys_sendmmsg+0x195/0x470
[ 1847.330504]  ? __ia32_sys_sendmsg+0xb0/0xb0
[ 1847.331426]  ? lock_downgrade+0x6d0/0x6d0
[ 1847.332355]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1847.333388]  ? wait_for_completion_io+0x270/0x270
[ 1847.334426]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1847.335410]  ? vfs_write+0x354/0xb10
[ 1847.336213]  ? fput_many+0x2f/0x1a0
[ 1847.336999]  ? ksys_write+0x1a9/0x260
[ 1847.337815]  ? __ia32_sys_read+0xb0/0xb0
[ 1847.338712]  __x64_sys_sendmmsg+0x99/0x100
[ 1847.339620]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1847.340715]  do_syscall_64+0x33/0x40
[ 1847.341518]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1847.342620] RIP: 0033:0x7f7277e2bb19
[ 1847.343411] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1847.347218] RSP: 002b:00007f72753a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1847.348834] RAX: ffffffffffffffda RBX: 00007f7277f3ef60 RCX: 00007f7277e2bb19
[ 1847.350348] RDX: 0000000000000001 RSI: 0000000020004d00 RDI: 0000000000000003
[ 1847.351863] RBP: 00007f72753a11d0 R08: 0000000000000000 R09: 0000000000000000
[ 1847.353372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1847.354895] R13: 00007ffca88815bf R14: 00007f72753a1300 R15: 0000000000022000
[ 1847.356812] hpet: Lost 5 RTC interrupts
[ 1847.364588] EXT4-fs error (device loop2): ext4_fill_super:4967: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 1847.381218] EXT4-fs (loop2): get root inode failed
[ 1847.382482] EXT4-fs (loop2): mount failed
[ 1847.579563] EXT4-fs warning (device loop7): ext4_multi_mount_protect:340: MMP startup interrupted, failing mount
[ 1847.579563] 
17:12:45 executing program 0:
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', 0x0, 0x1, &(0x7f00000004c0)=[{0x0}], 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='umask=00000000000000000000000,dots,flush'])

17:12:45 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 20)

17:12:45 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)='PMM\x00PMM', 0x7, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:12:45 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0) (fail_nth: 13)

17:12:45 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000051c0)=""/197, 0xc5}, {&(0x7f00000052c0)=""/86, 0x56}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:12:45 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:12:45 executing program 3:
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r1, r0, 0x0, 0x4)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$SIOCGSTAMP(r2, 0x8906, &(0x7f0000000000))

17:12:45 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 1861.416090] FAULT_INJECTION: forcing a failure.
[ 1861.416090] name failslab, interval 1, probability 0, space 0, times 0
[ 1861.417574] CPU: 0 PID: 11882 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 1861.418407] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1861.419417] Call Trace:
[ 1861.419748]  dump_stack+0x107/0x167
[ 1861.420191]  should_fail.cold+0x5/0xa
[ 1861.420655]  ? p9_client_create+0xaf/0x1230
[ 1861.421178]  should_failslab+0x5/0x20
[ 1861.421640]  kmem_cache_alloc_trace+0x55/0x320
[ 1861.422193]  ? find_held_lock+0x2c/0x110
[ 1861.422694]  p9_client_create+0xaf/0x1230
[ 1861.423196]  ? lock_downgrade+0x6d0/0x6d0
[ 1861.423754]  ? p9_client_flush+0x430/0x430
[ 1861.424268]  ? trace_hardirqs_on+0x5b/0x180
[ 1861.424814]  ? lockdep_init_map_type+0x2c7/0x780
[ 1861.425424]  ? __raw_spin_lock_init+0x36/0x110
[ 1861.426015]  v9fs_session_init+0x1dd/0x1680
[ 1861.426575]  ? lock_release+0x680/0x680
[ 1861.427087]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1861.427700]  ? v9fs_show_options+0x690/0x690
[ 1861.428265]  ? trace_hardirqs_on+0x5b/0x180
[ 1861.428818]  ? kasan_unpoison_shadow+0x33/0x50
[ 1861.429370]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1861.430018]  v9fs_mount+0x79/0x8f0
[ 1861.430469]  ? v9fs_write_inode+0x60/0x60
[ 1861.431001]  legacy_get_tree+0x105/0x220
[ 1861.431523]  vfs_get_tree+0x8e/0x300
[ 1861.431995]  path_mount+0x1331/0x21c0
[ 1861.432484]  ? strncpy_from_user+0x9e/0x470
[ 1861.433033]  ? finish_automount+0xa90/0xa90
[ 1861.433580]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1861.434174]  ? _copy_from_user+0xfb/0x1b0
[ 1861.434717]  __x64_sys_mount+0x282/0x300
[ 1861.435207]  ? copy_mnt_ns+0xa00/0xa00
[ 1861.435680]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1861.436344]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1861.436999]  do_syscall_64+0x33/0x40
[ 1861.437453]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1861.438100] RIP: 0033:0x7f916d656b19
[ 1861.438561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1861.440882] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1861.441844] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 1861.442755] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1861.443658] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1861.444559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1861.445462] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 1861.446508] hpet: Lost 1 RTC interrupts
[ 1861.468734] FAULT_INJECTION: forcing a failure.
[ 1861.468734] name failslab, interval 1, probability 0, space 0, times 0
[ 1861.471313] CPU: 1 PID: 11894 Comm: syz-executor.5 Not tainted 5.10.240 #1
[ 1861.472765] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1861.474509] Call Trace:
[ 1861.475078]  dump_stack+0x107/0x167
[ 1861.475847]  should_fail.cold+0x5/0xa
[ 1861.476655]  should_failslab+0x5/0x20
[ 1861.477453]  __kmalloc_node_track_caller+0x74/0x3b0
[ 1861.478500]  ? skb_segment+0x9d8/0x3aa0
[ 1861.479363]  __alloc_skb+0xb1/0x5b0
[ 1861.480149]  skb_segment+0x9d8/0x3aa0
[ 1861.480963]  ? perf_tp_event+0x5ce/0xc00
[ 1861.481846]  ? perf_tp_event+0x5ce/0xc00
[ 1861.482753]  ? skb_zerocopy_iter_stream+0x800/0x800
17:12:45 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 21)

[ 1861.483808]  ? perf_trace_run_bpf_submit+0xf5/0x190
[ 1861.485076]  __udp_gso_segment+0x127b/0x1e40
[ 1861.486073]  ? __sk_receive_skb+0x830/0x830
[ 1861.487029]  udp6_ufo_fragment+0x9f2/0xc80
[ 1861.487931]  ? inet6_csk_xmit+0x680/0x680
[ 1861.488823]  ? ipv6_gso_pull_exthdrs+0x24e/0x470
[ 1861.489838]  ipv6_gso_segment+0x47b/0xff0
[ 1861.490744]  ? sit_ip6ip6_gro_receive+0x110/0x110
[ 1861.491771]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1861.492898]  skb_mac_gso_segment+0x273/0x570
[ 1861.493827]  ? sit_ip6ip6_gro_receive+0x110/0x110
[ 1861.494867]  ? skb_network_protocol+0x650/0x650
[ 1861.495837]  ? skb_crc32c_csum_help+0x80/0x80
[ 1861.496779]  ? lock_acquire+0x197/0x470
[ 1861.497612]  ? __dev_queue_xmit+0x1c6/0x2690
[ 1861.498571]  __skb_gso_segment+0x32d/0x6d0
[ 1861.499480]  validate_xmit_skb.constprop.0+0x4f6/0xcd0
[ 1861.500570]  ? SOFTIRQ_verbose+0x10/0x10
[ 1861.501428]  ? netdev_core_pick_tx+0x1d1/0x2f0
[ 1861.502464]  __dev_queue_xmit+0x825/0x2690
[ 1861.503384]  ? down_read_non_owner+0x2b2/0x480
[ 1861.504363]  ? netdev_core_pick_tx+0x2f0/0x2f0
[ 1861.505332]  ? lock_downgrade+0x6d0/0x6d0
[ 1861.506210]  ? lock_acquire+0x197/0x470
[ 1861.507062]  ? ip6_finish_output2+0x3e0/0x1cf0
[ 1861.508037]  ? lockdep_hardirqs_on_prepare+0x129/0x3e0
[ 1861.509159]  neigh_connected_output+0x382/0x4d0
[ 1861.509980] FAT-fs (loop0): bogus number of reserved sectors
[ 1861.510162]  ip6_finish_output2+0xb23/0x1cf0
[ 1861.510905] FAT-fs (loop0): Can't find a valid FAT filesystem
[ 1861.511840]  __ip6_finish_output.part.0+0x4f7/0xbc0
[ 1861.513636]  ip6_output+0x302/0x9e0
[ 1861.514426]  ? __ip6_finish_output.part.0+0xbc0/0xbc0
[ 1861.515511]  ip6_local_out+0xd2/0x4c0
[ 1861.516330]  ip6_send_skb+0x117/0x460
[ 1861.517153]  udp_v6_send_skb+0x7b7/0x1620
[ 1861.518172]  udpv6_sendmsg+0x216b/0x2b40
[ 1861.519041]  ? ip_frag_init+0x350/0x350
[ 1861.519904]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1861.520996]  ? SOFTIRQ_verbose+0x10/0x10
[ 1861.521894]  ? lock_acquire+0x197/0x470
[ 1861.522750]  ? find_held_lock+0x2c/0x110
[ 1861.523616]  ? __might_fault+0xd3/0x180
[ 1861.524482]  ? sock_has_perm+0x1ea/0x280
[ 1861.525400]  ? __import_iovec+0x458/0x590
[ 1861.526279]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1861.527380]  inet6_sendmsg+0x105/0x140
[ 1861.528200]  ? inet6_compat_ioctl+0x320/0x320
[ 1861.529136]  __sock_sendmsg+0xf2/0x190
[ 1861.529962]  ____sys_sendmsg+0x334/0x870
[ 1861.530851]  ? sock_write_iter+0x3d0/0x3d0
[ 1861.531734]  ? do_recvmmsg+0x6d0/0x6d0
[ 1861.532573]  ? SOFTIRQ_verbose+0x10/0x10
[ 1861.533535]  ? __lockdep_reset_lock+0x180/0x180
[ 1861.534532]  ___sys_sendmsg+0xf3/0x170
[ 1861.535387]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1861.536412]  ? lock_downgrade+0x6d0/0x6d0
[ 1861.537358]  ? __fget_files+0x2f8/0x520
[ 1861.538252]  ? __fget_light+0xea/0x290
[ 1861.539122]  __sys_sendmmsg+0x195/0x470
[ 1861.540000]  ? __ia32_sys_sendmsg+0xb0/0xb0
[ 1861.540942]  ? lock_downgrade+0x6d0/0x6d0
[ 1861.541886]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1861.542956]  ? wait_for_completion_io+0x270/0x270
[ 1861.544010]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1861.545015]  ? vfs_write+0x354/0xb10
[ 1861.545826]  ? fput_many+0x2f/0x1a0
[ 1861.546640]  ? ksys_write+0x1a9/0x260
[ 1861.547469]  ? __ia32_sys_read+0xb0/0xb0
[ 1861.548374]  __x64_sys_sendmmsg+0x99/0x100
[ 1861.549382]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1861.550502]  do_syscall_64+0x33/0x40
[ 1861.551316]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1861.552424] RIP: 0033:0x7f7277e2bb19
[ 1861.553233] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1861.557176] RSP: 002b:00007f72753a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1861.558821] RAX: ffffffffffffffda RBX: 00007f7277f3ef60 RCX: 00007f7277e2bb19
[ 1861.560370] RDX: 0000000000000001 RSI: 0000000020004d00 RDI: 0000000000000003
[ 1861.561900] RBP: 00007f72753a11d0 R08: 0000000000000000 R09: 0000000000000000
[ 1861.563449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1861.565074] R13: 00007ffca88815bf R14: 00007f72753a1300 R15: 0000000000022000
[ 1861.570174] loop2: detected capacity change from 0 to 2103296
[ 1861.588360] loop7: detected capacity change from 0 to 2103296
[ 1861.595019] loop6: detected capacity change from 0 to 2103296
[ 1861.622152] FAULT_INJECTION: forcing a failure.
[ 1861.622152] name failslab, interval 1, probability 0, space 0, times 0
[ 1861.624704] CPU: 1 PID: 11945 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 1861.626197] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1861.628090] Call Trace:
[ 1861.628655]  dump_stack+0x107/0x167
[ 1861.629443]  should_fail.cold+0x5/0xa
[ 1861.630264]  ? create_object.isra.0+0x3a/0xa20
[ 1861.631250]  should_failslab+0x5/0x20
17:12:45 executing program 0:
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', 0x0, 0x1, &(0x7f00000004c0)=[{0x0}], 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='umask=00000000000000000000000,dots,flus'])

[ 1861.632073]  kmem_cache_alloc+0x5b/0x310
[ 1861.633102]  ? kernel_text_address+0xf2/0x120
[ 1861.634062]  create_object.isra.0+0x3a/0xa20
[ 1861.634996]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1861.636059]  kmem_cache_alloc_trace+0x151/0x320
[ 1861.637012]  ? find_held_lock+0x2c/0x110
[ 1861.637861]  p9_client_create+0xaf/0x1230
[ 1861.638735]  ? lock_downgrade+0x6d0/0x6d0
[ 1861.639608]  ? p9_client_flush+0x430/0x430
[ 1861.640488]  ? trace_hardirqs_on+0x5b/0x180
[ 1861.641399]  ? lockdep_init_map_type+0x2c7/0x780
[ 1861.642479]  ? __raw_spin_lock_init+0x36/0x110
[ 1861.643455]  v9fs_session_init+0x1dd/0x1680
[ 1861.644368]  ? lock_release+0x680/0x680
[ 1861.645205]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1861.646196]  ? v9fs_show_options+0x690/0x690
[ 1861.647125]  ? trace_hardirqs_on+0x5b/0x180
[ 1861.648022]  ? kasan_unpoison_shadow+0x33/0x50
[ 1861.648979]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1861.650040]  v9fs_mount+0x79/0x8f0
[ 1861.650788]  ? v9fs_write_inode+0x60/0x60
[ 1861.651651]  legacy_get_tree+0x105/0x220
[ 1861.652493]  vfs_get_tree+0x8e/0x300
[ 1861.653261]  path_mount+0x1331/0x21c0
[ 1861.654063]  ? strncpy_from_user+0x9e/0x470
[ 1861.654969]  ? finish_automount+0xa90/0xa90
[ 1861.655863]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1861.656824]  ? _copy_from_user+0xfb/0x1b0
[ 1861.657692]  __x64_sys_mount+0x282/0x300
[ 1861.658652]  ? copy_mnt_ns+0xa00/0xa00
[ 1861.659484]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1861.660595]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1861.661690]  do_syscall_64+0x33/0x40
[ 1861.662478]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1861.663569] RIP: 0033:0x7f916d656b19
[ 1861.664353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1861.668224] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1861.669830] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 1861.671343] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1861.672850] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1861.674432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1861.675946] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
17:12:45 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000051c0)=""/197, 0xc5}, {&(0x7f00000052c0)=""/86, 0x56}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

[ 1861.714619] EXT4-fs error (device loop6): ext4_fill_super:4967: inode #2: comm syz-executor.6: iget: special inode unallocated
[ 1861.716751] EXT4-fs (loop6): get root inode failed
[ 1861.717509] EXT4-fs (loop6): mount failed
17:12:45 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x4}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r1, r0, 0x0, 0x4)
getsockopt$IP_SET_OP_GET_FNAME(r0, 0x1, 0x53, &(0x7f0000000000)={0x8, 0x7, 0x0, 'syz0\x00'}, &(0x7f0000000040)=0x2c)

[ 1861.748487] EXT4-fs error (device loop2): ext4_fill_super:4967: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 1861.758804] EXT4-fs (loop2): get root inode failed
[ 1861.760108] EXT4-fs (loop2): mount failed
17:12:45 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0) (fail_nth: 14)

17:12:45 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000051c0)=""/197, 0xc5}, {&(0x7f00000052c0)=""/86, 0x56}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:12:45 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:12:45 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r3 = signalfd(r1, &(0x7f0000000000)={[0x1ff]}, 0x8)
sendmsg$802154_raw(r3, &(0x7f00000001c0)={&(0x7f0000000040)={0x24, @short={0x2, 0x2, 0xaaa3}}, 0x14, &(0x7f0000000180)={&(0x7f0000000100)="f14cb9ff9b09894dcb258da3f34100de01d1c1e7cd3a1f8bf45c9e3368eff11925b5f17321dd0788aa", 0x29}, 0x1, 0x0, 0x0, 0x20048040}, 0x1)
sendfile(r2, r0, 0x0, 0x4)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x100000c, 0x4000010, r0, 0x0)

[ 1861.834400] FAULT_INJECTION: forcing a failure.
[ 1861.834400] name failslab, interval 1, probability 0, space 0, times 0
[ 1861.835732] CPU: 0 PID: 12024 Comm: syz-executor.5 Not tainted 5.10.240 #1
[ 1861.836504] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1861.837428] Call Trace:
[ 1861.837745]  dump_stack+0x107/0x167
[ 1861.838158]  should_fail.cold+0x5/0xa
[ 1861.838590]  ? create_object.isra.0+0x3a/0xa20
[ 1861.839092]  should_failslab+0x5/0x20
[ 1861.839520]  kmem_cache_alloc+0x5b/0x310
[ 1861.839972]  create_object.isra.0+0x3a/0xa20
[ 1861.840452]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1861.841030]  __kmalloc_node_track_caller+0x1a6/0x3b0
[ 1861.841583]  ? skb_segment+0x9d8/0x3aa0
[ 1861.842030]  __alloc_skb+0xb1/0x5b0
[ 1861.842438]  skb_segment+0x9d8/0x3aa0
[ 1861.842870]  ? perf_tp_event+0x5ce/0xc00
[ 1861.843333]  ? perf_tp_event+0x5ce/0xc00
[ 1861.843805]  ? skb_zerocopy_iter_stream+0x800/0x800
[ 1861.844350]  ? perf_trace_run_bpf_submit+0xf5/0x190
[ 1861.844908]  __udp_gso_segment+0x127b/0x1e40
[ 1861.845420]  ? __sk_receive_skb+0x830/0x830
[ 1861.845920]  udp6_ufo_fragment+0x9f2/0xc80
[ 1861.846427]  ? inet6_csk_xmit+0x680/0x680
[ 1861.846893]  ? ipv6_gso_pull_exthdrs+0x24e/0x470
[ 1861.847441]  ipv6_gso_segment+0x47b/0xff0
[ 1861.847907]  ? sit_ip6ip6_gro_receive+0x110/0x110
[ 1861.848456]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1861.849033]  skb_mac_gso_segment+0x273/0x570
[ 1861.849528]  ? sit_ip6ip6_gro_receive+0x110/0x110
[ 1861.850088]  ? skb_network_protocol+0x650/0x650
[ 1861.850608]  ? skb_crc32c_csum_help+0x80/0x80
[ 1861.851095]  ? lock_acquire+0x197/0x470
[ 1861.851528]  ? __dev_queue_xmit+0x1c6/0x2690
[ 1861.852023]  __skb_gso_segment+0x32d/0x6d0
[ 1861.852495]  validate_xmit_skb.constprop.0+0x4f6/0xcd0
[ 1861.853075]  ? SOFTIRQ_verbose+0x10/0x10
[ 1861.853531]  ? netdev_core_pick_tx+0x1d1/0x2f0
[ 1861.854033]  __dev_queue_xmit+0x825/0x2690
[ 1861.854504]  ? down_read_non_owner+0x2b2/0x480
[ 1861.855041]  ? netdev_core_pick_tx+0x2f0/0x2f0
[ 1861.855548]  ? lock_downgrade+0x6d0/0x6d0
[ 1861.856002]  ? lock_acquire+0x197/0x470
[ 1861.856436]  ? ip6_finish_output2+0x3e0/0x1cf0
[ 1861.856939]  ? lockdep_hardirqs_on_prepare+0x129/0x3e0
[ 1861.857516]  neigh_connected_output+0x382/0x4d0
[ 1861.858038]  ip6_finish_output2+0xb23/0x1cf0
17:12:45 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {0x0, 0x0, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 1861.858545]  __ip6_finish_output.part.0+0x4f7/0xbc0
[ 1861.859298]  ip6_output+0x302/0x9e0
[ 1861.859735]  ? __ip6_finish_output.part.0+0xbc0/0xbc0
[ 1861.860301]  ip6_local_out+0xd2/0x4c0
[ 1861.860724]  ip6_send_skb+0x117/0x460
[ 1861.861149]  udp_v6_send_skb+0x7b7/0x1620
[ 1861.861619]  udpv6_sendmsg+0x216b/0x2b40
[ 1861.862065]  ? ip_frag_init+0x350/0x350
[ 1861.862512]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1861.863081]  ? SOFTIRQ_verbose+0x10/0x10
[ 1861.863543]  ? lock_acquire+0x197/0x470
[ 1861.863975]  ? find_held_lock+0x2c/0x110
[ 1861.864427]  ? __might_fault+0xd3/0x180
[ 1861.864899]  ? sock_has_perm+0x1ea/0x280
[ 1861.865403]  ? __import_iovec+0x458/0x590
[ 1861.865885]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1861.866497]  inet6_sendmsg+0x105/0x140
[ 1861.866956]  ? inet6_compat_ioctl+0x320/0x320
[ 1861.867475]  __sock_sendmsg+0xf2/0x190
[ 1861.867927]  ____sys_sendmsg+0x334/0x870
[ 1861.868401]  ? sock_write_iter+0x3d0/0x3d0
[ 1861.868903]  ? do_recvmmsg+0x6d0/0x6d0
[ 1861.869359]  ? SOFTIRQ_verbose+0x10/0x10
[ 1861.869838]  ? __lockdep_reset_lock+0x180/0x180
[ 1861.870387]  ___sys_sendmsg+0xf3/0x170
[ 1861.870855]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1861.871402]  ? lock_downgrade+0x6d0/0x6d0
[ 1861.871907]  ? __fget_files+0x2f8/0x520
[ 1861.872379]  ? __fget_light+0xea/0x290
[ 1861.872841]  __sys_sendmmsg+0x195/0x470
[ 1861.873319]  ? __ia32_sys_sendmsg+0xb0/0xb0
[ 1861.873828]  ? lock_downgrade+0x6d0/0x6d0
[ 1861.874329]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1861.874900]  ? wait_for_completion_io+0x270/0x270
[ 1861.875462]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1861.876000]  ? vfs_write+0x354/0xb10
[ 1861.876440]  ? fput_many+0x2f/0x1a0
[ 1861.876864]  ? ksys_write+0x1a9/0x260
[ 1861.877314]  ? __ia32_sys_read+0xb0/0xb0
[ 1861.877796]  __x64_sys_sendmmsg+0x99/0x100
[ 1861.878302]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1861.878911]  do_syscall_64+0x33/0x40
[ 1861.879344]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1861.879940] RIP: 0033:0x7f7277e2bb19
[ 1861.880372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1861.882509] RSP: 002b:00007f72753a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1861.883408] RAX: ffffffffffffffda RBX: 00007f7277f3ef60 RCX: 00007f7277e2bb19
[ 1861.884238] RDX: 0000000000000001 RSI: 0000000020004d00 RDI: 0000000000000003
[ 1861.885062] RBP: 00007f72753a11d0 R08: 0000000000000000 R09: 0000000000000000
[ 1861.885886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1861.886718] R13: 00007ffca88815bf R14: 00007f72753a1300 R15: 0000000000022000
[ 1861.887785] hpet: Lost 2 RTC interrupts
[ 1861.918727] loop6: detected capacity change from 0 to 2103296
17:12:46 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {0x0, 0x0, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 1861.998507] EXT4-fs error (device loop6): ext4_fill_super:4967: inode #2: comm syz-executor.6: iget: special inode unallocated
[ 1862.006404] FAT-fs (loop0): Unrecognized mount option "flus" or missing value
[ 1862.017277] EXT4-fs (loop6): get root inode failed
[ 1862.018618] EXT4-fs (loop6): mount failed
[ 1862.043475] loop2: detected capacity change from 0 to 2103296
[ 1862.086792] EXT4-fs error (device loop2): ext4_fill_super:4967: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 1862.094450] EXT4-fs (loop2): get root inode failed
[ 1862.096177] EXT4-fs (loop2): mount failed
[ 1862.240908] EXT4-fs warning (device loop7): ext4_multi_mount_protect:340: MMP startup interrupted, failing mount
[ 1862.240908] 
17:13:01 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {0x0, 0x0, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:13:01 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)='PMM\x00PMM', 0x7, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:13:01 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x0, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000051c0)=""/197, 0xc5}, {&(0x7f00000052c0)=""/86, 0x56}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:13:01 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0) (fail_nth: 15)

17:13:01 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x20d315)
r2 = openat(r1, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r3, r2, 0x0, 0x4)

17:13:01 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 22)

17:13:01 executing program 0:
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', 0x0, 0x1, &(0x7f00000004c0)=[{0x0}], 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='umask=00000000000000000000000,dots,flus'])

17:13:01 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 1877.562756] loop2: detected capacity change from 0 to 2103296
[ 1877.572037] FAULT_INJECTION: forcing a failure.
[ 1877.572037] name failslab, interval 1, probability 0, space 0, times 0
[ 1877.574785] CPU: 0 PID: 12160 Comm: syz-executor.5 Not tainted 5.10.240 #1
[ 1877.576494] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1877.578653] Call Trace:
[ 1877.579212]  dump_stack+0x107/0x167
[ 1877.579963]  should_fail.cold+0x5/0xa
[ 1877.580741]  ? trace_hardirqs_on+0x5b/0x180
[ 1877.581627]  ? __alloc_skb+0x6d/0x5b0
[ 1877.582411]  should_failslab+0x5/0x20
[ 1877.583195]  kmem_cache_alloc_node+0x55/0x330
[ 1877.584125]  __alloc_skb+0x6d/0x5b0
[ 1877.584877]  skb_segment+0x9d8/0x3aa0
[ 1877.585752]  ? skb_zerocopy_iter_stream+0x800/0x800
[ 1877.586771]  ? perf_trace_run_bpf_submit+0xf5/0x190
[ 1877.587817]  __udp_gso_segment+0x127b/0x1e40
[ 1877.588709]  ? __sk_receive_skb+0x830/0x830
[ 1877.589613]  udp6_ufo_fragment+0x9f2/0xc80
[ 1877.590491]  ? inet6_csk_xmit+0x680/0x680
[ 1877.591348]  ? ipv6_gso_pull_exthdrs+0x24e/0x470
[ 1877.592338]  ipv6_gso_segment+0x47b/0xff0
[ 1877.593214]  ? sit_ip6ip6_gro_receive+0x110/0x110
[ 1877.594200]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1877.595295]  skb_mac_gso_segment+0x273/0x570
[ 1877.596193]  ? sit_ip6ip6_gro_receive+0x110/0x110
[ 1877.597162]  ? skb_network_protocol+0x650/0x650
[ 1877.598105]  ? skb_crc32c_csum_help+0x80/0x80
[ 1877.599029]  ? lock_acquire+0x197/0x470
[ 1877.599838]  ? __dev_queue_xmit+0x1c6/0x2690
[ 1877.600752]  __skb_gso_segment+0x32d/0x6d0
[ 1877.601631]  validate_xmit_skb.constprop.0+0x4f6/0xcd0
[ 1877.602702]  ? SOFTIRQ_verbose+0x10/0x10
[ 1877.603538]  ? netdev_core_pick_tx+0x1d1/0x2f0
[ 1877.604472]  __dev_queue_xmit+0x825/0x2690
[ 1877.605346]  ? down_read_non_owner+0x2b2/0x480
[ 1877.606279]  ? netdev_core_pick_tx+0x2f0/0x2f0
[ 1877.607231]  ? lock_downgrade+0x6d0/0x6d0
[ 1877.608073]  ? lock_acquire+0x197/0x470
[ 1877.608880]  ? ip6_finish_output2+0x3e0/0x1cf0
[ 1877.609820]  ? lockdep_hardirqs_on_prepare+0x129/0x3e0
[ 1877.610903]  neigh_connected_output+0x382/0x4d0
[ 1877.611876]  ip6_finish_output2+0xb23/0x1cf0
[ 1877.612804]  __ip6_finish_output.part.0+0x4f7/0xbc0
[ 1877.613843]  ip6_output+0x302/0x9e0
[ 1877.614612]  ? __ip6_finish_output.part.0+0xbc0/0xbc0
[ 1877.615686]  ip6_local_out+0xd2/0x4c0
[ 1877.616481]  ip6_send_skb+0x117/0x460
[ 1877.617274]  udp_v6_send_skb+0x7b7/0x1620
[ 1877.618158]  udpv6_sendmsg+0x216b/0x2b40
[ 1877.618993]  ? ip_frag_init+0x350/0x350
[ 1877.619832]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1877.620891]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1877.622025]  ? lock_acquire+0x1b9/0x470
[ 1877.622846]  ? find_held_lock+0x2c/0x110
[ 1877.623694]  ? __might_fault+0xd3/0x180
[ 1877.624545]  ? sock_has_perm+0x1ea/0x280
[ 1877.625433]  ? __import_iovec+0x458/0x590
[ 1877.626282]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1877.627357]  inet6_sendmsg+0x105/0x140
[ 1877.628151]  ? inet6_compat_ioctl+0x320/0x320
[ 1877.629060]  __sock_sendmsg+0xf2/0x190
[ 1877.629863]  ____sys_sendmsg+0x334/0x870
[ 1877.630705]  ? sock_write_iter+0x3d0/0x3d0
[ 1877.631588]  ? do_recvmmsg+0x6d0/0x6d0
[ 1877.632415]  ? SOFTIRQ_verbose+0x10/0x10
[ 1877.633275]  ? __lockdep_reset_lock+0x180/0x180
[ 1877.634242]  ___sys_sendmsg+0xf3/0x170
[ 1877.635062]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1877.636031]  ? lock_downgrade+0x6d0/0x6d0
[ 1877.636931]  ? __fget_files+0x2f8/0x520
[ 1877.637777]  ? __fget_light+0xea/0x290
[ 1877.638608]  __sys_sendmmsg+0x195/0x470
[ 1877.639454]  ? __ia32_sys_sendmsg+0xb0/0xb0
[ 1877.640352]  ? lock_downgrade+0x6d0/0x6d0
[ 1877.641263]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1877.642264]  ? wait_for_completion_io+0x270/0x270
[ 1877.643277]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1877.644238]  ? vfs_write+0x354/0xb10
[ 1877.645015]  ? fput_many+0x2f/0x1a0
[ 1877.645777]  ? ksys_write+0x1a9/0x260
[ 1877.646566]  ? __ia32_sys_read+0xb0/0xb0
[ 1877.647442]  __x64_sys_sendmmsg+0x99/0x100
[ 1877.648320]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1877.649384]  do_syscall_64+0x33/0x40
[ 1877.650156]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1877.651230] RIP: 0033:0x7f7277e2bb19
[ 1877.651279] FAULT_INJECTION: forcing a failure.
[ 1877.651279] name failslab, interval 1, probability 0, space 0, times 0
[ 1877.652001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1877.652014] RSP: 002b:00007f72753a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1877.652042] RAX: ffffffffffffffda RBX: 00007f7277f3ef60 RCX: 00007f7277e2bb19
[ 1877.660311] RDX: 0000000000000001 RSI: 0000000020004d00 RDI: 0000000000000003
[ 1877.661774] RBP: 00007f72753a11d0 R08: 0000000000000000 R09: 0000000000000000
[ 1877.663259] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1877.664722] R13: 00007ffca88815bf R14: 00007f72753a1300 R15: 0000000000022000
[ 1877.666238] CPU: 1 PID: 12171 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 1877.666718] hpet: Lost 5 RTC interrupts
[ 1877.667422] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
17:13:01 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x0, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000051c0)=""/197, 0xc5}, {&(0x7f00000052c0)=""/86, 0x56}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

[ 1877.667435] Call Trace:
[ 1877.669858]  dump_stack+0x107/0x167
[ 1877.670324]  should_fail.cold+0x5/0xa
[ 1877.670844]  should_failslab+0x5/0x20
[ 1877.671335]  __kmalloc_track_caller+0x79/0x370
[ 1877.671910]  ? p9_client_create+0x41d/0x1230
[ 1877.672488]  kstrdup+0x36/0x70
[ 1877.672895]  p9_client_create+0x41d/0x1230
[ 1877.673433]  ? lock_downgrade+0x6d0/0x6d0
[ 1877.673968]  ? p9_client_flush+0x430/0x430
[ 1877.674505]  ? trace_hardirqs_on+0x5b/0x180
[ 1877.675059]  ? lockdep_init_map_type+0x2c7/0x780
[ 1877.675660]  ? __raw_spin_lock_init+0x36/0x110
[ 1877.676268]  v9fs_session_init+0x1dd/0x1680
[ 1877.676809]  ? lock_release+0x680/0x680
[ 1877.677323]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1877.677939]  ? v9fs_show_options+0x690/0x690
[ 1877.678501]  ? trace_hardirqs_on+0x5b/0x180
[ 1877.679049]  ? kasan_unpoison_shadow+0x33/0x50
[ 1877.679623]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1877.680273]  v9fs_mount+0x79/0x8f0
[ 1877.680720]  ? v9fs_write_inode+0x60/0x60
[ 1877.681246]  legacy_get_tree+0x105/0x220
[ 1877.681756]  vfs_get_tree+0x8e/0x300
[ 1877.682221]  path_mount+0x1331/0x21c0
[ 1877.682708]  ? strncpy_from_user+0x9e/0x470
[ 1877.683255]  ? finish_automount+0xa90/0xa90
[ 1877.683800]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1877.684395]  ? _copy_from_user+0xfb/0x1b0
[ 1877.684920]  __x64_sys_mount+0x282/0x300
[ 1877.685429]  ? copy_mnt_ns+0xa00/0xa00
[ 1877.685917]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1877.686575]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1877.687228]  do_syscall_64+0x33/0x40
[ 1877.687699]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1877.688345] RIP: 0033:0x7f916d656b19
[ 1877.688808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1877.691209] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1877.692174] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 1877.693065] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1877.693971] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1877.694882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1877.695774] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 1877.698313] loop6: detected capacity change from 0 to 2103296
[ 1877.718665] loop7: detected capacity change from 0 to 2103296
[ 1877.722657] EXT4-fs error (device loop2): ext4_fill_super:4967: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 1877.724622] EXT4-fs (loop2): get root inode failed
[ 1877.725409] EXT4-fs (loop2): mount failed
[ 1877.748134] FAT-fs (loop0): Unrecognized mount option "flus" or missing value
17:13:01 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 23)

[ 1877.769380] FAULT_INJECTION: forcing a failure.
[ 1877.769380] name failslab, interval 1, probability 0, space 0, times 0
[ 1877.770765] CPU: 1 PID: 12282 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 1877.771603] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1877.772609] Call Trace:
[ 1877.772946]  dump_stack+0x107/0x167
[ 1877.773390]  should_fail.cold+0x5/0xa
[ 1877.773853]  ? create_object.isra.0+0x3a/0xa20
[ 1877.774415]  should_failslab+0x5/0x20
[ 1877.774882]  kmem_cache_alloc+0x5b/0x310
[ 1877.775371]  ? lock_downgrade+0x6d0/0x6d0
[ 1877.775874]  create_object.isra.0+0x3a/0xa20
[ 1877.776406]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1877.777016]  __kmalloc_track_caller+0x177/0x370
[ 1877.777579]  ? p9_client_create+0x41d/0x1230
[ 1877.778109]  kstrdup+0x36/0x70
[ 1877.778499]  p9_client_create+0x41d/0x1230
[ 1877.779015]  ? lock_downgrade+0x6d0/0x6d0
[ 1877.779518]  ? p9_client_flush+0x430/0x430
[ 1877.780030]  ? trace_hardirqs_on+0x5b/0x180
[ 1877.780552]  ? lockdep_init_map_type+0x2c7/0x780
[ 1877.781128]  ? __raw_spin_lock_init+0x36/0x110
[ 1877.781679]  v9fs_session_init+0x1dd/0x1680
[ 1877.782199]  ? lock_release+0x680/0x680
[ 1877.782682]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1877.783381]  ? v9fs_show_options+0x690/0x690
[ 1877.783914]  ? trace_hardirqs_on+0x5b/0x180
[ 1877.784437]  ? kasan_unpoison_shadow+0x33/0x50
[ 1877.784984]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1877.785593]  v9fs_mount+0x79/0x8f0
[ 1877.786021]  ? v9fs_write_inode+0x60/0x60
[ 1877.786522]  legacy_get_tree+0x105/0x220
[ 1877.787023]  vfs_get_tree+0x8e/0x300
[ 1877.787471]  path_mount+0x1331/0x21c0
[ 1877.787933]  ? strncpy_from_user+0x9e/0x470
[ 1877.788450]  ? finish_automount+0xa90/0xa90
[ 1877.788967]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1877.789525]  ? _copy_from_user+0xfb/0x1b0
[ 1877.790026]  __x64_sys_mount+0x282/0x300
[ 1877.790520]  ? copy_mnt_ns+0xa00/0xa00
[ 1877.791000]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1877.791625]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1877.792245]  do_syscall_64+0x33/0x40
[ 1877.792689]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1877.793301] RIP: 0033:0x7f916d656b19
[ 1877.793744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1877.795948] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1877.796852] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 1877.797701] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1877.798548] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1877.799484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1877.800331] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 1877.804769] EXT4-fs warning (device loop6): ext4_multi_mount_protect:402: Unable to create kmmpd thread for loop6.
17:13:01 executing program 0:
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', 0x0, 0x1, &(0x7f00000004c0)=[{0x0}], 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='umask=00000000000000000000000,dots,flus'])

17:13:01 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 24)

17:13:01 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup.net/cgroup.procs\x00', 0x0, 0x4)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r1, r0, 0x0, 0x4)

17:13:01 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x0, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000051c0)=""/197, 0xc5}, {&(0x7f00000052c0)=""/86, 0x56}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:13:01 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00), 0x0, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 1877.900411] FAULT_INJECTION: forcing a failure.
[ 1877.900411] name failslab, interval 1, probability 0, space 0, times 0
[ 1877.902781] CPU: 0 PID: 12294 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 1877.904183] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1877.905843] Call Trace:
[ 1877.906378]  dump_stack+0x107/0x167
[ 1877.907125]  should_fail.cold+0x5/0xa
[ 1877.907897]  should_failslab+0x5/0x20
[ 1877.908690]  __kmalloc_track_caller+0x79/0x370
[ 1877.909615]  ? p9_client_create+0x51e/0x1230
[ 1877.910515]  kmemdup_nul+0x2d/0xa0
[ 1877.911256]  p9_client_create+0x51e/0x1230
[ 1877.912124]  ? p9_client_flush+0x430/0x430
[ 1877.912983]  ? trace_hardirqs_on+0x5b/0x180
[ 1877.913858]  ? lockdep_init_map_type+0x2c7/0x780
[ 1877.914816]  ? __raw_spin_lock_init+0x36/0x110
[ 1877.915753]  v9fs_session_init+0x1dd/0x1680
[ 1877.916621]  ? lock_release+0x680/0x680
[ 1877.917430]  ? kmem_cache_alloc_trace+0x151/0x320
17:13:02 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00), 0x0, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 1877.918401]  ? v9fs_show_options+0x690/0x690
[ 1877.919502]  ? trace_hardirqs_on+0x5b/0x180
[ 1877.920390]  ? kasan_unpoison_shadow+0x33/0x50
[ 1877.921338]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1877.922399]  v9fs_mount+0x79/0x8f0
[ 1877.923148]  ? v9fs_write_inode+0x60/0x60
[ 1877.924003]  legacy_get_tree+0x105/0x220
[ 1877.924856]  vfs_get_tree+0x8e/0x300
[ 1877.925627]  path_mount+0x1331/0x21c0
[ 1877.926423]  ? strncpy_from_user+0x9e/0x470
[ 1877.927325]  ? finish_automount+0xa90/0xa90
[ 1877.928218]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1877.929179]  ? _copy_from_user+0xfb/0x1b0
[ 1877.930046]  __x64_sys_mount+0x282/0x300
[ 1877.930888]  ? copy_mnt_ns+0xa00/0xa00
[ 1877.931700]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1877.932786]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1877.933853]  do_syscall_64+0x33/0x40
[ 1877.934618]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1877.935681] RIP: 0033:0x7f916d656b19
[ 1877.936447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1877.940259] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1877.941840] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 1877.943328] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1877.944806] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1877.946291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1877.947782] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 1877.949511] hpet: Lost 2 RTC interrupts
17:13:02 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0) (fail_nth: 16)

[ 1877.973820] FAT-fs (loop0): Unrecognized mount option "flus" or missing value
[ 1878.051824] FAULT_INJECTION: forcing a failure.
[ 1878.051824] name failslab, interval 1, probability 0, space 0, times 0
[ 1878.053211] CPU: 1 PID: 12314 Comm: syz-executor.5 Not tainted 5.10.240 #1
[ 1878.054002] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1878.054958] Call Trace:
[ 1878.055273]  dump_stack+0x107/0x167
[ 1878.055699]  should_fail.cold+0x5/0xa
[ 1878.056145]  ? __kmalloc_node_track_caller+0x1a6/0x3b0
[ 1878.056760]  ? create_object.isra.0+0x3a/0xa20
[ 1878.057291]  should_failslab+0x5/0x20
[ 1878.057732]  kmem_cache_alloc+0x5b/0x310
[ 1878.058213]  create_object.isra.0+0x3a/0xa20
[ 1878.058723]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1878.059349]  kmem_cache_alloc_node+0x169/0x330
[ 1878.059890]  __alloc_skb+0x6d/0x5b0
[ 1878.060335]  skb_segment+0x9d8/0x3aa0
[ 1878.060845]  ? skb_zerocopy_iter_stream+0x800/0x800
[ 1878.061438]  ? perf_trace_run_bpf_submit+0xf5/0x190
[ 1878.062041]  __udp_gso_segment+0x127b/0x1e40
[ 1878.062560]  ? __sk_receive_skb+0x830/0x830
[ 1878.063096]  udp6_ufo_fragment+0x9f2/0xc80
[ 1878.063607]  ? inet6_csk_xmit+0x680/0x680
[ 1878.064092]  ? ipv6_gso_pull_exthdrs+0x24e/0x470
[ 1878.064780]  ipv6_gso_segment+0x47b/0xff0
[ 1878.065283]  ? sit_ip6ip6_gro_receive+0x110/0x110
[ 1878.065864]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1878.066492]  skb_mac_gso_segment+0x273/0x570
[ 1878.067020]  ? sit_ip6ip6_gro_receive+0x110/0x110
[ 1878.067600]  ? skb_network_protocol+0x650/0x650
[ 1878.068154]  ? skb_crc32c_csum_help+0x80/0x80
[ 1878.068684]  ? lock_acquire+0x197/0x470
[ 1878.069154]  ? __dev_queue_xmit+0x1c6/0x2690
[ 1878.069684]  __skb_gso_segment+0x32d/0x6d0
[ 1878.070196]  validate_xmit_skb.constprop.0+0x4f6/0xcd0
[ 1878.070820]  ? SOFTIRQ_verbose+0x10/0x10
[ 1878.071317]  ? netdev_core_pick_tx+0x1d1/0x2f0
[ 1878.071856]  __dev_queue_xmit+0x825/0x2690
[ 1878.072364]  ? down_read_non_owner+0x2b2/0x480
[ 1878.072908]  ? netdev_core_pick_tx+0x2f0/0x2f0
[ 1878.073452]  ? lock_downgrade+0x6d0/0x6d0
[ 1878.073940]  ? lock_acquire+0x197/0x470
[ 1878.074413]  ? ip6_finish_output2+0x3e0/0x1cf0
[ 1878.074964]  ? lockdep_hardirqs_on_prepare+0x129/0x3e0
[ 1878.075595]  neigh_connected_output+0x382/0x4d0
[ 1878.076161]  ip6_finish_output2+0xb23/0x1cf0
[ 1878.076702]  __ip6_finish_output.part.0+0x4f7/0xbc0
[ 1878.077297]  ip6_output+0x302/0x9e0
[ 1878.077738]  ? __ip6_finish_output.part.0+0xbc0/0xbc0
[ 1878.078356]  ip6_local_out+0xd2/0x4c0
[ 1878.078820]  ip6_send_skb+0x117/0x460
[ 1878.079293]  udp_v6_send_skb+0x7b7/0x1620
[ 1878.079797]  udpv6_sendmsg+0x216b/0x2b40
[ 1878.080370]  ? ip_frag_init+0x350/0x350
[ 1878.080853]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1878.081465]  ? SOFTIRQ_verbose+0x10/0x10
[ 1878.081964]  ? lock_acquire+0x197/0x470
[ 1878.082441]  ? find_held_lock+0x2c/0x110
[ 1878.082945]  ? __might_fault+0xd3/0x180
[ 1878.083436]  ? sock_has_perm+0x1ea/0x280
[ 1878.083947]  ? __import_iovec+0x458/0x590
[ 1878.084441]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1878.085057]  inet6_sendmsg+0x105/0x140
[ 1878.085522]  ? inet6_compat_ioctl+0x320/0x320
[ 1878.086049]  __sock_sendmsg+0xf2/0x190
[ 1878.086510]  ____sys_sendmsg+0x334/0x870
[ 1878.087008]  ? sock_write_iter+0x3d0/0x3d0
[ 1878.087508]  ? do_recvmmsg+0x6d0/0x6d0
[ 1878.087977]  ? SOFTIRQ_verbose+0x10/0x10
[ 1878.088464]  ? __lockdep_reset_lock+0x180/0x180
[ 1878.089021]  ___sys_sendmsg+0xf3/0x170
[ 1878.089491]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1878.090038]  ? lock_downgrade+0x6d0/0x6d0
[ 1878.090552]  ? __fget_files+0x2f8/0x520
[ 1878.091034]  ? __fget_light+0xea/0x290
[ 1878.091500]  __sys_sendmmsg+0x195/0x470
[ 1878.091967]  ? __ia32_sys_sendmsg+0xb0/0xb0
[ 1878.092469]  ? lock_downgrade+0x6d0/0x6d0
[ 1878.092981]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1878.093538]  ? wait_for_completion_io+0x270/0x270
[ 1878.094101]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1878.094637]  ? vfs_write+0x354/0xb10
[ 1878.095078]  ? fput_many+0x2f/0x1a0
[ 1878.095502]  ? ksys_write+0x1a9/0x260
[ 1878.096035]  ? __ia32_sys_read+0xb0/0xb0
[ 1878.096514]  __x64_sys_sendmmsg+0x99/0x100
[ 1878.097007]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1878.097599]  do_syscall_64+0x33/0x40
[ 1878.098027]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1878.098621] RIP: 0033:0x7f7277e2bb19
[ 1878.099063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1878.101173] RSP: 002b:00007f72753a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1878.102053] RAX: ffffffffffffffda RBX: 00007f7277f3ef60 RCX: 00007f7277e2bb19
[ 1878.102884] RDX: 0000000000000001 RSI: 0000000020004d00 RDI: 0000000000000003
[ 1878.103703] RBP: 00007f72753a11d0 R08: 0000000000000000 R09: 0000000000000000
[ 1878.104532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1878.105352] R13: 00007ffca88815bf R14: 00007f72753a1300 R15: 0000000000022000
[ 1878.372637] EXT4-fs warning (device loop7): ext4_multi_mount_protect:340: MMP startup interrupted, failing mount
[ 1878.372637] 
17:13:21 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {0x0, 0x0, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:13:21 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00), 0x0, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:13:21 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 25)

17:13:21 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:13:21 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0) (fail_nth: 17)

17:13:21 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r1=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000051c0)=""/197, 0xc5}, {&(0x7f00000052c0)=""/86, 0x56}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r1, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r2)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:13:21 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
r1 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)='3', 0x1, 0x10001)
openat2(r1, &(0x7f0000000000)='./cgroup.net/cgroup.procs\x00', &(0x7f0000000040)={0x210000, 0xd, 0x10}, 0x18)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r2, r0, 0x0, 0x4)

[ 1897.643296] FAULT_INJECTION: forcing a failure.
[ 1897.643296] name failslab, interval 1, probability 0, space 0, times 0
[ 1897.645790] CPU: 0 PID: 12326 Comm: syz-executor.5 Not tainted 5.10.240 #1
[ 1897.647314] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1897.649129] Call Trace:
[ 1897.649718]  dump_stack+0x107/0x167
[ 1897.650534]  should_fail.cold+0x5/0xa
[ 1897.651406]  should_failslab+0x5/0x20
[ 1897.652250]  __kmalloc_node_track_caller+0x74/0x3b0
[ 1897.653357]  ? skb_segment+0x9d8/0x3aa0
[ 1897.654258]  __alloc_skb+0xb1/0x5b0
[ 1897.655080]  skb_segment+0x9d8/0x3aa0
[ 1897.655915] FAULT_INJECTION: forcing a failure.
[ 1897.655915] name failslab, interval 1, probability 0, space 0, times 0
[ 1897.658408]  ? skb_zerocopy_iter_stream+0x800/0x800
[ 1897.659553]  ? perf_trace_run_bpf_submit+0xf5/0x190
[ 1897.660677]  __udp_gso_segment+0x127b/0x1e40
[ 1897.661656]  ? __sk_receive_skb+0x830/0x830
[ 1897.662647]  udp6_ufo_fragment+0x9f2/0xc80
[ 1897.663618]  ? inet6_csk_xmit+0x680/0x680
[ 1897.664543]  ? ipv6_gso_pull_exthdrs+0x24e/0x470
[ 1897.665619]  ipv6_gso_segment+0x47b/0xff0
[ 1897.666568]  ? sit_ip6ip6_gro_receive+0x110/0x110
[ 1897.667594]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1897.668699]  skb_mac_gso_segment+0x273/0x570
[ 1897.669617]  ? sit_ip6ip6_gro_receive+0x110/0x110
[ 1897.670619]  ? skb_network_protocol+0x650/0x650
[ 1897.671595]  ? skb_crc32c_csum_help+0x80/0x80
[ 1897.672533]  ? lock_acquire+0x197/0x470
[ 1897.673355]  ? __dev_queue_xmit+0x1c6/0x2690
[ 1897.674290]  __skb_gso_segment+0x32d/0x6d0
[ 1897.675199]  validate_xmit_skb.constprop.0+0x4f6/0xcd0
[ 1897.676286]  ? SOFTIRQ_verbose+0x10/0x10
[ 1897.677162]  ? netdev_core_pick_tx+0x1d1/0x2f0
[ 1897.678113]  __dev_queue_xmit+0x825/0x2690
[ 1897.679037]  ? down_read_non_owner+0x2b2/0x480
[ 1897.680004]  ? netdev_core_pick_tx+0x2f0/0x2f0
[ 1897.681008]  ? lock_downgrade+0x6d0/0x6d0
[ 1897.681918]  ? lock_acquire+0x197/0x470
[ 1897.682776]  ? ip6_finish_output2+0x3e0/0x1cf0
[ 1897.683784]  ? lockdep_hardirqs_on_prepare+0x129/0x3e0
[ 1897.684924]  neigh_connected_output+0x382/0x4d0
[ 1897.685957]  ip6_finish_output2+0xb23/0x1cf0
[ 1897.686937]  __ip6_finish_output.part.0+0x4f7/0xbc0
[ 1897.688033]  ip6_output+0x302/0x9e0
[ 1897.688815]  ? __ip6_finish_output.part.0+0xbc0/0xbc0
[ 1897.689881]  ip6_local_out+0xd2/0x4c0
[ 1897.690683]  ip6_send_skb+0x117/0x460
[ 1897.691504]  udp_v6_send_skb+0x7b7/0x1620
[ 1897.692409]  udpv6_sendmsg+0x216b/0x2b40
[ 1897.693268]  ? ip_frag_init+0x350/0x350
[ 1897.694121]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1897.695206]  ? SOFTIRQ_verbose+0x10/0x10
[ 1897.696097]  ? lock_acquire+0x197/0x470
[ 1897.696931]  ? find_held_lock+0x2c/0x110
[ 1897.697786]  ? __might_fault+0xd3/0x180
[ 1897.698650]  ? sock_has_perm+0x1ea/0x280
[ 1897.699566]  ? __import_iovec+0x458/0x590
[ 1897.700423]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1897.701498]  inet6_sendmsg+0x105/0x140
[ 1897.702309]  ? inet6_compat_ioctl+0x320/0x320
[ 1897.703248]  __sock_sendmsg+0xf2/0x190
[ 1897.704065]  ____sys_sendmsg+0x334/0x870
[ 1897.704919]  ? sock_write_iter+0x3d0/0x3d0
[ 1897.705792]  ? do_recvmmsg+0x6d0/0x6d0
[ 1897.706611]  ? SOFTIRQ_verbose+0x10/0x10
[ 1897.707470]  ? __lockdep_reset_lock+0x180/0x180
[ 1897.708452]  ___sys_sendmsg+0xf3/0x170
[ 1897.709270]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1897.710240]  ? lock_downgrade+0x6d0/0x6d0
[ 1897.711133]  ? __fget_files+0x2f8/0x520
[ 1897.711987]  ? __fget_light+0xea/0x290
[ 1897.712815]  __sys_sendmmsg+0x195/0x470
[ 1897.713659]  ? __ia32_sys_sendmsg+0xb0/0xb0
[ 1897.714549]  ? lock_downgrade+0x6d0/0x6d0
[ 1897.715458]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1897.716474]  ? wait_for_completion_io+0x270/0x270
[ 1897.717482]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1897.718443]  ? vfs_write+0x354/0xb10
[ 1897.719231]  ? fput_many+0x2f/0x1a0
[ 1897.719992]  ? ksys_write+0x1a9/0x260
[ 1897.720799]  ? __ia32_sys_read+0xb0/0xb0
[ 1897.721664]  __x64_sys_sendmmsg+0x99/0x100
[ 1897.722535]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1897.723608]  do_syscall_64+0x33/0x40
[ 1897.724380]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1897.725447] RIP: 0033:0x7f7277e2bb19
[ 1897.726250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1897.730021] RSP: 002b:00007f72753a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1897.731659] RAX: ffffffffffffffda RBX: 00007f7277f3ef60 RCX: 00007f7277e2bb19
[ 1897.733180] RDX: 0000000000000001 RSI: 0000000020004d00 RDI: 0000000000000003
[ 1897.734704] RBP: 00007f72753a11d0 R08: 0000000000000000 R09: 0000000000000000
[ 1897.736246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1897.737778] R13: 00007ffca88815bf R14: 00007f72753a1300 R15: 0000000000022000
[ 1897.739374] CPU: 1 PID: 12330 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 1897.739895] hpet: Lost 5 RTC interrupts
[ 1897.741156] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1897.741171] Call Trace:
[ 1897.745039]  dump_stack+0x107/0x167
[ 1897.746017]  should_fail.cold+0x5/0xa
[ 1897.747029]  ? create_object.isra.0+0x3a/0xa20
[ 1897.748267]  should_failslab+0x5/0x20
[ 1897.749112]  kmem_cache_alloc+0x5b/0x310
[ 1897.750016]  create_object.isra.0+0x3a/0xa20
[ 1897.750958]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1897.752063]  __kmalloc_track_caller+0x177/0x370
[ 1897.753074]  ? p9_client_create+0x51e/0x1230
[ 1897.754020]  kmemdup_nul+0x2d/0xa0
[ 1897.754792]  p9_client_create+0x51e/0x1230
[ 1897.755726]  ? p9_client_flush+0x430/0x430
[ 1897.756633]  ? trace_hardirqs_on+0x5b/0x180
[ 1897.757570]  ? lockdep_init_map_type+0x2c7/0x780
[ 1897.758584]  ? __raw_spin_lock_init+0x36/0x110
[ 1897.759577]  v9fs_session_init+0x1dd/0x1680
[ 1897.760501]  ? lock_release+0x680/0x680
[ 1897.761373]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1897.762397]  ? v9fs_show_options+0x690/0x690
[ 1897.763359]  ? trace_hardirqs_on+0x5b/0x180
[ 1897.764278]  ? kasan_unpoison_shadow+0x33/0x50
[ 1897.765274]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1897.766356]  v9fs_mount+0x79/0x8f0
[ 1897.767119]  ? v9fs_write_inode+0x60/0x60
[ 1897.768150]  legacy_get_tree+0x105/0x220
[ 1897.769042]  vfs_get_tree+0x8e/0x300
[ 1897.769859]  path_mount+0x1331/0x21c0
[ 1897.770671]  ? strncpy_from_user+0x9e/0x470
[ 1897.771785]  ? finish_automount+0xa90/0xa90
[ 1897.772887]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1897.773895]  ? _copy_from_user+0xfb/0x1b0
[ 1897.774795]  __x64_sys_mount+0x282/0x300
[ 1897.775684]  ? copy_mnt_ns+0xa00/0xa00
[ 1897.776524]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1897.777653]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1897.778781]  do_syscall_64+0x33/0x40
[ 1897.779587]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1897.780684] RIP: 0033:0x7f916d656b19
[ 1897.781486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1897.785534] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1897.787166] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 1897.788699] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1897.790221] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1897.791764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1897.793279] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 1897.810314] loop6: detected capacity change from 0 to 2103296
17:13:21 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x192}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r2 = socket$inet6_icmp(0xa, 0x2, 0x3a)
close(r2)
sendfile(r1, r0, 0x0, 0x4)

[ 1897.836283] loop7: detected capacity change from 0 to 2103296
[ 1897.847768] loop2: detected capacity change from 0 to 2103296
17:13:22 executing program 0:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 1897.887357] EXT4-fs warning (device loop7): read_mmp_block:114: Error -117 while reading MMP block 64
[ 1897.930211] EXT4-fs error (device loop2): ext4_fill_super:4967: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 1897.934163] EXT4-fs (loop2): get root inode failed
[ 1897.935485] EXT4-fs (loop2): mount failed
[ 1897.941456] EXT4-fs: failed to create workqueue
[ 1897.943131] EXT4-fs (loop6): mount failed
[ 1897.971466] loop0: detected capacity change from 0 to 2103296
17:13:22 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {0x0, 0x0, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 1898.026173] EXT4-fs error (device loop0): ext4_fill_super:4967: inode #2: comm syz-executor.0: iget: special inode unallocated
[ 1898.040416] EXT4-fs (loop0): get root inode failed
[ 1898.041765] EXT4-fs (loop0): mount failed
17:13:22 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:13:22 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r1=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000051c0)=""/197, 0xc5}, {&(0x7f00000052c0)=""/86, 0x56}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r1, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r2)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:13:22 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
io_uring_enter(r0, 0x439c, 0x7d38, 0x2, &(0x7f0000000040)={[0x3ff]}, 0x8)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @perf_config_ext, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r3 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000640)='cpu.max\x00', 0x2, 0x0)
write$binfmt_elf64(r3, &(0x7f0000000680)={{0x7f, 0x45, 0x4c, 0x46, 0x81, 0x9, 0x4, 0x7, 0xff, 0x3, 0x6, 0x3, 0xf1, 0x40, 0x27a, 0x8f, 0x1, 0x38, 0x1, 0x1, 0x2, 0x8000}, [{0x70000006, 0x400, 0x3, 0x3f, 0xb5, 0xffffffffffffffe1, 0x5, 0x1}], "e9a0f543f67ff0b38558b8af703bfd6a5db8a249d525905135ca872f74934b49f3e31b8c8d265d582643e90064cf1e1064613dcb5c516509972b75766f1201e1f9a73d1911f72c8e21379c4ee4dfb1a87024dc5739"}, 0xcd)
sendmmsg$inet(r2, &(0x7f0000000140), 0x0, 0x20040800)
sendto(r2, &(0x7f0000000040)="5ea18a99", 0x4, 0x0, &(0x7f00000000c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1}, 0x80)
setsockopt$SO_TIMESTAMP(r2, 0x1, 0x40, &(0x7f0000000080)=0xd2b, 0x4)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x41, &(0x7f0000000000)=0x6359, 0x4)
recvmmsg(r2, &(0x7f0000001a00)=[{{0x0, 0x0, 0x0}}], 0x300, 0x10062, 0x0)
pipe(0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r4=>r1}, './file0\x00'})
sendmsg$TIPC_NL_NET_SET(r4, &(0x7f0000000600)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000780)={&(0x7f00000001c0)=ANY=[@ANYBLOB="d8000000", @ANYRES16=0x0, @ANYBLOB="000828bd7000ffdbdf250f000000380306804900040067636d28616573290000000000000000000000000000000000000000000000002100000063adab30551f102095963c58140f94716e31ad8beec03f192d6d353118def289ff000000e9000300f421c686b7f14b11616ca67e5db73512c5e114621af382b1ebe82d7560258247bcdd2c4ddc8c28c5c9821172eafffb50ba7f91bb6df986544803eec54eb8c01b80cc3305b4cfb6f100bd8b123a8dabacf1a8f79bee969d204811f38ed5308a31dd8dd7005d35093c2c32d66fde96ff5d184088ebe78469f0c3b1fe20403bbc3e3ae36ee68cf7f48e4e1e396f1bfa73af56f59f43eea174dec58a16428ffc973db992f61ab004b538c7799a059221bfeba4ebec6c5a103e419902a0b5dc64542499011cbe89b0df2a722dbc21cb84c989a4f9e414b74e964830449b98ccf49b20e59548d2e2000000de000300bb83bec7811cb68dbab15ef9401bbcbcadb5776fef4a7149bde90cde55575bcaaaeeed85b6f1599d87c32254b9d8c308de62ac19f48b4806dd8b93ee0c1ebd589293ef87bda94956e28fbe9b429e3bbaf7cf8fe378d46f2c1f06a5cbfb91cdfe927b0c32e5f2a3361b87730ff11dccb52526ff33698bf1135876d40137383e57e886e06a4888a64a6731aff22eba9dd9fc3dd27b4a5de67f5c4f6ebf1301ff84dbd00693b043198628e72722ef6bb188bc2d74a00ae28d32d663cbea60f7ecaf465d270927e21a4136bf75a53cd167d1721891de566b0024c9f800000800010000000000f6000300d9ea9221d3a0bdb7acfd81174fdc2f99528e1f9a8de71010fca38b19f1d9932e4b6281a9f8632260cefd58450eda2110b94d4ac8d002728eecbffb4dc9bab6a052a66171f483e3865a2043145caaa6b81738338774069bb86db8a2467bbf10128bb7693a6fcb6888e8b2ffa7524086aff79e520cb1d0e845e590cffda541a55d37e49854fa44e4b2817af12607b82aee0dd285705ec44a12dc5b12f84ba0532e4cf985ec1f65b3b70e09282726b5f427f45a74bbb0cc10c4fb382336caeea2ec56d5c30717f0c4d3949121147c761f3af79d1923acf7c3c34ad92192b2da29216c01ec3372eb7b8577e858e7b5b91a9e6bc8000008000100ff000000080001000010000008000100ff070000040002001c00098008000100960000000800020003000000080002000000000014000280040004000800020007000000040004000c00098008000200010000003c0003800800010005000000080002001f00000008000300ffffff7f0800030001000000080003009a0c0000080003000100000008000200ffffffff1400028008000200040000000800010006000000"], 0x3d8}, 0x1, 0x0, 0x0, 0x4008800}, 0x4048190)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
openat(r0, &(0x7f0000000100)='./cgroup.net/cgroup.procs\x00', 0xd2a02, 0x1)
syz_io_uring_setup(0x6c8, &(0x7f0000000180)={0x0, 0xc3d2, 0x10, 0x0, 0x391}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000240))
socket$inet6(0xa, 0x1, 0x60d)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105142, 0x0)

17:13:22 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0) (fail_nth: 18)

17:13:22 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 26)

[ 1898.108554] loop6: detected capacity change from 0 to 2103296
[ 1898.131614] loop7: detected capacity change from 0 to 2103296
[ 1898.153625] FAULT_INJECTION: forcing a failure.
[ 1898.153625] name failslab, interval 1, probability 0, space 0, times 0
[ 1898.156203] CPU: 0 PID: 12471 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 1898.157759] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1898.159645] Call Trace:
[ 1898.160242]  dump_stack+0x107/0x167
[ 1898.161066]  should_fail.cold+0x5/0xa
[ 1898.161925]  should_failslab+0x5/0x20
[ 1898.162778]  __kmalloc_track_caller+0x79/0x370
[ 1898.163798]  ? parse_opts.part.0+0x8e/0x340
[ 1898.164769]  kstrdup+0x36/0x70
[ 1898.165492]  parse_opts.part.0+0x8e/0x340
[ 1898.166425]  ? p9_fd_show_options+0x1c0/0x1c0
[ 1898.167450]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1898.168628]  ? quarantine_put+0x8b/0x1a0
[ 1898.169530]  ? trace_hardirqs_on+0x5b/0x180
17:13:22 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef465", 0xf, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 1898.170501]  ? kfree+0xd7/0x340
[ 1898.171414]  p9_fd_create+0x98/0x4a0
[ 1898.172234]  ? p9_conn_create+0x510/0x510
[ 1898.173154]  ? p9_client_create+0x798/0x1230
[ 1898.174122]  ? kfree+0xd7/0x340
[ 1898.174848]  ? do_raw_spin_unlock+0x4f/0x220
[ 1898.175831]  p9_client_create+0x7ff/0x1230
[ 1898.176765]  ? p9_client_flush+0x430/0x430
[ 1898.177687]  ? trace_hardirqs_on+0x5b/0x180
[ 1898.178632]  ? lockdep_init_map_type+0x2c7/0x780
[ 1898.179677]  ? __raw_spin_lock_init+0x36/0x110
[ 1898.180688]  v9fs_session_init+0x1dd/0x1680
[ 1898.181648]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1898.182701]  ? v9fs_show_options+0x690/0x690
[ 1898.183053] EXT4-fs warning (device loop7): read_mmp_block:114: Error -117 while reading MMP block 64
[ 1898.183679]  ? trace_hardirqs_on+0x5b/0x180
[ 1898.183705]  ? kasan_unpoison_shadow+0x33/0x50
[ 1898.187690]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1898.188804]  v9fs_mount+0x79/0x8f0
[ 1898.189582]  ? v9fs_write_inode+0x60/0x60
[ 1898.190491]  legacy_get_tree+0x105/0x220
[ 1898.191388]  vfs_get_tree+0x8e/0x300
[ 1898.192202]  path_mount+0x1331/0x21c0
[ 1898.193037]  ? strncpy_from_user+0x9e/0x470
[ 1898.193975]  ? finish_automount+0xa90/0xa90
[ 1898.194920]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1898.195945]  ? _copy_from_user+0xfb/0x1b0
[ 1898.196854]  __x64_sys_mount+0x282/0x300
[ 1898.197736]  ? copy_mnt_ns+0xa00/0xa00
[ 1898.198585]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1898.199734]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1898.200858]  do_syscall_64+0x33/0x40
[ 1898.201671]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1898.202785] RIP: 0033:0x7f916d656b19
[ 1898.203603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1898.207619] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1898.209282] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 1898.210838] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1898.212403] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1898.213947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1898.215518] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 1898.217436] hpet: Lost 3 RTC interrupts
[ 1898.219356] 9pnet: Insufficient options for proto=fd
[ 1898.245784] EXT4-fs error (device loop6): ext4_fill_super:4967: inode #2: comm syz-executor.6: iget: special inode unallocated
[ 1898.250062] EXT4-fs (loop6): get root inode failed
[ 1898.251393] EXT4-fs (loop6): mount failed
[ 1898.288584] FAULT_INJECTION: forcing a failure.
[ 1898.288584] name failslab, interval 1, probability 0, space 0, times 0
[ 1898.291133] CPU: 1 PID: 12494 Comm: syz-executor.5 Not tainted 5.10.240 #1
[ 1898.292692] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1898.294544] Call Trace:
[ 1898.295159]  dump_stack+0x107/0x167
[ 1898.296013]  should_fail.cold+0x5/0xa
[ 1898.296892]  should_failslab+0x5/0x20
[ 1898.297755]  __kmalloc_node_track_caller+0x74/0x3b0
[ 1898.298882]  ? skb_segment+0x9d8/0x3aa0
[ 1898.299947]  __alloc_skb+0xb1/0x5b0
[ 1898.300784]  skb_segment+0x9d8/0x3aa0
[ 1898.301742]  ? skb_zerocopy_iter_stream+0x800/0x800
[ 1898.302868]  ? perf_trace_run_bpf_submit+0xf5/0x190
[ 1898.304036]  __udp_gso_segment+0x127b/0x1e40
[ 1898.305034]  ? __sk_receive_skb+0x830/0x830
[ 1898.306033]  udp6_ufo_fragment+0x9f2/0xc80
[ 1898.307009]  ? inet6_csk_xmit+0x680/0x680
[ 1898.307955]  ? ipv6_gso_pull_exthdrs+0x24e/0x470
[ 1898.309042]  ipv6_gso_segment+0x47b/0xff0
[ 1898.309992]  ? sit_ip6ip6_gro_receive+0x110/0x110
[ 1898.311080]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1898.312273]  skb_mac_gso_segment+0x273/0x570
[ 1898.313268]  ? sit_ip6ip6_gro_receive+0x110/0x110
[ 1898.314346]  ? skb_network_protocol+0x650/0x650
[ 1898.315523]  ? skb_crc32c_csum_help+0x80/0x80
[ 1898.316537]  ? lock_acquire+0x197/0x470
[ 1898.317428]  ? __dev_queue_xmit+0x1c6/0x2690
[ 1898.318433]  __skb_gso_segment+0x32d/0x6d0
[ 1898.319429]  validate_xmit_skb.constprop.0+0x4f6/0xcd0
[ 1898.320607]  ? SOFTIRQ_verbose+0x10/0x10
[ 1898.321521]  ? netdev_core_pick_tx+0x1d1/0x2f0
[ 1898.322551]  __dev_queue_xmit+0x825/0x2690
[ 1898.323547]  ? down_read_non_owner+0x2b2/0x480
[ 1898.324582]  ? netdev_core_pick_tx+0x2f0/0x2f0
[ 1898.325618]  ? lock_downgrade+0x6d0/0x6d0
[ 1898.326555]  ? lock_acquire+0x197/0x470
[ 1898.327465]  ? ip6_finish_output2+0x3e0/0x1cf0
[ 1898.328514]  ? lockdep_hardirqs_on_prepare+0x129/0x3e0
[ 1898.329712]  neigh_connected_output+0x382/0x4d0
[ 1898.330893]  ip6_finish_output2+0xb23/0x1cf0
[ 1898.331941]  __ip6_finish_output.part.0+0x4f7/0xbc0
[ 1898.333076]  ip6_output+0x302/0x9e0
[ 1898.333916]  ? __ip6_finish_output.part.0+0xbc0/0xbc0
[ 1898.335076]  ip6_local_out+0xd2/0x4c0
[ 1898.335961]  ip6_send_skb+0x117/0x460
[ 1898.336847]  udp_v6_send_skb+0x7b7/0x1620
[ 1898.337813]  udpv6_sendmsg+0x216b/0x2b40
[ 1898.338743]  ? ip_frag_init+0x350/0x350
[ 1898.339667]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1898.340840]  ? SOFTIRQ_verbose+0x10/0x10
[ 1898.341791]  ? lock_acquire+0x197/0x470
[ 1898.342680]  ? find_held_lock+0x2c/0x110
[ 1898.343618]  ? __might_fault+0xd3/0x180
[ 1898.344544]  ? sock_has_perm+0x1ea/0x280
[ 1898.345524]  ? __import_iovec+0x458/0x590
[ 1898.346558]  ? udp_v6_push_pending_frames+0x360/0x360
[ 1898.347749]  inet6_sendmsg+0x105/0x140
[ 1898.348619]  ? inet6_compat_ioctl+0x320/0x320
[ 1898.349622]  __sock_sendmsg+0xf2/0x190
[ 1898.350503]  ____sys_sendmsg+0x334/0x870
[ 1898.351455]  ? sock_write_iter+0x3d0/0x3d0
[ 1898.352411]  ? do_recvmmsg+0x6d0/0x6d0
[ 1898.353297]  ? SOFTIRQ_verbose+0x10/0x10
[ 1898.354223]  ? __lockdep_reset_lock+0x180/0x180
[ 1898.355300]  ___sys_sendmsg+0xf3/0x170
[ 1898.356301]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1898.357563]  ? lock_downgrade+0x6d0/0x6d0
[ 1898.358743]  ? __fget_files+0x2f8/0x520
[ 1898.359881]  ? __fget_light+0xea/0x290
[ 1898.360984]  __sys_sendmmsg+0x195/0x470
[ 1898.362165]  ? __ia32_sys_sendmsg+0xb0/0xb0
[ 1898.363324]  ? lock_downgrade+0x6d0/0x6d0
[ 1898.364469]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1898.365740]  ? wait_for_completion_io+0x270/0x270
[ 1898.367028]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1898.368141]  ? vfs_write+0x354/0xb10
[ 1898.368987]  ? fput_many+0x2f/0x1a0
[ 1898.369825]  ? ksys_write+0x1a9/0x260
[ 1898.370763]  ? __ia32_sys_read+0xb0/0xb0
[ 1898.371692]  __x64_sys_sendmmsg+0x99/0x100
[ 1898.372637]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1898.373799]  do_syscall_64+0x33/0x40
[ 1898.374622]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1898.375776] RIP: 0033:0x7f7277e2bb19
[ 1898.376581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1898.380734] RSP: 002b:00007f72753a1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1898.382399] RAX: ffffffffffffffda RBX: 00007f7277f3ef60 RCX: 00007f7277e2bb19
[ 1898.384002] RDX: 0000000000000001 RSI: 0000000020004d00 RDI: 0000000000000003
[ 1898.385566] RBP: 00007f72753a11d0 R08: 0000000000000000 R09: 0000000000000000
[ 1898.387136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1898.388749] R13: 00007ffca88815bf R14: 00007f72753a1300 R15: 0000000000022000
17:13:22 executing program 0:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 1898.428202] loop2: detected capacity change from 0 to 2103296
[ 1898.477150] loop0: detected capacity change from 0 to 2103296
[ 1898.481011] EXT4-fs error (device loop2): ext4_fill_super:4967: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 1898.485118] EXT4-fs (loop2): get root inode failed
[ 1898.486285] EXT4-fs (loop2): mount failed
17:13:22 executing program 3:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', 0xfffffffffffffffc, 0x1, &(0x7f0000000100)=[{&(0x7f0000000180)="4f154e462ece3d8ceac5f4fe64d3a42d36f8eb03687bf9029363b55317798b4d65c35b6f16889b2e57c020c667b7e2d94f57987acf6bb730333c72a801a461d7ab17a5c7a67c6dff73d8c366cc0d801f8d6080ca011ea9071ac33b0f39c775f8af796b13d78bab0b61bf2ec594c2fd59641bb38738210820484ad77c2e28bd75a353a5f6fcb8b59bcb37e4", 0x8b, 0xffffffffa329e8be}], 0x81000, &(0x7f0000000240)={[{@session={'session', 0x3d, 0x39}}], [{@obj_user={'obj_user', 0x3d, '\x00'}}, {@obj_type={'obj_type', 0x3d, '@\xff\'.}##'}}, {@uid_lt}, {@euid_lt={'euid<', 0xee00}}]})
r1 = openat(r0, &(0x7f0000000140)='./file0\x00', 0x101043, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r2, r1, 0x0, 0x4)

17:13:22 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 27)

[ 1898.536178] FAULT_INJECTION: forcing a failure.
[ 1898.536178] name failslab, interval 1, probability 0, space 0, times 0
[ 1898.538497] CPU: 0 PID: 12593 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 1898.539826] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1898.541308] Call Trace:
[ 1898.541793]  dump_stack+0x107/0x167
[ 1898.542455]  should_fail.cold+0x5/0xa
[ 1898.543142]  ? create_object.isra.0+0x3a/0xa20
[ 1898.543971]  should_failslab+0x5/0x20
[ 1898.544661]  kmem_cache_alloc+0x5b/0x310
[ 1898.545391]  ? legacy_get_tree+0x105/0x220
[ 1898.546153]  ? vfs_get_tree+0x8e/0x300
[ 1898.546981]  create_object.isra.0+0x3a/0xa20
[ 1898.547786]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1898.548713]  __kmalloc_track_caller+0x177/0x370
[ 1898.549576]  ? parse_opts.part.0+0x8e/0x340
[ 1898.550356]  kstrdup+0x36/0x70
[ 1898.550932]  parse_opts.part.0+0x8e/0x340
[ 1898.551698]  ? p9_fd_show_options+0x1c0/0x1c0
[ 1898.552522]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1898.553666]  ? quarantine_put+0x8b/0x1a0
[ 1898.554399]  ? trace_hardirqs_on+0x5b/0x180
[ 1898.555338]  ? kfree+0xd7/0x340
[ 1898.555946]  p9_fd_create+0x98/0x4a0
[ 1898.556743]  ? p9_conn_create+0x510/0x510
[ 1898.557639]  ? p9_client_create+0x798/0x1230
[ 1898.558577]  ? kfree+0xd7/0x340
[ 1898.559287]  ? do_raw_spin_unlock+0x4f/0x220
[ 1898.560240]  p9_client_create+0x7ff/0x1230
[ 1898.561165]  ? p9_client_flush+0x430/0x430
[ 1898.562061]  ? trace_hardirqs_on+0x5b/0x180
[ 1898.562997]  ? lockdep_init_map_type+0x2c7/0x780
[ 1898.564015]  ? __raw_spin_lock_init+0x36/0x110
[ 1898.564900]  v9fs_session_init+0x1dd/0x1680
[ 1898.565815]  ? lock_release+0x680/0x680
[ 1898.566673]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1898.567705]  ? v9fs_show_options+0x690/0x690
[ 1898.568648]  ? trace_hardirqs_on+0x5b/0x180
[ 1898.569563]  ? kasan_unpoison_shadow+0x33/0x50
[ 1898.570536]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1898.571634]  v9fs_mount+0x79/0x8f0
[ 1898.572391]  ? v9fs_write_inode+0x60/0x60
[ 1898.573272]  legacy_get_tree+0x105/0x220
[ 1898.574151]  vfs_get_tree+0x8e/0x300
[ 1898.574950]  path_mount+0x1331/0x21c0
[ 1898.575774]  ? strncpy_from_user+0x9e/0x470
[ 1898.576683]  ? finish_automount+0xa90/0xa90
[ 1898.577599]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1898.578574]  ? _copy_from_user+0xfb/0x1b0
[ 1898.579477]  __x64_sys_mount+0x282/0x300
[ 1898.580329]  ? copy_mnt_ns+0xa00/0xa00
[ 1898.581164]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1898.582250]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1898.583489]  do_syscall_64+0x33/0x40
[ 1898.584434]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1898.585727] RIP: 0033:0x7f916d656b19
[ 1898.586666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1898.590809] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1898.592437] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 1898.593942] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1898.595452] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1898.596949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1898.598456] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 1898.600242] hpet: Lost 3 RTC interrupts
[ 1898.604410] EXT4-fs error (device loop0): ext4_fill_super:4967: inode #2: comm syz-executor.0: iget: special inode unallocated
[ 1898.615735] EXT4-fs (loop0): get root inode failed
[ 1898.616955] EXT4-fs (loop0): mount failed
17:13:39 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 28)

17:13:39 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {0x0, 0x0, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:13:39 executing program 0:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:13:39 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
openat$incfs(r2, &(0x7f0000000040)='.pending_reads\x00', 0x50042, 0x10)
sendfile(r1, r0, 0x0, 0x4)

17:13:39 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:13:39 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0) (fail_nth: 19)

17:13:39 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r1=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000051c0)=""/197, 0xc5}, {&(0x7f00000052c0)=""/86, 0x56}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r1, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r2)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:13:39 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef465", 0xf, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 1915.589438] FAULT_INJECTION: forcing a failure.
[ 1915.589438] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1915.590996] CPU: 1 PID: 12615 Comm: syz-executor.5 Not tainted 5.10.240 #1
[ 1915.591798] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1915.592754] Call Trace:
[ 1915.593067]  dump_stack+0x107/0x167
[ 1915.593502]  should_fail.cold+0x5/0xa
[ 1915.593951]  _copy_to_user+0x2e/0x180
[ 1915.594404]  simple_read_from_buffer+0xcc/0x160
[ 1915.594948]  proc_fail_nth_read+0x198/0x230
[ 1915.595453]  ? proc_sessionid_read+0x230/0x230
[ 1915.595993]  ? security_file_permission+0xb1/0xe0
[ 1915.596659]  ? proc_sessionid_read+0x230/0x230
[ 1915.597190]  vfs_read+0x228/0x620
[ 1915.597601]  ksys_read+0x12d/0x260
[ 1915.598013]  ? vfs_write+0xb10/0xb10
[ 1915.598450]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1915.599058]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1915.599671]  do_syscall_64+0x33/0x40
[ 1915.600099]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1915.600691] RIP: 0033:0x7f7277dde69c
[ 1915.601121] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[ 1915.603230] RSP: 002b:00007f72753a1170 EFLAGS: 00000246
[ 1915.603251] FAULT_INJECTION: forcing a failure.
[ 1915.603251] name failslab, interval 1, probability 0, space 0, times 0
[ 1915.605473]  ORIG_RAX: 0000000000000000
[ 1915.606112] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f7277dde69c
[ 1915.607228] RDX: 000000000000000f RSI: 00007f72753a11e0 RDI: 0000000000000005
[ 1915.608359] RBP: 00007f72753a11d0 R08: 0000000000000000 R09: 0000000000000000
[ 1915.609479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1915.610600] R13: 00007ffca88815bf R14: 00007f72753a1300 R15: 0000000000022000
[ 1915.611796] CPU: 0 PID: 12622 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 1915.613491] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1915.615473] Call Trace:
[ 1915.616113]  dump_stack+0x107/0x167
[ 1915.616980]  should_fail.cold+0x5/0xa
[ 1915.617510] loop7: detected capacity change from 0 to 2103296
[ 1915.617886]  should_failslab+0x5/0x20
[ 1915.617908]  __kmalloc_track_caller+0x79/0x370
[ 1915.617932]  ? match_number+0xaf/0x1d0
[ 1915.621721]  kmemdup_nul+0x2d/0xa0
[ 1915.622564]  match_number+0xaf/0x1d0
[ 1915.623460]  ? match_u64+0x190/0x190
[ 1915.624349]  ? __kmalloc_track_caller+0x2c6/0x370
[ 1915.625492]  ? memcpy+0x39/0x60
[ 1915.626279]  parse_opts.part.0+0x1f3/0x340
[ 1915.627279]  ? p9_fd_show_options+0x1c0/0x1c0
[ 1915.628377]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1915.629568]  ? trace_hardirqs_on+0x5b/0x180
[ 1915.630551]  ? kfree+0xd7/0x340
[ 1915.631318]  p9_fd_create+0x98/0x4a0
[ 1915.632178]  ? p9_conn_create+0x510/0x510
[ 1915.633120]  ? p9_client_create+0x798/0x1230
[ 1915.634121]  ? kfree+0xd7/0x340
[ 1915.634875]  ? do_raw_spin_unlock+0x4f/0x220
[ 1915.635903]  p9_client_create+0x7ff/0x1230
[ 1915.636876]  ? p9_client_flush+0x430/0x430
[ 1915.637839]  ? trace_hardirqs_on+0x5b/0x180
[ 1915.638821]  ? lockdep_init_map_type+0x2c7/0x780
[ 1915.639909]  ? __raw_spin_lock_init+0x36/0x110
[ 1915.640957]  v9fs_session_init+0x1dd/0x1680
[ 1915.641948]  ? lock_release+0x680/0x680
[ 1915.642863]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1915.643980]  ? v9fs_show_options+0x690/0x690
[ 1915.644996]  ? trace_hardirqs_on+0x5b/0x180
[ 1915.645980]  ? kasan_unpoison_shadow+0x33/0x50
[ 1915.647019]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1915.648191]  v9fs_mount+0x79/0x8f0
[ 1915.649010]  ? v9fs_write_inode+0x60/0x60
[ 1915.649961]  legacy_get_tree+0x105/0x220
[ 1915.650894]  vfs_get_tree+0x8e/0x300
[ 1915.651754]  path_mount+0x1331/0x21c0
[ 1915.652637]  ? strncpy_from_user+0x9e/0x470
[ 1915.653620]  ? finish_automount+0xa90/0xa90
[ 1915.654601]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1915.655675]  ? _copy_from_user+0xfb/0x1b0
[ 1915.656630]  __x64_sys_mount+0x282/0x300
[ 1915.657552]  ? copy_mnt_ns+0xa00/0xa00
[ 1915.658444]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1915.659638]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1915.660816]  do_syscall_64+0x33/0x40
[ 1915.661672]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1915.662836] RIP: 0033:0x7f916d656b19
[ 1915.663690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1915.667871] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1915.669614] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 1915.671243] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1915.672874] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1915.674509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1915.676148] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 1915.678112] hpet: Lost 4 RTC interrupts
[ 1915.700109] loop0: detected capacity change from 0 to 2103296
17:13:39 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)

[ 1915.711595] 9pnet: Insufficient options for proto=fd
[ 1915.716204] loop6: detected capacity change from 0 to 2103296
[ 1915.723073] loop2: detected capacity change from 0 to 2103296
[ 1915.732918] EXT4-fs warning (device loop7): read_mmp_block:114: Error -117 while reading MMP block 64
17:13:39 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 29)

17:13:39 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x82)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105142, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x20d315)
open_tree(r3, &(0x7f0000000000)='./cgroup.net/cgroup.procs\x00', 0x81100)
sendfile(r1, r0, 0x0, 0x4)

[ 1915.763982] EXT4-fs error (device loop0): ext4_fill_super:4967: inode #2: comm syz-executor.0: iget: special inode unallocated
[ 1915.767843] EXT4-fs error (device loop2): ext4_fill_super:4967: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 1915.769985] EXT4-fs (loop2): get root inode failed
[ 1915.770575] EXT4-fs (loop2): mount failed
[ 1915.782555] EXT4-fs error (device loop6): ext4_fill_super:4967: inode #2: comm syz-executor.6: iget: special inode unallocated
[ 1915.786060] EXT4-fs (loop6): get root inode failed
[ 1915.786628] EXT4-fs (loop6): mount failed
[ 1915.790332] EXT4-fs (loop0): get root inode failed
[ 1915.790965] EXT4-fs (loop0): mount failed
[ 1915.826275] FAULT_INJECTION: forcing a failure.
[ 1915.826275] name failslab, interval 1, probability 0, space 0, times 0
[ 1915.827600] CPU: 1 PID: 12666 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 1915.828385] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1915.829337] Call Trace:
[ 1915.829646]  dump_stack+0x107/0x167
[ 1915.830066]  should_fail.cold+0x5/0xa
[ 1915.830506]  ? create_object.isra.0+0x3a/0xa20
[ 1915.831101]  should_failslab+0x5/0x20
[ 1915.831547]  kmem_cache_alloc+0x5b/0x310
[ 1915.832011]  create_object.isra.0+0x3a/0xa20
[ 1915.832507]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1915.833087]  __kmalloc_track_caller+0x177/0x370
[ 1915.833618]  ? match_number+0xaf/0x1d0
[ 1915.834065]  kmemdup_nul+0x2d/0xa0
[ 1915.834466]  match_number+0xaf/0x1d0
[ 1915.834893]  ? match_u64+0x190/0x190
[ 1915.835317]  ? __kmalloc_track_caller+0x2c6/0x370
[ 1915.835873]  ? memcpy+0x39/0x60
[ 1915.836252]  parse_opts.part.0+0x1f3/0x340
[ 1915.836733]  ? p9_fd_show_options+0x1c0/0x1c0
[ 1915.837248]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1915.837847]  ? trace_hardirqs_on+0x5b/0x180
[ 1915.838340]  ? kfree+0xd7/0x340
[ 1915.838721]  p9_fd_create+0x98/0x4a0
[ 1915.839141]  ? p9_conn_create+0x510/0x510
[ 1915.839620]  ? p9_client_create+0x798/0x1230
[ 1915.840117]  ? kfree+0xd7/0x340
[ 1915.840493]  ? do_raw_spin_unlock+0x4f/0x220
[ 1915.840999]  p9_client_create+0x7ff/0x1230
[ 1915.841488]  ? p9_client_flush+0x430/0x430
[ 1915.841967]  ? trace_hardirqs_on+0x5b/0x180
[ 1915.842462]  ? lockdep_init_map_type+0x2c7/0x780
[ 1915.843003]  ? __raw_spin_lock_init+0x36/0x110
[ 1915.843538]  v9fs_session_init+0x1dd/0x1680
[ 1915.844030]  ? lock_release+0x680/0x680
[ 1915.844490]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1915.845037]  ? v9fs_show_options+0x690/0x690
[ 1915.845545]  ? trace_hardirqs_on+0x5b/0x180
[ 1915.846037]  ? kasan_unpoison_shadow+0x33/0x50
[ 1915.846634]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1915.847211]  v9fs_mount+0x79/0x8f0
[ 1915.847627]  ? v9fs_write_inode+0x60/0x60
[ 1915.848097]  legacy_get_tree+0x105/0x220
[ 1915.848563]  vfs_get_tree+0x8e/0x300
[ 1915.848983]  path_mount+0x1331/0x21c0
[ 1915.849422]  ? strncpy_from_user+0x9e/0x470
[ 1915.849909]  ? finish_automount+0xa90/0xa90
[ 1915.850404]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1915.850929]  ? _copy_from_user+0xfb/0x1b0
[ 1915.851404]  __x64_sys_mount+0x282/0x300
[ 1915.851871]  ? copy_mnt_ns+0xa00/0xa00
[ 1915.852318]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1915.852915]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1915.853507]  do_syscall_64+0x33/0x40
[ 1915.853931]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1915.854523] RIP: 0033:0x7f916d656b19
[ 1915.854944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1915.857050] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1915.857922] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 1915.858749] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1915.859569] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1915.860381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1915.861200] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 1929.295117] loop0: detected capacity change from 0 to 2103296
17:13:53 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 30)

17:13:53 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, 0x0, 0x0, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, 0x0, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r2)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:13:53 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
getsockopt$inet6_udp_int(r0, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000100)=0x4)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0x400}, 0x0, 0x200000000, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
r1 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x50, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_NOP={0x0, 0x4}, 0x0)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)

17:13:53 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef465", 0xf, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:13:53 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:13:53 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
sendfile(0xffffffffffffffff, r0, 0x0, 0x4)

17:13:53 executing program 0:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)

17:13:53 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef465", 0xf, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 1929.305324] FAULT_INJECTION: forcing a failure.
[ 1929.305324] name failslab, interval 1, probability 0, space 0, times 0
[ 1929.308329] CPU: 0 PID: 12774 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 1929.310078] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1929.312185] Call Trace:
[ 1929.312857]  dump_stack+0x107/0x167
[ 1929.313780]  should_fail.cold+0x5/0xa
[ 1929.314751]  should_failslab+0x5/0x20
[ 1929.315764]  __kmalloc_track_caller+0x79/0x370
[ 1929.316770]  ? match_number+0xaf/0x1d0
[ 1929.317583]  ? kfree+0xd7/0x340
[ 1929.318277]  kmemdup_nul+0x2d/0xa0
[ 1929.319012]  match_number+0xaf/0x1d0
[ 1929.319808]  ? match_u64+0x190/0x190
[ 1929.320579]  ? __kmalloc_track_caller+0x2c6/0x370
[ 1929.321570]  ? memcpy+0x39/0x60
[ 1929.322253]  parse_opts.part.0+0x1f3/0x340
[ 1929.323129]  ? p9_fd_show_options+0x1c0/0x1c0
[ 1929.324071]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1929.325156]  ? trace_hardirqs_on+0x5b/0x180
[ 1929.326045]  ? kfree+0xd7/0x340
[ 1929.326729]  p9_fd_create+0x98/0x4a0
[ 1929.327515]  ? p9_conn_create+0x510/0x510
[ 1929.328382]  ? p9_client_create+0x798/0x1230
[ 1929.329289]  ? kfree+0xd7/0x340
[ 1929.329982]  ? do_raw_spin_unlock+0x4f/0x220
[ 1929.330917]  p9_client_create+0x7ff/0x1230
[ 1929.331817]  ? p9_client_flush+0x430/0x430
[ 1929.332704]  ? trace_hardirqs_on+0x5b/0x180
[ 1929.333609]  ? lockdep_init_map_type+0x2c7/0x780
[ 1929.334608]  ? __raw_spin_lock_init+0x36/0x110
[ 1929.335562]  v9fs_session_init+0x1dd/0x1680
[ 1929.336467]  ? lock_release+0x680/0x680
[ 1929.337300]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1929.338337]  ? v9fs_show_options+0x690/0x690
[ 1929.339259]  ? trace_hardirqs_on+0x5b/0x180
[ 1929.340169]  ? kasan_unpoison_shadow+0x33/0x50
[ 1929.341107]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1929.342246]  v9fs_mount+0x79/0x8f0
[ 1929.342991]  ? v9fs_write_inode+0x60/0x60
[ 1929.343872]  legacy_get_tree+0x105/0x220
[ 1929.344722]  vfs_get_tree+0x8e/0x300
[ 1929.345494]  path_mount+0x1331/0x21c0
[ 1929.346280]  ? strncpy_from_user+0x9e/0x470
[ 1929.346461] loop6: detected capacity change from 0 to 2103296
[ 1929.347163]  ? finish_automount+0xa90/0xa90
[ 1929.347183]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1929.347201]  ? _copy_from_user+0xfb/0x1b0
[ 1929.347227]  __x64_sys_mount+0x282/0x300
[ 1929.347244]  ? copy_mnt_ns+0xa00/0xa00
[ 1929.347267]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1929.347287]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1929.347308]  do_syscall_64+0x33/0x40
[ 1929.347333]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1929.356742] RIP: 0033:0x7f916d656b19
[ 1929.357525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1929.361373] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1929.362953] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 1929.364464] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1929.365956] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1929.367432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1929.368929] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 1929.370709] hpet: Lost 3 RTC interrupts
[ 1929.371955] 9pnet: Insufficient options for proto=fd
[ 1929.375470] loop7: detected capacity change from 0 to 2103296
17:13:53 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000004700)={0x0, 0xeb74}, &(0x7f0000800000/0x800000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r2 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000004680)={<r3=>0x0, <r4=>0x0})
recvmmsg(r2, &(0x7f0000004500)=[{{&(0x7f0000000180)=@nfc_llcp, 0x80, &(0x7f0000001580)=[{&(0x7f0000000200)=""/4096, 0x1000}, {&(0x7f0000001200)=""/192, 0xc0}, {&(0x7f00000012c0)=""/175, 0xaf}, {&(0x7f0000001380)=""/240, 0xf0}, {&(0x7f0000001480)=""/235, 0xeb}], 0x5}, 0xfffffffa}, {{&(0x7f0000001600)=@rc={0x1f, @none}, 0x80, &(0x7f0000001ac0)=[{&(0x7f0000001680)=""/112, 0x70}, {&(0x7f0000001700)=""/84, 0x54}, {&(0x7f0000001780)=""/189, 0xbd}, {&(0x7f0000000040)=""/48, 0x30}, {&(0x7f0000000100)=""/62, 0x3e}, {&(0x7f0000001840)=""/218, 0xda}, {&(0x7f0000001940)=""/113, 0x71}, {&(0x7f00000019c0)=""/40, 0x28}, {&(0x7f0000001a00)=""/130, 0x82}], 0x9, &(0x7f0000001b80)=""/107, 0x6b}, 0x6}, {{&(0x7f0000001c00)=@pppoe={0x18, 0x0, {0x0, @dev}}, 0x80, &(0x7f0000001d80)=[{&(0x7f0000001c80)=""/203, 0xcb}], 0x1, &(0x7f0000001dc0)=""/21, 0x15}, 0x5}, {{&(0x7f0000001e00)=@l2={0x1f, 0x0, @fixed}, 0x80, &(0x7f0000002f80)=[{&(0x7f0000001e80)=""/202, 0xca}, {&(0x7f0000001f80)=""/4096, 0x1000}], 0x2, &(0x7f0000002fc0)}, 0x8}, {{&(0x7f0000003000)=@tipc, 0x80, &(0x7f0000003340)=[{&(0x7f0000003080)=""/36, 0x24}, {&(0x7f00000030c0)=""/231, 0xe7}, {&(0x7f00000031c0)=""/156, 0x9c}, {&(0x7f0000003280)=""/149, 0x95}], 0x4, &(0x7f0000003380)}, 0x4}, {{&(0x7f00000033c0)=@qipcrtr, 0x80, &(0x7f0000004440)=[{&(0x7f0000003440)=""/4096, 0x1000}], 0x1, &(0x7f0000004480)=""/74, 0x4a}, 0xfff}], 0x6, 0x40000000, &(0x7f00000046c0)={r3, r4+60000000})
sendfile(r1, r0, 0x0, 0x4)

[ 1929.415792] EXT4-fs error (device loop0): ext4_fill_super:4967: inode #2: comm syz-executor.0: iget: special inode unallocated
[ 1929.419160] EXT4-fs (loop0): get root inode failed
[ 1929.420401] EXT4-fs (loop0): mount failed
[ 1929.422803] loop2: detected capacity change from 0 to 2103296
17:13:53 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 31)

17:13:53 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000000800)=[{{&(0x7f0000000000)={0xa, 0x4e24, 0x3, @mcast2, 0x80000001}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000100)="f9cd30d9b7e324936a3eec9bffe6ed6166b333da13c69ce7e8c0497cb3aa49742353bc9aba54b64e3d188de2933e29f5879046e123552b4d4d6f5537db3cee11abe244745b5b5077405a5ff81a7f3ef6e1a6bac994eff7a310f147107b2ecab0e708", 0x62}, {&(0x7f0000000180)="bc733fef5c3896d6da2616060aa1ed02668c13b7f958da439162618ed55cb57fe9557bb628f1cd7ba51599a7f10902469f87e818f736db2484a57689b83ede50d3ebb1e4e1f0f7513de8461954", 0x4d}, {&(0x7f0000000200)="696a0451e829e29c3cd5b709e70e2e67debfcfdb9af90bf0e04ac5ee35b644d6c2409cd010b77b85f20c467f37c54186888d75e638d731e2038676ec943e1d8dce42607b44588de35cd1ddff469c586f0199e0b26c14f5ef32a47d863e53057cdb1455cce5150e97e12f2b527ee8de12c2b98ed0ce", 0x75}], 0x3, &(0x7f0000000400)=[@dontfrag={{0x14, 0x29, 0x3e, 0x1000}}, @flowinfo={{0x14, 0x29, 0xb, 0x8000}}, @hoplimit={{0x14, 0x29, 0x34, 0x8}}, @rthdr_2292={{0xa8, 0x29, 0x39, {0x2c, 0x12, 0x0, 0x2, 0x0, [@dev={0xfe, 0x80, '\x00', 0xa}, @dev={0xfe, 0x80, '\x00', 0xa}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @local, @mcast1, @mcast1, @private2, @private0, @dev={0xfe, 0x80, '\x00', 0x16}]}}}], 0xf0}}, {{&(0x7f0000000280)={0xa, 0x4e20, 0x5496, @ipv4={'\x00', '\xff\xff', @remote}, 0x401}, 0x1c, &(0x7f0000000500)=[{&(0x7f0000000580)="c3dcb075fdd1cd7169146490e16ef8cc6061a3e2d888fcc9951dd79993f56b601b7202dc6d1d5cca5bbaeb7ce457c92f420d3efa0f5f5051fed49df0c9439e8184c1299f23dfa4c41f9903bd4dd72aca1bb64c6643f6cafa0c88e865069a861ce4b8ab06c1451a2582a1b66e650db8e4811f5de520", 0x75}, {&(0x7f0000000600)="3df0005ca1983778d5e676a5e0454c4bd5c70aeaca2ab6c749ccadf0f2b29073216bccbcb5564b685e6595f60a77ea2cb858b704d5d8bcf41c83378f05af275d8d0a", 0x42}, {&(0x7f0000000680)="c64f8e251c774addcec338b79c66e7697986c4d138eb1b90c5cd350741bd78ae053c5d61c19544a4beb6f750677c0218ba18f980be7899c74fd94bc18d08255d0928b4c0bf30c7b338c0ab4ffc7d2d0cfa47cd65bb80c06744e148a033c44c99ed474688d4a1923f101fd3a3bb34dea435e36ec6a886bad6c6f79f5cbe1b7a52400d48199788f422012cccf7146d45e1d245e4210baa42975abac948c5108c758cb57a9e0667314833", 0xa9}, {&(0x7f0000000380)="f5ce02ba6b29fb854fbdfcefeb27b7615758bf55733b20c240ef387f19a37b2387b6ef9257dc0d3b158247b598c0d13de10e89218f6b3c50", 0x38}], 0x4, &(0x7f0000000740)=[@dontfrag={{0x14, 0x29, 0x3e, 0x4f}}, @tclass={{0x14, 0x29, 0x43, 0x4}}, @flowinfo={{0x14, 0x29, 0xb, 0x8}}, @dontfrag={{0x14, 0x29, 0x3e, 0x5}}, @hopopts={{0x30, 0x29, 0x36, {0x89, 0x2, '\x00', [@hao={0xc9, 0x10, @rand_addr=' \x01\x00'}, @ra={0x5, 0x2, 0x8001}]}}}], 0x90}}], 0x2, 0x8000)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)

[ 1929.502065] EXT4-fs error (device loop7): ext4_fill_super:4967: inode #2: comm syz-executor.7: iget: special inode unallocated
[ 1929.505764] EXT4-fs (loop7): get root inode failed
[ 1929.507123] EXT4-fs (loop7): mount failed
[ 1929.510627] EXT4-fs error (device loop6): ext4_fill_super:4967: inode #2: comm syz-executor.6: iget: special inode unallocated
[ 1929.520680] EXT4-fs (loop6): get root inode failed
[ 1929.521808] EXT4-fs (loop6): mount failed
17:13:53 executing program 0:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00))

[ 1929.538082] EXT4-fs error (device loop2): ext4_fill_super:4967: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 1929.545603] EXT4-fs (loop2): get root inode failed
[ 1929.547049] EXT4-fs (loop2): mount failed
[ 1929.571371] FAULT_INJECTION: forcing a failure.
[ 1929.571371] name failslab, interval 1, probability 0, space 0, times 0
[ 1929.573478] CPU: 1 PID: 12918 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 1929.574735] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1929.576230] Call Trace:
[ 1929.576708]  dump_stack+0x107/0x167
[ 1929.577374]  should_fail.cold+0x5/0xa
[ 1929.578060]  ? create_object.isra.0+0x3a/0xa20
[ 1929.578879]  should_failslab+0x5/0x20
[ 1929.579574]  kmem_cache_alloc+0x5b/0x310
[ 1929.580321]  create_object.isra.0+0x3a/0xa20
[ 1929.581219]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1929.582131]  __kmalloc_track_caller+0x177/0x370
[ 1929.582959]  ? match_number+0xaf/0x1d0
[ 1929.583655]  kmemdup_nul+0x2d/0xa0
[ 1929.584303]  match_number+0xaf/0x1d0
[ 1929.584970]  ? match_u64+0x190/0x190
[ 1929.585629]  ? __kmalloc_track_caller+0x2c6/0x370
[ 1929.586483]  ? memcpy+0x39/0x60
[ 1929.587076]  parse_opts.part.0+0x1f3/0x340
[ 1929.587838]  ? p9_fd_show_options+0x1c0/0x1c0
[ 1929.588638]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1929.589571]  ? trace_hardirqs_on+0x5b/0x180
[ 1929.590341]  ? kfree+0xd7/0x340
[ 1929.590939]  p9_fd_create+0x98/0x4a0
[ 1929.591600]  ? p9_conn_create+0x510/0x510
[ 1929.592353]  ? p9_client_create+0x798/0x1230
[ 1929.593133]  ? kfree+0xd7/0x340
[ 1929.593715]  ? do_raw_spin_unlock+0x4f/0x220
[ 1929.594502]  p9_client_create+0x7ff/0x1230
[ 1929.595264]  ? p9_client_flush+0x430/0x430
[ 1929.596027]  ? trace_hardirqs_on+0x5b/0x180
[ 1929.596890]  ? lockdep_init_map_type+0x2c7/0x780
[ 1929.597738]  ? __raw_spin_lock_init+0x36/0x110
[ 1929.598545]  v9fs_session_init+0x1dd/0x1680
[ 1929.599309]  ? lock_release+0x680/0x680
[ 1929.600021]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1929.600882]  ? v9fs_show_options+0x690/0x690
[ 1929.601665]  ? trace_hardirqs_on+0x5b/0x180
[ 1929.602428]  ? kasan_unpoison_shadow+0x33/0x50
[ 1929.603230]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1929.604128]  v9fs_mount+0x79/0x8f0
[ 1929.604769]  ? v9fs_write_inode+0x60/0x60
[ 1929.605502]  legacy_get_tree+0x105/0x220
[ 1929.606218]  vfs_get_tree+0x8e/0x300
[ 1929.606880]  path_mount+0x1331/0x21c0
[ 1929.607552]  ? strncpy_from_user+0x9e/0x470
[ 1929.608316]  ? finish_automount+0xa90/0xa90
[ 1929.609082]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1929.609892]  ? _copy_from_user+0xfb/0x1b0
[ 1929.610627]  __x64_sys_mount+0x282/0x300
[ 1929.611340]  ? copy_mnt_ns+0xa00/0xa00
[ 1929.612030]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1929.613037]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1929.613949]  do_syscall_64+0x33/0x40
[ 1929.614603]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1929.615511] RIP: 0033:0x7f916d656b19
[ 1929.616179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1929.619383] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1929.620716] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 1929.621966] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1929.623211] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1929.624467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1929.625706] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
17:13:53 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clock_nanosleep(0x0, 0x0, &(0x7f0000000180), 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
recvmsg$unix(r0, &(0x7f0000000280)={&(0x7f0000000000)=@abs, 0x6e, &(0x7f0000000100)=[{&(0x7f0000000180)=""/126, 0x7e}], 0x1, &(0x7f0000000200)=[@cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x58}, 0x40000000)
syz_open_procfs(r2, &(0x7f00000002c0)='attr/keycreate\x00')
sendfile(r1, r0, 0x0, 0x4)

17:13:53 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef465", 0xf, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:13:53 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, 0x0, 0x0, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, 0x0, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r2)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:14:14 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, 0x0, 0x0, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, 0x0, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r2)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:14:14 executing program 0:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00))

17:14:14 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef465", 0xf, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 1950.082340] FAULT_INJECTION: forcing a failure.
[ 1950.082340] name failslab, interval 1, probability 0, space 0, times 0
[ 1950.084598] CPU: 0 PID: 12953 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 1950.085706] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1950.087019] Call Trace:
[ 1950.087451]  dump_stack+0x107/0x167
[ 1950.088031]  should_fail.cold+0x5/0xa
[ 1950.088648]  ? p9_fd_create+0x161/0x4a0
[ 1950.089283]  should_failslab+0x5/0x20
[ 1950.089884]  kmem_cache_alloc_trace+0x55/0x320
[ 1950.090612]  p9_fd_create+0x161/0x4a0
[ 1950.091213]  ? p9_conn_create+0x510/0x510
[ 1950.091868]  ? p9_client_create+0x798/0x1230
[ 1950.092570]  ? kfree+0xd7/0x340
[ 1950.093091]  ? do_raw_spin_unlock+0x4f/0x220
[ 1950.093795]  p9_client_create+0x7ff/0x1230
[ 1950.094471]  ? p9_client_flush+0x430/0x430
[ 1950.095141]  ? trace_hardirqs_on+0x5b/0x180
[ 1950.095826]  ? lockdep_init_map_type+0x2c7/0x780
[ 1950.096593]  ? __raw_spin_lock_init+0x36/0x110
[ 1950.097369]  v9fs_session_init+0x1dd/0x1680
[ 1950.098054]  ? lock_release+0x680/0x680
[ 1950.098692]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1950.099457]  ? v9fs_show_options+0x690/0x690
[ 1950.100182]  ? trace_hardirqs_on+0x5b/0x180
[ 1950.100883]  ? kasan_unpoison_shadow+0x33/0x50
[ 1950.101651]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1950.102509]  v9fs_mount+0x79/0x8f0
[ 1950.103115]  ? v9fs_write_inode+0x60/0x60
[ 1950.103819]  legacy_get_tree+0x105/0x220
[ 1950.104520]  vfs_get_tree+0x8e/0x300
[ 1950.105154]  path_mount+0x1331/0x21c0
[ 1950.105799]  ? strncpy_from_user+0x9e/0x470
[ 1950.106528]  ? finish_automount+0xa90/0xa90
[ 1950.107262]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1950.108045]  ? _copy_from_user+0xfb/0x1b0
[ 1950.108755]  __x64_sys_mount+0x282/0x300
[ 1950.109442]  ? copy_mnt_ns+0xa00/0xa00
[ 1950.110102]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1950.110971]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1950.111689] loop7: detected capacity change from 0 to 2103296
[ 1950.111839]  do_syscall_64+0x33/0x40
17:14:14 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x9, &(0x7f00000000c0)=0x200000a4, 0x4)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x20d315)
dup2(r0, r2)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)

17:14:14 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:14:14 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f0000", 0x16, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:14:14 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r1, r0, 0x0, 0x4)
dup2(r1, r0)

17:14:14 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 32)

[ 1950.111856]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1950.111866] RIP: 0033:0x7f916d656b19
[ 1950.111880] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1950.111888] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1950.111908] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 1950.111917] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1950.111925] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1950.111933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1950.111942] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 1950.152199] loop6: detected capacity change from 0 to 2103296
17:14:14 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
io_uring_enter(r0, 0x4700, 0xbe78, 0x0, &(0x7f0000000000)={[0x14d9000000]}, 0x8)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r1, r0, 0x0, 0x4)

[ 1950.178302] loop0: detected capacity change from 0 to 2103296
[ 1950.202149] loop2: detected capacity change from 0 to 2103296
17:14:14 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 33)

[ 1950.235745] EXT4-fs error (device loop2): ext4_fill_super:4967: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 1950.239695] EXT4-fs (loop2): get root inode failed
[ 1950.240609] EXT4-fs (loop2): mount failed
17:14:14 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}], 0x5, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

[ 1950.273363] EXT4-fs error (device loop7): ext4_fill_super:4967: inode #2: comm syz-executor.7: iget: special inode unallocated
[ 1950.277215] EXT4-fs (loop7): get root inode failed
[ 1950.278576] EXT4-fs (loop7): mount failed
[ 1950.292064] FAULT_INJECTION: forcing a failure.
[ 1950.292064] name failslab, interval 1, probability 0, space 0, times 0
[ 1950.294641] CPU: 1 PID: 13026 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 1950.296211] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1950.298092] Call Trace:
[ 1950.298690]  dump_stack+0x107/0x167
[ 1950.299518]  should_fail.cold+0x5/0xa
[ 1950.300483]  ? create_object.isra.0+0x3a/0xa20
[ 1950.301514]  should_failslab+0x5/0x20
[ 1950.302370]  kmem_cache_alloc+0x5b/0x310
[ 1950.303290]  ? p9_fd_show_options+0x1c0/0x1c0
[ 1950.304317]  create_object.isra.0+0x3a/0xa20
[ 1950.305302]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1950.306449]  kmem_cache_alloc_trace+0x151/0x320
[ 1950.307502]  p9_fd_create+0x161/0x4a0
[ 1950.308362]  ? p9_conn_create+0x510/0x510
[ 1950.309293]  ? p9_client_create+0x798/0x1230
[ 1950.310286]  ? kfree+0xd7/0x340
[ 1950.311035]  ? do_raw_spin_unlock+0x4f/0x220
[ 1950.312030]  p9_client_create+0x7ff/0x1230
[ 1950.313006]  ? p9_client_flush+0x430/0x430
[ 1950.313961]  ? trace_hardirqs_on+0x5b/0x180
[ 1950.314931]  ? lockdep_init_map_type+0x2c7/0x780
[ 1950.316057]  ? __raw_spin_lock_init+0x36/0x110
[ 1950.317106]  v9fs_session_init+0x1dd/0x1680
[ 1950.318083]  ? lock_release+0x680/0x680
[ 1950.318987]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1950.320070]  ? v9fs_show_options+0x690/0x690
[ 1950.321087]  ? trace_hardirqs_on+0x5b/0x180
[ 1950.322055]  ? kasan_unpoison_shadow+0x33/0x50
[ 1950.323083]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1950.324238]  v9fs_mount+0x79/0x8f0
[ 1950.325043]  ? v9fs_write_inode+0x60/0x60
[ 1950.325983]  legacy_get_tree+0x105/0x220
[ 1950.326900]  vfs_get_tree+0x8e/0x300
[ 1950.327745]  path_mount+0x1331/0x21c0
[ 1950.328625]  ? strncpy_from_user+0x9e/0x470
[ 1950.329599]  ? finish_automount+0xa90/0xa90
[ 1950.330572]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1950.331687]  ? _copy_from_user+0xfb/0x1b0
[ 1950.332649]  __x64_sys_mount+0x282/0x300
[ 1950.333564]  ? copy_mnt_ns+0xa00/0xa00
[ 1950.334450]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1950.335633]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1950.336792]  do_syscall_64+0x33/0x40
[ 1950.337617]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1950.338771] RIP: 0033:0x7f916d656b19
[ 1950.339607] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1950.343780] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1950.345502] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 1950.347193] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1950.348811] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1950.350435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1950.352049] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 1950.354981] EXT4-fs error (device loop6): ext4_fill_super:4967: inode #2: comm syz-executor.6: iget: special inode unallocated
[ 1950.357716] EXT4-fs (loop6): get root inode failed
[ 1950.358757] EXT4-fs (loop6): mount failed
[ 1950.360532] EXT4-fs error (device loop0): ext4_fill_super:4967: inode #2: comm syz-executor.0: iget: special inode unallocated
17:14:14 executing program 5:
r0 = semget$private(0x0, 0x4, 0x100)
semctl$SEM_INFO(r0, 0x3, 0x13, &(0x7f0000000000)=""/35)
semctl$GETPID(r0, 0x1, 0xb, &(0x7f0000000000)=""/61)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r1, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r1, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)

17:14:14 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}], 0x5, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

[ 1950.373148] EXT4-fs (loop0): get root inode failed
[ 1950.374591] EXT4-fs (loop0): mount failed
17:14:14 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r3 = perf_event_open$cgroup(&(0x7f0000000200)={0x5, 0x80, 0x5, 0x9, 0x13, 0xff, 0x0, 0xffffffffffff8e3f, 0x8, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x2, 0x1, @perf_bp={&(0x7f0000000040), 0x2}, 0x940, 0xb6c2, 0x7fff, 0x8, 0x1ff, 0x20, 0x61, 0x0, 0x2, 0x0, 0xee}, r0, 0x6, 0xffffffffffffffff, 0x7)
ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f0000000100)={0x0, r1, 0x60af, 0x5, 0x6e, 0x5})
sendfile(r2, r0, 0x0, 0x4)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$IP_VS_SO_GET_TIMEOUT(r4, 0x0, 0x486, &(0x7f0000000180), &(0x7f00000001c0)=0xc)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
r6 = timerfd_create(0x1, 0x80000)
dup2(r5, r6)

17:14:14 executing program 0:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:14:14 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f0000", 0x16, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 1950.504080] loop0: detected capacity change from 0 to 2103296
17:14:14 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 1950.549438] loop2: detected capacity change from 0 to 2103296
[ 1950.551053] EXT4-fs error (device loop0): ext4_fill_super:4967: inode #2: comm syz-executor.0: iget: special inode unallocated
[ 1950.551399] EXT4-fs (loop0): get root inode failed
[ 1950.555069] EXT4-fs (loop0): mount failed
17:14:14 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r1, r0, 0x0, 0x4)
r2 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x90040, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x4, 0x1, 0x0, 0x81, 0x3, 0x3, 0x6, 0x9, 0x183, 0x40, 0x13f, 0xffffffff, 0xfffb, 0x38, 0x2, 0x2, 0x7, 0x7a8f}, [{0x3, 0x9, 0x1, 0x4, 0x0, 0xfffffffffffffffa, 0x2, 0x7fff}], "b225c2dc22e4317c72e33f97c503dc3a5cc8511417db6c7d44ee185fffa6bf1841916d3d64bf9570d2717cecb33668eddfffcc476cf2fc7f797e6e7dce9815ea6d39116e182d325c63e5cc49f86aadb384f86c47589fc4abaaf6f55d8e7dfed7fbc8e26600f14cecb5c43f3284d8c8e4feed0c8c11358c0f7804da039221f396486f6a2fba0787a6ead8117e4f9d3816cbb5dff6f219ca7340c103d95446c29107e29ad5650abe85"}, 0x120)
r3 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r5=>0x0, &(0x7f0000000100)=<r6=>0x0)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, {}, 0x1, {0x0, r7}}, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xa, 0x0, r7)

17:14:14 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef465", 0xf, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:14:14 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x4e22, 0x0, @local, 0x2002}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)

[ 1950.612434] EXT4-fs error (device loop2): ext4_fill_super:4967: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 1950.621123] EXT4-fs (loop2): get root inode failed
[ 1950.621779] EXT4-fs (loop2): mount failed
[ 1950.623188] loop6: detected capacity change from 0 to 2103296
[ 1950.650477] loop7: detected capacity change from 0 to 2103296
[ 1950.707609] EXT4-fs error (device loop7): ext4_fill_super:4967: inode #2: comm syz-executor.7: iget: special inode unallocated
[ 1950.711554] EXT4-fs (loop7): get root inode failed
[ 1950.712972] EXT4-fs (loop7): mount failed
[ 1950.715616] EXT4-fs error (device loop6): ext4_fill_super:4967: inode #2: comm syz-executor.6: iget: special inode unallocated
[ 1950.718760] EXT4-fs (loop6): get root inode failed
[ 1950.719574] EXT4-fs (loop6): mount failed
17:14:30 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}], 0x5, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:14:30 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef465", 0xf, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:14:30 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {0x0, 0x0, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:14:30 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000040)='./file1\x00', 0x10000, 0x80)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r1, r0, 0x0, 0x4)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105142, 0x0)
flistxattr(0xffffffffffffffff, &(0x7f0000000180)=""/139, 0x8b)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x20d315)
fcntl$dupfd(r1, 0x0, r2)

17:14:30 executing program 0:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:14:30 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e23, 0x20, @mcast1, 0x5}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)

17:14:30 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 34)

17:14:30 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f0000", 0x16, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 1966.287727] loop6: detected capacity change from 0 to 2103296
[ 1966.294049] FAULT_INJECTION: forcing a failure.
[ 1966.294049] name failslab, interval 1, probability 0, space 0, times 0
[ 1966.296561] CPU: 0 PID: 13260 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 1966.298041] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1966.299791] Call Trace:
[ 1966.300401]  dump_stack+0x107/0x167
[ 1966.301182]  should_fail.cold+0x5/0xa
[ 1966.301991]  ? create_object.isra.0+0x3a/0xa20
[ 1966.302954]  should_failslab+0x5/0x20
[ 1966.303761]  kmem_cache_alloc+0x5b/0x310
[ 1966.304629]  ? p9_fd_show_options+0x1c0/0x1c0
[ 1966.305585]  create_object.isra.0+0x3a/0xa20
[ 1966.306511]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1966.307591]  kmem_cache_alloc_trace+0x151/0x320
[ 1966.308588]  p9_fd_create+0x161/0x4a0
[ 1966.309395]  ? p9_conn_create+0x510/0x510
[ 1966.310274]  ? p9_client_create+0x798/0x1230
[ 1966.311209]  ? kfree+0xd7/0x340
[ 1966.311906]  ? do_raw_spin_unlock+0x4f/0x220
[ 1966.312854]  p9_client_create+0x7ff/0x1230
[ 1966.313755]  ? p9_client_flush+0x430/0x430
[ 1966.314651]  ? trace_hardirqs_on+0x5b/0x180
[ 1966.315560]  ? lockdep_init_map_type+0x2c7/0x780
[ 1966.316574]  ? __raw_spin_lock_init+0x36/0x110
[ 1966.317549]  v9fs_session_init+0x1dd/0x1680
[ 1966.318461]  ? lock_release+0x680/0x680
[ 1966.319313]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1966.320336]  ? v9fs_show_options+0x690/0x690
[ 1966.321292]  ? trace_hardirqs_on+0x5b/0x180
[ 1966.322205]  ? kasan_unpoison_shadow+0x33/0x50
[ 1966.323174]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1966.324247]  v9fs_mount+0x79/0x8f0
[ 1966.325008]  ? v9fs_write_inode+0x60/0x60
[ 1966.325895]  legacy_get_tree+0x105/0x220
[ 1966.326763]  vfs_get_tree+0x8e/0x300
[ 1966.327553]  path_mount+0x1331/0x21c0
[ 1966.328377]  ? strncpy_from_user+0x9e/0x470
[ 1966.329292]  ? finish_automount+0xa90/0xa90
[ 1966.330211]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1966.331196]  ? _copy_from_user+0xfb/0x1b0
[ 1966.332084]  __x64_sys_mount+0x282/0x300
[ 1966.332950]  ? copy_mnt_ns+0xa00/0xa00
[ 1966.333781]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1966.334898]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1966.336022]  do_syscall_64+0x33/0x40
[ 1966.336827]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1966.337925] RIP: 0033:0x7f916d656b19
[ 1966.338724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1966.342650] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1966.344267] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 1966.345797] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1966.347309] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1966.348824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1966.350353] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 1966.352101] hpet: Lost 3 RTC interrupts
[ 1966.371252] loop7: detected capacity change from 0 to 2103296
[ 1966.379102] loop2: detected capacity change from 0 to 2103296
[ 1966.388243] loop0: detected capacity change from 0 to 2103296
17:14:30 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 35)

17:14:30 executing program 3:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000280)={{0x1, 0x1, 0x18, <r2=>r1, {0xa66}}, './cgroup.net/cgroup.procs\x00'})
sendmsg$DEVLINK_CMD_TRAP_SET(r2, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000300)={0x1a0, 0x0, 0x800, 0x70bd2c, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5, 0x83, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5, 0x83, 0x1}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5, 0x83, 0x1}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5}}]}, 0x1a0}, 0x1, 0x0, 0x0, 0x800}, 0x4014)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x38, r3, 0xc0b, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_CQM={0x1c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_INTVL={0x7}, @NL80211_ATTR_CQM_TXE_RATE={0x8}, @NL80211_ATTR_CQM_TXE_PKTS={0x8}]}]}, 0x38}}, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mknod$loop(&(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0)
mount$cgroup(0x0, &(0x7f0000000000)='./file0/../file0/file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000002c0)={[{@name={'name', 0x3d, 'Bxx\xf7i\x8c\xd9G\xc5\xcc_\x94j$13\xbd\x86|\xf1\xe0\r^t\xe7w\xe8\xa2\xac\xb84\xd6\xed\xa5;`IE\x19\x812J\xf0\xc8F\xf8\xc0\x8b\xceY\xbb\xeb\xca5Qe/2\t\xcb\xc9\xff\x9b\xa6\xc8\x8doz(\xe9mfp\xffR\x87B\xdc|\xe4\x1eK\xe0\xdb\xe7*g\x99\xed\x97\x12\xf3\x1f\x82\xf3\xdd\xcf\xb0\xac\xe9\fY\x06RZ\xf9\x887\x9dC1<mw \xc3\x02IJ\xd1\xda\a5\x84\x8f\xed7\x1d\xb4~{\xab\xddlX\xcbO\x19\xdc\x02\xf8\x159\xbd\xf0z\xeb?\xde\x14\xeb\x10\xc9\xe8\b\x00-\x05\xda\xcc\xd99\xf1\x81%%4\vM\xd8d\xfe|'}}]})
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="040007000000123de4bd7000fddbdf256200", @ANYRES32=r5, @ANYBLOB="0600b400a70500000600b400e21200000600b300010000000600b400890500000600b300010000000600b300010000000600b400221300000600b30002000000"], 0x5c}, 0x1, 0x0, 0x0, 0x24048000}, 0xe5)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r7 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), r1)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000600)={&(0x7f0000000680)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="bd7000ffdbdf252000000010000300000000e9a8e1aa703d6c1b7dc931d588aa7b65", @ANYRES32=r5, @ANYBLOB="0c0099000500000078000000"], 0x28}, 0x1, 0x0, 0x0, 0x20004914}, 0x4000084)
sendfile(r7, r6, 0x0, 0x4)
r9 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
fcntl$setpipe(r9, 0x407, 0x4)

[ 1966.482267] EXT4-fs error (device loop2): ext4_fill_super:4967: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 1966.491103] EXT4-fs error (device loop6): ext4_fill_super:4967: inode #2: comm syz-executor.6: iget: special inode unallocated
[ 1966.499624] EXT4-fs (loop2): get root inode failed
[ 1966.501163] EXT4-fs (loop2): mount failed
[ 1966.509705] netlink: 'syz-executor.3': attribute type 7 has an invalid length.
[ 1966.512646] EXT4-fs error (device loop7): ext4_fill_super:4967: inode #2: comm syz-executor.7: iget: special inode unallocated
[ 1966.515917] EXT4-fs (loop6): get root inode failed
[ 1966.517295] EXT4-fs (loop6): mount failed
[ 1966.528482] EXT4-fs error (device loop0): ext4_fill_super:4967: inode #2: comm syz-executor.0: iget: special inode unallocated
[ 1966.543378] EXT4-fs (loop0): get root inode failed
[ 1966.544790] EXT4-fs (loop0): mount failed
[ 1966.546686] cgroup: Name too long
[ 1966.553738] EXT4-fs (loop7): get root inode failed
[ 1966.555111] EXT4-fs (loop7): mount failed
17:14:30 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{0x0, 0x0, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000051c0)=""/197, 0xc5}, {&(0x7f00000052c0)=""/86, 0x56}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

[ 1966.557675] FAULT_INJECTION: forcing a failure.
[ 1966.557675] name failslab, interval 1, probability 0, space 0, times 0
[ 1966.560118] CPU: 0 PID: 13386 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 1966.561594] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1966.563370] Call Trace:
[ 1966.563941]  dump_stack+0x107/0x167
[ 1966.564725]  should_fail.cold+0x5/0xa
[ 1966.565539]  ? create_object.isra.0+0x3a/0xa20
[ 1966.566543]  should_failslab+0x5/0x20
[ 1966.567357]  kmem_cache_alloc+0x5b/0x310
[ 1966.568228]  create_object.isra.0+0x3a/0xa20
[ 1966.569172]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1966.570252]  kmem_cache_alloc+0x159/0x310
[ 1966.571147]  p9_client_prepare_req.part.0+0x3a/0xac0
[ 1966.572274]  p9_client_rpc+0x220/0x1370
[ 1966.573135]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1966.574263]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1966.575407]  ? pipe_poll+0x21b/0x800
[ 1966.576200]  ? p9_fd_close+0x4a0/0x4a0
[ 1966.577038]  ? wait_for_partner+0x3c0/0x3c0
[ 1966.577959]  ? p9_fd_poll+0x1e0/0x2c0
[ 1966.578777]  ? p9_fd_create+0x357/0x4a0
[ 1966.579623]  ? p9_conn_create+0x510/0x510
[ 1966.580523]  ? p9_client_create+0x798/0x1230
[ 1966.581462]  ? kfree+0xd7/0x340
[ 1966.582162]  ? do_raw_spin_unlock+0x4f/0x220
[ 1966.583016] netlink: 'syz-executor.3': attribute type 7 has an invalid length.
[ 1966.583103]  p9_client_create+0xa76/0x1230
[ 1966.585577]  ? p9_client_flush+0x430/0x430
[ 1966.586483]  ? trace_hardirqs_on+0x5b/0x180
[ 1966.587403]  ? lockdep_init_map_type+0x2c7/0x780
[ 1966.588428]  ? __raw_spin_lock_init+0x36/0x110
[ 1966.589409]  v9fs_session_init+0x1dd/0x1680
[ 1966.590329]  ? lock_release+0x680/0x680
[ 1966.591186]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1966.591794] cgroup: Name too long
[ 1966.592213]  ? v9fs_show_options+0x690/0x690
[ 1966.592246]  ? trace_hardirqs_on+0x5b/0x180
[ 1966.594806]  ? kasan_unpoison_shadow+0x33/0x50
[ 1966.595782]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1966.596877]  v9fs_mount+0x79/0x8f0
[ 1966.597638]  ? v9fs_write_inode+0x60/0x60
[ 1966.598572]  legacy_get_tree+0x105/0x220
[ 1966.599456]  vfs_get_tree+0x8e/0x300
[ 1966.600250]  path_mount+0x1331/0x21c0
[ 1966.601075]  ? strncpy_from_user+0x9e/0x470
[ 1966.601992]  ? finish_automount+0xa90/0xa90
[ 1966.602919]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1966.603908]  ? _copy_from_user+0xfb/0x1b0
[ 1966.604809]  __x64_sys_mount+0x282/0x300
[ 1966.605673]  ? copy_mnt_ns+0xa00/0xa00
[ 1966.606509]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1966.607623]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1966.608756]  do_syscall_64+0x33/0x40
[ 1966.609552]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1966.610646] RIP: 0033:0x7f916d656b19
[ 1966.611437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1966.615348] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1966.616975] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 1966.618484] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1966.620002] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1966.621522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1966.623039] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 1966.624809] hpet: Lost 3 RTC interrupts
17:14:30 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000000)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000100)="6ccfb4c589e6e2b61d224ef4db71e3f97be124539e286e4273b72baeebe44235ed23f7ba44b3db971e325c08f2808663704b74b179181dca676f85cebaff62b0701bd9ba7c53fea9f23703a8a3b7003bfbaa9c103850a60d230d1597672180b973558dabfaef2eb0b1a461f9c0b9d5e7d941c4f88efd53b20f5d63f35bb5b78541711181528a67612ad90a2166a3661989c78a89d71eb7e7fb6a075d8f1093b5ea05dda5485ad913c7aa", 0xaa}, {&(0x7f00000001c0)="42b202e357aeb2d9a139383f21fd39c4b9b7ca4468ca848f5ba4d68c6e3af6bafd891c9b609382474d921663b17078c95e1f11fe5e8e8961c4a3ee4502d79338ff630f3bd6fa2645527db87053d2a86375b11019d7d0edcd60dfa7ae5a3221898ff5f9d9fe993c6815cc8b920117fce27ca3d2dc9d2b880d63107d2e6e18ae920e421920a57cd47fc29b52f502664528dae3eb9bc4e18f67c75c97297cc59d92557142ce9b09d1242831cea7d83c3c3b8283642e38a9fe", 0xb7}, {&(0x7f0000000280)="6509585f49a904e85f750d01577216d76968ac7fd407484e686022fec81075df78e35eb4610ce0f8ec0eb07a5fcdf253cc0cb08d23ea18386c2578dadbd65520dc48b5a937d9798dd9f1c5aa67d8a52734d4b2e108d5abdec918b918245d5e29a59147cb246714be358fbc9d248f1e5d1cdea0381b9395706a18952b1b12993b8bd0bae29618060806dece5eb25e357627e7d63fadf1119f9d168cddf285d15c729b4a925c3a8a40bc80a339ae5b734c5fa4dd09aff0bc511701419296181ac06e1b3d41acbb6ffa2b0c36ffa776d8c6d6cba9b1dc676e4202d9f3cdca529f5bf31fcf621d9bba55d741be5ee5edcd46", 0xf0}, {&(0x7f0000000040)="3c1a187b00dd11826093b806df4ef1f6cc18ae1f7bff45538b47276551631d34064a2eec39d5826dc7460a4daef59bc4b571548eacbeb4d5d478e02d4047e8692d6f606f916808e76af6b2cb9c4504", 0x4f}], 0x4, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x4008010)

17:14:30 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000", 0x1a, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:14:30 executing program 6:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:14:30 executing program 0:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

[ 1966.827796] loop2: detected capacity change from 0 to 2103296
[ 1966.849223] loop0: detected capacity change from 0 to 2103296
[ 1966.889568] EXT4-fs error (device loop2): ext4_fill_super:4967: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 1966.893311] EXT4-fs (loop2): get root inode failed
[ 1966.894673] EXT4-fs (loop2): mount failed
[ 1966.911238] EXT4-fs error (device loop0): ext4_fill_super:4967: inode #2: comm syz-executor.0: iget: special inode unallocated
[ 1966.916137] EXT4-fs (loop0): get root inode failed
[ 1966.917400] EXT4-fs (loop0): mount failed
17:14:46 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 36)

17:14:46 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000000)={0x0, 0x0, 0x2, 0x1}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r1, r0, 0x0, 0x4)
r2 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0xb55c, 0x8}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000100)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000240)={0x2000}, &(0x7f0000000280)='./file0\x00', 0x18}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r2, 0x8000000)
syz_io_uring_submit(r5, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
r6 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080), 0x2e8001, 0x0)
r7 = openat$incfs(r0, &(0x7f0000000100)='.log\x00', 0x10000, 0x8)
syz_io_uring_submit(0x0, r4, &(0x7f0000000180)=@IORING_OP_EPOLL_CTL=@mod={0x1d, 0x4, 0x0, r6, &(0x7f00000000c0)={0xa}, r7, 0x3, 0x0, 0x1}, 0x9)

17:14:46 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000", 0x1a, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:14:46 executing program 0:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:14:46 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000580)="c1aa93b70bdcb1a722b0113803f43a27da1f9affa6a03defaef67f88f6e8c19ebff9affa32a31e0239c98136f6d71771a7acbbf30cbb73a70d37493ed11e7cf7efa31382f5c53eb694be0a9b9499845616f25584244b27c90aff49d8cdded3c3ac7ad8ec7794c3d9e4aa3023208bb50a0ada80f88a9bbf606c1ac60bd9a33ceadccb7d7dd9d41a131dcf58cc47f278c6934ccb6fae12ac2c46cd75f5d84d71c6aa0e75d9dcaabfc9a98492725008f3ae9551f1589d71db99ab37e380d236e2995971065a7bff414709a6a0a3f8010add4c377a478396643b403cc569c4ad06bfc4d1b25f0311b88f1fe49a441e414d95b35e4f826cc0c080211ce26b9b49a7f61541baa80e30d6e3bb2d6fbf85580ab3eb0f13f4da0aa4c21c0229f497b8554708d20ca8af21ff0ae202c38c39830bacb6f766d5730c7ef5575aa5c9ec9f0ff1eb3485adb8b7234b4d356c1df0b22752a3cd6d2c3b0eea9c15bd649be260bdec6bd428e441c26fb7e7681c277906fa66591de4f182a3b0d6731f3600dd0222ce1113e15fc6e84e1e95e241ade119502dfb7b68940ab6c79fe57942f417d94fb350d4084b12e8c0079f922c1ad3e1fd6182fb25771b6e41d8e369f3adaf92b4ae1e907cfe8f9c185171710dae29831349089b73df4e49ca94e76599c0735b1fa598a20fbb06e17c520987bae0b901c81f3bc4afc4e264a57196fe338b3aeb59fbb42e5d95d5f807e7e5737f00a0a294d5e34f173d15d676e1316a230b833aca5f4297cdc8caae8385ef5c4a115ec427b6b6993a148f1a17b2d67f47c79c93b4e5970a2a7d96fc1fab72ba9e8f2639b0684b1d35b42c295c7a51a30e45549d54e8fd36857808edb50d4d26f667901d87970b05d3cf847eb21eae67f0130f3aa4b96009181795a0a5e99ff4552dd8f473c97acd06ed1b3a905b55de2012cc5d1040d10ffe5d59486c5b5eef15d68d9b3065a5a5592d973ab1cb07e86bfaf8a7a5aadb5be89d0bde482583148c1339659dbf889f88069a4ffd856b377ce751666eef1586194cb3685ce7633f31e0b2ec21b3f26311becdb20ec2207e7d922e2bc7722db09e8b6fa12e4ef5287084942d9aef4ca687fa06b091b21ec8f35236833ced46e9a9933c571e7f87d20d1c0c8e181796bcde515e2fe9c3c2b4c60fbf6484eb8769f93e2548a9369670c36609ea286744e78c973d577c40c755263ad8cd2fc5aa06c644e5020d18a7c162949d5e513ff7102a5f83adafd20f761b8e1fe6648f6917ad83f08489942071f42a961be75ab1c7de8b231396fd4445be42cde7e55ffe007abea43e86dd91c2fc11c5f3b0b40d3e3b396b44e58219c38af7364a879b39cd8a9aef06f199332310e400f30effc7c04c6a40bcb5bc45ba146a155b34aed269fe4fefe86d9267ace55e00a293696b7d1a23037b074261a63349ba019f7287fbaf24a78eb9ad554d9850742b8c4a6e5227b9fab07a12b8e8d5201649dcb87fc9a416971f0202242c771cd64acc4589bac8f7dc07eb05e4209281772c33b0b9a677e433db82f24a7c9580118784bfb0362ddba3cbb93f34cafbfe5163e5dc96a17c618f443e62b44755c6dd6ca31314c143db1b5be33e82cbcce6cf68bd93d7c5d9f50d06329e2f5a877953479c1a29a42b3d9e07365f13683990bd4b017e65dc44758743bf08b8e2d4e57b7d50317c34b5a6e801b8d8819f0750ae1adbadea93b74427215132a80f2b1b14bee293a10d9c0e19a2249f002436201fa4ad6f09e0d7e10be6a554b09be7ed5e8925ae7cd8561a8a7f44c37187bfb1bc11e265786adb746c70d66631767dc0e5ea664418e128465e585ac096c04791f819d568a556f0339843d6fd2644fc0e85b308645708d03e6594a46d3aa013c982443ae1cba3077c5f39ee4f451601456d99df2613cb644597419ea271c70ec3abd8f9b1704ec29c7dd11aaf68a54e8f2ceb5232831e9c821220f75c2ba7998c49195aeafcbd5580323adb6a1190e8d974e77f544fb5163824f7c9f453f66946ded732238322e35186483dcdcfd7ce427be5b34566f17381cc0483865dde1dadb2aa43fa3743799aa9f51a6099e433a5af005ad2be15f33af1d6f361a8c39e4b01794e4cab4e918c92a3364410f44ecd3b06ff5e36e76bfbf5a1e3ea996fddb5d444e823aff697fb58105dd5856e9985a46cc5f0a4b3a446b852f2ef2abc6eb40b6d86a011a27b184c4ff28ee4a6a5488406189d29f1c030ef4dff1bb73baf116ab962dbcd5658c027d3270b1a1ffe136b16ada65fe6c70af7677b50f5785fbb460c0c6721c3ef0bd450eef3ef091883ee382367049707bc4df7e3d2983dc565d908a3d1fc273434a214231c89a2c470d6165fe3a4c5b531871e3fbf8ba3115f06a89839fac79a4913a6ea1471e8767acd6297e359b1fd861c3f887297cbd520a560c249e7e35302c60a6638cdb2a5fa1a56bd58bc7b1e94f68c349d2c66ca020d6d933198970a0140247523bb303cf1929d9377f1d68c2f93c8024aad4a850c183c85653a7a5df33eb4aa9bcd6e54583224766558659d7ffd11e8de748cbf479f8019af835cf8cb6809849aff55d78372ee0027adaeb195ba71eef2b21bc6c4ed3175217d01d3cb1695a1b0b79f280d9a8f68deb42470e2406b969993dad0ba244d7c26103a5a337acecdadc6733944a5ad5024484a094d642e1184b4379b109cc3a0c8bef4cba00024f40a17944c4a18e16cfbdacc669ac946815dbc9c6b47b510f82a87ab42146b766d85d68ce87ef9e5ceac045f0c318bb2485bdc80ab2153c71408321b4d7b5836eff017e65b010bf892456784656523be6791e0673fee147440ba1511fb51ced1f7462d143f3fea8dc1e3e7aed02ff80a19c91925761bc8c5c01799d4281278d196d2227b8c00f1cb81eb56adfc29f7c23b077aea1c0703761eada8d1004675177282c2a8316e47fa53d8c57696e9a15b6a2c5e9da1d9fcc03bab763e3a4438f1b6ffe701e901caed90ab09e9fcc86dfa7f3b1f9454fd5282b318d54b20c9f29d401c082c5f7527e93d20dab48112856dbdf76a342745b22b4d62c7c463569d56bdf62b5a7f1f17b560cab97f25bbedff40ac45c6a5b6047bbd3a51328d8d6ef1529c7cbbb0d65e62b657104eb6397be7c663fd36482f8b054def6ff36ae18279a63865f5039a5a762f18a03ad89b723b09872edd4b340aafc98f6d9cb8087946daf134a4d815057358e57fca4282700e9182e93f7445e882c6bcaa81f8e3d5e31e8ab190a0447d60a81ac8975b455200442d9ef79b3261b41569ceaab0c3345efa08ba1fe4365dc1cedb28c766f7d2aab49fe88daa3fdbdb2ceb70d078d70d177e265d9a8e337690372c82026ece0d3b3c63496c0d013e4f52ca2666dc3b7d17964caa73ec8721c8e70b7d72cb1edbdb7bb5a8c774fff54199c17dd27fe91c0a07bc4d42b89933b253fb1178591dc78c496f11f11e6d518cd7decb8d4a3c508fb0f74c6ed43f466c5a715fc214cdf8048ae5764d76d424db89c7926a81300849948dd6377beddcdb29953a7841cf1093fe5a700105a05dfa3fed0d6bdad9bf6746201b7a27641677aba45cd337824efba3978da0ec8d26fd9edf90c1dfaef9dd93670fd2be6d2bb62fca1cb7b383961e3ffa0a5db2f30c9168db361612b37c41f05b13f9f9a72af4fa7ded340fd3829cf0da70f90df8aa9e7be4ec241935c9caf0e2b327cd94cc9dbe139a40ff70e226e0984bd3b657f937a7d100aa14e6a0a30d5edfd66dffcdc03ba8772390d4feb81f1037c67aeffd407690dd7eb841354d5d3e5dda35bcf949195f3814bb21458637655aee1bb45a6e5ec9394bbc920f7d8b3071faf3e95ae137e0c7c856b836d0cad08ba06b26c2f9842fbc808b076a39209312d5c29dbe61fc637b137d079ec541ffc2fd7c2d192a3ef1599dcfde25cd8a29b4ef211c55bec5f96c3326c7d8ff148be6c0312bdfd3b1fdd6e961a573a19720533d774bf0dd55ae2d46fb5a95bf41919e5702497278a69ebe879835fd3c56a5f00ef70c6a3baa09150fb184ee85c81e385e2d0357f4836719a53c89195d8d247f480f136c0283fbaf2fa689445a4dda21276db517925a69959224d45400b19228eb1833b8a25170685cf067e6e4d0ab567b08ceb3e2290a5227e7c533f9c1d92f1bfcd8b1cb1b9f5743758beceaec46cb071911972534892fb0ebc939c4ac9400e8229144929ae0cba81acacd4ce1d59d7efc3139acac5e47a403d3d0cd1d754378288defaa0502a1889e67e2e6eec95a86d4b8de58237935fbfc9912a5828e417a97b0df6c254f6ab3bb966a6e3c9b1bd35d72a92c9c9086b76f775689f660faba0077983a4411bfeab659aafe860e6dc9129b2679a4e819af7703a32a4c17c81945df259c0ee117ff56a8c9fc96c6a6f5ae5507a929b874efe871ec35a5e39960c3447a0298df3b51278b84bdf51bc56cd636110ae213bd8edd9f67d7c25caddf95996c475d76204816baf293fbbcf0dadf24c5217d88867b0f6ca8d740e4a54f2233c2ae5f163e62fb6a6223d431d33d14a7762caf07c370783e55ddcda06e999ce5af5639cec92f20cdf0195cf868b6401cc8ec639b8be08ebb6ddaaac0ab0a7ec9f174552382d879028befdd543cbe6825ce653ae2815ac9d4b440244ba39042ce01f8b75b8df11c4220490bdc7d5c2ff11e3e365f9b2745ca14f69fad960ebcb754e10d6358dc70a5472159820165e1c3701d6901924bf22192ca9199e32f67d1fd22dc20fb96b715c9e4290e1545465f0a638e677ee6de7c7553264bb6c7120313cca296eb9bb7c17000c08ca4ca8ca3172c006ec89cf69b2c1cde48583cb8c61367b80f5ab9e9725fa86960b4b028081113e51bfdb97e14f64938ebcae7e64a60702a92973800fef171f67943d3527a27461679bc7beb14c7ef48547ae35080aaf9285f3769f9bc99a2b7eec8db4fb47809bfcf61ed0475cea1ac85e480eaf8be1a5ccbf77b48759f3e86003bb4d931ac1b7ea84b699dacfb4dc90d6f389719f1e9049226f6e5b5bfa186f052bca2daf43582e70b79ba5506cddd0cc4a0ee7483b91f0207b6f11216f5cb3c2c933ff563003f55085caf407264969dfa29f3d06d76200b8930b2d5078093ec1fb8e84629209c121bf830c9bb4b736a89adf526cc2fb3f81b397d49eab2ef411f1339bb30b05c294d5a120d4a6760bb46a44125dd5c3dbf597ff6a099b32a4b126bd8de3fb84fd2bed2bd8c9dacc0327af9904da51ff4fd1b536147108d10dee1783dedf489299e8280a9ec3397548fda0617cd7cc02551cae40670d2bc0b0dc05019628b8c0de5ed140961945bff65ce5d74bbfbd580e01778a7f708ca5d9c5fc3a5b0193ba3e34607e8f04ce0222b505ee89ce00c31bd0a46d3ffcfcf7e9c4a84e00d46a1f1c8029e353b938c42f489efa251302e044b172c47ab6f62c645c305bcb660e755aae296715eedc1b67746aa5d316ab924c22d815e3b2f50b8d25c624fc136a858a165530567162ccc377c6286e93fe17b2903383b5112c727f1c7b89e1464028e4f1f600491408960854fdbca8e9c3d14b505be00592fa4e962212867b242465dcf0b4ba1886b2b4c0e7b7a3cd5011cd84b6975e88671c6bbd677c0599ab1338772e4facfd79b36d9c6a6f47c51ba961f143a39411aecf423f85a67a92ff97d2feeeec17f338db005634a78162dc9449b679fd6876909febcb316f76686cfe1f17d99968c9e4041b62784460d052143ce3b1b4705d961435965ffa2d80fe2f686ed", 0x1000}, {&(0x7f0000000100)="9bef1723f9809b058a076e002831fc5bcede4a7b0ad0d8a31a5bf0fd65391ba1164c1be7aac6aefd7ad1bdb34d262a0b119c74c2f22b20dc0a4ce861702bcb2d5a88f85d280bf37b41ab3b3b7f984b09c4099c1c1ef31e3d7b1ec1", 0x5b}, {&(0x7f0000000180)="be8d411ef0d3ec91b52c22cd8304960610731b870bc68d198fd12e8edc921c12b5fe73bec641e38b14f9d5286351e700be21a809fe176cc663c165f69d2ef3449a3fa3d2e53144836de725c9652ca2ac6244ba8a8a77f8dae0afac0116bf6d6f4c478c814daf6a9d9c8c868b373c886de46119e6b7fb17cf225756e618165a3a5c632415ca3036ada6450ba5c3de0dd1fbde9d2b501f97a0c134018f4ae251bbc53338", 0xa3}, {&(0x7f0000000400)="346c166f55d0084750d23f662e58fa25e44a9afd90161454ee3d3b5ef02addb04a6845949ff0dbd015dde112a9e0aab8476d6b5e17b674a1f9540f1b58f2bea0125013bcbc167ea56cb7ffcbfc2a0795a8aceb01c1e39c033e1ecd869c514b91a60e96706ea9230de0b3ea69fda3e43696f24d6c8d09232ee72c776e60dc3e830d3876c13be8b39ec09d71f02dc377999e46dbd52f7e8104b73a062537d5d53693ce4d4c004772c7312c7feb516afad6f9fc22814b2758b54b02b0f38444ea10c7d4a46e4cea15ccc52b6fa677316bb0d09205", 0xd3}], 0x4, &(0x7f0000000240)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x4}}, @ip_tos_u8={{0x11}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x7fffffff}}, @ip_ttl={{0x14, 0x0, 0x2, 0x5}}], 0x60}, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x401}, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
connect$inet6(r0, &(0x7f0000000500)={0xa, 0x4e23, 0x7, @private2={0xfc, 0x2, '\x00', 0x1}, 0x20}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)

17:14:46 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{0x0, 0x0, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000051c0)=""/197, 0xc5}, {&(0x7f00000052c0)=""/86, 0x56}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:14:46 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:14:46 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {0x0, 0x0, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 1982.007540] loop7: detected capacity change from 0 to 2103296
[ 1982.059433] loop0: detected capacity change from 0 to 2103296
[ 1982.073196] FAULT_INJECTION: forcing a failure.
[ 1982.073196] name failslab, interval 1, probability 0, space 0, times 0
[ 1982.074751] CPU: 0 PID: 13449 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 1982.075673] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1982.076786] Call Trace:
[ 1982.077143]  dump_stack+0x107/0x167
[ 1982.077633]  should_fail.cold+0x5/0xa
[ 1982.078157]  ? p9_fcall_init+0x97/0x290
[ 1982.078684]  should_failslab+0x5/0x20
[ 1982.079191]  __kmalloc+0x72/0x390
[ 1982.079668]  p9_fcall_init+0x97/0x290
[ 1982.080179]  p9_client_prepare_req.part.0+0x8c/0xac0
[ 1982.080864]  p9_client_rpc+0x220/0x1370
[ 1982.081408]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1982.082142]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1982.082847]  ? pipe_poll+0x21b/0x800
[ 1982.083337]  ? p9_fd_close+0x4a0/0x4a0
[ 1982.083854]  ? wait_for_partner+0x3c0/0x3c0
[ 1982.084436]  ? p9_fd_poll+0x1e0/0x2c0
[ 1982.084955]  ? p9_fd_create+0x357/0x4a0
[ 1982.085475]  ? p9_conn_create+0x510/0x510
[ 1982.086021]  ? p9_client_create+0x798/0x1230
[ 1982.086601]  ? kfree+0xd7/0x340
[ 1982.087033]  ? do_raw_spin_unlock+0x4f/0x220
[ 1982.087621]  p9_client_create+0xa76/0x1230
[ 1982.088184]  ? p9_client_flush+0x430/0x430
[ 1982.088763]  ? trace_hardirqs_on+0x5b/0x180
[ 1982.089336]  ? lockdep_init_map_type+0x2c7/0x780
[ 1982.089972]  ? __raw_spin_lock_init+0x36/0x110
[ 1982.090580]  v9fs_session_init+0x1dd/0x1680
[ 1982.091155]  ? lock_release+0x680/0x680
[ 1982.091692]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1982.092329]  ? v9fs_show_options+0x690/0x690
[ 1982.092920]  ? trace_hardirqs_on+0x5b/0x180
[ 1982.093486]  ? kasan_unpoison_shadow+0x33/0x50
[ 1982.094084]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1982.094750]  v9fs_mount+0x79/0x8f0
[ 1982.095218]  ? v9fs_write_inode+0x60/0x60
[ 1982.095767]  legacy_get_tree+0x105/0x220
[ 1982.096307]  vfs_get_tree+0x8e/0x300
[ 1982.096808]  path_mount+0x1331/0x21c0
[ 1982.097314]  ? strncpy_from_user+0x9e/0x470
[ 1982.097883]  ? finish_automount+0xa90/0xa90
[ 1982.098451]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1982.099065]  ? _copy_from_user+0xfb/0x1b0
[ 1982.099616]  __x64_sys_mount+0x282/0x300
[ 1982.100153]  ? copy_mnt_ns+0xa00/0xa00
[ 1982.100682]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1982.101371]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1982.102049]  do_syscall_64+0x33/0x40
[ 1982.102539]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1982.103216] RIP: 0033:0x7f916d656b19
[ 1982.103707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1982.106138] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1982.107131] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 1982.108063] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1982.109010] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1982.109945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1982.110880] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 1982.111968] hpet: Lost 1 RTC interrupts
[ 1982.115727] EXT4-fs error (device loop7): ext4_fill_super:4967: inode #2: comm syz-executor.7: iget: special inode unallocated
17:14:46 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$IP_VS_SO_GET_DAEMON(r0, 0x0, 0x487, &(0x7f0000000000), &(0x7f0000000040)=0x30)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)

[ 1982.120424] EXT4-fs (loop7): get root inode failed
[ 1982.121185] EXT4-fs (loop7): mount failed
[ 1982.124166] loop6: detected capacity change from 0 to 2103296
[ 1982.155548] loop2: detected capacity change from 0 to 2103296
[ 1982.158745] EXT4-fs error (device loop0): ext4_fill_super:4967: inode #2: comm syz-executor.0: iget: special inode unallocated
[ 1982.164033] EXT4-fs (loop0): get root inode failed
[ 1982.165168] EXT4-fs (loop0): mount failed
17:14:46 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {0x0, 0x0, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:14:46 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 37)

17:14:46 executing program 3:
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="d5cfb1f762d0729b51313750000000", @ANYRES16=0x0, @ANYBLOB="040025bd7000fedbdf25440000000c009900030000004500000008009f0003000000050018012b000000050019010b0000000800270003000000080026003c140000050019010b000000"], 0x50}}, 0x4008090)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_RELOAD_REGDB(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r1}, 0x14}}, 0x0)
sendmsg$NL80211_CMD_NEW_MPATH(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x1c, r1, 0x1, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4008005)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105142, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x20d315)
r4 = openat(r3, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x2ca002, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r5 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r5, r4, 0x0, 0x4)

[ 1982.283102] EXT4-fs error (device loop6): ext4_fill_super:4967: inode #2: comm syz-executor.6: iget: special inode unallocated
[ 1982.288640] EXT4-fs (loop6): get root inode failed
[ 1982.290084] EXT4-fs (loop6): mount failed
[ 1982.315096] EXT4-fs error (device loop2): ext4_fill_super:4967: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 1982.320261] loop7: detected capacity change from 0 to 2103296
17:14:46 executing program 5:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000300)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, 0x0, 0x40000}, 0x90)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
r2 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r1, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r1, 0xc0189371, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r3=>r2}, './file0\x00'})
perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x6, 0x1f, 0x1, 0xb2, 0x0, 0xb819, 0x11005, 0x3, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x2, 0x1, @perf_bp={&(0x7f0000000000), 0x4}, 0x40, 0x266263e, 0x20, 0x3, 0x12, 0x1000, 0x1f, 0x0, 0xffff4cac, 0x0, 0x4}, 0xffffffffffffffff, 0x3, r3, 0x2)
sendmmsg$inet6(r1, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd341e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b2b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165dc3bd3becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)

[ 1982.324111] EXT4-fs (loop2): get root inode failed
[ 1982.325606] EXT4-fs (loop2): mount failed
[ 1982.334680] FAULT_INJECTION: forcing a failure.
[ 1982.334680] name failslab, interval 1, probability 0, space 0, times 0
[ 1982.336111] CPU: 0 PID: 13477 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 1982.336963] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1982.337961] Call Trace:
[ 1982.338291]  dump_stack+0x107/0x167
[ 1982.338736]  should_fail.cold+0x5/0xa
[ 1982.339202]  ? create_object.isra.0+0x3a/0xa20
[ 1982.339756]  should_failslab+0x5/0x20
[ 1982.340215]  kmem_cache_alloc+0x5b/0x310
[ 1982.340719]  create_object.isra.0+0x3a/0xa20
[ 1982.341254]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1982.341866]  __kmalloc+0x16e/0x390
[ 1982.342314]  p9_fcall_init+0x97/0x290
[ 1982.342789]  p9_client_prepare_req.part.0+0x8c/0xac0
[ 1982.343401]  p9_client_rpc+0x220/0x1370
[ 1982.343881]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1982.344523]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1982.345191]  ? pipe_poll+0x21b/0x800
[ 1982.345642]  ? p9_fd_close+0x4a0/0x4a0
[ 1982.346115]  ? wait_for_partner+0x3c0/0x3c0
[ 1982.346640]  ? p9_fd_poll+0x1e0/0x2c0
[ 1982.347113]  ? p9_fd_create+0x357/0x4a0
[ 1982.347612]  ? p9_conn_create+0x510/0x510
[ 1982.348110]  ? p9_client_create+0x798/0x1230
[ 1982.348643]  ? kfree+0xd7/0x340
[ 1982.349045]  ? do_raw_spin_unlock+0x4f/0x220
[ 1982.349581]  p9_client_create+0xa76/0x1230
[ 1982.350092]  ? p9_client_flush+0x430/0x430
[ 1982.350603]  ? trace_hardirqs_on+0x5b/0x180
[ 1982.351125]  ? lockdep_init_map_type+0x2c7/0x780
[ 1982.351689]  ? __raw_spin_lock_init+0x36/0x110
[ 1982.352245]  v9fs_session_init+0x1dd/0x1680
[ 1982.352774]  ? lock_release+0x680/0x680
[ 1982.353260]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1982.353833]  ? v9fs_show_options+0x690/0x690
[ 1982.354367]  ? trace_hardirqs_on+0x5b/0x180
[ 1982.354883]  ? kasan_unpoison_shadow+0x33/0x50
[ 1982.355427]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1982.356035]  v9fs_mount+0x79/0x8f0
[ 1982.356458]  ? v9fs_write_inode+0x60/0x60
[ 1982.356958]  legacy_get_tree+0x105/0x220
[ 1982.357443]  vfs_get_tree+0x8e/0x300
[ 1982.357888]  path_mount+0x1331/0x21c0
[ 1982.358347]  ? strncpy_from_user+0x9e/0x470
[ 1982.358862]  ? finish_automount+0xa90/0xa90
[ 1982.359391]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1982.359945]  ? _copy_from_user+0xfb/0x1b0
[ 1982.360442]  __x64_sys_mount+0x282/0x300
[ 1982.360928]  ? copy_mnt_ns+0xa00/0xa00
[ 1982.361397]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1982.362017]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1982.362632]  do_syscall_64+0x33/0x40
[ 1982.363077]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1982.363888] RIP: 0033:0x7f916d656b19
[ 1982.364331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1982.366505] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1982.367402] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 1982.368242] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1982.369087] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1982.369925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1982.370767] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 1982.371745] hpet: Lost 1 RTC interrupts
17:14:46 executing program 0:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:14:46 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{0x0, 0x0, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000051c0)=""/197, 0xc5}, {&(0x7f00000052c0)=""/86, 0x56}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:14:46 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
sendfile(r2, r0, 0x0, 0x4)
ioctl$SG_SET_TIMEOUT(r0, 0x2201, &(0x7f0000000000))
ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r1, 0x8010661b, &(0x7f0000000100))
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r3}}, 0x8)

[ 1982.396597] EXT4-fs error (device loop7): ext4_fill_super:4967: inode #2: comm syz-executor.7: iget: special inode unallocated
[ 1982.418544] EXT4-fs (loop7): get root inode failed
[ 1982.419343] EXT4-fs (loop7): mount failed
[ 1982.450157] loop0: detected capacity change from 0 to 2103296
17:14:46 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 38)

17:14:46 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000", 0x1a, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 1982.541508] loop2: detected capacity change from 0 to 2103296
[ 1982.551776] EXT4-fs error (device loop0): ext4_fill_super:4967: inode #2: comm syz-executor.0: iget: special inode unallocated
[ 1982.554764] EXT4-fs (loop0): get root inode failed
[ 1982.555957] EXT4-fs (loop0): mount failed
[ 1982.557764] FAULT_INJECTION: forcing a failure.
[ 1982.557764] name failslab, interval 1, probability 0, space 0, times 0
[ 1982.560382] CPU: 1 PID: 13510 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 1982.561917] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1982.563689] Call Trace:
[ 1982.564245]  dump_stack+0x107/0x167
[ 1982.565030]  should_fail.cold+0x5/0xa
[ 1982.565839]  ? create_object.isra.0+0x3a/0xa20
[ 1982.566880]  should_failslab+0x5/0x20
[ 1982.567702]  kmem_cache_alloc+0x5b/0x310
[ 1982.568582]  create_object.isra.0+0x3a/0xa20
[ 1982.569529]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1982.570621]  __kmalloc+0x16e/0x390
[ 1982.571370]  p9_fcall_init+0x97/0x290
[ 1982.572169]  p9_client_prepare_req.part.0+0x8c/0xac0
[ 1982.573243]  p9_client_rpc+0x220/0x1370
[ 1982.574074]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1982.575181]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1982.576296]  ? pipe_poll+0x21b/0x800
[ 1982.577080]  ? p9_fd_close+0x4a0/0x4a0
[ 1982.577891]  ? wait_for_partner+0x3c0/0x3c0
[ 1982.578806]  ? p9_fd_poll+0x1e0/0x2c0
[ 1982.579596]  ? p9_fd_create+0x357/0x4a0
[ 1982.580423]  ? p9_conn_create+0x510/0x510
[ 1982.581295]  ? p9_client_create+0x798/0x1230
[ 1982.582272]  ? kfree+0xd7/0x340
[ 1982.582958]  ? do_raw_spin_unlock+0x4f/0x220
[ 1982.583878]  p9_client_create+0xa76/0x1230
[ 1982.584797]  ? p9_client_flush+0x430/0x430
[ 1982.585682]  ? trace_hardirqs_on+0x5b/0x180
[ 1982.586586]  ? lockdep_init_map_type+0x2c7/0x780
[ 1982.587577]  ? __raw_spin_lock_init+0x36/0x110
[ 1982.588545]  v9fs_session_init+0x1dd/0x1680
[ 1982.589457]  ? lock_release+0x680/0x680
[ 1982.590294]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1982.591309]  ? v9fs_show_options+0x690/0x690
[ 1982.592237]  ? trace_hardirqs_on+0x5b/0x180
[ 1982.593157]  ? kasan_unpoison_shadow+0x33/0x50
[ 1982.594120]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1982.595184]  v9fs_mount+0x79/0x8f0
[ 1982.595928]  ? v9fs_write_inode+0x60/0x60
[ 1982.596810]  legacy_get_tree+0x105/0x220
[ 1982.597727]  vfs_get_tree+0x8e/0x300
[ 1982.598504]  path_mount+0x1331/0x21c0
[ 1982.599311]  ? strncpy_from_user+0x9e/0x470
[ 1982.600216]  ? finish_automount+0xa90/0xa90
[ 1982.601126]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1982.602096]  ? _copy_from_user+0xfb/0x1b0
[ 1982.602967]  __x64_sys_mount+0x282/0x300
[ 1982.603819]  ? copy_mnt_ns+0xa00/0xa00
[ 1982.604646]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1982.605734]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1982.606800]  do_syscall_64+0x33/0x40
[ 1982.607580]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1982.608653] RIP: 0033:0x7f916d656b19
[ 1982.609432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1982.613330] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1982.614906] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 1982.616384] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1982.617893] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1982.619385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1982.620872] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 1982.639261] EXT4-fs error (device loop2): ext4_fill_super:4967: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 1982.642487] EXT4-fs (loop2): get root inode failed
[ 1982.643183] EXT4-fs (loop2): mount failed
17:15:02 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, 0x0}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:15:02 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00), 0x0, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:15:02 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 39)

17:15:02 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup.net/cgroup.procs\x00', 0x38220, 0x12)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r1, r0, 0x0, 0x4)

17:15:02 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)
r1 = syz_open_dev$vcsa(&(0x7f0000000000), 0x1, 0x40002)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r1, 0xc008240a, &(0x7f0000000100)=ANY=[@ANYBLOB="02000000000000000000bb59f937d60b0d2c000000000000"])

17:15:02 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:15:02 executing program 0:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180))
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:15:02 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f0000000000000400", 0x1c, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 1998.624749] FAULT_INJECTION: forcing a failure.
[ 1998.624749] name failslab, interval 1, probability 0, space 0, times 0
[ 1998.627391] CPU: 0 PID: 13536 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 1998.627403] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1998.627410] Call Trace:
[ 1998.627435]  dump_stack+0x107/0x167
[ 1998.627458]  should_fail.cold+0x5/0xa
[ 1998.627490]  ? create_object.isra.0+0x3a/0xa20
[ 1998.633893]  should_failslab+0x5/0x20
[ 1998.634700]  kmem_cache_alloc+0x5b/0x310
[ 1998.635559]  create_object.isra.0+0x3a/0xa20
[ 1998.636480]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1998.637560]  __kmalloc+0x16e/0x390
[ 1998.638322]  p9_fcall_init+0x97/0x290
[ 1998.639120]  p9_client_prepare_req.part.0+0xf4/0xac0
[ 1998.640208]  p9_client_rpc+0x220/0x1370
[ 1998.641066]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1998.642178]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 1998.643318]  ? pipe_poll+0x21b/0x800
[ 1998.644100]  ? p9_fd_close+0x4a0/0x4a0
[ 1998.644923]  ? wait_for_partner+0x3c0/0x3c0
[ 1998.645819]  ? p9_fd_poll+0x1e0/0x2c0
[ 1998.646655]  ? p9_fd_create+0x357/0x4a0
[ 1998.647510]  ? p9_conn_create+0x510/0x510
[ 1998.648387]  ? p9_client_create+0x798/0x1230
[ 1998.649339]  ? kfree+0xd7/0x340
[ 1998.650035]  ? do_raw_spin_unlock+0x4f/0x220
[ 1998.650984]  p9_client_create+0xa76/0x1230
[ 1998.651883]  ? p9_client_flush+0x430/0x430
[ 1998.652776]  ? trace_hardirqs_on+0x5b/0x180
[ 1998.653679]  ? lockdep_init_map_type+0x2c7/0x780
[ 1998.654694]  ? __raw_spin_lock_init+0x36/0x110
[ 1998.655665]  v9fs_session_init+0x1dd/0x1680
[ 1998.656576]  ? lock_release+0x680/0x680
[ 1998.657444]  ? kmem_cache_alloc_trace+0x151/0x320
[ 1998.658463]  ? v9fs_show_options+0x690/0x690
[ 1998.659401]  ? trace_hardirqs_on+0x5b/0x180
[ 1998.660309]  ? kasan_unpoison_shadow+0x33/0x50
[ 1998.661279]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1998.662343]  v9fs_mount+0x79/0x8f0
[ 1998.663095]  ? v9fs_write_inode+0x60/0x60
[ 1998.663956]  legacy_get_tree+0x105/0x220
[ 1998.664815]  vfs_get_tree+0x8e/0x300
[ 1998.665619]  path_mount+0x1331/0x21c0
[ 1998.666438]  ? strncpy_from_user+0x9e/0x470
[ 1998.667342]  ? finish_automount+0xa90/0xa90
[ 1998.668246]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1998.669245]  ? _copy_from_user+0xfb/0x1b0
[ 1998.670127]  __x64_sys_mount+0x282/0x300
[ 1998.670981]  ? copy_mnt_ns+0xa00/0xa00
[ 1998.671804]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1998.672933]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1998.674018]  do_syscall_64+0x33/0x40
[ 1998.674796]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1998.675874] RIP: 0033:0x7f916d656b19
[ 1998.676657] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1998.680525] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1998.682143] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 1998.683648] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 1998.685175] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 1998.686677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1998.688181] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 1998.689981] hpet: Lost 3 RTC interrupts
[ 1998.699352] loop7: detected capacity change from 0 to 2103296
[ 1998.712443] loop0: detected capacity change from 0 to 2103296
17:15:02 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r1, r0, 0x0, 0x4)
syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')

[ 1998.724380] loop6: detected capacity change from 0 to 2103296
[ 1998.739384] loop2: detected capacity change from 0 to 2103296
[ 1998.791165] EXT4-fs error (device loop6): ext4_fill_super:4967: inode #2: comm syz-executor.6: iget: special inode unallocated
[ 1998.797141] EXT4-fs error (device loop0): ext4_fill_super:4967: inode #2: comm syz-executor.0: iget: special inode unallocated
[ 1998.800541] EXT4-fs (loop0): get root inode failed
[ 1998.801947] EXT4-fs (loop0): mount failed
[ 1998.817136] EXT4-fs (loop6): get root inode failed
[ 1998.817282] EXT4-fs (loop2): corrupt root inode, run e2fsck
[ 1998.818250] EXT4-fs (loop6): mount failed
[ 1998.826345] EXT4-fs (loop2): mount failed
[ 1998.838703] EXT4-fs error (device loop7): ext4_fill_super:4967: inode #2: comm syz-executor.7: iget: special inode unallocated
[ 1998.876550] EXT4-fs (loop7): get root inode failed
[ 1998.878650] EXT4-fs (loop7): mount failed
17:15:03 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)
pkey_mprotect(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x5, 0xffffffffffffffff)

17:15:03 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, 0x0}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:15:03 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0xb55c, 0x8}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000240)={0x2000}, &(0x7f0000000280)='./file0\x00', 0x18}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r4, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
r5 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0xb55c, 0x8}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000100)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000240)={0x2000}, &(0x7f0000000280)='./file0\x00', 0x18}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r5, 0x8000000)
syz_io_uring_submit(r8, r7, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
syz_io_uring_submit(r4, r7, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x4, 0x0, @fd=r0, 0x7, 0x0, 0x0, 0x0, 0x1, {0x3}}, 0x2)
r9 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r9, r0, 0x0, 0x4)

[ 2015.602747] loop0: detected capacity change from 0 to 2103296
17:15:19 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, 0x0}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:15:19 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f0000000000000400", 0x1c, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:15:19 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 40)

17:15:19 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:15:19 executing program 0:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:15:19 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0xb55c, 0x8}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000240)={0x2000}, &(0x7f0000000280)='./file0\x00', 0x18}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r4, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, {0x0, r5}}, 0x2)
r6 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r6, r0, 0x0, 0x4)

17:15:19 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00), 0x0, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:15:19 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x20d315)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'ipvlan0\x00', <r3=>0x0})
sendmsg$inet6(r1, &(0x7f0000000380)={&(0x7f0000000100)={0xa, 0x4e23, 0x401, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x800}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000180)="523a03b49152b1f105bb96136ab812c78f02ccf2b0867ac4673501eed10c9d10a173ea158c04cda3d19d3d0ce8c938a7aa06f74470e43a288753751e0cd001d76f2dca91289c66cb6fdd426b7c4f0f9a6b1080978918b89fdfae26f7b35e57cac739fe689b3176d2207a501015574b5861a25860bd1d515a33", 0x79}, {&(0x7f0000000440)="dec102d671d9c0f886ac0484d2687d772dc63620d96afa873732c064b592b30a18847c92bad7901e7efa9002f4cb7ee8557edc23467cdf74d60781efe82f34a2e4070185d84882a667ca5d", 0x4b}], 0x2, &(0x7f0000000580)=[@rthdr={{0x28, 0x29, 0x39, {0x2, 0x2, 0x0, 0x0, 0x0, [@private0={0xfc, 0x0, '\x00', 0x1}]}}}, @dstopts_2292={{0x70, 0x29, 0x4, {0x32, 0xa, '\x00', [@hao={0xc9, 0x10, @local}, @ra={0x5, 0x2, 0x7}, @calipso={0x7, 0x10, {0x3, 0x2, 0x5, 0x2, [0x9]}}, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @calipso={0x7, 0x18, {0x1, 0x4, 0x2b, 0xa9a3, [0x3, 0x2]}}, @padn={0x1, 0x2, [0x0, 0x0]}, @padn={0x1, 0xa, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}]}}}, @hopopts={{0x48, 0x29, 0x36, {0x60, 0x5, '\x00', [@padn={0x1, 0x1, [0x0]}, @padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @enc_lim={0x4, 0x1, 0x81}, @padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @ra, @ra={0x5, 0x2, 0xe0d}, @generic={0xb2, 0x8, "51e3992df3ec196c"}]}}}, @pktinfo={{0x24, 0x29, 0x32, {@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, r3}}}], 0x108}, 0x4800)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
r4 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
lseek(r4, 0x3, 0x0)
sendmsg$inet6(r2, &(0x7f00000004c0)={&(0x7f0000000400)={0xa, 0x4e23, 0x1, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x4}, 0x1c, &(0x7f0000000440), 0x0, &(0x7f0000000480)}, 0x20004000)
readahead(r0, 0x5, 0x3b)
r5 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
pwrite64(r5, &(0x7f0000000140)='3', 0x1, 0x10001)
poll(&(0x7f0000000000)=[{r5}], 0x1, 0x1ff)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x1000000000000148, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x1)

[ 2015.630293] FAULT_INJECTION: forcing a failure.
[ 2015.630293] name failslab, interval 1, probability 0, space 0, times 0
[ 2015.632976] CPU: 0 PID: 13594 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 2015.634492] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2015.636294] Call Trace:
[ 2015.636882]  dump_stack+0x107/0x167
[ 2015.637687]  should_fail.cold+0x5/0xa
[ 2015.638530]  ? radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 2015.639776]  should_failslab+0x5/0x20
[ 2015.640605]  kmem_cache_alloc+0x5b/0x310
[ 2015.641513]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 2015.642740]  idr_get_free+0x4b5/0x8f0
[ 2015.643584]  idr_alloc_u32+0x170/0x2d0
[ 2015.644442]  ? __fprop_inc_percpu_max+0x130/0x130
[ 2015.645552]  ? p9_client_prepare_req.part.0+0x20a/0xac0
[ 2015.646720]  ? lock_release+0x680/0x680
[ 2015.647588]  idr_alloc+0xc2/0x130
[ 2015.648351]  ? idr_alloc_u32+0x2d0/0x2d0
[ 2015.649237]  ? rwlock_bug.part.0+0x90/0x90
[ 2015.650181]  p9_client_prepare_req.part.0+0x612/0xac0
[ 2015.651315]  p9_client_rpc+0x220/0x1370
[ 2015.652178]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2015.653341]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 2015.654513]  ? pipe_poll+0x21b/0x800
[ 2015.655322]  ? p9_fd_close+0x4a0/0x4a0
[ 2015.656170]  ? wait_for_partner+0x3c0/0x3c0
[ 2015.657106]  ? p9_fd_poll+0x1e0/0x2c0
[ 2015.657946]  ? p9_fd_create+0x357/0x4a0
[ 2015.658808]  ? p9_conn_create+0x510/0x510
[ 2015.659713]  ? p9_client_create+0x798/0x1230
[ 2015.660670]  ? kfree+0xd7/0x340
[ 2015.661400]  ? do_raw_spin_unlock+0x4f/0x220
[ 2015.662374]  p9_client_create+0xa76/0x1230
[ 2015.663311]  ? p9_client_flush+0x430/0x430
[ 2015.664237]  ? trace_hardirqs_on+0x5b/0x180
[ 2015.665187]  ? lockdep_init_map_type+0x2c7/0x780
[ 2015.666230]  ? __raw_spin_lock_init+0x36/0x110
[ 2015.667237]  v9fs_session_init+0x1dd/0x1680
[ 2015.668184]  ? lock_release+0x680/0x680
[ 2015.669061]  ? kmem_cache_alloc_trace+0x151/0x320
[ 2015.670125]  ? v9fs_show_options+0x690/0x690
[ 2015.671091]  ? trace_hardirqs_on+0x5b/0x180
[ 2015.672028]  ? kasan_unpoison_shadow+0x33/0x50
[ 2015.673012]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2015.674116]  v9fs_mount+0x79/0x8f0
[ 2015.674883]  ? v9fs_write_inode+0x60/0x60
[ 2015.675771]  legacy_get_tree+0x105/0x220
[ 2015.676646]  vfs_get_tree+0x8e/0x300
[ 2015.677453]  path_mount+0x1331/0x21c0
[ 2015.678282]  ? strncpy_from_user+0x9e/0x470
[ 2015.679206]  ? finish_automount+0xa90/0xa90
[ 2015.680135]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2015.681134]  ? _copy_from_user+0xfb/0x1b0
[ 2015.682045]  __x64_sys_mount+0x282/0x300
[ 2015.682914]  ? copy_mnt_ns+0xa00/0xa00
[ 2015.683754]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2015.684882]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2015.686007]  do_syscall_64+0x33/0x40
[ 2015.686806]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2015.687907] RIP: 0033:0x7f916d656b19
[ 2015.688705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2015.692667] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2015.694303] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 2015.695829] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2015.697378] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 2015.698918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2015.700457] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 2015.702563] hpet: Lost 3 RTC interrupts
[ 2015.715689] loop6: detected capacity change from 0 to 2103296
[ 2015.719696] EXT4-fs error (device loop0): ext4_fill_super:4967: inode #2: comm syz-executor.0: iget: special inode unallocated
[ 2015.725374] EXT4-fs (loop0): get root inode failed
[ 2015.726723] EXT4-fs (loop0): mount failed
[ 2015.743692] loop7: detected capacity change from 0 to 2103296
17:15:19 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 41)

[ 2015.830306] loop2: detected capacity change from 0 to 2103296
[ 2015.861109] FAULT_INJECTION: forcing a failure.
[ 2015.861109] name failslab, interval 1, probability 0, space 0, times 0
[ 2015.863311] CPU: 0 PID: 13619 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 2015.864680] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2015.866321] Call Trace:
[ 2015.866846]  dump_stack+0x107/0x167
[ 2015.867565]  should_fail.cold+0x5/0xa
[ 2015.868320]  ? radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 2015.869458]  should_failslab+0x5/0x20
[ 2015.870208]  kmem_cache_alloc+0x5b/0x310
[ 2015.871014]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 2015.871882] EXT4-fs (loop2): corrupt root inode, run e2fsck
[ 2015.872127]  idr_get_free+0x4b5/0x8f0
[ 2015.872268]  idr_alloc_u32+0x170/0x2d0
[ 2015.872293]  ? __fprop_inc_percpu_max+0x130/0x130
[ 2015.874189] EXT4-fs (loop2): mount failed
[ 2015.874382]  ? p9_client_prepare_req.part.0+0x20a/0xac0
[ 2015.878039]  ? lock_release+0x680/0x680
[ 2015.878822]  idr_alloc+0xc2/0x130
[ 2015.879494]  ? idr_alloc_u32+0x2d0/0x2d0
[ 2015.880286]  ? rwlock_bug.part.0+0x90/0x90
[ 2015.881122]  p9_client_prepare_req.part.0+0x612/0xac0
[ 2015.882139]  p9_client_rpc+0x220/0x1370
[ 2015.882915]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2015.883952]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 2015.884992]  ? pipe_poll+0x21b/0x800
[ 2015.885723]  ? p9_fd_close+0x4a0/0x4a0
[ 2015.886483]  ? wait_for_partner+0x3c0/0x3c0
[ 2015.887317]  ? p9_fd_poll+0x1e0/0x2c0
[ 2015.888062]  ? p9_fd_create+0x357/0x4a0
[ 2015.888830]  ? p9_conn_create+0x510/0x510
[ 2015.889639]  ? p9_client_create+0x798/0x1230
[ 2015.890490]  ? kfree+0xd7/0x340
[ 2015.891131]  ? do_raw_spin_unlock+0x4f/0x220
[ 2015.891994]  p9_client_create+0xa76/0x1230
[ 2015.892828]  ? p9_client_flush+0x430/0x430
[ 2015.893662]  ? trace_hardirqs_on+0x5b/0x180
[ 2015.894501]  ? lockdep_init_map_type+0x2c7/0x780
[ 2015.895420]  ? __raw_spin_lock_init+0x36/0x110
[ 2015.896315]  v9fs_session_init+0x1dd/0x1680
[ 2015.897151]  ? lock_release+0x680/0x680
[ 2015.897937]  ? kmem_cache_alloc_trace+0x151/0x320
[ 2015.898863]  ? v9fs_show_options+0x690/0x690
[ 2015.899724]  ? trace_hardirqs_on+0x5b/0x180
[ 2015.900557]  ? kasan_unpoison_shadow+0x33/0x50
[ 2015.901453]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2015.902444]  v9fs_mount+0x79/0x8f0
[ 2015.903131]  ? v9fs_write_inode+0x60/0x60
[ 2015.903926]  legacy_get_tree+0x105/0x220
[ 2015.904711]  vfs_get_tree+0x8e/0x300
[ 2015.905445]  path_mount+0x1331/0x21c0
[ 2015.906185]  ? strncpy_from_user+0x9e/0x470
[ 2015.907014]  ? finish_automount+0xa90/0xa90
[ 2015.907850]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2015.908756]  ? _copy_from_user+0xfb/0x1b0
[ 2015.909585]  __x64_sys_mount+0x282/0x300
[ 2015.910378]  ? copy_mnt_ns+0xa00/0xa00
[ 2015.911135]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2015.912142]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2015.913141]  do_syscall_64+0x33/0x40
[ 2015.913860]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2015.914835] RIP: 0033:0x7f916d656b19
[ 2015.915548] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2015.919069] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2015.920518] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 2015.921894] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2015.923256] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 2015.924626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2015.926001] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 2015.927665] hpet: Lost 4 RTC interrupts
17:15:20 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc0189379, &(0x7f00000004c0)={{0x1, 0x1, 0x18, <r1=>r0}, './cgroup.net/cgroup.procs\x00'})
openat(r1, &(0x7f0000000480)='./cgroup.net/cgroup.procs\x00', 0xcc600, 0x63)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000000)={0xce2d, 0xffffffffffffffff, 0xffffffff80000001, 0x1, 0x20, 0x200})
execveat(r0, &(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', &(0x7f0000000340)=[&(0x7f0000000100)=':\x00', &(0x7f0000000180)='@+%+/*\x00', &(0x7f00000001c0)='d\x00', &(0x7f0000000200)='\x00', &(0x7f0000000240)='/@g\x00', &(0x7f0000000280)='[{$\x00', &(0x7f00000002c0)='\x00', &(0x7f0000000300)='\\\x00'], &(0x7f0000000440)=[&(0x7f0000000380)='-%^[#+\x00', &(0x7f00000003c0)='\x00', &(0x7f0000000400)='\x00'], 0x100)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r0, 0x6628)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0xfffffffe}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r2, r0, 0x0, 0x4)

17:15:20 executing program 0:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

[ 2015.990479] EXT4-fs error (device loop6): ext4_fill_super:4967: inode #2: comm syz-executor.6: iget: special inode unallocated
[ 2015.995460] EXT4-fs error (device loop7): ext4_fill_super:4967: inode #2: comm syz-executor.7: iget: special inode unallocated
[ 2015.998461] EXT4-fs (loop6): get root inode failed
[ 2015.999634] EXT4-fs (loop6): mount failed
[ 2016.005235] EXT4-fs (loop7): get root inode failed
[ 2016.006386] EXT4-fs (loop7): mount failed
17:15:20 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f0000000000000400", 0x1c, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:15:20 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00), 0x0, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:15:20 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000051c0)=""/197, 0xc5}], 0x8}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:15:20 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:15:20 executing program 3:
arch_prctl$ARCH_GET_CPUID(0x1011)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0xfffffffc}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r1, r0, 0x0, 0x4)

[ 2016.147547] loop2: detected capacity change from 0 to 2103296
17:15:20 executing program 0:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

[ 2016.210146] loop7: detected capacity change from 0 to 2103296
17:15:20 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 42)

[ 2016.235152] loop6: detected capacity change from 0 to 2103296
[ 2016.239178] EXT4-fs (loop2): corrupt root inode, run e2fsck
[ 2016.240493] EXT4-fs (loop2): mount failed
[ 2016.296496] loop0: detected capacity change from 0 to 2103296
[ 2016.298067] EXT4-fs error (device loop7): ext4_fill_super:4967: inode #2: comm syz-executor.7: iget: special inode unallocated
[ 2016.309608] FAULT_INJECTION: forcing a failure.
[ 2016.309608] name failslab, interval 1, probability 0, space 0, times 0
[ 2016.312014] CPU: 1 PID: 13664 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 2016.313537] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2016.313708] EXT4-fs (loop7): get root inode failed
[ 2016.315345] Call Trace:
[ 2016.315370]  dump_stack+0x107/0x167
17:15:20 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
sendfile(r2, r0, 0x0, 0x4)

[ 2016.315393]  should_fail.cold+0x5/0xa
[ 2016.315420]  ? radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 2016.315440]  should_failslab+0x5/0x20
[ 2016.315459]  kmem_cache_alloc+0x5b/0x310
[ 2016.315490]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 2016.315521]  idr_get_free+0x4b5/0x8f0
[ 2016.316380] EXT4-fs (loop7): mount failed
[ 2016.316856]  idr_alloc_u32+0x170/0x2d0
[ 2016.316887]  ? __fprop_inc_percpu_max+0x130/0x130
[ 2016.316920]  ? p9_client_prepare_req.part.0+0x20a/0xac0
[ 2016.316945]  ? lock_release+0x680/0x680
[ 2016.316969]  idr_alloc+0xc2/0x130
[ 2016.316987]  ? idr_alloc_u32+0x2d0/0x2d0
[ 2016.317002]  ? rwlock_bug.part.0+0x90/0x90
[ 2016.317038]  p9_client_prepare_req.part.0+0x612/0xac0
[ 2016.317068]  p9_client_rpc+0x220/0x1370
[ 2016.332715]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2016.333970]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 2016.335157]  ? pipe_poll+0x21b/0x800
[ 2016.336036]  ? p9_fd_close+0x4a0/0x4a0
[ 2016.336936]  ? wait_for_partner+0x3c0/0x3c0
[ 2016.337876]  ? p9_fd_poll+0x1e0/0x2c0
[ 2016.338774]  ? p9_fd_create+0x357/0x4a0
[ 2016.339695]  ? p9_conn_create+0x510/0x510
[ 2016.340652]  ? p9_client_create+0x798/0x1230
[ 2016.341693]  ? kfree+0xd7/0x340
[ 2016.342397]  ? do_raw_spin_unlock+0x4f/0x220
[ 2016.343350]  p9_client_create+0xa76/0x1230
[ 2016.344374]  ? p9_client_flush+0x430/0x430
[ 2016.345411]  ? trace_hardirqs_on+0x5b/0x180
[ 2016.346407]  ? lockdep_init_map_type+0x2c7/0x780
[ 2016.347419]  ? __raw_spin_lock_init+0x36/0x110
[ 2016.348445]  v9fs_session_init+0x1dd/0x1680
[ 2016.349370]  ? lock_release+0x680/0x680
[ 2016.350221]  ? kmem_cache_alloc_trace+0x151/0x320
[ 2016.351242]  ? v9fs_show_options+0x690/0x690
[ 2016.352185]  ? trace_hardirqs_on+0x5b/0x180
[ 2016.353092]  ? kasan_unpoison_shadow+0x33/0x50
[ 2016.354061]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2016.355132]  v9fs_mount+0x79/0x8f0
[ 2016.355880]  ? v9fs_write_inode+0x60/0x60
[ 2016.356751]  legacy_get_tree+0x105/0x220
[ 2016.357621]  vfs_get_tree+0x8e/0x300
[ 2016.358401]  path_mount+0x1331/0x21c0
[ 2016.359210]  ? strncpy_from_user+0x9e/0x470
[ 2016.360106]  ? finish_automount+0xa90/0xa90
[ 2016.361012]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2016.361999]  ? _copy_from_user+0xfb/0x1b0
[ 2016.362873]  __x64_sys_mount+0x282/0x300
[ 2016.363787]  ? copy_mnt_ns+0xa00/0xa00
[ 2016.364610]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2016.365718]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2016.366809]  do_syscall_64+0x33/0x40
[ 2016.367588]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2016.368669] RIP: 0033:0x7f916d656b19
[ 2016.369457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2016.373658] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2016.375506] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 2016.377240] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2016.378976] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 2016.380768] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2016.382515] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 2016.419154] EXT4-fs error (device loop0): ext4_fill_super:4967: inode #2: comm syz-executor.0: iget: special inode unallocated
[ 2016.422149] EXT4-fs (loop0): get root inode failed
[ 2016.422840] EXT4-fs (loop0): mount failed
[ 2016.435052] EXT4-fs error (device loop6): ext4_fill_super:4967: inode #2: comm syz-executor.6: iget: special inode unallocated
[ 2016.437416] EXT4-fs (loop6): get root inode failed
[ 2016.438239] EXT4-fs (loop6): mount failed
[ 2030.695795] loop0: detected capacity change from 0 to 2103296
17:15:34 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 43)

17:15:34 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:15:34 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x5, 0x4100)
fcntl$dupfd(r1, 0x0, 0xffffffffffffffff)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f0000000100)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)

17:15:34 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:15:34 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000051c0)=""/197, 0xc5}], 0x8}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:15:34 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef465", 0xf, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:15:34 executing program 0:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:15:34 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000000, 0x810, r1, 0x10000000)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r4 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
pwrite64(r4, &(0x7f0000000140)='3', 0x1, 0x10001)
bind$bt_hci(r4, &(0x7f00000001c0)={0x1f, 0x1, 0x4}, 0x6)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105142, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r5, r6, 0x0, 0x20d315)
ioctl$BTRFS_IOC_DEFRAG_RANGE(r5, 0x40309410, &(0x7f0000000180)={0x1, 0x3ff, 0x2, 0x8, 0x1, [0x6fec, 0x0, 0x2, 0x1f]})
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_CONNECT={0x10, 0x1, 0x0, r3, 0x80, &(0x7f0000000000)=@pptp={0x18, 0x2, {0x2, @private=0xa010100}}, 0x0, 0x0, 0x1}, 0x0)
r7 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r7, r0, 0x0, 0x4)
syz_io_uring_setup(0x4439, &(0x7f0000000200)={0x0, 0xa09, 0x8, 0x3, 0x1ab, 0x0, r4}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000280)=<r8=>0x0, &(0x7f00000002c0))
r9 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r10 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r11=>0x0, &(0x7f0000000100)=<r12=>0x0)
r13 = io_uring_register$IORING_REGISTER_PERSONALITY(r10, 0x9, 0x0, 0x0)
syz_io_uring_submit(r11, r12, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r9, 0x0, 0x0, 0x0, {}, 0x1, {0x0, r13}}, 0x0)
syz_io_uring_submit(r8, r2, &(0x7f0000000340)=@IORING_OP_LINK_TIMEOUT={0xf, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000300), 0x1, 0x0, 0x1, {0x0, r13}}, 0x9)

[ 2030.734780] FAULT_INJECTION: forcing a failure.
[ 2030.734780] name failslab, interval 1, probability 0, space 0, times 0
[ 2030.737193] CPU: 0 PID: 13701 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 2030.738718] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2030.740606] Call Trace:
[ 2030.741192]  dump_stack+0x107/0x167
[ 2030.742008]  should_fail.cold+0x5/0xa
[ 2030.742852]  ? create_object.isra.0+0x3a/0xa20
[ 2030.743863]  should_failslab+0x5/0x20
[ 2030.744700]  kmem_cache_alloc+0x5b/0x310
[ 2030.745611]  create_object.isra.0+0x3a/0xa20
[ 2030.746575]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2030.747695]  kmem_cache_alloc+0x159/0x310
[ 2030.748621]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 2030.749889]  idr_get_free+0x4b5/0x8f0
[ 2030.749991] EXT4-fs error (device loop0): ext4_fill_super:4967: inode #2: comm syz-executor.0: iget: special inode unallocated
[ 2030.750741]  idr_alloc_u32+0x170/0x2d0
[ 2030.750768]  ? __fprop_inc_percpu_max+0x130/0x130
[ 2030.753653] EXT4-fs (loop0): get root inode failed
[ 2030.754103]  ? p9_client_prepare_req.part.0+0x20a/0xac0
[ 2030.754129]  ? lock_release+0x680/0x680
[ 2030.754151]  idr_alloc+0xc2/0x130
[ 2030.754174]  ? idr_alloc_u32+0x2d0/0x2d0
[ 2030.755247] EXT4-fs (loop0): mount failed
[ 2030.756275]  ? rwlock_bug.part.0+0x90/0x90
[ 2030.756311]  p9_client_prepare_req.part.0+0x612/0xac0
[ 2030.762799]  p9_client_rpc+0x220/0x1370
[ 2030.763637]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2030.764800]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 2030.765999]  ? pipe_poll+0x21b/0x800
[ 2030.766810]  ? p9_fd_close+0x4a0/0x4a0
[ 2030.767667]  ? wait_for_partner+0x3c0/0x3c0
[ 2030.768612]  ? p9_fd_poll+0x1e0/0x2c0
[ 2030.769466]  ? p9_fd_create+0x357/0x4a0
[ 2030.770334]  ? p9_conn_create+0x510/0x510
[ 2030.771253]  ? p9_client_create+0x798/0x1230
[ 2030.772218]  ? kfree+0xd7/0x340
[ 2030.772949]  ? do_raw_spin_unlock+0x4f/0x220
[ 2030.773939]  p9_client_create+0xa76/0x1230
[ 2030.774893]  ? p9_client_flush+0x430/0x430
[ 2030.775830]  ? trace_hardirqs_on+0x5b/0x180
[ 2030.776791]  ? lockdep_init_map_type+0x2c7/0x780
[ 2030.777844]  ? __raw_spin_lock_init+0x36/0x110
[ 2030.778856]  v9fs_session_init+0x1dd/0x1680
[ 2030.779811]  ? lock_release+0x680/0x680
[ 2030.780695]  ? kmem_cache_alloc_trace+0x151/0x320
[ 2030.781773]  ? v9fs_show_options+0x690/0x690
[ 2030.782742]  ? trace_hardirqs_on+0x5b/0x180
[ 2030.783698]  ? kasan_unpoison_shadow+0x33/0x50
[ 2030.784693]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2030.785825]  v9fs_mount+0x79/0x8f0
[ 2030.786604]  ? v9fs_write_inode+0x60/0x60
[ 2030.787519]  legacy_get_tree+0x105/0x220
[ 2030.788726]  vfs_get_tree+0x8e/0x300
[ 2030.789563]  path_mount+0x1331/0x21c0
[ 2030.790411]  ? strncpy_from_user+0x9e/0x470
[ 2030.791352]  ? finish_automount+0xa90/0xa90
[ 2030.792302]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2030.793315]  ? _copy_from_user+0xfb/0x1b0
[ 2030.794242]  __x64_sys_mount+0x282/0x300
[ 2030.795124]  ? copy_mnt_ns+0xa00/0xa00
[ 2030.795982]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2030.797121]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2030.798266]  do_syscall_64+0x33/0x40
[ 2030.799076]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2030.800203] RIP: 0033:0x7f916d656b19
[ 2030.801013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2030.805016] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2030.806697] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 2030.808246] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2030.809826] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 2030.811394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2030.812961] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 2030.814927] hpet: Lost 4 RTC interrupts
17:15:34 executing program 5:
r0 = openat2(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x240000, 0x92, 0x14}, 0x18)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000140)=<r1=>0x0)
stat(&(0x7f00000000c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(0xffffffffffffffff, r2, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x20d315)
r5 = getpid()
sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000001e00)=ANY=[@ANYBLOB="a115ef7e1f1000022cbd7000fd0e454fdb28cfdbdf25020000005b23835325876836a9be6b08caa72415b4ea166efb81fa5d4696db66da32f9f3e80dec7c94d6322daad09fbf62db6110b9f2b12e0000766a7bd1e55e8b411d3393a8e6b0887e2141fe310400ac009b7b6d63d09c6af727980acf620c095e0dd58b4def472699fabf654dbb7351b45de77a62c1a5834f75829aab06beed1a6a76aaa03caa07d636cf3e754524b400000000000004019650bb72d71ea0045cf633b57e883e9403c0e9d8a6279f23b8243fc88c73670042ce4d31952f307dcd61e0fa163f199fb6cfd1e1f40921de83dcb582f50cebe198907bd864311fa37ab1f99023d46c31b8e7fab5fa1ac5c546141d", @ANYRES32=r1, @ANYBLOB="72ea9442204aa29e5fbc56d7e7b567cdca1e3a73ca3e4373a3c062f4049d63db89fb86669bac352d520389a30d5162092855cb0855db56f83698fc88eaf7b482e6da155761212d1d0728b22674152a736427cd1d358220cc7e7fc7bf38eb0e16b9a6212187bd1a2ff2bc5663d46e08006f00", @ANYRES32=r2, @ANYBLOB="3a000200ff54422e1108a05e891e6babab35c32a4abbe700debaa704aea451a1d8146a2a2347cb792643eb083e5d96fd6c80dbda06d933fbb1dc0000748d8165cc724e5d6a9521d23dc8fca6bd016aa6caa7c5b183211591127d8c0ca0b122e2a2003894f65f7688413d1417b6068a8fe685e13cb40177c5b50d1af08bea8ba9814b6033a0f3907be3df86a70ae7d03e1b9d425f29278a3bc60d83c4cb75765130f660a0b6ec17f09c376195ace664c6e6e39b2a39c57509ac7ebcd3d25f71cb2e87d2bb44775220453cdd0e2bcd0d3bb316b0e45431758dca9f0af32e56f38cf49c6df310875db91c4d61b96a7fc4427997fb5b1855c0b465180e686ea41be53c1f02399d08004d00", @ANYRES32=0x0, @ANYBLOB='\b\x00T\x00', @ANYRES32=r3, @ANYBLOB="0008007e00ac14141c67129080da1afbf2d259d67669ec3b916d5d845d8c1b90b292eb93eb8844849087019ec5b242e461ef53fbf5a2f934cf29bcb62dee9bf36eeba4f027af71f5952f30d1022a68a9026998bb19ae3bb718d24618ec3cc5f74daeea8afdcfce2981d66e8c2b02a72245a1e1c8b79fb775c789ca6558c515f8d9c0ddd6119d210819bc9a9bf340cf90a8317c3a650f21d45c1f5c9b0edbaec286323d7981a926099917af2096ff6b0109f955595d6ca7ce1f4a85cd8898561c5f174bcb207c42e601ae45d8773c6d9c1106a6738a52ec0f621eb903c3af5f81b0f062ff9fc38f4eb042e53675bafef23963e554ec7539fbfb4c571f75eaf4f4c6872338b484aad4cfaf549ec8677973499da245748de591f47db71b396d63e55f1372a6a564872242102637a16cd617e584a53af7feb4bef9d3b504937ca04cfbb0779dbc197491771bf20b6ae82e5eb3050e24595f4833833698f58d1cef1b3c51cafde07bb99abb3a944a98cbafc13c4d8da68e19a920d0bec8969ae0edf28d5b8325bd41260107fea6dcc08a4710edf3e161ec75fe6790227d2ded5c7b276353033420f299635e45e7ce1cfdd6662251e6f089692d9b39603fff646fb93843068f26071179db0b60ae4fbf6ecb75722fb32f1c859574390060c3fb355acca9fae389069cdeb3aa3a42c00e3ff8992c7c6a37c5df6b1047e7419695a1bc240fe03ca93848edaa4d51d62bc56778eca04744a0024afbb40b95cbf2fafb990077647bc9a35802d6fe3447a2d8aa06c237741096ed391580fc1eb329834dec490c4f938939fb8b13c72cb139b93bce2c274890afc58fe7c84b74bb59d6018f8b08720a89aa4e451da45d5094e75f76c691a63d068e4dd93ef8485524fc2ab742acc4911236161a48e68200adf88a33e8e73054b7f5e7fedd2ef69a994aab2e37379d65d6f61ba6cf6aba8a272f56f43740128fbb4df238b2509a0bdf1ccbe86064f21f107160d7b9c63c086245055182f0e3bd05ed90dbde3465cce814d566a5365005c4cd3e8eae31d49b5404cac602fd2534489927713ad206d6509bbd027fcc6af6ebe1ebe80427f607d79601a3c61d65399a16df170cf5d21f5ec41c84d803eb13641c4431fd63516d422f6798ab061dd8061b8f6764f5b8370b52372cb7b39973af597c88c6c3e15528e3824026adf2a47ffe73f786601e4c2724ae3095b34a8044336f63b678a01284c15075d929aab87e168fdf3a9a5b7989014b45d5d9044ce36b15701b4e1f7ff790d2419cc751fe8811ebd4141c9b87942999d62e995fcd11d16a7876f821010481790ae23d46c1bf353f4f290503b018441f7131880b0f6f37068df4ece4e5a3aacb8c24aef299ae2a1b81a8778fd3a34232f8dfdd73097b461492e3ddda418d735ce5549817b1f23acba51fd0af0189b07ff12a56015a553a328bd07fbad5f24e712325d0b35a7f550e86226567f56b474f3ae7ccac8b41ac8fbb226da322dfcc8f92f707b61b2feab2b96bfec31568778a3341a5e9a6dea3f942129e3878454b4bd158341dd1388ec48ccfad0478eacaa0a64f07e99bdcc8eb1e44d8374a118f9c9ad0dcf8eb838f2f246f4b43930d805b50ec3da4745cd71866de6fe2fe5234080d7c4ae99a391c80966d39024802457d1c4eec5adb38839cff9b41ced440cff8c5fd77290e92a1b832c4eab47ad8061104125547d06c0d7b5df38755979877bae503d7c5119ebd1044863d4208e2cd610e38e83f04cfc44463672b783ccb2d761be00f322bfe6244f1c1d977748c39a2941df2feeea80de19a10da5bd631e0a4b6323ce5bca84873e5db6b8b99f1bd36d28717f0c3cbe02cc84d5f6dc93b7198d12bca8ab179d1876eef883a8c36b43335c8470d7be86d7961eb3f991719333e8c3166da323f0514341518758813024dcb9ec22a08b22477c9b4c5b4db0eec6d66c3b54084b1bcdff81317f8950e2e13759ebcf05c08c8c12d87c1b985c2751806570a15ab8feb3f7d5c97a6ed518a60c0c015be99f4b5a4475a4e8e2a2b8585a3c94090dad9ac7b225fba8df5f8eeff8d7948f86e4202046faa64fd383b287bea2dbc0ec5e6fbedb6f84f00df99e3bc90bf0723a87cb32e2c93a5bc3999b50ffed58ae7c715bb98587f03b20c666403a5b43fdd44fc69dbbbeae2da7bf6054384d163b3bd24e75c0a9f138a741b5051d63e3d4c55f3aed668d2c0502e44bd495b807ab09feee661d53fdd32100c6d6978af9fd305f88d646b4bcacac700939988cedff8ffb6b31398329b4123c8992568e332c1306d7290e4b4cfee67d78526729c511ca95dc1ab9a2e1bbb20225e2754326f41813041780265b639d7629ec00a7d54d72047ba822c2b4bd621fd4ca959ac41b0f34e892d511c940fec389c5bb8f4dde6f727b94273f45ec779f5cb2bd5aab3dc6ca3c5cabffb96059e849589d06a71347bfe712774bbedf70bb996786828d2316a9dff62cb25da4e5213a1f039daa9a25dc5fd4a9b6595edbf7f16d15eea3066204bb2bb34994ed8f3dc5e2a011cde4e70e5b59b9fa59e5cb382070a55da183420ca9f445092f5ab22ebd53655ad034fea1304f35ca514c932fca6cc8244bf7e8063324ac901b819fd3e83884988e2cbd2673d7f2544c23e5600a228b67acccea10d974d24728e7272036d4f57a4c9ef6a79e1586c4f3f69e0250e57ae8a8c15e88a8a89f8f99be5f691bb30521fbd20ba53b8af678a9f43708c96d388528ad0c08ec01b6e6cc563f0553bd9dac08674f0f962be436a911d23ee8667f97a1ee6991b9f82f639a93ad5666231ee8beb378e2983bdddd7f32c13cd980b278c5bcd3c44bf9fae357473ba81d19cd0733d7ec055dc7dbe62cbc89fdd7461b14e984296136944a5eaf4c0194504b99a9f7b0b3fcdc7d51aee2743d1e2dbeca34a154d9072ea244604a3d698dbfef23712e8de1b1cb8563c9f92d44405a865f55dd1accc9e42308602624e62e70ba5a10d2c87943cfc8bcaccb3c5806241283d896526c73b42f869071f3e345c4327f91a2e89f2886aa2ec38fc028dc355438e95f11fe3184f492a2c9f6dae9d6f6ad7283b2c03cfeb5fc9d52bacf164fb34e0f2f3c21848b823fb3254674303261fa1684b8a8673a2584d09ade82b897aa3bc0d82b6e1638a47721358f9f4a815f9034b97c8435ac63ab012f5ca5d348db7645ecc6d67cfa185239410cb8fb28da3887c647b14f7c6eccaf90c9570062a2b48112431cc4a832d9a5372b7003c382d558f358f6a5055dd3903b16eb5e470da644d7ce8af059786d0b1f4c6c7666bab56147e914b029a5edf33fcae902e54661a0a43527b1a7e837b17eee5e8e5f6e1409fff2f71c9e9dd961cf022cd78b96a90d2734cd346f7302518a4a7a1de8d43451cd7d50c7dd7e29d0864d2c03c669901124f4f5491cdba34e2e31eee62f9aaf192e4dc33e70cacee3ff5d26a5569f1ae97a7bc8f3519b46081ef29ea74ed45bcc2bdc52a56c8dd68be71ab67e62cdc9a6d36ec981dc1c6cadc7b20eb98d9d14886fcec30c3bcf696b27c391e0300c38390607f52cee3be334cf7ec5c1964dfd6217f87c11f7f080fc3d78157268616f5134c2409d4133458905dfcebabe005eccf85142a2f08c6982b7096a687a432a87375ceaa0ad24c17e33e87d418165f6550850a1132c3755ec3de079360729338b1e2bbd50ba1489454a7b62f61cb24d9588804a758983de647df8dc25c47a730d8e19642db0e8ec88adc0967d232530a0bdeb3199a1c121f4c5b758a7ccb308d5a6a6748f6a11de741defcaebe2f9eabeaf06a6b0ce70a5ac7b6282496c8ef07c33eb07a751793af518e57ba76fa0bffda1e3bf88bc1e4811446708c2c9d2bce22e984016c4e31e588fca507ab0d25f7c8f7287502bfaeffc7de08e340dc676739a5df05800ce72336202bd78d6dd8ebbfbc634f3d2ead945ff9e950574d44d1cae498cf79437a3b642a1b857d45277f409ed298ac2d613d05788886654e9d126e866778b4767bd9f024653fbc80a77e3f3bb9297044825e0cad9cbb61cf7bbd31bdecdab2b7e60a6e8f6dba2103fa0f9c2df7b39bf76c42a1ea17bd5a8d1435fd89554e2b86329058ffe0c9fb8a9d3766684ce798b9489279f991eed7ac96a186f48db8b121ecc3131223dcf52822450cebb569e2558151e3ef6e2b022549a8ee3c6c85e990632148ac9e0e1a78088e07f2b07a6453adaf9f735cd073e08bde7326f182efbbe7fc26bce84f196fe247a5f8f602d84feb394a5bbde26e440f3746174cba42bcf490e2e6cc6bddebcdf94b15d8c6112cfb2619088a80407f1b6f927b4c9968f28f2f8489e45e3d9c0a078e8f0eee9757ab38ac0f9201b15adf95b62d36f05a72f83db92564215f3796230f5bb62b34ab0d2d562942693f7f0338debf8e870d2f78cf56f90ab51f41a69d3db87f0c59bbc7a9e2f0e6934038f90e5bc136ccc6d04ffc9f9ed5c29d6079e4bb12b48457f21e5e01eea6676d2e3210ad351356b9e4d02cd100cdaa053712e6279005bf7c267fb0a21ba6834f8960d327c7c1c10b2bead5f8991fd0f726ffa231f3e4c51d2776aa00d56ffb55c2a9e0709e348b89f21b388ca9da2e02c7ea97bd26408b9e02db33589c46641a49fd3db10c40eda4f5362c1847097b110deff928b18358a24c17bb470b0a6333cdf39037fc904ddea4db4cb571c2007b4c7ef68ece73d75b4d74a376f41511fb686a2cf113917b3cc93d333552173d0fd652a88ddfa238b00971bf1bc209a5fdc69ed0c8ef6036371ccf444d8201d0d6176bc2f5410ecbb5bac4d8c83f49610364137081d588f94fd4f62cd4fd7563d968b739ac2e5ae3f9270e557428243a113a73e76a238b68fbd2cc0f83662d62e715ac714c665e849b3c43ddda6dbb2f7980f543a4136bb8776231ee3f10d5c7874998fd011e7a5cb9776e8bc00f577a5d0c5cfd2b8641104b50b8cfa9e09f6b85f2f90f49bd85cd44d28595311e97b2db9969708b4adff2ac8bc5ee467b793c8d3c8e09286776234225471a1c87720ba15bb6de3695366ce9056d5f68e61925db3b5bfb83e777f4a18b547bc0114136e1062bf11d8051639342499b605e432f80deb01024e71569ca2803878ef23486811e0e99c0d99ae4f5a49954a5e72de790cac0eae5a1b672633342e84dd702424ff287fe3d41db77be44ea4961ad9e87fe0e6ba1008fc41f51fa0da33b66fe26beb8fe6e67e21fb455f165c87bd8498471a85d8242214ec01409ff2239c6cf6de1ea4e8b31daee6bb3130b9ad6e423db70201d32fc2420c5733f0c13de26a416ff8057f4bf38ea412d09730e2995d2f5dad6f01810df0b990269aeb9be4f470d9ab703a6445c133fb215fe5695ffc89ce9ee809001900a5b182b3b6809ecffc8c5ee10b6d0e929814f2cfb3fb43c586a32a0fee7d11b5a53945fb06d35d8e26ee8851ccc9ab87300e7bcc3e0249a3f44fdcb9de8185d0cf0656e76a137a6c35e797e1b621d65d4b95f01551ccf986e46937118374a43323c310c60e05fb04b61b4845bf8e675ee94173f7ff75a10d77d8ecde816ccb11936c432e8603e77be99f0693a5db5910a00e98e2e43f553a40dfd10608b4d0a1acfbdc7b1808a857e464b10782671a35886dce34d4ca53a96a6854dad44cd3fa6a42678ebd4da2046273f84919e08841d6f996a6be01053897d7fb7ba0323191be4693b5ee8364dcfe42f4dbe5b3c9b48076bce79311fecb12e224729500da3e0ae7bf5f3d8c3512e411ddf3125a46c4982be4a1a7b78dfb387125eec11d44b46e2f9bdb7bb4f0bb6b6768e9e296e132ba5a34c2f594ed4436761e29565892085b8d26c51f4febc4d1bde663c2833f84fb87b2b5cbd1db1e3509a088744ca948817dfa61c72a441a310a2494f4fcc80b01b429e6bc8c678d6269c107fdfdf5d6a901f6bba40089c46b884ba08001400", @ANYRES32, @ANYBLOB='Z\x00R\x00', @ANYRES32, @ANYBLOB="08013500", @ANYRES32=r5, @ANYBLOB="04000b00e910c14d8278a84435ab25912ecca46e6aa70da7470f7948367d2521e642ce70d6ce03dac17fd2418c8dd0017d8a5c5c106bf1b2f7ef59931971d25a2bfc0e94c28790cabde72c9f623b112e49c431bcc1ca5df8a11cf5b3076a52ab49bf8d74eb6ccbe1518d67a7ae0979ac2d0f5105eea995e2dd1f6489dac29d5f37cdd0c2e7f3c65837095ef63eb93e5368e4b79366a91d79a83faabe582df315d844dbe6d0aefcacd6b0a031216a27d4447bf20ca1a0a8e7bfacb8dc1a97535e514ce24cdfdb48e0448421a3d763a20e7a1befb005ef81e020bd930397c419855ad77e09e555a4716d974542f4649724201cd5387b08b3182093d3b6bc2dfb391726aafb250bb28122189c9fdf7c97d270ffc5401298ae6f08db2338cc8efc98ea02fbeb1d76589709732b01128b38874f8e5f3fc61d5104b442a5d51039405eb896ed8d95dee1c6b59f9ad1a0350dae5c6aea030e6c23f3da19b36633cb262dab6e4b2b9a746ac16d76c564a4f6b04954012e200630de4bc2e349528018fc898325da5bc4052549b5967da34cdb2dc0a98638220876163b839baa02c112b2fe330c455da48b072cbc93a474d50e95fc9736dc65b222644fca9f3595cd7790aa4c5b76e41048a1411e663a1d0b30bd9ed74a9b2864beaac14ad6cf000c006a80080021007f00000167bf879dfff4dedab530124be33f3e46db98b67920c2f1b4a9c57287b936b14d588a651b2f816c7f8a3a28cf4da61e0ef57b1355202cd411498202b86e5b1a1187e354deb746cc4ed7284c627b6abb91ca580cf9dc3e69722eeb2cb23b4852368945cefbdee293484317498508e557d49e7233d5f37dc573d0f28fe354b893d57ac4b4241581006292beaf4d3f6da6af9084ed3b7a1434efdd76f7a4e0928c370e63bd8b666d65c16bb1286acc5fdcbf83dd5700350031e8c07b60dde858dcf63f8a0bfdd419e2c3dcc99698f5f058c230ad2a1be0039a54d9018085cb11f4606e1da1ff0415231c3f4239df56eb307b1225e79d05c141257540e8c39fa9d3ce66b4e808fe3649592d0000"], 0x1580}, 0x1, 0x0, 0x0, 0x4004}, 0x4048015)
connect$inet6(0xffffffffffffffff, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
creat(&(0x7f0000000200)='./file1/file0\x00', 0x100)
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r7 = fcntl$dupfd(r6, 0x0, r6)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r7, 0xc05c5340, &(0x7f0000000240))
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)

[ 2030.830233] loop7: detected capacity change from 0 to 2103296
[ 2030.880248] loop6: detected capacity change from 0 to 2103296
[ 2030.886670] loop2: detected capacity change from 0 to 2103296
[ 2030.952696] EXT4-fs error (device loop6): ext4_fill_super:4967: inode #2: comm syz-executor.6: iget: special inode unallocated
[ 2030.967328] EXT4-fs (loop6): get root inode failed
[ 2030.968612] EXT4-fs (loop6): mount failed
[ 2030.980460] EXT4-fs error (device loop7): ext4_fill_super:4967: inode #2: comm syz-executor.7: iget: special inode unallocated
[ 2030.989711] EXT4-fs (loop7): get root inode failed
[ 2030.991141] EXT4-fs (loop7): mount failed
17:15:35 executing program 0:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

[ 2031.017185] EXT4-fs error (device loop2): ext4_fill_super:4967: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 2031.033141] EXT4-fs (loop2): get root inode failed
[ 2031.034610] EXT4-fs (loop2): mount failed
[ 2031.086257] loop0: detected capacity change from 0 to 2103296
[ 2031.115178] EXT4-fs error (device loop0): ext4_fill_super:4967: inode #2: comm syz-executor.0: iget: special inode unallocated
[ 2031.119182] EXT4-fs (loop0): get root inode failed
[ 2031.120379] EXT4-fs (loop0): mount failed
17:15:50 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000051c0)=""/197, 0xc5}], 0x8}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:15:50 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8d10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)

17:15:50 executing program 0:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:15:50 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:15:50 executing program 3:
r0 = semget(0x2, 0x3, 0x0)
semctl$SEM_STAT_ANY(r0, 0x2, 0x14, &(0x7f0000000100)=""/172)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/cgroup.procs/../file0\x00', 0x0, 0x10)
syz_io_uring_setup(0x3a76, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x28c}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r2, r1, 0x0, 0x4)

17:15:50 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 44)

17:15:50 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef465", 0xf, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:15:50 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

[ 2046.062539] loop2: detected capacity change from 0 to 2103296
[ 2046.073328] FAULT_INJECTION: forcing a failure.
[ 2046.073328] name failslab, interval 1, probability 0, space 0, times 0
[ 2046.075749] CPU: 0 PID: 13859 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 2046.077224] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2046.078991] Call Trace:
[ 2046.079558]  dump_stack+0x107/0x167
[ 2046.080333]  should_fail.cold+0x5/0xa
[ 2046.080911] loop6: detected capacity change from 0 to 2103296
[ 2046.081148]  ? create_object.isra.0+0x3a/0xa20
[ 2046.083389]  should_failslab+0x5/0x20
[ 2046.084198]  kmem_cache_alloc+0x5b/0x310
[ 2046.085064]  create_object.isra.0+0x3a/0xa20
[ 2046.086011]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2046.087090]  kmem_cache_alloc+0x159/0x310
[ 2046.087982]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 2046.089135]  idr_get_free+0x4b5/0x8f0
[ 2046.089967]  idr_alloc_u32+0x170/0x2d0
[ 2046.090764]  ? __fprop_inc_percpu_max+0x130/0x130
[ 2046.091790]  ? p9_client_prepare_req.part.0+0x20a/0xac0
[ 2046.092872]  ? lock_release+0x680/0x680
[ 2046.093720]  idr_alloc+0xc2/0x130
[ 2046.094433]  ? idr_alloc_u32+0x2d0/0x2d0
[ 2046.095296]  ? rwlock_bug.part.0+0x90/0x90
[ 2046.096180]  p9_client_prepare_req.part.0+0x612/0xac0
[ 2046.097277]  p9_client_rpc+0x220/0x1370
[ 2046.098089]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2046.099211]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 2046.100307]  ? pipe_poll+0x21b/0x800
[ 2046.101091]  ? p9_fd_close+0x4a0/0x4a0
[ 2046.101894]  ? wait_for_partner+0x3c0/0x3c0
[ 2046.102812]  ? p9_fd_poll+0x1e0/0x2c0
[ 2046.103595]  ? p9_fd_create+0x357/0x4a0
[ 2046.104436]  ? p9_conn_create+0x510/0x510
[ 2046.105279]  ? p9_client_create+0x798/0x1230
[ 2046.106215]  ? kfree+0xd7/0x340
[ 2046.106889]  ? do_raw_spin_unlock+0x4f/0x220
[ 2046.107827]  p9_client_create+0xa76/0x1230
[ 2046.108697]  ? p9_client_flush+0x430/0x430
[ 2046.109598]  ? trace_hardirqs_on+0x5b/0x180
[ 2046.110481]  ? lockdep_init_map_type+0x2c7/0x780
[ 2046.111455]  ? __raw_spin_lock_init+0x36/0x110
[ 2046.112405]  v9fs_session_init+0x1dd/0x1680
[ 2046.113324]  ? lock_release+0x680/0x680
[ 2046.114163]  ? kmem_cache_alloc_trace+0x151/0x320
[ 2046.115185]  ? v9fs_show_options+0x690/0x690
[ 2046.116089]  ? trace_hardirqs_on+0x5b/0x180
[ 2046.117005]  ? kasan_unpoison_shadow+0x33/0x50
[ 2046.117943]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2046.119010]  v9fs_mount+0x79/0x8f0
[ 2046.119724]  ? v9fs_write_inode+0x60/0x60
[ 2046.120592]  legacy_get_tree+0x105/0x220
[ 2046.121413]  vfs_get_tree+0x8e/0x300
[ 2046.122199]  path_mount+0x1331/0x21c0
[ 2046.122973]  ? strncpy_from_user+0x9e/0x470
[ 2046.123881]  ? finish_automount+0xa90/0xa90
[ 2046.124750]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2046.125733]  ? _copy_from_user+0xfb/0x1b0
[ 2046.126577]  __x64_sys_mount+0x282/0x300
[ 2046.127424]  ? copy_mnt_ns+0xa00/0xa00
[ 2046.128218]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2046.129313]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2046.130369]  do_syscall_64+0x33/0x40
[ 2046.131148]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2046.132176] RIP: 0033:0x7f916d656b19
[ 2046.132953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2046.136655] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2046.138198] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 2046.139631] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2046.141073] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 2046.142515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2046.143945] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 2046.145735] hpet: Lost 4 RTC interrupts
[ 2046.153268] loop0: detected capacity change from 0 to 2103296
[ 2046.165161] loop7: detected capacity change from 0 to 2103296
17:15:50 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x50}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)

[ 2046.215389] EXT4-fs error (device loop6): ext4_fill_super:4967: inode #2: comm syz-executor.6: iget: special inode unallocated
[ 2046.218511] EXT4-fs (loop6): get root inode failed
[ 2046.219766] EXT4-fs (loop6): mount failed
17:15:50 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
statx(r0, &(0x7f0000000600)='./cgroup.net/cgroup.procs\x00', 0x100, 0x100, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
ioctl$NS_GET_OWNER_UID(r0, 0xb704, &(0x7f0000000740)=<r2=>0x0)
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', 0x3ced, 0x6, &(0x7f0000000540)=[{&(0x7f0000000100)="c190d05f926c821b50d0505df9fc50", 0xf, 0x2}, {&(0x7f0000000180)="ad054e7b172e8f79faa60b857dc040513436d407c94623fd2318859b84f4261a0966a364ba17065801fbb58814b4c774766383332cb82b8cedd9492ef4af56bc225dc9cff4e0560ce6be89283a19425e76530902f7eab6557bc5e31c4a7bfd720057282a0a2ec5d37b4570b80603fd07bd798dad2745dbe35af7717c79f22f17436ac98b6e345029641e9f325f9a7826be1c8b8fcdf83a0ce2226ffe480a0275ff5a1ad706460b2d1babc7e5cba668c486ff55dd271689363f6dd030348b694a6d38cf4255e7829c44531579a84eeaeefbb3fb31b227aae817c211", 0xdb, 0x4}, {&(0x7f0000000280)="3bea8a1fdda6cdce7a665a8da2dedb44", 0x10, 0x3}, {&(0x7f00000002c0)="a62dfece1174c74bcbb71ddb3376eb26f5c1626e6be2b97f9947f78e72123abfbc49f8d227100807121d9ae0c3c83882ce406d527425f4db4486726d8a400b7f1165dca712ac614cd3e87df4515475cbc8fb6d7dd6ebfa01793f8ca906a83267ac0b35b9a493a2ce6027cdf64d1f211dcf38dd2b447afea2afac0a7e74bf66fca754d2f693bac125fdf8e2273e3337325157f8cb6a84a0637a3e4534a65755f8923288f42cdda7a6e93688029211b4f82b5279e45aec386d6da080c9140667aecdc22891b0bc24a220b49fd7f4a0de286362afde235de2dab11cd5198a65a0426ff593b4b46ebde1961c451a9e4395124f2012447a", 0xf5, 0x97ed}, {&(0x7f00000003c0)="7c485ac418cd3ba4dfd230143104098796b4c75a6e472c0a2324074450df49bed61aacd93991fe1a38302626dd4c29d72b4d72139443f3693db0724588417b6fdd498387c3984f84ea0c625e1a2a281b41a2363b397e2f7c9da438dbed", 0x5d, 0xbf97}, {&(0x7f0000000440)="4ff456bb3980a3d9723189f6faf5c7d9a267f114194a4339a26a90de27fa031356772180e1f8f292b4d3e1bfd0dde8b5d553b5048508022c13a764df8af3adda7cbc9cbb87b05a4ce2498704ba10f9f222e6a88959bb3bbe27f125f52acba43f706ba83d43a2b48ff3a9a6828921389e9550cbe242be2b4c5db38c13fdc29042742943943515f46e3aa90175d6246c05eb99924475b81a9c595a4d2ef041e452716982a440c5ef4374057e9931e9fe6f30481c9e4d01475f6e18510cae84c1d5580d1202f74b10fce58003c39c4b8e8ec0206e6d622ff895cd4ce6cf4f64a603a4273b92232e0e4aea44a3102aa274947d21741df5601fcf483f7048b001ca", 0xff, 0x4}], 0x20, &(0x7f0000000780)=ANY=[@ANYBLOB='gid=', @ANYRESHEX=0xee01, @ANYBLOB=',mpol=interleave,gid=', @ANYRESHEX=0xee01, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRESDEC=r1, @ANYBLOB=',euid>', @ANYRESDEC=r2, @ANYBLOB=',\x00'])
syz_io_uring_setup(0x1158, &(0x7f0000000080)={0x0, 0x0, 0x8, 0x20000000}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r3, r0, 0x0, 0x4)

[ 2046.234486] EXT4-fs error (device loop0): ext4_fill_super:4967: inode #2: comm syz-executor.0: iget: special inode unallocated
[ 2046.238614] EXT4-fs (loop0): get root inode failed
[ 2046.239861] EXT4-fs (loop0): mount failed
[ 2046.259666] EXT4-fs error (device loop2): ext4_fill_super:4967: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 2046.264065] EXT4-fs error (device loop7): ext4_fill_super:4967: inode #2: comm syz-executor.7: iget: special inode unallocated
[ 2046.267408] EXT4-fs (loop7): get root inode failed
[ 2046.268582] EXT4-fs (loop7): mount failed
[ 2046.275431] EXT4-fs (loop2): get root inode failed
[ 2046.276690] EXT4-fs (loop2): mount failed
17:15:50 executing program 0:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:15:50 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000051c0)=""/197, 0xc5}, {0x0}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:15:50 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180))
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

[ 2046.413224] loop0: detected capacity change from 0 to 2103296
17:15:50 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef465", 0xf, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:15:50 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 2046.440336] EXT4-fs error (device loop0): ext4_fill_super:4967: inode #2: comm syz-executor.0: iget: special inode unallocated
[ 2046.443120] EXT4-fs (loop0): get root inode failed
[ 2046.444026] EXT4-fs (loop0): mount failed
17:15:50 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
creat(&(0x7f0000000000)='./cgroup.net/cgroup.procs\x00', 0x108)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r1, r0, 0x0, 0x4)

17:15:50 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 45)

[ 2046.492587] loop7: detected capacity change from 0 to 2103296
17:15:50 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
getsockopt$inet6_buf(r2, 0x29, 0x30, &(0x7f0000000440)=""/105, &(0x7f00000004c0)=0x69)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x20d315)
connect(r4, &(0x7f0000002380)=@alg={0x26, 'aead\x00', 0x0, 0x0, 'rfc7539(pcbc(fcrypt-generic),sha3-384)\x00'}, 0x80)
sendfile(r1, r2, 0x0, 0x20d315)
sendmmsg$inet6(r2, &(0x7f0000003f00)=[{{&(0x7f0000001880)={0xa, 0x4e23, 0xff8, @remote, 0x2}, 0x1c, &(0x7f0000003c00)=[{&(0x7f0000003b80)="7327b3d5700fd741680db118f045f02be03d852905a942f727a1b4afb908ca49bdc443fd426de32b3e9ad9ccd76717fd25f0c7049532613af045e7f49f899001f0432d36f4a20961d891268c6fdaeb03ff554df8", 0x54}], 0x1, &(0x7f0000004080)=ANY=[@ANYBLOB="380000000000000029000000390000008704013f00000000fe8000000000000000000000000000bbfe8000000000000000000000000000aa2400000000000000290000003200000000000000000000000000ffffe0000002", @ANYRES32=0x0, @ANYBLOB="00000000140000000000000029000000340000000800000000000000580000000000000029000000390000003a0800010000000000000000000000000000000000000000fc000000000000000000000000000001fc010000000000000000000000000001fc01000000000000000000000000000014000000000000002900000008000000d900000000000000a80100000000000029000000040000000c31000000000000c20400000100c91900000000000000000000000000000001072000000001061eff0f01800000000000000100000001000000050000000000000000010005020000075000000000127804000400000000000000040000000000000009000000000000000600000000000000ff0f00000000000009000000000000000600000000000000050000000000000004000000000000005ee1eef469ae991a603d8eb11998b62d75852c63b236c6c5641e8dbe86d9fa77ada4998b32de9e8f7e8cf150912e9f89dae0755177e0a09740157179413d6bc3f6a6698d30331eed2e331e2d97290884f50298597c53c406d9ab439b625278e7416ed6eb866cd01a6acff4c0e06041a3f3ce755c12af05018013a26d424ec9c812e665db6dc5bf7edf789311a29417453f65e480dafaf3c7eaebea3bf25d06aa591fc71347ee025ec0403c0bc7a7b4665c49e61893d6f99099362c9e0b7db810dd0d267706bb0ea2a0df20c5f43133bb69cafee09bc6cbfabd6c508555592e4db5f3c6c91000000000000000000000ffffac1e010101010004010900009eba2cbe1cb4b74ef5a824c5deaf45c531c12c19e56e0e55e6dc69e428c2cbd6827e899ef875cd9d89e21350bb8786c7764d26fb0e7f0023e0c318fa8042b9752502c504ef4ca9efbb2f796cd5cc954a2bf47edcf7114b0beba88ca21f650be215bb093ecdc50cddf7d2151e3ce2fe946a50bc726cdd0ae76cadf337cbb68fb197741989f3985d11a4b4d385307d5ed67c9108176c8cb4469d749d028aae971c1f91818a18e0ba22f21be5c3928e862a65a16281d760"], 0x290}}], 0x1, 0x20004800)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r5=>r0}, './file0\x00'})
sendmmsg$inet6(r5, &(0x7f0000003a00)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000100)="5ed84025127424af851b9e146d9c86c75913df354a6e5fc53cb2dd15e7ce726257cb1c4fbf767cfb9c803fb253a22057e08a80719c17f7e5e9d269e36d7701541bd0cdb7614025dd3c7f82f91a553dbbf6110ac04bf4525a95019c1ffacd2c060ed0639c03dbf372e066e299210bb58ae641c6de38c2a162cd822b2072460b040bc066d8d2f999cac6d8a3e12322c12c91c8959f8296b2b9dc9ca4de16d5f741341be4dd374301e79a7282c73b70de6594af1e33c636e73d836272", 0xbb}, {&(0x7f0000000040)="8296334da7308cf02507a0890d42a5420860b818bde278bdff35a97309538d", 0x1f}], 0x2}}, {{&(0x7f0000000200)={0xa, 0x4e20, 0x7fff, @private1, 0xffff}, 0x1c, &(0x7f0000001800)=[{&(0x7f0000003f40)="ccc519bb30cad07aba1136ff765df687e6001b98689b7ceff595e4a7e031a02f2fad0a9b5e784a311040aa15adb252c59afb619b7e5cc8d589d027cd2ef9793b1b1646d73be4edcc54cc63352b7cf0c776d7b57cd3754e5b8f54e61fbea3222c738b358750e5ff850eddd4e3176174647dc180a8813c0738e9a695e56bd7b50f7674bee8ee7d5b7bc6a2950f9f887288da513c5695084fc7fbabc0eee3fac2d991fe73bd9ec160198e6e5e92b0caf76e88bc0d7f16fddbbeb3e12b9557336d28c55f49a938f98b7cfc5b77f1829ca498831776cb3726217d324137", 0xdb}, {&(0x7f0000000580)="a66a88baec8fa233a55c7e9bc8f5771f542481bbbef5f7b3fb4c7a011019086b8a74a752b153ca1703dc4a7221822bd178492404c202d3f25d4b53b90e8c6655efdf43ed14d33673a42fafdfc3c83a08a6a8614ac790185980bec4b24bfbce36e2923786479080636934c75455005a8be64f669ac3e89f0c8c2e5e28ab82787fa1ac254f17db8e479afee0abf2fb8c5b2ae985866a6ad1bf45c4c1c0baeacbe5d4d7bb48ddd067f8b903d46ae648380df80cf000f42f8406744165980c79", 0xbe}, {&(0x7f0000000640)="c7a4ab1ff3b7d62e2d037a2db90938387ecfa20933089213bbaf900b7e8d7ef6fd7c591faa83f1f04e9f19c4c4b763e8f70e072627e2fb9bee497f869863c8a7a9a3447d4e9d31bfec430be519e4f77fd3fb51508c1139e55e381b40a70b4c1796599da09c2d3ab4e3e7ec84d7557849ef095670e51901fe4060ade550b24a530e7c72acf28ec41864", 0x89}, {&(0x7f0000000700)="5031a85d50975cabf74cf472dad822e817550fe20182cac317e673efc3ffbf50595cdc8a32e0aa85d643ba8f95544f92cbcbfd67b3148055f3b36f86463f942721df6e0688ac41e780760a379093c452d32c2d8a5a968f22c8e31bf055046cd6679c1dab6ed21de45c2c30cd43d3fc381441b149132337d8301472d2c90ec8ce37f56dde009e5a27f2690631bd81ea9aec5d2c64ab09042a5a1907172198837322df01e274bffd01a1e78b2adaf434fe2f9c6d735e6bcdef14a53e776190df8e2520d65182fae0", 0xc7}, {&(0x7f0000000240)="edf8bb9704fac813a7d111d16e0fee4d725273cd96adf07103baa052671db69908f968c41282db0ac2a10f4f5300a9dea57efb9cd89f67ec57e3d726f23de418b0424ba6239d9c0fd812e60b84eb4e2af150f175a1185f", 0x57}, {&(0x7f0000000380)="64bc40bfbacae1c06ac40fd959c5e750318492fe50ee4797da0775d2bd9d43468bb8d68228e610bbd9004d218d77cf4e4a76c114", 0x34}, {&(0x7f0000000800)="3ae76f578d8ddbd3d5eba45e1f3a2263dab5085067a49d7fafe2f41aad65bf9664949829fc93a02801afade61f783ca0a031f1b94b46b69719044fb635b53a0404126974e526478815ea31746ffb195fccd9e1526e3e08b3d89dbd9dce6999a08efe44db7d373d957a645f5ffd731b197fdcfa9c580b3caa9df52d19d451e9851afc35c4be03014b25a0b3dba21781612d0203d8143b6e680037f97211a0a88957988188d73a3ff3bab016767ae2a57993c87a2271022f9400861ba340da15d89c85578c3c82948fab0e385b10fc870f50890cb64824ac4e408d025cdcedf57fc5a75748e62ed20ed65a88f4771851ed87f887ecc58408f152c3fe64c810ecff75a6b6c79e5335d51fe6a721b8601366f5130a576fe29dbed457b6687506ae1227d97459a9c48028b18f8d79f1f11f4f2bb8e42af5c89007dc152f02dad3e8c2e7dfc618db2bb5bd1fc6453737acc0729498d7bb471254d1e2ac7a543d521709b4d145b8ba0b5bb322abbba1f9fa9a66e461fb7cefbee986a89d9b378f11e5eee38da5c8d44e781baa3c4f540c3d571b429ce6d0b01b2f66f72fa5dd35bc1f9982c58677faf43c51dcc034fb13f82bd2644ccd80b873a7b351257d058b20201cdb24a7084891d98117fb66b5b697c80d94348a5154502965a07c7d47495e6eda831d20baa6b92766ef93f41f1376f6eee789b9d924f1f1731e26ad889e56bdcfe824d02653b1dbebc978b63b48e1c02e4b1bca5364ae2b48bc2a6a926fe25264576bb422b7a68cd1229098752240e76e7cebe84db26eabd15a36218ccadf38b729332db6e8930cd79394ebb12bc0e3a39ce72de7a653fa0308958759552bc8fa5903f0644923e529bd870a9a8e5fb6f1bfbc21ad5c588a0b9616c56906b991fffb7c8bf80f90e7ea355683bbb0cbb1861fd447f00f8be6921ff9f3850a47425c2dac10ccf6f8a4455129a314d94e1bec726418f4b602a715ee995d0265ac99b9d1a9274ab7f5092117b1857a79a63aa0f8d5c10013853c767644143a079f1de309caf94854569c4f055457205fcabf9cdc87f534f51521289de80506c0bcff4d866912901464e4ac23349c286b43d05197624741298346dc72e51cf6165db95db4a2a706d6f83dd657f4857b8ff7f2a2ed6421fc4663f5cd5f24ed746318bfac15d334cf7c847d822be32a99a41bccc0afb020f33bf0845f9a91f9b4c218c0584a52afcc3adc2819e9b0b73fba6991bd0d645b5f46e6e2b98173ef7fa03d72ddca3416cb71dc813c9a2490b65a2608bdb7e0a780c0a097c3ff65585e8e988e9865e5ed221bc449065864302a31cab9d6f4046858de4bc986f1cb7de067f057cfbdb81cd2ff11b6c9c0aa3b57fd00137d1bcc251608a17cb1bfb2e9158c5f941d2e9e9e954e8ca0e6b2c69921785ebb5f7ff09aaa6484bd937fab328cdc7f64426163fef0293266fde8d2e418ffec8f649953e9cb04bb1736d2a13a27488c5fac753f6b8fd302045dd7d89bd28ede6b4e913ff3fc57ff5dde53d43ccfdafed175bf0d1ec8b56ecae460534401ea5906a736cfad59c06ef89ba8d86bc9f061ebb5e47fd773a516dc4ed750cc419583460b7414a6137a6524e543544226220ccde829c2861306d3b8044a19e912c088abefc9b382c83a1daedb72bcb05a9693de32f0e5968f13cc772a58eb17831f723b2b8093cd937515c8529bdfbe8655f9c513d9e469b17cc374870dfc660c401de1178cdf65792b8a1d4ce0861341118fff0ffaa7c435a7f08bb207436d99e13de5b3f1758fad20351ec0dfa64ba368babbe80c8fbc90a208c90fbd22bf0bdbf76bd6a77a57b4f3d148559746d54ac598a5600dc09da1c10ddd2ee7571cb3cd822d5881373f7f150f797ba2eb13a272abc175188b874853f34f6332abf49c99999aaefdb54214ddd79668cd655904bdeaa68c104960c2bda51b1cd04400d70cc0b383182bc100f7ebf24e33f347e39f4fe1fbad1c1b7c0bb73c7cdac9d0d11e14afba4d4bbecd76fba01729378e4c2a7f35c1c3fd82fe4db89fd9bf9d56547663548de210d8d180982b12bc51a0da9cdfcb857d2f5f076f9e2fb202531f79efe6b7d3773544b0985e7cf6fbfd7c064ab3fbac4ba3aad755acc7b870713d6e681a4cb6efa12784d63eb48b1760a1fc316fd64b99de98aa72693b762410d07d6e2291afed74e79adc6c8fbbda3b0327fc33c7288ec44d57c6a99a09ffd29ed24ad816c12d33d7a6423dbf9de0d16ca812619f5bf720cc8e0bb6f52c413b0d8c012d0b4066b235eccc1187ce0e6438d11bfedcfb12fca66b4644d57f3ab27e58f04d4f40e0fa14657ed4dcedbd0a6c49636c6c29c383bb9503fc49c927cec6d6c10b9d733aa119727c68968f511698aad0ef8a6fc76b13733b41e0016b6d3979a630276b917156436d455448b22a6646b66219380dba847de85ce603638893355ee2eb3f992443d96d94837307447a4185bccfe195fe484a835062c60fe50f3c8ef5a2c460cd6be5f50488397520cbd401464c3d9c85313b514e690c762fe4c06e6d9a57de67720ec03bbbd756e396267734366a945625635e51f39db841484445de4a5407f43d78e1e3f67b8f1214af6149e81168f1697e96ceefc7e04e6a4de6f81591d186cdedc32a76d5d28dde7646bc1617d02243d7f4962044f1ce7013c986d483756ab09a3c8e996cc60ffd44f196ae5c007e9bd6735b03c344dabe39cb90c4ee600202d1a47c77ebb53b7138828381b5fec2e96c65ccccc83b45b232436a9e88240a7ff14bd1aaae66c572f6644cbd37b5f13314e98861248cb302730769e53164cfbb7c69dbab19f7aa6b33853fde985cb5a04e91aa105e3cd716985635761c2c54cbbf4524688cfe9e313abcc3b766c2e2ccb89d94dd47d7cb75423755d42f4d7557b1d47d60255d160a80a039f218863d6fe1adf0edbe2a755c860d2f08aea0d806bdc1db47ef9a344792f7408a95f7b2cc9325a89b66eccd807ccaae00d7b290763fbd4a590728824a9cbdbd43af6f69303f57ffa19be5a30b4c99d76c038bb8bd1f438451fb7ff5f66c4690af6347c2c17743d797993f64e2471c0858db8fd824de1333f9e495b182d19b6becbb0e2d910e879aa8b926c3c772658ec4e76733aeb57dec9bdb2d7317cd302066b084cb76c6362051e460e51e6244b38c9e32ca57b1e9c5761f2ef9fc66df7493a8b42064be79b2a5d2e8bd812d3e23b2193975271cb7273a6174d481e688e0a43e8840c807002625d3f93717d76ae32f48d719263afef2dc90723e122ca4508ee1e9d2f2400eba80c3aef14c68638b798c3cca17dc763063f402a4b7e242dd119eade8228a0e24a257d4aa71d6889a05ea636398c197ade21087b8a182c316eb9d5de4ccc88d2757d0370c43b90958142116e277f17a13d6f87e7cc98281d042005ab11b1b7037210a3cc7393b4a90e5b758843ba35b3a5327ab531444910519c1cdf857bbad03fada33ffff69c9b1fcbd41dc1a5439fd6f7b4705390e2f7ba6940aaa0ba34b9e318ca99d87e05405a3dc1a3465b255d08d17f45d290ff9f20f8d1ccea0ca0dec89baf9ed33c8f6a462f3abb7f1093bf09e5b0d59f603b1c0d8b1db23e28ce884ef75a72707c5512668c949083213d8abd48c986c2e7c24281be43a0b2d0fc25f16694374b119968981f2b1a44f5c1bb9d4786e1a24d2a74224d641dd18a886868f9fcb193d0d17b9f93ef279a868ae76b0a0f506e42d9a3f00c8cd2f1c365675f5badcfdfad9d797453912b595a045ee4db4e7418de3f3fb719b5f85c325e168d1006ddb02d6b2897fe3d9606fddf7b726bc3f835a317cd526dc6a2418604cf7a03ff42cd0def292dccc5144381406070b225c7e9bbd260c616c26721c7253da98551e5252d3e69b7f324dc8ca4e279d99b1829f09cd710468eb9fdcaca98aec69cc7cd7a5461851ce9f6540acb4fd06d01e6c7bbecf34e25f71213cc678a3e4aac41ed5cc5c9275a740e48ad85f79835f1de8bef537e5b7d7ed94bfcf69332a8f3571b6cf732fb1c74dae91bd16d4397e456340da918d293236121563c80fc18cbc35f04763f55a5b5e4b68f9d0cfc0e803744d00c5eebbf8827eba80a98fd44aaad80dde4f11c988d8e1f3691a28330567f8ee299e2a66792e0b05f5a35bc6b1fba634a9f06f6d88ae6576623a56455dd4a525be45b3c3272ccbfceb7e02990efb66b05ae2cb82bf894002e6af0e2f0828f796ae93f4dd3039b01e0cc53c5dd7432f9f37a5153b2e774e9e6497852ad217d1e7d4d3a3289cd9e369e33a8548a7d579bbdb545e56bbc170da7f07e3dd14151f901b374b31129b98bdfc5ab7f8e1041d6be5878030a0a14d3c91ff76135ff1c958e3fbd7380ab2ebef2d24feab1008ba6f9f493d8993f221fa722439c04184939bc6c8653f3fe31b4f5ccb035df377329608d135f01dddee041e9eb9ad1c9a162bf4f823ce0b37812df5e255bf36902a7c1251ec5785418bb1ce58546360e317078902772daec2e40e032c7a3f9d48dcaa08bf28ac582ad35a61115d2f3e2016ca0651339343ca8b7e1fe9c0e5e529ede232d5fead011aa574649af4b33904014adef421cc4a8db85c383d2403e9e426f26f862a3a1642ee45be52b38912bf84bd832aa087d68efd12c346ff572b40f3d4be875d220c753a5346daf1ac05e659d3ec5829843325e6883bccff841d0841ef6f0dc927fd64dfd0d10261c31b3d82b9280c94e19dc71469aee5d90f687e441b2bc996576a577ab53e55c2975c92a8c43d104ea57532cecea4fc11a28dbd5b38e1de1a33dfa524c8035ad2d47b5ff3f1653cb494623e1ab47dc18363713b6fe387866ecb0ef0c25a8d6f65b4dc1f4f20b4f708c44419005a1a0182e498d29ae67ab9b43e7a5d54a125d865f9840089b73b96e95ae26b3f362270d2eaec74105d2efbab8ef18f33844feeaaa9e85a76eda82191f73080d5251df36e3f5e1212df99f0bda9a52b8122776171296ae2d34f9199eca3682248e4e91a186585b8f32eaef29829353b04604c198b5d2bd065b119714a854ed87126d1497300a76b97b3b5b7dae90d7328cd3849fb07ad159ff08264ebfa61ad82ec960e6038064addb95e3e47c359eb657801340fac273a6619efcff232314dc05defc49e6a6dd54d84189b670a67e50d4ed687da25b7ac4e77702c102dcf77622022ba52b3d899cbd978e66d5436af7aabb3f3d4e3553b9353de5fbe797dfae0ef7e8b1a76bd978fee69f1819bb66614727e54c2c4682b6d60afdff9f32296acb16c29365971b797928870870638d06f5ed5db1eef85039f045651c9b6c673bd2867a4aee03913d6883e95781638bb31a37e7157cf2275199ce2111d6c6c893a854ef1a00e72478ddc0fb94545ce3b7daaf5474957869b83f97fe186dbf3c0b923490dff708618b39887171f4b9ff44cd6c0c6fcad05a9b675a7d6842576c6d0610a5c4ce5ecd3070e77ad9e013c4ff3413e4a9772f88b0761e4ffc51d5157fe29bf008b3aec1a0e24a04cf1fea86ca10738e171a351c6a83adc42209a304d6e481ad50cf72ef99cbd843a540d91ae483423837e6df05a53f4e50dc70a1b4a1928908d033d619957bf1c75b728d0f7b01e4541237708665bccffb897f6ce8434b86f90f64f81c4644f3fc913d898465eaf0b3efdb2b965a8fccf3d05e9445285ec1f583f8f2af4e6278bc51cd8a689cd4a98cd588bff88338a804659bd3039154ca50155f0a2bc5b9355975097c9c12b605db4eb250ffbfec872f91428b10d", 0x1000}, {&(0x7f0000000500)="c83136cb96f9b1f52a70776a26450812f4b7e7cbfc065cb9190e4f", 0x1b}], 0x8}}, {{0x0, 0x0, &(0x7f00000018c0)=[{&(0x7f0000001880)}], 0x1}}, {{&(0x7f0000001900)={0xa, 0x4e21, 0x11, @private0={0xfc, 0x0, '\x00', 0x1}, 0x5}, 0x1c, &(0x7f0000001cc0)=[{&(0x7f0000001940)="1c2bebb9b5547c29fb5956b84b434a5eb60b52cb2796ead140d61a927251ace2180ee87a5df2b72b2e0e581aa69115ddba0ccdea1f216f34b5bb149ade4283bc85b8ce14b2322dd021f681c31a5da0392a77c7b2468e0ea8e8769155a0e3e3ab904c56ea746866c2fedcdbd20b3f49b5aefcd03bd47c50f6e250fa66816a5ef1d64b843e21e23c923b98bffe38e0f43b95cbbe47c587493e99d387784cd6b34315228f769d7b02e20f2344ac94a067", 0xaf}, {&(0x7f0000001a00)="101d0b734e8a732d7672988a930d5cdca68d8639f9ff4df9216b477c", 0x1c}, {&(0x7f0000001a40)="396b9b4f03bee137eb284facacc1d5f0fba18544f13230470afd1798da21fe28d0d9b36c6183d1edb38c7d3739628af9fe549c3352edaa1f42a12f2924a5ae35b8aee43997da581cbc137a025842bbe4cfbfea523eb536713522f052384e5ae8c2c45e213476dda2f4deb92403defbca8d13dc62ccc0717005ae56d828daf5b410c02ff8b1f84a2279f4ab821be8da264485eb53937f0d505417998e825486fc57f491c7b68800f24b4a23ede04c40e4a8988dbf0ed0", 0xb6}, {&(0x7f0000001b00)="982f8905e8cce2319f78242eaa47ae86b2e88ec6e3329c2f237d643a3e720f9183a5be8dfa2a4c7b7e5b755512f8b19458fc1b2497b74782805f5dd4862723b98c257ed78745c6c285a35cc43ee344a07e0d8b9fbbc8e2ab209226141f9788c0b872e87a054cd5782e2b068b4af060801f4abc992f12a1e42c6d0903b21b9baedeecdaeb25879af4fc1d0f2c66165b2c", 0x90}, {&(0x7f0000001bc0)="f256dc79ccb160d9630752c343011c8df60f2a87e1d51ba46b4d0402e54f8bbb813ea91a004b14c487b4a02e9add267ca08a95c28ab1ac84c61dc796f5398cb22fd8f721a0ca768375da", 0x4a}, {&(0x7f0000001c40)="313fefcd799fe67810ac813d65c0e36be68aeb3a646d95e5d152837fe1b60e4a65f1b503be064cb293b7af2f4286199d2b77710dc16e85b14551ab51ffcc3d2f4acd452eff0ea964e26a0b72e227e9a0e62388a1398b76a366f3c4db1811d58c67633c64d946b317bd55dcadcb69771e200d90ddc95e914b", 0x78}], 0x6, &(0x7f0000001e00)=[@dontfrag={{0x14, 0x29, 0x3e, 0x8}}, @dstopts_2292={{0x28, 0x29, 0x4, {0x0, 0x1, '\x00', [@pad1, @jumbo={0xc2, 0x4, 0xe60b}, @enc_lim={0x4, 0x1, 0xb1}]}}}, @rthdr_2292={{0x98, 0x29, 0x39, {0xff, 0x10, 0x1, 0x6, 0x0, [@remote, @mcast2, @private2={0xfc, 0x2, '\x00', 0x1}, @empty, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @rand_addr=' \x01\x00', @private0={0xfc, 0x0, '\x00', 0x1}, @remote]}}}], 0xd8}}, {{0x0, 0x0, &(0x7f0000002180)=[{&(0x7f0000001f00)="aec94ecb002528661a0cd79b950ffffde766dd80667af4b4b7764858a253ba171560df2a83931727e5fe72713c09382562b058dd0eafd085030d5ecef7afb7f3339832895e6ea56263eb3774d6f5065b39c239954d2f5a44f386fa5c83abed048af593fe8894608ef6846fa1b38cc8f304a04b02767e45e13e02a39c224632dbcce92d0925532f4f35fd8b7f337b013a74a6dd", 0x93}, {&(0x7f0000001fc0)="6b342ea94cdc0a5c20b0544489a5beef4ca57d64ad0b54fa104daa1278a9ab8f30c325d530e004012eec2d7dd2b37780b71e571f58e3624beeb5f79244c50996eec06522ba001fed6ca248d783dca76fae115f0c677fb1ded536a04efeb3bf44e9e4df4796ec71548d8a249b794c8db936778e158330cdfef55e7b29ce9ba07854546ca657c7fc162e4aba8196ef214aa661bdba2863f45132a7f2008567c478903537126588cc69be7a6f55063457db60305f6615b0913bb1d4802aa85d103f44c107ce393c76bb449117ba00e2b04d7b6f097a3b9a8a1e8913812b7f29c113450d", 0xe2}, {&(0x7f00000020c0)="3637a9c554a5337942241648bc65b3dd96409b7772cb9a62cdef9e63dbd173624b639e628b25af0b4abd1bb4bdb7ad8b03eb55c21166570390f270820454ada63325f12587beb7d4e62e5dd4816e77d5fd1e344bfb315c7de15cdb62212aca027fcc0231123e98cbcf3bacfde184413acbd6ac55d0dfadb1c990bf2d04ed0dd7d0f6cfffe3c77d175d440a45906a799e106875f34579a575cbe02eac1b91ff683c", 0xa1}, {&(0x7f0000001d40)="faa816e6e90b046821fc7414b1dba143e235dfe1831dd34dde4216484eac0573a81e60f907cb05fa138c403e1a984902ba38f2ff144a3b", 0x37}], 0x4, &(0x7f00000021c0)=[@flowinfo={{0x14, 0x29, 0xb, 0x1000}}, @rthdr={{0x28, 0x29, 0x39, {0x3a, 0x2, 0x0, 0x3, 0x0, [@private0]}}}, @dstopts={{0x58, 0x29, 0x37, {0x0, 0x7, '\x00', [@hao={0xc9, 0x10, @local}, @calipso={0x7, 0x10, {0x2, 0x2, 0x34, 0xff, [0x3]}}, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @hao={0xc9, 0x10, @remote}]}}}, @dontfrag={{0x14, 0x29, 0x3e, 0x6}}, @dontfrag={{0x14, 0x29, 0x3e, 0x9}}, @flowinfo={{0x14, 0x29, 0xb, 0x1}}, @rthdr_2292={{0x28, 0x29, 0x39, {0x21, 0x2, 0x1, 0x2, 0x0, [@private0]}}}, @hoplimit={{0x14, 0x29, 0x34, 0xfffffff7}}, @hopopts={{0x38, 0x29, 0x36, {0x3c, 0x4, '\x00', [@ra={0x5, 0x2, 0x4}, @jumbo={0xc2, 0x4, 0x8001}, @pad1, @ra={0x5, 0x2, 0x3}, @pad1, @jumbo={0xc2, 0x4, 0x73873c9b}, @jumbo]}}}, @dstopts={{0x30, 0x29, 0x37, {0x62, 0x2, '\x00', [@hao={0xc9, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}}}], 0x188}}, {{0x0, 0x0, &(0x7f00000036c0)=[{&(0x7f0000002400)="11f8cc0ed5b35b34008056089600455df485fb11564f41f5a6f48769227f4d942d38ecdb788623179f6a6013352afa860485418a5da04cde62ae31a3c662a95492bbc3dbb2472c55419868fc0b8202aed55d596355c3657d1d666499d916d5099bea08c20119f845e13be1b9570fce3e1df08edb60ca265520c0f73de23a9878d65d92937d3f2cb5c8adba78cf3e68aecdb99ccfc659bb189d7ddb490f7d824be0f419233a6c824b4820d0d2bac27a8cc92c6503910e7a58c391455453f9349626626b4ccccb7d1fbb7a9c44d0df53c35589de83617055759a89f889871ad68109275cf5528f120130fee248d6365d60cda2c90a899800922075619cb27c8ca6434bb922317d207ca4a6b3b8f25e336091e05969ddca5cde6ea6e024e700cf90d3adb2f30691b59e9aa8276cbaf65d3bda63d75f3bce89e0f1da956c9864093af6d3ad46886f283ed2fdfafb664937ef4d2166ced9d70868ea425f2f05f2bb4317cff9a8c19a1cde957d0ea94be32584e1f5380fbc57a51c98e1b36a7da6698d2b011ab5e51b158cca5fd37b4ff532dcc9e67677f2e3e26141f345d92e1a74637d0a5f54ea875b6dbf7ea8661b2dc3ab413d9d2e8b8ddd3a29accb386dd4ee4693e5d65b43b8d166ce92fcaaefad9b462d87822d9825b8c8b8087ed72db2a9db4ce7b76b6f3e60d56f60573c40fc4e75c94db417ae0e1805cd15accdf26b2f8ae20ab6c0279d524b480a50bcbfe02cfbcc17720fd47009edfd57772ace1ad785446c2ae2d547607eb6fbb8e5498d68b30a93216082eaee67a3a068147b6ebd8d5cc68c765802e9032d004cd2dea75e5139e0112a52bbd88b91f7f8acdbda5d48e81a2f3c82340b08e9414af5304a50afc913e14ff7038fc2d31ce63028987853bdcdd1b095df6f4487f9f4e995782d6d136d8c785632f9773afb029adef84ac5978cc228bf1f3923faa9ef505b30c849c1d66db418500578d32417827df0365e964aff9f4784d2be750a6623473b120b3621c136256a0ef227c5cfdee5882672a4c01a006dc5db807672804e1596617794e8b67ec52b56fe524ba966bac3482f6ae270ee84305a60269ee767906df8f8b6470d47cea1f615dd8d5fa4b5f376525d38643fdb5290c467999b480a22de2c0e22f08c532abcfb08af853f00200e71db678973ef94eb1f6685e93f4ad9cf8b2f25d1150f589509798e9cff4e6a4ea29cf30342a773377c3145afeb0b0e3aee2941830d06de137aafc96531f6ffdb245d7b06e7e1ada22a6bfa89a12786d452b6942d0c7e1ec0601e1c658c4d9eb22441c0b415e77f71cc7534f769e315e897e6fe5b9cffc78724665ad9f5431674df18ba7f2f4f342f9af6e2cd6365a2751853ce59bcf7eda16b9f2975e3cab1c93d0d51d7a6523bf6d851fa411fd41864ef591a370de350261c73bb4caf688afadf82f43da1062098167dfbb1c5937d6e8a6c0711fc7b616a830df2d7543b7eb38bde8da251ffa008c4a8d9384e525139a3dae066fc64941a48cde671c9fbb3fd2a13c68e60cab4002c5b5febc63c4f95d8be8f7e3882089ab9341253dcaa7a63b295e5e5f9b261a4de14c94b5bdf7a651bba0f02d8b3b16034d4a96f7e06e2937e5b54245954675cc97567afaebf5eb2e5b87edc89d1d01445cad40f0510e4133019430b860f6722ee616aee4434acf0ec0552eb07d0bf0a02c36ee1d344405ed0b1163addd10bd07165b050094093c63ef2fa0a7633dff602b7dc13f6fcdef533e5247eef9c6731286493130a5cf81fdcab9aca2dd94bb331d454951f171eddfc7c1c43f62c1d7421c6630ca8e030d3bbb5f0a955f20b996c3a957d2eb5cadb04d46ca759804e1fe08d73161f904d8aeaad9fc3c8bc0d922f8977b81ed778c4de63f5e0d3c1401591bb4e34865f5d2b9213ca45538b21b2527705c6a589857effbb2f7d0368dc69c1581c79e349a3731af9a32cb49aa877816b736e014e56cdc2531e4ede2a4376c8ce70f279a0e40fa2a14ce0778411636578fba7afcfcdd08e4d41f2cb1dbcef7bcbb4135adedf704356ea581adea5719c7cfd6a3daf824f8cdf0895937a083c3c487359ece17e2f8812352341bce4857f3acae246081bb723baf9e1eb23d60961fd417e3a7cd130acc71331fd0e5cc85045ca2061a80f1c609c5fafb1ac4b182966ccbe783500b6c4fad7b843beb441da7b9f584fbe540fec76351ff88921a68f4e07f8e3d12be22fd32e289e4622babf090257e0d1598b973c84461604b3e6e32aca978c363c681ef89b02c424e85d894d07fd9c105a3cad87516c4b7424372f4e29ca5a23f810ea07cd2bf964d36076b42f71b562fd2e52a79cf52c55a36c1f5ba4c2c05388faa8a2b91ab372448b44ae3f39ee2d9e0f22692facab2b843dbfc464c1e4fe64a68f1dcc7974d4b876248e1f90bed5429105283ce30a7c83838566c85949b8149d099be2e04845da3c10e6b7f15fcf75fd8adc368f78a818aefbe7ea79a2a5bb016fa29682b3bb381bd4360d468e1f900149efd3994164314a29bb330e550d98fb21b388668071b74edc98479f02b994d167db34b4894f8e25a78bcba998e3859302e680ab53d880245d6c61fef5c1c75ec854511dc505784a1f521d0db4d8f035363106b22062b7e4bb38bfeaaeab1438e43a3b912ee1980923ec59afddcce416f29d30a65e570d9071c5cc588024fffde456af27ac4784b3edeaca4f0102ece8dcf26b65b13ae7d2f69714c2993917665e9d838ddcf387d64692e2c5994b593123edae8338cdddd7b4c58b0a4b6a7d6462be9bcfe2513d7ace410802da61495c8ba955f07eb3f305eff9d4c9a89f85d7f127eac00a8bbba20b81d8319144de179fd6bcad13890c7e27f78f99487076494eb19562a070abb3e7894968256d8fd3583448ee78e7d6cdc7272570bed75c25db2a481be088aef4964ff1348181e81ce39dfe75706dd40e60716e12b1b49ba94dfcc86bcf29e2e2219fea9b7ac6f27426db864e2b22cdc890e9737eb5c3f551d296e1b85f6b7ae14a87f6381faf61d832bcf27e50e2227385c345a96e32dcd08c27bd29307ffd9cde79bdaf29ab072ed0137f4e6ecf0143bdf042ab205b8e8424603981696420cbfcc12ea1f8d5a1365ff99f47b1c55010234e907fd6f38806b87459faf75c040d25dd8fe62d437a686c2fea9433b5b1b32efeb2bd64d8909b04289e81452120136193bb951c31992d7aaa429d324f1700514abac65f30530180cf8368d898c6cc428bb87398ad1605671a2b0a3659e6cf420619073d67ff95fc9418536afc6a5b3390806e28d27566c1be0b9160bbc5bfda4e405103f67f73f8192c771e891cd0f54aeb10b86cb50b4ce37f7b270745b6182fe578ba0bc83b63f975c7b35c6df784c3f8c88b4ebf17045afc612916ba56799127f9f1b380c9b367707ccdde08c9ff506cde8df3c5deb70dd31001b0a35b094077b370f10acf8322304554e61a2096dafdf6841190c4b62a1359e32148db04bbabdd4c0d0e86709a8bce284acf74fc7dfd6e4bba0a7aa3e81ab75104ec76d2f136100b2c415ebf1c5697dcb7699f9ef94db4c051c06c8d6f8d4fbc2df316ab755654ce3497f7cafe381e91b9265e9233105312b86176ee2f52bb35b66f7b91ce9504dd161278c302e90d5b73d3b5114a09f46886c48b3e518596065e015a540859280eaeaa668dab7e161d1c5ed040b380d296e10e1e4ab5c73f002b0743c785e434802eb503bce1451febd2bb2c3f61970be649df2070ace7edaf892a351ea934b6a0e8739a414d75ddead80b50a56bc5a87adacf6466b2dde1eaa2ec683b6d631e92289d12da7f78a239e392c5faf3dbf27a626530ab09715c6722afaa0a0958b3b97962635b97e272c55d029363faf3ca8caee541426319dbb14bbe543842266ba0278b96a261114b374fa1cbf090a05fbc125b11713e6ac466ddfa2690e0a46e104ed5e4ccc7f1f7b3dcf9f0d8d9164f2a6f6af6f16a45e9e3e2ca49ac23b2e6479abf19ea48294a183ac4945921b5c348587e7fa8ae971dc30d2702b3c4076eccf921c8b4ddd3cbb8267162ed109d7659a8dc2511cf49b165351caf1afa7adf02e9e38fedcd1da0d8c7f74ace80f87de297341c1ee7eb7b79d2a2fd335968d472e6dfdbb488ff52e91ae55ec59e185d89154f34584cdfd699af97e59ee6bdc99ef94dc77e9329fb6b0673e2b2277e1b8b4733e9f659fba0a97f9aaaf4e06c96fe429ec92a20d124b9d419336e03d1e401789167bd58f90c897fb47c248af3e57e0d7898a8b3dfe7bab915bda5a520b35f660642a3757113fbdaabaa0b68441151c6e1df34a284beab81fe90018ed6297fa0138b0fe021d418fcb8fdab83b7635c39f5db917c396e34b256c7c6aa91fea15115630205007b4e05b196858f31c0f089b63d9bfe4573d42cacc5fb0178c7bf8d65af38412d8ff8ac3d1cd844656babf1a0a72349eeda6b8b93afe32a4e8c98645fd2be40895356474288196484d693f510f81f07f546ef4c87b4473c4ed15b36711e2d391f05b0eb743a661ec7270c347cdce0d762fcf2f77fd7981eb853abad18987c45d3292673493b67965cff4a414bf0ca3b79e67364abda0b8ceb52dfdd630f75120e80aee30937dda3ba72cd7513d2b43335e4e494d059e7ea326ebf4d71de4b8594c98aa721512a08c3b3dbfc79e1c11c17abf78da0a59ee75abe74b6f68ce9a5feebe05a2b099a5a4290a3e1046e23f252e6321b8f1bf89f4e4312417a383eab58eabaf2078e09ed1532262ce8b8c4135037caf0d0a12726efeed34b9b287c06c3ac51cf533da69f6f8916957232772939e16cf19c15f6ef938fdb16e891126933d2bc35d540d296119627577e4a1ae88aa28e1adb9caace27cc2e1274b8a6b625b854164e3a784faa1bcb7dfe25fb0104d72c224e624a039521cfe8598dac2988c8310fa799d213febb3c8e3c05659ae5abf01ebe18bb60133e967e5e69d8b5b7f2b81662df3474605e39bfb918977464f89b9341cfd6f60144871ca96c1f9409cf937b7a6e3fa4b3d1670d15f071748100cffd89d479a9244efb0fe66f3bbcbdc12a913894860a7d5800137f21adbac9b8c0fa8e990d6c3f43083448c1c61dfedc66e797b4a5eb85cc518ada23eb1e9212a3d0afac3429a075982c6e8c2d36274b12759bdc0a6b3840b4b42acfcb00c46e2d506055cc7dc8ee2a2921811298fe51dd24ef4899ad53efc9d1f17a0e4bd7678513fc9bea6395b2e83dba80501a63d9a740b1612cdc8e1756e54f10b7ec2afae401dc493bf1176aa8302d36672990fd836a3f26a6af6f401370907dd79b04f354c5be8bc3219f961f9c60fb46efee3cf233a6d77c4037a733a6767d71cdfca63f40caa91b8246bc94aadde651b67a15e30fcda7ed9e1d0d7804f98a438290fcc61253138df8f85f7e80a59135459da7741939f16ad5a86f9046ffb0abb5a33025d66c4320715d5d366322f433bb3b789bca326c3dc7de0db81c06fdf4fc01e27036417f9fd859451ac36925a880e81cb9c522dab5f7dc7c72120e30a945e11ed9b21b39c36429acf7aa411374caeba5c95959faaf0e0d6cd02e984473657f316d6d40e7e7e8f16530430930256735925a8ca205880095bbdfd1f57f93a0512ec978e2d9871cca6163f10ecb167a987bc9383e82e9ab7a2dff1a63a460a00afdef1f803516393f4a56fb02a2e60a6ec1292a059021d5b8c7ee9de67ae3d0927c57cdd051a6a40d65b9a85f1d34968550bd8e7a42f9c69d113993d0d9e7", 0x1000}, {&(0x7f0000003400)="37327118ab83bfedf6d291a6b3cc4ac20c6eac26268bb434edbb860b2c1bf08ec53231f4527e133feeeeb0d76662a85c4688b5a0b881d0961cef7bba6997b3d60bdd9908623e0b662962882691fecb945eeba5812453aac1522fb3db992a80b81a43999b84d946d78c588149ed67060baf1146a24440bd2ac077cbefce3e82ac9f58f36666ef5216a019ef5e627141e5180421e5d36cb442ef0b66f44eb879d9620939d62f2976", 0xa7}, {&(0x7f00000034c0)="5e23b5bbec63a46554ec44c05d7e168ec0daccdbe9c6cb2a8d0a00b299a457209b763d5ef2e721de671ae36928081b487611edbe72f3d426c5eff4b687a005a81e369446a939bd082ffc2d34bc63", 0x4e}, {&(0x7f0000003540)="16095e906a529ad8b6331030454266ca370278541211775818c71ac3d35d864f6842b8c09f87caf97048c621d3d14db6ccfb1a57e2c26c0aad35892647e6656b22a46308e79c1032d123fe3d6441fad5cd71e3ad97e6d98587a77f4c846a23edcba822fb92a7b2fe32791cb22941f8c1e92037d2f5d1533404702c49d61e8b092dff90972ce21c556714a29df48ee36bffaa0ab71e76d1c4302e45fc0b32a717e45a6454b21c5984c1be2cb1cf0658300f7436d4339e84e4ee", 0xb9}, {&(0x7f0000003600)="e840f67e076996d9c615bf9f18506e6c542958a235a4b880b22025243c190d1e69d2ef650fdbbc8f5f5561c64f02d4ce594c24789b782250cc80772c4ef089726671fb28b2d7e67473b29fe1b719f7961f545ad5cf90a2da5aa2901cc161ad3e3060a50b2ad80c75433192ad6e5106651acf5f293573b079e9c98c5b1b45008d1071b8c8999c8d97aeb093beb05243efdff04582a0b92ab4c67617532b97c01077f811d3bd24", 0xa6}], 0x5, &(0x7f0000003740)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0x8}}, @rthdr={{0x58, 0x29, 0x39, {0x5c, 0x8, 0x0, 0x80, 0x0, [@private2, @private0, @mcast1, @empty]}}}, @hoplimit={{0x14, 0x29, 0x34, 0xa67}}, @dstopts_2292={{0x110, 0x29, 0x4, {0x89, 0x1e, '\x00', [@hao={0xc9, 0x10, @loopback}, @pad1, @ra={0x5, 0x2, 0x9}, @enc_lim={0x4, 0x1, 0x3}, @padn={0x1, 0x2, [0x0, 0x0]}, @generic={0x7, 0xc1, "daa81468ee04feba33ca3af5eeef76381f68c815e43241c2406b6e70a289d75c62e4590e982dcbf54770742764200a138c8b2b6b23bf83c24dc8801da2a764774799bcb717be64b319c754f1fcb2d5b94d5b7866b75ab4cf1edd6dc44a18d8078b26777676adae1534a1aa7969a5842f9b1d74fb529651fb1c4889caf4962299ac90d77a0f8162457016f3e5a44e0f8f7c4fd2cca093b88fef5de045c754b7df90ebe50ea63ae8a95c8cfe4a9506604ece863cc80652dec249d63578129c5c2270"}, @pad1, @ra={0x5, 0x2, 0x200}, @jumbo={0xc2, 0x4, 0x1}, @padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}]}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x2}}, @pktinfo={{0x24, 0x29, 0x32, {@remote}}}, @hoplimit={{0x14}}, @hoplimit={{0x14, 0x29, 0x34, 0xf08c0b7}}, @dontfrag={{0x14, 0x29, 0x3e, 0x400}}, @hopopts={{0x70, 0x29, 0x36, {0x6, 0xb, '\x00', [@jumbo={0xc2, 0x4, 0x40}, @calipso={0x7, 0x50, {0x2, 0x12, 0x1f, 0xf38c, [0x100, 0x1, 0x4, 0x0, 0x0, 0x7fff, 0x9, 0x404, 0x0]}}]}}}], 0x290}}], 0x6, 0x801)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000004040), 0x40, 0x0)
dup(r6)
connect$inet6(0xffffffffffffffff, &(0x7f0000000400)={0xa, 0x4e22, 0x1, @remote, 0x7}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)

17:15:50 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180))
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

[ 2046.578260] EXT4-fs error (device loop7): ext4_fill_super:4967: inode #2: comm syz-executor.7: iget: special inode unallocated
[ 2046.581334] EXT4-fs (loop7): get root inode failed
[ 2046.582438] EXT4-fs (loop7): mount failed
[ 2046.601362] FAULT_INJECTION: forcing a failure.
[ 2046.601362] name failslab, interval 1, probability 0, space 0, times 0
[ 2046.603188] CPU: 0 PID: 13920 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 2046.604296] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2046.605635] Call Trace:
[ 2046.606076]  dump_stack+0x107/0x167
[ 2046.606661]  should_fail.cold+0x5/0xa
[ 2046.607283]  ? radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 2046.608204]  should_failslab+0x5/0x20
[ 2046.608814]  kmem_cache_alloc+0x5b/0x310
[ 2046.609470]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 2046.610381]  idr_get_free+0x4b5/0x8f0
[ 2046.611003]  idr_alloc_u32+0x170/0x2d0
[ 2046.611627]  ? __fprop_inc_percpu_max+0x130/0x130
[ 2046.612406]  ? p9_client_prepare_req.part.0+0x20a/0xac0
[ 2046.613263]  ? lock_release+0x680/0x680
[ 2046.613907]  idr_alloc+0xc2/0x130
[ 2046.614503]  ? idr_alloc_u32+0x2d0/0x2d0
[ 2046.615147]  ? rwlock_bug.part.0+0x90/0x90
[ 2046.615838]  p9_client_prepare_req.part.0+0x612/0xac0
[ 2046.616669]  p9_client_rpc+0x220/0x1370
[ 2046.617296]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2046.618144]  ? p9_client_prepare_req.part.0+0xac0/0xac0
[ 2046.618997]  ? pipe_poll+0x21b/0x800
[ 2046.619588]  ? p9_fd_close+0x4a0/0x4a0
[ 2046.620211]  ? wait_for_partner+0x3c0/0x3c0
[ 2046.620894]  ? p9_fd_poll+0x1e0/0x2c0
[ 2046.621502]  ? p9_fd_create+0x357/0x4a0
[ 2046.622143]  ? p9_conn_create+0x510/0x510
[ 2046.622795]  ? p9_client_create+0x798/0x1230
[ 2046.623494]  ? kfree+0xd7/0x340
[ 2046.624011]  ? do_raw_spin_unlock+0x4f/0x220
[ 2046.624715]  p9_client_create+0xa76/0x1230
[ 2046.625399]  ? p9_client_flush+0x430/0x430
[ 2046.626084]  ? trace_hardirqs_on+0x5b/0x180
[ 2046.626771]  ? lockdep_init_map_type+0x2c7/0x780
[ 2046.627518]  ? __raw_spin_lock_init+0x36/0x110
[ 2046.628242]  v9fs_session_init+0x1dd/0x1680
[ 2046.628932]  ? lock_release+0x680/0x680
[ 2046.629565]  ? kmem_cache_alloc_trace+0x151/0x320
[ 2046.630329]  ? v9fs_show_options+0x690/0x690
[ 2046.631032]  ? trace_hardirqs_on+0x5b/0x180
[ 2046.631713]  ? kasan_unpoison_shadow+0x33/0x50
[ 2046.632433]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2046.633231]  v9fs_mount+0x79/0x8f0
[ 2046.633798]  ? v9fs_write_inode+0x60/0x60
[ 2046.634455]  legacy_get_tree+0x105/0x220
[ 2046.635097]  vfs_get_tree+0x8e/0x300
[ 2046.635681]  path_mount+0x1331/0x21c0
[ 2046.636282]  ? strncpy_from_user+0x9e/0x470
[ 2046.636956]  ? finish_automount+0xa90/0xa90
[ 2046.637631]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2046.638370]  ? _copy_from_user+0xfb/0x1b0
[ 2046.639024]  __x64_sys_mount+0x282/0x300
[ 2046.639659]  ? copy_mnt_ns+0xa00/0xa00
[ 2046.640275]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2046.641095]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2046.641913]  do_syscall_64+0x33/0x40
[ 2046.642499]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2046.643299] RIP: 0033:0x7f916d656b19
[ 2046.643878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2046.646732] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2046.647925] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 2046.649028] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2046.650132] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 2046.651228] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2046.652322] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 2046.653590] hpet: Lost 2 RTC interrupts
17:16:05 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 46)

17:16:05 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f0000", 0x16, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:16:05 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:16:05 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180))
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:16:05 executing program 0:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:16:05 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000051c0)=""/197, 0xc5}, {0x0}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:16:05 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105142, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x20d315)
dup2(r3, r1)
r4 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r4, r0, 0x0, 0x4)

17:16:05 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x800000, 0x810, r0, 0xb4b8a000)
openat2(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x8440, 0x22}, 0x18)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
ioctl$AUTOFS_IOC_EXPIRE_MULTI(r0, 0x40049366, &(0x7f0000000480)=0x1)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000004c0)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)
sendmsg$inet6(r0, &(0x7f0000000380)={&(0x7f0000000100)={0xa, 0x4e22, 0x0, @private1, 0xfff}, 0x1c, &(0x7f0000000280)=[{&(0x7f0000000140)="32838c5b18d5bc5586a1ed6c6ed8da6b7ff04913042cc0623744bd1731547ed53e4af748712b083e8faf0b0754b347b1d8599cd92b2f4d94ca3dcdb2d8b33445c61c400cdbb5190cb551a090b11a178c3b0b2676e0aa0b2d17296a54a491f6f4", 0x60}, {&(0x7f00000001c0)="1828a2df205dd1b7e77a4e3efd9b40ebad954b8a57cdcf430c370a74aa4ce0c45a614fb69565d2402df104ac847d32225d8bb0e115855991a401b2957e27707da30069257132fbac2bc142b0201994229bb4b11576bde5b37c23732f67ddf0c95aa94c3a3ceac849a27adc5ddaee386f14506af3efc461121103d6e04074a57dfd41a39f3d35913c6e83d68d8b3da41e", 0x90}], 0x2, &(0x7f0000000400)=[@rthdrdstopts={{0x60, 0x29, 0x37, {0x1, 0x8, '\x00', [@enc_lim={0x4, 0x1, 0x80}, @padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @padn={0x1, 0x1, [0x0]}, @jumbo={0xc2, 0x4, 0x66d}, @ra, @generic={0x4, 0x26, "3cd92f3cd0c340ed4ab1b84e7a3647e1282e8dc3f7535856ac9b62fea63c661b9e0a18b8bdea"}]}}}, @dontfrag={{0x14, 0x29, 0x3e, 0xab7}}], 0x78}, 0x4084)

[ 2061.722510] loop2: detected capacity change from 0 to 131072
[ 2061.739627] loop7: detected capacity change from 0 to 2103296
[ 2061.751810] loop0: detected capacity change from 0 to 2103296
[ 2061.755895] FAULT_INJECTION: forcing a failure.
[ 2061.755895] name failslab, interval 1, probability 0, space 0, times 0
[ 2061.757467] CPU: 1 PID: 13952 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 2061.758369] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2061.759440] Call Trace:
[ 2061.759789]  dump_stack+0x107/0x167
[ 2061.760265]  should_fail.cold+0x5/0xa
[ 2061.760753]  ? p9pdu_readf+0xadb/0x1d40
[ 2061.761273]  should_failslab+0x5/0x20
[ 2061.761759]  __kmalloc+0x72/0x390
[ 2061.761857] loop6: detected capacity change from 0 to 2103296
[ 2061.762227]  p9pdu_readf+0xadb/0x1d40
[ 2061.763940]  ? pipe_poll+0x21b/0x800
[ 2061.764425]  ? p9pdu_writef+0x100/0x100
[ 2061.764932]  ? p9_fd_poll+0x1e0/0x2c0
[ 2061.765424]  ? p9_fd_create+0x357/0x4a0
[ 2061.765939]  ? p9_conn_create+0x510/0x510
[ 2061.766475]  ? p9_client_create+0x798/0x1230
[ 2061.767037]  ? kfree+0xd7/0x340
[ 2061.767461]  ? do_raw_spin_unlock+0x4f/0x220
[ 2061.768026]  p9_client_create+0xaee/0x1230
[ 2061.768574]  ? p9_client_flush+0x430/0x430
[ 2061.769116]  ? trace_hardirqs_on+0x5b/0x180
[ 2061.769675]  ? lockdep_init_map_type+0x2c7/0x780
[ 2061.770308]  ? __raw_spin_lock_init+0x36/0x110
[ 2061.770995]  v9fs_session_init+0x1dd/0x1680
[ 2061.771548]  ? lock_release+0x680/0x680
[ 2061.772055]  ? kmem_cache_alloc_trace+0x151/0x320
[ 2061.772671]  ? v9fs_show_options+0x690/0x690
[ 2061.773257]  ? trace_hardirqs_on+0x5b/0x180
[ 2061.773808]  ? kasan_unpoison_shadow+0x33/0x50
[ 2061.774417]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2061.775069]  v9fs_mount+0x79/0x8f0
[ 2061.775527]  ? v9fs_write_inode+0x60/0x60
[ 2061.776053]  legacy_get_tree+0x105/0x220
[ 2061.776574]  vfs_get_tree+0x8e/0x300
[ 2061.777045]  path_mount+0x1331/0x21c0
[ 2061.777545]  ? strncpy_from_user+0x9e/0x470
[ 2061.778167]  ? finish_automount+0xa90/0xa90
[ 2061.778845]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2061.779492]  ? _copy_from_user+0xfb/0x1b0
[ 2061.780161]  __x64_sys_mount+0x282/0x300
[ 2061.780814]  ? copy_mnt_ns+0xa00/0xa00
[ 2061.781372]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2061.782134]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2061.782791]  do_syscall_64+0x33/0x40
[ 2061.783275]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2061.783934] RIP: 0033:0x7f916d656b19
[ 2061.784410] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2061.786818] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2061.787788] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 2061.788683] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2061.789575] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 2061.790483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2061.791372] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 2061.794646] EXT4-fs (loop2): bad geometry: block count 512 exceeds size of device (128 blocks)
17:16:05 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x80000000, 0x0, 0x100000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
r2 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder-control\x00', 0x0, 0x0)
splice(r2, &(0x7f00000001c0)=0x477f, r1, &(0x7f0000000200)=0x3ff, 0x7fffffff, 0x1)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e23, 0x8, @private0, 0x3}, 0x1c)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'ip6gre0\x00', &(0x7f0000000000)={'ip6tnl0\x00', 0x0, 0x29, 0x5, 0x0, 0x3, 0x1, @private2, @mcast2, 0x7, 0x7800, 0x6, 0x3}})
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)

[ 2061.824462] EXT4-fs error (device loop0): ext4_fill_super:4967: inode #2: comm syz-executor.0: iget: special inode unallocated
[ 2061.827144] EXT4-fs (loop0): get root inode failed
[ 2061.827777] EXT4-fs (loop0): mount failed
[ 2061.827925] EXT4-fs error (device loop6): ext4_fill_super:4967: inode #2: comm syz-executor.6: iget: special inode unallocated
[ 2061.831375] EXT4-fs error (device loop7): ext4_fill_super:4967: inode #2: comm syz-executor.7: iget: special inode unallocated
[ 2061.835657] EXT4-fs (loop6): get root inode failed
[ 2061.837076] EXT4-fs (loop6): mount failed
17:16:05 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r1, r0, 0x0, 0x4)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105142, 0x0)
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r3, 0x29, 0x8, &(0x7f0000000000)=0x3, 0x4)
sendto(r3, &(0x7f0000000040)="5ea18a99", 0x4, 0x20040800, &(0x7f00000000c0)=@l2tp6={0xa, 0x0, 0x0, @loopback, 0x4}, 0x80)
recvmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}], 0x50, 0x242, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000000, 0x1010, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000200)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x3, 0x0, 0x42, 0x2, &(0x7f0000000940)="16c36377caf83e229c336618d2974e265f9ccf509ae2d8597210aba0ff3bc5b73426545715d6c302e818b80cf7201342c455d51af09106bf1d517ce0a31aa9d4f2761230899023db5782e80e417ca95dba6fa20ae4135f1e16af73bacb7ded03fbba57d62484c1762f3892955160ea305db582a2168dec7bca19f18f6b997679f01a541e389bb29d7388655c02b9fda263b77fc1756f82cb5644d316a7590e02318e1be2139e2960ebb33105e185302959cac336ea56d536eb6d6e250b8b293ae742caa84b7cc68a9015800226872ef24e871df4b951df216a8be94505f2a7667dc412ffd5b3c0a92fd3fc9df943bc14a55396c060b0ee23c102f297c82a5f089af07fd73822979c876afbd5b601389574374716121813234f1d6598b88e679e853e2e9dea1796d7ea300475367336ab39b2b96ac64fdf29d6f4342bcd3eefc1314b21f081e442b796ff8f3c1bb861c61bc6b549b079e18dbb0611e807b6022f1500f4eebaa5678db00596076b68b9df66840cb8c6254e3d771acf01a7b61a78aa0c13cb5e9e70d1772dbab474db920edcd8f9fba845e7ff5d1876d8ade7be56e7c4a137b2d3e3ceeab776689740acf76f5aa2758115efa41a9053838d0a7f3bd7e109db197bc07359bcdac68369134c6f6d4453bb853cfc7152030ae844e458f49b8272166918957e7a45cf4d6a1dd9602f5c9253bbd4cea90c650ca5a1bbd9a0eb94aec0b8107702b3636f758080edf21d2e897229830f39f48ad10c97a6d3e419247f107ab8fbe7a937bd0bd390e432d6de24a8b4ce2cd1c746bffe6717f79fb87aae36dc33803f7a2a8394816b959fe7d4ea9e39e94c322672e02fc65177897f3e8042ef9b7dc1211ee38056dd62cbe4518fd093ffda9e5ba69643301fed05bbdb218e8a2736552f27c621baf8dfce7f26035c655d8d22f30d5dcf1eaf8484ee08838bcb203f824527b755564478c58acf864b12f2f97d5d7241e68443a8b1c730c6fa428b1edcac25a4e4783bddf05a841f6906f78a8c4a4c4660fae30367c48c7def6e23af84d6ae06c3e6e7470f735cf7e299356ed95191ed295b6d4e687b116f317c1bbf81db114691d6ca14a363227e0496eefbe570d96efb9eba682fbdc6790638b41325baf7b1593a89f55b010dddd0f09c2286d1ee3dafb33a0ea944d6b4d8685efdffcd644002ba7bbd4b3678da5e25fff4823212f3aef48906861ebf0c0d35d671b62efb28e2685cc6afd19650985612eb9b27bad672e8f462a0fa823ca6676be90ba2d0dd0979db599fbe25a1716db3fd2b8a5bf504117b2a2aef70a7e89f1cf38cb130291631e4ca4a3a37b8fd6c59db45932e2f6e58855a79ba78892bb3a0a2ff1365dda99f63a92cbe7ff7eb497f0339abadcd5bfff0e5ea0325e3bed9d76fb847ffc121f308bfdb61bf34c2d66d80c8fbaf5bee823ccf0bb1ab0fcbc5671f2650ba282dd552dca90af1928420213550d45e9f511111a2f6ad3f3cfac50948b8bf375dd80eeb2ad5741081fe4335256528c4dff63d937e91dd742447e8851a9dcca03ba8cc8d9b3d05d6296fac37080965da09e1bd941ca8dfe438936e9c01a8e6a287732fe17b23b4a832369045106641ff08bf883c41dfd350a6cb5051fa95d3e4c6aa03cc26397f1f2af074933cb05161ce4420717b111a6c5c7da4eef378550eef7770a71b11ffda0ee1d2eb4f19fe925fef68a96e4989ba79a799ea1bfd6377ae854cba513fca49481d2a8d3efda5a9a80dc98c686408df0e82137fd5326072cf8754debe65100781481b67f962c6a4cfe0d0788dade3e44bffe215efc6efb304b233fa0259da37f622bdbfe57d9891a0ad717e04a4dad1ecd5103ffde1767943178cef01fc7acda942f150969305059857bb1152ef61f1ffef22f2bafc142f88c5dd84a2f1eed557bd7d575f6c2eb9c997151bf5164f7407a68a6bb8e31bac6cdfacd2387fcb5ee9cf816a817181549d262e971138e92daf6beaa46aca5ef25943497e9743edb121976773d8cb83109479e511756a0f33f7934f72930a14926489c0ddbcb28af5cb817d9970258a48bce300772d39d00be744b844a27d152774c84c2e5840dfd953d0ba848542b83aea9679ae5b4bc106f0b0881498e1ce82b322e9232c278aa9517c3511ab5f8e5677e0037f09aed6b8ef20650ff4ab93efbb01c49bc3c7e59ce1b858be5a83f41f225c378e73bcd26462aac260bff8e2763b40101babc224d2bc35551378a88f43d5420872d905215d8b82196008dd93c6278b607bedb3af96b4d65da2bab6ab701d0a02ac8f539dfea11d259c7daf2757e79feaf2c4ff08e1f928c7bfbc8d42bafd7ef14ec8e5be0759aed8ca2341a9df2dab11596d86496b2cf2a00f0a938f3de996d6c71075b811f9091c8210a46bbfb96006804f7a4138a3a4ca577cf8e41e74221edc869c97c3883a1e7e4157c711bcecc57c9be1e20241788ac8abe37d1de6fd048d0d2c9186a4a321b41958277ee4ed63a0e8db6becf76543c5c5ea429dc7d49365354693e727f56a2989016d7ecde7881e900888e59ac20cb428f33df2de23aa33e54c825f447ba274bbbefaa3a46e1788cd3e061b828d37015d65a28b8405cc7980b3a23254d0b52a46d91b5fca2a20c7d8ea0da3a6a7ea13c3ce8162a6f803ed28d198fa9596eb4d68aa69b022510504066a8b93215edd0a1a1641c804591eee979fd0f5b70a67c4a1320785d18a6ef24b43b367494afe6e5d28474137e8bd6448cf78495b4ee45b0b1ec21803c61b79b9ff4b0fcf76607cef3f5e3557cf7bfb979eef49de2d0f823b97a551fe20f5565b51fa80920aa4a0f0c3ac6437eb83d7b5850f916d2b1df49309d6d660307c9cd0fbddb21e0c17f97f9d69bbf7caffd90af80e637f47d7d6cfd97ca72787b14f17bf3c5f69a48fdb4e13492a62ce5fb558611370295306ae323e1ab2bb2b510273c525d52fffff28b673f8e43a1e1d73d48f45f6cb0ba2cfe22ce755ad6d29f9a00b5df3af8ae16089d42f9240cda92975aea3fcc40cb6debe56bd3d636b93c6b50e6d7ab2ee5446d05dc98c0d5adf79c1d8ceee3ee3bf9c03fd8c7d081574c9b0bb718d2a0c1ee06d3175dcc7dafd48f86da13eea63ab064bf0ee6ecd9763ab18f8652c1fb8f19f12b78fe0230672abcc56fdec2df413de2c169645d541c140fa9f80e971a6edcb107d51a2d0ef6fbe3c1a59532e6ad4c7e199a3d9104944f15efef03b840e3b27872246bf6d36f88c12880cd6bb3a8f289eeb5d231bfe4a4e534c30b107499e53cfb4f8f0c9466338ecae82c4998822d03215250616274afa973a6455e9b41bb192af5b01afbfb85f2e044cca7950b31880ddf2ddd29dbe054e3f7b3c5b0ed067b925caaf2940d35e4034f284e919b36b61f753fd79c8eb3a31fd933dbfd1c0dfd1fc499c600e9e7913386db2f555621005cb006efa24e2adb7c7f3507c75e51d01a6881082d58ef57c52eec55ddf3765b988903f06e7a1d532051147e6d4766fd5cd539566d1858c7cb0f3fac20b065a497c67b231290a791558ea1e4b0aff2df56dde9a9ff32f58dfcb9537f4d96a8efe1702232d3ee2bb01ef82a29e2dd932f029dbdac1cead8dc0d6474c8a696a47464a3b4a8588afb18c5d98db4d1cb77e67fc21b4f297f9e1ed43950fdf17ccd9ea7406f711be9cbf8ae72f14ce3e281394de7a5df199ffff7fa6ccd28106a8afba6886bb312b5b885a0cb66ad7904a33b6ea99eaa7d176c9fd5da3fb8433e59f4135ccf136db90ea1d7c935c2978f4017eab21b5cbd87d449c456dbd90c57ff21decae04c7b110123e390e9cb1f57d1984fdb03a8c1798b73cfcbdbf5b1e44c749e9fc357eabce2e00d9469d4f3f3fc03ae91bd10db0111684d602d5539cb334c6930ab700fa983b9ae92ba6e91752d6b71308740c11a2cc51e44628020aa6032a82eae7af13bde0145058bf4412b9d8c073f4c9fd2a86da28a22e6d054a332423de97a872257ac585250267057c087cfed52a5e51f8337c088a4ac5d060fbe394fe42f6f5b3d8f4816d2d06b5cce3dc573c17d6e6817cd8d9e33a5d7ea3060aac37b78ba6358b5dfe70e250e1bc2d30d20128f3f22ab86e1167e372a566b9e91f130db4e8f11fca152e0faa442286b5543a26963799147c999f402ce44c492717a4b137dc15d3147e009a5671ac7612a279ed5ec480113f178a0487ed640efef776da82d84b1de6f7b83919cd2c85fded1498267652090e62f35e2fb603aba1b78de69499f9ea43141814c1a7147c843110306bc59f74ab73089c20fb4c2757a2b8810299efbe5a934534c29de828a8a9b2936dbc3e0939330216b69f7b78736150b3fbb19e00b9e03aea14417cba09f27774fe79f7b2f6767820c5720bd652f966885c875b7248d4f2a996cfd08df0517398e1ea240cb7bf16a521df205be1f4595f4415c83c7ec75c86d98a57d6f6338711795a54c34b3346bd6db94c04737a0d4cae7ba1dc44cbaa42308e5ce520e540c8ff4ce1d30c0eaa3eeec211fc71295a313855d4589e63c8b40f6b0d5fdd059201a3d1dc1553bb4bd31b5d1a5c317b28341f8920096b4bcef5db183798c4e8906081534f141a439ab3bd4cb3cbc733b906ce01063c278bf65087a7ab04294cd942b16d173d868882d6a58727079a70df15f71cd6b1b2e481a44d167865ab5452f20e1931a6fa57510490e0e2b07191a5e811198b6c0913799f66f6df3cb25c7c22c0abc3b58590e3103eb1f4b0809cfc2e74f911324de0a11f09ddc4e28e6501db946d2a27c32c1a1baca176d3b8723b5a48f5a705200818d6ea3499f91b54e8235c6f9ca36521f6c98c24be7cf9d5cb30839fd41a487036adc2e9c2c80349a46c9da7af1ee4cf166f13908a40791e2837bdb324d6547a3bb1f3bba5ed54ae413017b9d2ad32819e2633b371170c14bd1ea7d95c3913c49d9cb4d88a4a2e32a31b2649428e1ad22e409a42d121b7d8f545487373192a495245f8e0d36820015a4f3e681583d6c7cc2334d4f0d21ccdfd101fc7412cbc8723d94752fd39a9135d3dd9782e16c93de80991b224775d222fd4cb5937189db3916ad2bd66e09d852acb5f63229acffd71a85669a180f4404211bcba9506c99da4a4b7532d79e291cc68f4146dbca5557cc21a55041b8446e70374842b84bb0961ddb994c91e7c6b05a91786fee138231ecf7565ac0c5b6c08e3d5fb6f56849f0c0a0b08dec86e7049caa97b51cb90c191fc1fcec014c169d200f4f919f7f2d778ac3ee41e7a91edb70a22e2bfdb956b1f5d91141686e1ad0d8545e0f650758e0778b18b89684a93263778fc9ca76d59810a5600dcfec43c7e5197c825865ac4155fcff727f207f8a0f4912a468028d587410709dd45927a3292a412c1b4e69f7bdb8e4133ced8afcfa1e1fbdc94e8075a3f3662ae2eb4d2477dc7fa819a619732c422c94ae85fed82b1281a6e515b38664fb786892e14568cf9cd65a04a25c64df950016ecbcccd82f47fd4f71c8f4c73492cde5ac8e9c1a6c484cbc620a127fac9d893bbb070d639f51da62a26dc0c0df2bd9b443bb0225317c2a2f308f4b1c284c554a25f69d88ec88e98b0f5e667af4abb00b95f646b9fbec3baad9fab32e09ad9e4b04f7ac344666e1e21dd240df2244db5b7d7edcd4800ffcae7e0e4ae4109912b0e31dbcad169f5e2845b726b58939c7007833d15c3aad64d16e518a40643f418c9df4869a91bf946e60955703429ef5937a1112f305ea8b5009bfa64867bfcacf731f3d3aa4a4b76bff43584", 0xaac6, 0x0, 0x1, {0x3}}, 0x401)
syz_io_uring_setup(0x4d4f, &(0x7f0000000240), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140))
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r2, r5, 0x0, 0x20d315)
openat(r2, &(0x7f0000000000)='./cgroup.net/cgroup.procs\x00', 0x44000, 0x4c)

[ 2061.839529] EXT4-fs (loop7): get root inode failed
[ 2061.841006] EXT4-fs (loop7): mount failed
17:16:05 executing program 0:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:16:05 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 2061.940065] loop2: detected capacity change from 0 to 131072
17:16:06 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f0000", 0x16, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:16:06 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 47)

[ 2061.989529] FAULT_INJECTION: forcing a failure.
[ 2061.989529] name failslab, interval 1, probability 0, space 0, times 0
[ 2061.990929] CPU: 1 PID: 13994 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 2061.991741] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2061.992708] Call Trace:
[ 2061.993021]  dump_stack+0x107/0x167
[ 2061.993445]  should_fail.cold+0x5/0xa
[ 2061.993889]  ? create_object.isra.0+0x3a/0xa20
[ 2061.994423]  should_failslab+0x5/0x20
[ 2061.994872]  kmem_cache_alloc+0x5b/0x310
[ 2061.995347]  create_object.isra.0+0x3a/0xa20
[ 2061.995869]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2061.996459]  __kmalloc+0x16e/0x390
[ 2061.996872]  p9pdu_readf+0xadb/0x1d40
[ 2061.997324]  ? pipe_poll+0x21b/0x800
[ 2061.997759]  ? p9pdu_writef+0x100/0x100
[ 2061.998235]  ? p9_fd_poll+0x1e0/0x2c0
[ 2061.998673]  ? p9_fd_create+0x357/0x4a0
[ 2061.999136]  ? p9_conn_create+0x510/0x510
[ 2061.999616]  ? p9_client_create+0x798/0x1230
[ 2062.000121]  ? kfree+0xd7/0x340
[ 2062.000507]  ? do_raw_spin_unlock+0x4f/0x220
[ 2062.001017]  p9_client_create+0xaee/0x1230
[ 2062.001515]  ? p9_client_flush+0x430/0x430
[ 2062.002018]  ? trace_hardirqs_on+0x5b/0x180
[ 2062.002522]  ? lockdep_init_map_type+0x2c7/0x780
[ 2062.003074]  ? __raw_spin_lock_init+0x36/0x110
[ 2062.003610]  v9fs_session_init+0x1dd/0x1680
[ 2062.004114]  ? lock_release+0x680/0x680
[ 2062.004589]  ? kmem_cache_alloc_trace+0x151/0x320
[ 2062.005226]  ? v9fs_show_options+0x690/0x690
[ 2062.005741]  ? trace_hardirqs_on+0x5b/0x180
[ 2062.006259]  ? kasan_unpoison_shadow+0x33/0x50
[ 2062.006785]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2062.007375]  v9fs_mount+0x79/0x8f0
[ 2062.007786]  ? v9fs_write_inode+0x60/0x60
[ 2062.008270]  legacy_get_tree+0x105/0x220
[ 2062.008740]  vfs_get_tree+0x8e/0x300
[ 2062.009170]  path_mount+0x1331/0x21c0
[ 2062.009614]  ? strncpy_from_user+0x9e/0x470
[ 2062.010124]  ? finish_automount+0xa90/0xa90
[ 2062.010622]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2062.011163]  ? _copy_from_user+0xfb/0x1b0
[ 2062.011646]  __x64_sys_mount+0x282/0x300
[ 2062.012115]  ? copy_mnt_ns+0xa00/0xa00
[ 2062.012565]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2062.013172]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2062.013765]  do_syscall_64+0x33/0x40
[ 2062.014204]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2062.014803] RIP: 0033:0x7f916d656b19
[ 2062.015238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2062.017352] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2062.018281] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 2062.019114] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2062.019926] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 2062.020839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2062.021657] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 2062.034220] loop7: detected capacity change from 0 to 2103296
17:16:06 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = accept$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @private1}, &(0x7f0000000100)=0x1c)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = dup(r2)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r5=>0x0})
r6 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000480)=0x1)
ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5})
ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5})
sendmmsg$inet6(r1, &(0x7f0000000280)=[{{&(0x7f0000000140)={0xa, 0x4e24, 0xffffd8b0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xde}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000580)="2d1662efb92cd9c23714ec376c36a15da9f5bd84c7b6dc2bbbfbf333d7615dd736746b6192d77ac1586d3ddb07ec966e2f6b54934b55666ce74443e937bcf8f09ee49c88f346319ade0ce10ac1cce644642113c6f5e2a07b50ac60ea754f0534cdfd97ed2baf8bf7568e5a390fb88f90956ac515f4c720d257045618a35c40302b4eaa381c3b9a892c50e59e5d82e3fd59c9bcb261598e0450d4303972a7cfc014475dbca185eb8946ef68af7a8194bb5efd8eff182dbeb8250e31ee9273b2e093656e517abd7fb43ed8da6b23376cd4ba1f5209920177fe353d61e1e7736bd4215f5159f7129b43f363824e4ba9d183d8c27a9316a0243000d9003ee5a5574015b8af4dcc1062475773eb463bc4c6e1dcc6be56e256339d557f69919f515f06457d149b6750841a4c37fff7dbedefa2a329467472b92e995a607e7ba23e08e14fc032139d356c5efd501ef2e9e2d2e5e838f9376bc1bed2f6fd4f74ccfe180a4a016e7c6423025b83d6ef76bdf4b8a95c225764f342bb1870d733f719e88228a4fbc416cfdb3032f3e3b1632f7d75cb3c0f413ed439f135ed9311495f30b40965f4fd5ba2bc90a6419f95ce2930b6e6a5854f981830fe891a2555d304ce2b3537d17679c310968b9f2a61233bd4daa079ba7ed20bc2752a1cdff4baafe35aa453fefdd50a0b14a711e439118e3a1a2490944316eea8628a0e6b6b26674493c53106a274c198f6bfa021f0de7974b44240d50c31f352126a5e83a8d80157316bfc9e77989e53c779abde1030601174181b3859872d918a2ab3098d2f2bd19748243dcef131b7254bd434756a6e8382d97ecfe3acecbeabbd62b430da4bf4bafffb4a27b2634584f5e6e234bbaa6d5cc10008853532414ebe577609c7d71accee1dc784e93c6d031486aeb33be3af57b294f88f106c3648177636cde81f276e13afd898348406d3d041ce9dd3154675182a78bbf23e4337e053a2890a1d2e6583e33d727a47a4275417755f648c945fc0a0fce76a41e3e2ed8ff64204807c0506ef23f29b0ea64ca27b027e513c93e1b46e0fb05f2f990f647c411dabb85dfb2e6ced51e49bda31a87a761be6a7fcfff1c2c006baa280501ccdd11083512b5448a8ae2786ee7207504339eecc0f6e2beb8a4ea80a9a1652fdb60cbff7a3cce595786d91509ac8d47e8d3557d9d8fd55700b9fd1e59155e82624d5735b0fc5c498922e1db0bc4f0503304efa6b9e12d697c6baa00a0897e2d9745074d40d0a74a13f14a3ed86b75b9af6566ee5b4c7bc6f17643cf6a26a065e7505295679ec91a673c70c2d45d89545689529b6caf20c564ca80f04f642d8cacd914369d22e51c01a98f51f15419fbab6421846ffd6d7c1a63ba266bc02bc972b4b6c784d0ebc04bc6412b6467116d6d141597182f54841163062c7d4ffdc39358d4cde82f19c46a86c6b531cc0405003111047dc6f44a0b3bb866a1599634ccdcf4a20b4d33136c23839c9ca390bf0462ff44c572ccccd0226813349649d233038f39eb06a137eea8724b315aebd63e1ef1e4e31bef0762abb8480f8fc53e3e9f85cbf1d6cc28676ad14937d8814884815b3eccfc308046d9e5f1002ceba6486d926fcc2d07dd2353e523f5dd0108db78481d4e6812390d9989cd07e11e10ea384869ab74b0fe0ade5566daec8b5db92ea6f97d9fcc510765673f8ebf196f8fa986f74ab85f107a0745b73497a38bfad024deed72ef051c89fce286164fff631c009ef61cbc4f5892a25ded4bf164345de865028a4c051fc4c757fed8e898d0d9e297998f009f71aae64e7cda8d01d08d3616125f709c6bf645ea99653a193f38d1b2e7541f328de2635cd0e3cee7bc12c34d6b41493d132a9a37aadad269be7883375c95d33bcf1f4c28fd995071926af893031911f828e9be7544d241239a5fe9bd6ac2cec5c647ca0205b2aa4cd5a04de03bb1c5d85467c68b613cda4e25958980518240bb0b394244e83091ffe9d75a6366bedbb0721de48ec55b0cdc699777b25a1cb179bfd6be93699538f6e44fb5d5e970cbb1b807fcae8c396efdab006457e5c9d94573e93062f48f0f4c646f4030e87811cb8c2417e640a2b54ac1021d75af84bd02f656b8c55dfbcfff64d9fa6beb61d3bdb5ac521c849db1d8c486f34ff3cba4a33180879bb5783d4f1223655f46ba44656a02ab25a29a6729eae4b3d339076b7235fb48374ea350e58d60bd41a044d039963808cf1d0cad419c62ea581e5711850364560e9ecc383f7dc41fab66b119e49ec54bb978fb5cf3da7728d0b21ced8c8eef9ee03148d75164ab6457846f0cda018eae6b5b9be76729ca42593d6ed5220be804632ef1fbeeb114ea4f032e5f20ed735c76db3202d4f36911456a17e6ca68f46925d9b1313aeb5b7c6ade39141415781ebe232ec367967a1bb7aca5a9332c994134870d81f37ef64f3144264a202f59da308fd02557aa06df1c6de055452f71481dc351ab80c3192f6bddb1cdbaac8023c0b66c0cba37ad33a5e09c6fee9c1b033d090feb6b076b8060efb02cac0898b0164acee7bce8a92ab00795dace7cafc9dfbd5616620a1fb39146281c780c32edce5d8ea2c4019e0fa35e5c8428cc4895f61b1e70e1af74c7ece25a5c2159cabc44e787650909606ba92a67409b9f8513b893f5fd3d71008d4b3032b94972c4da28557b52168a466e4bbba3a19acc74db7f4f2a83a389fd17bd9a86abf85ca61fbf3e016baa57345c36d4e65a1e30399c4a103ba3954ffbfc145e8c101fa41779adf82ae4cb9ad518e72dad0eea5bdf7a1460cd7b9907e45a4779728e0d9af314b261515ba7890886a0c384e1556971aec26111c00f2f046a45cb39a0c76313f01d78c03e05283adb79789f2b7d815b138d55ff62e109ed832d26ac5e27e688c98f7667fd867b7bc3663ac905908548fbb4a55a0b4c2c38da1328296166e294861a827290e76417956325f32b12deb5083bba1d8e079e0bf9eb15320a49d52e651a83ccf7357892c4cbb8870d9db1e16661cd24c6873c6ecfa2637edcbaae3aaac652fb2fe81234e3b6529bb4ff44bb0c18cba660df7737880e808bdd47c2c543f87bfc6c100664552604ac0baf5ca2b4be8b6630e97e66dfb2e7fedae8e38bf305456d3f8e1c68dcbe313c089eff3307baf6df7c4976ff3c9d563a870078fa4ac5b0582495635a3d97b64ea499e5af5643b45d300ccc735789cf22b5cec8b5e889f473e6c3684049d46db1f419cbcc39d9ceaa0b2960a495b9a29ca340f5a01936bc2956f95b15a53fd2cfef7ab127bd409cf86b7c8ccabd079c84f924fa6f898b84caa1b5530b5537f37d6e80d83aa2496c2e03540083736314f3bdc7930285cea7b6d7b5b4c1a1ea8785209654d85b6e1a6f280e90f903a48bd52316267207a130a4e1bf20671ed7484e4d595a681a681c795d39f7d5d629ee7f13b132328959a77e7a626d86eae66b14b4a98058cb5f06fcde1b94ce51378060dd657a18e79c35e07f3a59da100a2a388a6a6df734870b429ab08e99b40cf0fa857b53d95b5d3648e5f69fd54ae830f7c54375447989e033fbbe928b17c81e5236f130055e84451007974128ba3c602930e5f8650008b5a81926bf6454a8507dc1a821457a2204a37595fe799bc356a1870f206fc48a0427c26eddb56d1eb250dd7a7dd5da2ea1e8aff475036b809c7dda5296a921fa9d54d9d0b9bd412071a444c194d8482b199a332b9eec0cfc0240614f22b68fdbbe0aa7e1a347fec896d5ad072f1e67c1d617f5a37a545f3e7d8175b85f2226ad0b3bf10de80a7a46f0a9a52fede0729ceabd50c1418d38fc2d0981f2764a6e33773586086e6761f028755e89c7f5634f1c0e2246be598a09be8dfe8f46d08ab4c10c77bba9197c7378f6e3289518bd87723b2abce562501698b5f9da365ff2270397286d3e27e3cb740e3f9818c94cf5765c540212e7a11c742a0193a3e4b3d9fa760975fe10db922b3b021471eb6a5575e526259f8c2295e4590cc0db28f060f170ecfc953b06e1fdedb1f0096b2574e238bd35b90b4d236d56eac319c4198e8be1e56c67dc8d3aa3423c93088f23266e841842110381aed275be108ddeb206d514c393c034a5af88b58156ff4bfd3c05150403074877c19876505e3eec6ef4ca3194726e376bebb366b67017d8adbb77ace144194d426db45f3a7d6a9029eecaee116154c4f05dffead124f4fc0915fa5eeb4ada1041e985491bb36223538dbe440cc33fb20e05eee19424f14e71bb59a2bb9812b7e0b4b1b6503d90bf80d9f0df752292bb9c3e85bc772c0cbfa999a57e0995e4291e4ee028b7cfe0d41853e25477e8d0641f318d518f7bbc9b80f9ca69b053400e2b05daa5a5700ba662759800a5b4cf5389238079d450aa368626b9e7778cc1d02337d9b331374472e515b8ede74fb0c0d36b75a4582ac878486eae937926951208fd53d43824f81887d8ce77aad7a675abe22ca41def560800b6aa4abac21d6bf80c510fb4b1c6b3d5f153c773d1c864672a2265e0ce34191b00dd6a261975d9b808699db94d1949c34b00418dab015a6db4120910df55a2cb43890e09b05d51b0f29e512a03db74d7c720a2309e82d8d8d8cf22503ad1c9f529a5a3e787279ef08b975499f35727eb8cf75ab0a3928cfed16e66e64e2e035c6b9751a0b6afdbb7c94807aeed767af310cf2b8677fd562936c44ea28fb55413245204ab26425a7dddcf8bd0c65c474051f63215597ccc81a40cbdde4a98c93de4b0c2cd8b171f6a21d97a440ab09c6d89bde244b5a4b5ab9746194b49f081686b720cf00a2751ed478587480c1f8c5232d4a809674760b4243865f8aa10626dfdcdf4ad4a63d90b903b2974e9184669022797374ffd244de5ea030fbe1cfc38c83a10fd2ced1587c4811d390a824da796e2b2d69de603145b5a9620c1dc3c7031cf2883aebe93094029c019aeae07b990584ca1d9e4f30139b82fb8194fd8b0dcdc34b537e70a9a714f1f809f2730bebf6b3a2655be838ab3e24dc4b1cbf4d36339e89ec9e0d4fab33098e440de47f21749b8c2f57ba029a7a4193c93e98f90fd6fba6660884f3fae8fdff204a308e1d1786ed7eae850605cbf53a0d214de02a9f4a1da28115d81436a5cfb6efa19a32ec425e56046b35defde50a640ca5a360307c77838deb3048bcffdd93c2e08d55acfe9f5c07e46836a990502f49790861cac950b597562768ed9dde6045072e8060e63a96c9dfcfc9c0a0f8a1f2f9e7d22e9af140910205c27a91b4a44310211e1a61160adfdb0710d78d937f182daac562a6be96bbfeef0782f92cb28ea64154eb96a003a145a7535f447af6fa6aebe63db030ebf35dcff62496cd18ecd25da149440167dac4e24cce73fedb4a832419c299153ac3f669be441ab9ade0b9f3fe3a4b78390245e990cbc416839f3999b8b15536910573ca2c808ce2d1818c146b1afa048f9396127fec0e01ac3dea83297855fe5ff89d8dbf7b15956f7fa005af9f4b5556ca5003eefaa509b197246854a8064ec953c0e7c95f77d4e1ccbcd7b052e8e3f758ef7e9c8ca727d8e90413d276f6b10382aec2442f679db5f4be7e27c5eb1ee78260716734ca8188ecd8e67a8c8dbfec08c082ed6164e1a4abb8d183b053e54b8cebbc7a230e4653ac5a97d83fea61b880feb07f694b0d5478dd50d80fe33d320dc641338ee184cdb9b4861e33356a464032feab05f6930b7b61fa0e5fb12530bd383c2d975492aee7b05ee0425917cf3833412b5da104a600", 0x1000}, {&(0x7f0000000180)="45ef02f39af53b1e68a727d671a7bc0ff1c286632233d9ec2ccc5f00631ad39e3c7b73d4e1368665ae7c0e77ce0c99e22e654e82ff3d3d2771e517f32048d67add1abb59483049cce45761b12fcdd6384d2938f36419fc36f888ea17961645ddef3436a684555b610bf3411279c5cbaeabf94eec7c4ce9679a8cc8720978212a586374608988b48e3a6975be02d4e91e72e28e", 0x93}, {&(0x7f0000001e00)="74a70c0480702a870bd2bdebe3c4573e9f7fd26bc9ed494e1802ff28d67237bc34787a01a2083339af43d7de46689de9355a10b97b57ce803f1aa16099d489342f2ed06d41c9d5e734e7056dcc34260ffcbf4bfe988504623329a851f2b733c3fab6bf4bf8d5bf08cf79425863f7ab404418b9f1211cd3aaea5f390386bef28afcbe179459b57db2fca7a691c627a9ca863830a7c3596b4e00104f6d676632b02daafc7c94fb492caee3262fcd2947e2890c9a6fc0627645619813f2557f50b2ef8de69d05416b23cb1084c6623a384eaac7fb0e0b89512fcef73325c63c194e82dcededc4c29e8e31e6a8b088e2828eccd6759b39055d8da1998057c36dfe16482fa3d0d9f55e08838869c73959f100496e4c15b6179592dbb3d90bb537843e07fef7a64c95a921fe6beae2202f61b559c11fa2da8b0c470c253989e2c8175f2d64c1ad6f6f154da80406c0471b34fa9b64f851f52ea1bc62c174c459d5f4a8fd5d232da2443dd6e5e47c8d9d7ea3ef3d1ec5059ea52f56e10e63a311e3f55cc0ad64c74699fa2482fa437636938433bd8ba09c62136a03d12fdd11d8065aa8758c2fc3b23fbb655c60c2749e249e6edec4ff8e2b7caba80cf03c3eff065d890de7ad9f16c08773d8a78816e5ef748cd058340e7376e92733bcd30a2a856d123ad6945a0f6ea424ce0b73a6faa7739fb43159fc6592cf3870604cf733871fc0b53dbb8d8e5a4e33077eb43cb10b9d47e32c87058109c23440d1b2a1bb9d73ed3641f7362d4d2eda70cbe710b1398de09f13f139b9c65b75cfaa6439cf9c7c4b1df34ee715e4042d716589aee96c50cbed68ce366c7144ff6b1be795604576a9a1a76878c21fb6ac8e1fac5889b0139327cfc8ec1aec9255d9e50d5300d43bd767b81f670dd2dedf99b8edaa0cafcc2ab6d067e01e151a393f245adc4bbfc7b4618ef8e26537fb9eead69caa45fe165667c18ac848b7a2ef8f05b2b42bd1e899259d10f864ea847a214f499f35ab47a1a2c6d8cebcea6b72d312aa0ed4d77a704be8ec8ec4f029e5cfda4e9932d34ff34a6b7e58b47abda4341d79da0d2c57a04ab0adeef7aebf7e1b968f19207a6aa8cc50ad7cef059fb0cb1b7109bb01bd8dd4c9ca8c46ec2d8e45c49714dcf4ec1db4325003c07e7dfdd2a3f0ad4ccb880fbc8d01b6fc57548c5b785aed1b512a4821938e87ec7271a5c7f2bc4c1be78399fb9138a82ccb79c888d5e320ee5145c018eebd1f9057b29260682b618f0def1b921f751582c40e91c1c4c82d83628a9499865af9f31a19eb04d342d072230efa8e787ed64f3462c33e46e5a2f880b9631959e0ed1107f35d605f9bf67f3aa613b38bee2d0c858e88d40b924f32cec025b7eaa3af9d9441658985f25a832b07074f068d1f68b60fee6c1789e0a2590b38fceb844ea12ef4fb15adeb26a08c7cc47f7a2f309770e01a05f79218ffab9b36654a3ed96aa256cb6e57d58f207d03778f7aefc33c77787857543157f92f8e8ee509d83e033014604b18cec1994a0626f3488c5f7164a24b084549ea55bf6b3c4015896649cb90c4eca76f8d753a12df86dc201ce23aa579247b2e6e58b92e66c68296bab1eeffba993a779ebe613f7c020f25ea6cbe32225d4778dd9a1ced8f2e84582fdbdd39de3b26fd97c9ffada788e76e6fddf7478b508d822b3cc3effc635cafea489433cede26db46e76f295b0b81d2a20cc8b3827d0cb824a792cdcee37b77081a9fdb676de15e93246da628ded652b1817b73da1e762fff0a4f55bdd7b7e6ac3483f04e12c7f4d59f690d6cc7f4ceea869ccddfd1b2573125b7e3e3850a4278e83a5f6f1fb7abbee9e745c1d37542a3c4ef1d781ab8f70b3a671fa53e6849abaea8e94c8b0162052f73a0d977d2989c2f2d16e43a99b20095e93d519271a041da2f08d769821f5617ac60b5ecee038115084aab5b7cc19008dfe3df303359102281eb71949684e96f1547032f900fdda7df7c457f314e5493aa7ef3ae5312e569e9bb04c54df5c5a8222baa1c303a54862f6a9456961319e9f447ce3a166f5be14f9d0f7d0dda9e13bf5ceb8e9c04dbb5c25cbba4c146c9982d30414ac9a163f9be5a13eba86e473296ad60ee5991facc28309c2c350ee1f5af013fae38d046cb9b6777ae6147a223184ae435568d36e097462f94f869ec5559cd26c6a7e2e0f179fa2d3e6da8d66bcbca966e73374efe77c2337bb207dd8caa0dfcac7724df370554a6fe0d137a36416e6faccc88b162bd96566414e2045e3aac9cc5fc213aca23282b9126c0538d11adbdcbc1a238b1ba490ecefb9a1f02b3e2c5002bc76e236cd3b803310ce20d0c5773591ff795889afa42c5c5ed7d19fea42d0d07ce120dbc3fc75e4ef3e89e9ad1723c3ab284490b35c44a0f384a84135f6cc0a697832017f4573cc6248954fbd4cdab5b33519686c8c28aac7b32584225236d2556b6c9b57cf5f51b60052ad7a933516fb40d212ce1b75b638609642025dce447886cd806066cc229cdd8e0a25789261da8ae3e1326b805308c84651315ad41e540d6ca14652555703e515c7fb5d8a89849eea8a5fc7739f6915068399aae12e67c52edd9df3015d9452c4a32d2ebd3fe28a65baae0731d2e0d1dca8cff46269378bc34530ba91d58e9826e6ca6739194e6a7d79702f9dde858e50a70f533c80d398b72102a68c579b984064874b63a42ce8c5d40e5ee71fb3c46492db295dca2cba53e72e7854328ca1cf1bad71cffa6a4fd3f23a07a61114f88d2dceb64e3dd7b8db352e29e476a6650f7e5c94b5bc327ac8b6ac34fd3fd572c6838da0401046b55d281f85d580f96eb489f4655b37d02fe9646fbfc27446ff3b0a8ca588663541df7dd30a60551292e2b90ca420c1e9b0f9c429b5d02d643b6cc287192a0957889fddb22a4c5e0cfa043c2fea34946c0f69827d009e69c39d67f8cc1ffa149fb43ad02b9e720a73ec4e615998807a3e1497a1e760b6624bb3adb4c728124a445f341c2228ed464d030361471349cb3ca59537b82a0a187453fdb3b926c1a7374d821d1c4416786bec3b1d50764a6005c38033444a51acd57462f1344202d5f220591b2e7e3fc84767388b89c5e6164542e62d4c84c99262c29579e579d1820e06e21684f31a12164dc9a7f99b62686152d48fd60b19ae2896803daaac97623324b185f23c780e0e06538c0ab3424f89af4f0ccc3bd22468dafe9eccd545d828f10bad50e594a1a2d0e8d821b079239e79e282ca27bb63e9cae428bfc8ae9a4a2bc26909ad724266098b2a0f51dedd4e70f10c69eac50411227e269e56bc89ffd89ac151cc62547a164ad28c0126f55571d6f8eba154ba6b0a2e40cf27ecf8f0fb94f808a393533fc9cdc32d6999ecc528306677b28bf61e835434bc1b219dd8a946eb9a0d810dfd9a2be91143b0564621c7d1d49fe37f8d626fd4c83194a23524911e364597f5ff9a17901fe181f56057db07125041209a1400087ffc2f2da2189816e7de6a483a89b95fd11e831ffc8b70623612c19f9076e4d8fb262c46012883d7266262a54678fb17890e40c45af8f8cfe4e94c2bd262a92eb5587d7f09ed866d85207e5ed637e6ac108ccfa0180cf345a506f6a99a3ffea79e6fee40ec69bf10bcaeae51c8e93930bd6584e11502d27e9e06dd57b53c8d08da5f7225929b9900923f7bbe62d5ac729bf98e9cb9e93d0a711440b953a520d78804675c4724efba035c06674d5dc32af4efe9d6b9eacfcebde8c1079eac9c54ec5772f1756505f280b41088e022cf741ef0af8dad422bb3ec387744ab6582e7f91b68401a7101f360569a676bcbc3c97d48abd2c6dcc6788eecb7d3b9ad4eeeb8322bc64494640d200fa68e23ad75471bc9c76bc347504040f1e6deac284d7276a2c5ca6d7e989cb65c8b2d8bdb84354f35962209815bc811881f3819b96a2f599be442e4b414173e14a193831aee22e49b7ec2b1e00ad2e24eb2d1216ba1dc15e21edda70a137838bf191ce763d7f84300d85f93b0e9952bc65cc6f85926d3dd54d7b815c698c4ab1614db5e18b897cc1c9efbc4d1a8654c6463d49961646947d1c1b78db5869de005b5e38a3c8d4287f137f5d639b7a9e1bebfe022217672f3a38a23f28c53c96c202b370119c6abb6bb24b16266716fdd55c821ab6e596ddadb8aaf5648037d804e8ce16ae6481ee91000bdb1e169fda4b50105718a1c92e16a41acde5bc4df2c224fe7ad87707c58521ee0fe74faebbfabf5c51187e231623d67a0051a22ea5dc1ffe478c8115ec636f90bec35507d2c99dc188feba04c66e3e7db46aaaf821db97e1ec231498a10eb81449abfbb36777f454bb793136e2f13c920db4a06f2a14c96fd6aeacb72fa99020b69276c599afa5ea983dc3cd32e6f46d97827981ff78e7b933fe360bfe22e1922a10e867dadf731e74df7377df0498b98d95b3f3d95bac33a0c700d84f61771e9b480fb3b94e6bf502388e42bb27632246f954a7458801088d96b6233e878949f36c4faf1c04987e0639e2290fb28d0c75d0b6703af59142af747e0e5575968449883427491d0f7e0969bbdc013507c57e2a1ab6d49ab2c5e5334b50172db310b979e2a72b7ed29de8449dc5cc3cb43944604778b9fc034e5e7d10c013211bb04e220ce0f22c5169b59fbb01a6a2e87038cee28c0c3c6f137e453b52d9512b6bea81d232e7ed59d37bc112001bc3cb1d5d8fecceb362e0d68e92cea2f27e67f8c682b9a57e4982b3325a85d4225b0536f89f1b412a62627da7518018c18b491505ad3ffb99806c6954caa12ca4bd660fdd6c515b4925f9ac4f23c2a2c097f0c4d88e43e217c489bf4a5be4c137704e528f3c80923fabe03a6b40b71272c8ac5d5e5592a663aa54708d2004f3f88b030aa55df99a607d524d5f92c25eebd9a24a598f570a378032dad8c6bb128c72900f5fa1f11328a57c4822d23de35c15b4652819a4b8d2c099b5e8fd9b7b8a50d0f2397fb5796a2e3242af85ae58317f88ca5fac76454d167f1d054414ed6dcbcc1114cf5ae5e5dbfb67181920aa93a7adc48f4e6ebdd75d4dc62c1f0e6a687e6cf851a7cfc4f40bebd4abf2c9d7853cb2db05ad3ea8c973be31ef0db6e4c6c9f9684968b15e829d48c93fb46f723791ecc4f94da7ee0bc724ea7c625547860009fd7fafa560d73161598c6962423a5cd1afbbd81fb9d33d79b4268059a593fd29fe7879fd6df7e0345f6df613146ac79004e405011942e49579772f0de9f8673643dfd8d6911f4b63886fc32b0215d91e2e1a8ec5d47ad49cc72dd309a16284922fe00d823066e3b3d3a2d99f0a7303912c586f54ab62949a7e80b014f90ac038fb5e7cc1e940d3c8264b9e20d9031399c45e882ed27d02ad387c92afbd0bbe8bfd9a161cb13ade582f9283526963044f159949f7a302f45904d0d3f522df9a6c2ceea90543578a2233fa777026981c8f2571334ffb43c7a9d41848b896143976f73b4c25f8a4ccc21dafffcdc906e179478b5649a38bd307fd69fbb516141f022493dcd9b42b7bdaa230b8b52e98b16bf37f52e28c4e3004dd1b9f697d06067a2f3fa7a7d21bb3140847f4234c24fbf5f080321f7cb7799466baf3ca356f70fe88a400472b7ca4613dcaf747cf75427d3bf11ed370128cb4b85211efcfbf7be9fb9a6ce90ff97380ebeaf075ca3853486bbe23ef9af5f0a2fe2f869ad67bc2562068d802935642ce06be37c387c2b71d9650f1232593954456464f911965061e3f2158238e50d0500ccb3ef09b96ad09", 0x1000}], 0x3, &(0x7f0000000380)=[@pktinfo={{0x24, 0x29, 0x32, {@rand_addr=' \x01\x00'}}}, @pktinfo={{0x24, 0x29, 0x32, {@local, r5}}}, @flowinfo={{0x14, 0x29, 0xb, 0x31}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0xfffffffd}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x9}}, @hoplimit={{0x14, 0x29, 0x34, 0x8}}], 0xb0}}], 0x1, 0xa25de6c7d4a612ff)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x8, 0x11, r3, 0x10000000)
syz_io_uring_submit(0x0, r7, &(0x7f0000000440)=@IORING_OP_FADVISE={0x18, 0x5, 0x0, @fd_index=0x3, 0x0, 0x0, 0x7ff, 0x2}, 0xffffffff)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)

[ 2062.048706] loop0: detected capacity change from 0 to 2103296
17:16:06 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

[ 2062.064690] EXT4-fs (loop2): bad geometry: block count 512 exceeds size of device (128 blocks)
17:16:06 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 48)

17:16:06 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000051c0)=""/197, 0xc5}, {0x0}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

[ 2062.124437] EXT4-fs error (device loop0): ext4_fill_super:4967: inode #2: comm syz-executor.0: iget: special inode unallocated
[ 2062.139013] EXT4-fs (loop0): get root inode failed
[ 2062.140178] EXT4-fs (loop0): mount failed
[ 2062.167046] FAULT_INJECTION: forcing a failure.
[ 2062.167046] name failslab, interval 1, probability 0, space 0, times 0
[ 2062.168424] CPU: 1 PID: 14010 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 2062.169212] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2062.170177] Call Trace:
[ 2062.170487]  dump_stack+0x107/0x167
[ 2062.170913]  should_fail.cold+0x5/0xa
[ 2062.171359]  should_failslab+0x5/0x20
[ 2062.171804]  __kmalloc_track_caller+0x79/0x370
[ 2062.172331]  ? kasprintf+0xbb/0xf0
[ 2062.172744]  ? __delete_object+0xb3/0x100
[ 2062.173224]  kvasprintf+0xb5/0x150
[ 2062.173643]  ? bust_spinlocks+0xe0/0xe0
[ 2062.174111]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2062.174729]  kasprintf+0xbb/0xf0
[ 2062.175118]  ? kvasprintf_const+0x1a0/0x1a0
[ 2062.175616]  ? kmem_cache_free+0x249/0x2d0
[ 2062.176111]  ? p9_client_create+0xbfa/0x1230
[ 2062.176619]  p9_client_create+0xc1b/0x1230
[ 2062.177241]  ? p9_client_flush+0x430/0x430
[ 2062.177733]  ? trace_hardirqs_on+0x5b/0x180
[ 2062.178241]  ? lockdep_init_map_type+0x2c7/0x780
[ 2062.178787]  ? __raw_spin_lock_init+0x36/0x110
[ 2062.179318]  v9fs_session_init+0x1dd/0x1680
[ 2062.179813]  ? lock_release+0x680/0x680
[ 2062.180274]  ? kmem_cache_alloc_trace+0x151/0x320
[ 2062.180827]  ? v9fs_show_options+0x690/0x690
[ 2062.181339]  ? trace_hardirqs_on+0x5b/0x180
[ 2062.181837]  ? kasan_unpoison_shadow+0x33/0x50
[ 2062.182369]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2062.182954]  v9fs_mount+0x79/0x8f0
[ 2062.183364]  ? v9fs_write_inode+0x60/0x60
[ 2062.183839]  legacy_get_tree+0x105/0x220
[ 2062.184306]  vfs_get_tree+0x8e/0x300
[ 2062.184735]  path_mount+0x1331/0x21c0
[ 2062.185178]  ? strncpy_from_user+0x9e/0x470
[ 2062.185671]  ? finish_automount+0xa90/0xa90
[ 2062.186182]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2062.186714]  ? _copy_from_user+0xfb/0x1b0
[ 2062.187192]  __x64_sys_mount+0x282/0x300
[ 2062.187655]  ? copy_mnt_ns+0xa00/0xa00
[ 2062.188106]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2062.188709]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2062.189302]  do_syscall_64+0x33/0x40
[ 2062.189730]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2062.190355] RIP: 0033:0x7f916d656b19
[ 2062.190781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2062.193010] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2062.193889] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 2062.194720] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2062.195539] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 2062.196356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2062.197178] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 2062.220363] loop6: detected capacity change from 0 to 2103296
[ 2062.236823] EXT4-fs error (device loop7): ext4_fill_super:4967: inode #2: comm syz-executor.7: iget: special inode unallocated
[ 2062.247625] EXT4-fs (loop7): get root inode failed
[ 2062.248855] EXT4-fs (loop7): mount failed
[ 2062.255562] EXT4-fs error (device loop6): ext4_fill_super:4967: inode #2: comm syz-executor.6: iget: special inode unallocated
[ 2062.257137] EXT4-fs (loop6): get root inode failed
[ 2062.257706] EXT4-fs (loop6): mount failed
17:16:19 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f0000", 0x16, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 2075.315409] loop7: detected capacity change from 0 to 2103296
17:16:19 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:16:19 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 49)

17:16:19 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r1, 0x107, 0x7, &(0x7f00000005c0), 0x4)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105142, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x20d315)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'ipvlan0\x00', <r4=>0x0})
[ 2075.326925] FAULT_INJECTION: forcing a failure.
[ 2075.326925] name failslab, interval 1, probability 0, space 0, times 0
[ 2075.329528] CPU: 0 PID: 14042 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 2075.331112] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2075.333002] Call Trace:
[ 2075.333644]  dump_stack+0x107/0x167
[ 2075.334487]  should_fail.cold+0x5/0xa
[ 2075.335362]  ? create_object.isra.0+0x3a/0xa20
[ 2075.336412]  should_failslab+0x5/0x20
[ 2075.337286]  kmem_cache_alloc+0x5b/0x310
[ 2075.338233]  create_object.isra.0+0x3a/0xa20
[ 2075.339231]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2075.340409]  __kmalloc_track_caller+0x177/0x370
[ 2075.341472]  ? kasprintf+0xbb/0xf0
[ 2075.342302]  kvasprintf+0xb5/0x150
[ 2075.343118]  ? bust_spinlocks+0xe0/0xe0
[ 2075.344025]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
sendmmsg$inet6(r2, &(0x7f0000001c40)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x7ff, @private0={0xfc, 0x0, '\x00', 0x1}, 0x8}, 0x1c, &(0x7f0000000200)=[{&(0x7f0000000100)="af04a6291ba15c7fcb7f00b9288539057d7d8c69b6f19cb1cc1c7b060beff77b42c2f6d48e07e4a9146e3558313419b473103fd2167da07297c4328625763982a076cc4f18c3e04ff921cffe64642b53f14a5c04e50f064b83f6c27a9d8c3fda08c18c56c688cdee4d2c01f610d0c1d4c8dc145c8f12afae08031c513a529e9684aa92c9309ffff6ccc3e6d493b93c01994212dc5979d8497e7d4cddc91be259c1ac12104015f80871fae710bcc54a06abc7cddb869dcd2e38fc6aadf4d4f36ff559b90e15d30e80fb55799df446f33a929f84f4dd9bb223b9", 0xd9}, {&(0x7f0000000040)="99e0b4d2f2627e55b12a14ed91c01dd8ebf1b699fd2d2f432f9813de0948274908abafa86e741a", 0x27}, {&(0x7f0000000400)="0d0a75f2f2979436e31464356420cd4f64c05e70461da01d547abdb3b5bea4cd11d73f2c89f10fb387f0d6f50bb37cbe40f314b5aa5b3e66d8801146c237cc3622391e634413e246da900f80045cffede872d77ac7a01486a1984933b5d309a3ac673c5280753e539efefa6611483a861a0e190729fea1e44b090c37469424abbe6367192eee0fe9895b82b8cfdce2cc1a0e5f313287380294a964d3c64030c2664178638c7f67b8df20ea7450d3b65de48d552f43bb8f7d490964c61770a46c75e5abe857249928ea5ddb6f4657718fffa8e4", 0xd3}], 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB="1400000000000000290000000b000000000007ff0000000068000000000000002900000039000000620a000600000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000ffff64010101ff020000000000000000000000000001fe8000000000000000000000000000bb2400000000000000290000003200"/160, @ANYRES32=r4, @ANYBLOB="000000001400000000000000290000000b00000000001c0000000000980000000000000029000000390000003b1001fd000000000000000000000000000000000000000000000000000000000000000000000000ff020000000000000000000000000001fc000000000000000000000000000000fc010000000000000000000000000001fe880000000000000000000000000001fc0200000000000000000000000000012001000000000000000000000000000260010000000000002900000004000000062800000000000005020007c2040000002007d834ef264d8b1f15d69d6bc4a6557884b8598c6435cee1c0f03a9f4f1f302f7c4e5f5b32ba98be1a4c0a5d12c51e552799a05364486b2ad14e08e79fc21b136f2e2f97ec635686f4c1d8ab50360de9383add290ba693e8e177cb165b844b32b95625538c515212e57822a682541a7ee8c739927738bf6e086e3976f77185cc6cca50fb35797cd196e74387ac1faf7804a2f8ffaa1b01ea1508f70e48e5248392c0c3203fadbbc4d63fa33e7bb9b9761341daaefc74f0e79ecacd17e9bbac177f03d1108e24b10abd5c8fc4edb1d4f105ae4c2af75f4349784f07280000000108820300550f000000000000ffff000000000000ffffffff000000002300000000000000050200400720000000030607000005000000000000000200000000000000ffffffffffffffffc20400000008c204fffffe000102000000000000"], 0x2b8}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000008c0)="cf431d8dfc9fb9aa94e24ffd9e4a3cb9af1b7daaa58d4ef3bf069d76936439e354c737d85a5f4a2c0d465140b7819817b5487b01934127d74a1c421180e5fd9f5288fdc923e1a55d287349126028db91215fb88a3ceb5f65dbae6b2d7379b3d57c529e88b71f8aeeaf47aaf09e655e6a6674d7e6d2cc56e4223fa6e9649193e77f0e8cc6788771eb8fd62be7392a0b3b3e85d220c839304682437d3a8e0955944b0c76367c5bd62b8ce556099ead146fca1aa4efd99cf077d2c06ac3d2dbd5429e26ba165d6720a64cd628a87da9efb54fa1456391984982c976854a4733657b395fb75131a55b72ff18ad3dfc8d94ff7a9080850cddb6", 0xf7}], 0x1, &(0x7f00000009c0)=[@dstopts_2292={{0x18, 0x29, 0x4, {0x5c}}}, @tclass={{0x14, 0x29, 0x43, 0x401}}, @hoplimit={{0x14, 0x29, 0x34, 0x7}}, @flowinfo={{0x14, 0x29, 0xb, 0x3}}, @rthdr={{0x98, 0x29, 0x39, {0x7c, 0x10, 0x0, 0x8, 0x0, [@private2={0xfc, 0x2, '\x00', 0x8e}, @private0, @private1, @loopback, @loopback, @mcast2, @remote, @local]}}}], 0xf8}}, {{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000ac0)="4f17a37e0878aa56fc9862b9bb2d064b721e632a7c3732b75f2dd0d92808a3f19b9c98ad94329cc46f872c98fdddac9654da3b905a19b12cb6d15ce3e2b48709980f6eb4723cf5db5f3ecc033be9a0d30add41", 0x53}, {&(0x7f0000000b40)="28a2be21ca19b48aba31fa539a7a6a079e107fb2eeee1dc68e95d67766be8ebc7c17db52dfa7532c4a6c201bc3b06b3a88fc9982583ce0470089ac09e89fe3f16db6ed78050e3c56cb9f61a454543dca9f8325b1302d2379250bb78299c92059c66f628db891a972498b40866908cd650a800c5f5fc397f37159f27fde09994e2f07391b30acfe850077f061312240f29f38128a375e380192bd799c512f2b1c540aad504cc7bb05586b61d63a3a3794721451b4a6e37154cde9f309c13760587648a1385212d438d7abd8c111223019adc51c991025a05fe1fe50e5c8a6f4e6735346079ee2e178de40d87bb286ad9d2b3111b370af6ce07daaea3e6c9628bc4f56033bcfee63f473ddbf69431dd5c0f79c1b71f6466b5313715185414ac115f83d75de1d5563f4ac61622d5b89fd34a5e1a86e395eb5dff3c3f3920653869721c226a5be96c1b267c9c2dd4f6ae2612bfcc0430d511bb38c47fa37d0e13a93d43e303921fa47c869ffa8a8f96b8a8a1d994b38d056b76389a7f2602db6def50e8729fc14af64dc5702f23c01a7801f98773a9e976a0bb5d7321d4bd4303aed2f9cc5a789b2eeb8879e9a307f034d48dcbb6d48b721d1b8bf20da932c30e39bd5ae3b1e768dd902fe79fb6860d790e9fdeb6ba3ce972626836210564aa53155e753d5d0334fac222f7873fb3a52c600570a33614009fc725e0aa568ab71718cfb51e025e1a6ee5934cdc28ebc750fd2124bef65f48b1c693fe6fb2294c054087857c9ec4a1f4f0f44af0ee933d67d5eda68c4a1761a330f8b013b9ebeb6a2ae615cb204521c133de98cd26146788f7c728100f3a9fa7f628572a60404a4350b03ea1d8a5cc2dcd5e4879a95b23ae9d8a354f11f283ec1d55e3f770f66872807a1f9ec2adf238302cfa9c2b61098f067f2a70a8138f5f66566040cdbdce599edd586ef40acd4c1d65538d771a011fbd971544ef6d4ad2b13c43e2134faa05d14b83f4926d961931a44ffa7449bf996ed1be20e9ae10e814b5cf0f9da72f925c0f136079c4fcc1c279d74c442788b98d18dfadd0d2e6b503fdfa915c42a656f1a0a045a7f29fb0e54dec0e1e0a2e306e3a04c05870853fbbb4227d684c51dcd851bb3844177c9c3f41417a80d44c5d902ce95f0da11eb7e300e9495d79027bdf1b1206f63835892124f637dee246b53cedf720f23b3bffc91e8d4ca3ef86f34dfd276bcd0e10ceef23f44dcea21da642da71f5b13d1c815f047350ddce0744fe21518320e758b336d37c06dd39863bccee94a672589950377c5c33bc809972f1129194cc817faa75e2e29e15b45bf47c5ea96c9fc92c8874e1e4f70a752daa5cf18a28e6ff11b7594136de61aa0852b7bad0377197d90c51cc13760d4fa79efa47545de234946ead84e4f2dfb81f218be372bd59e065a81f35abac09873b278c76e53a166bf1c24d7de7ad994c878ae4cd6784c12a0fab4ce75b8540d11857edb92db6a7c15e256f9353e90365b5607cb71865752d89eef4757256ef2b2761ac155a365232abe0daea9818fcf29562714fbe481af6c7fcbf11cf5cb286096f84f1fc098f1caa118305eaa6287b30841472bc1dbb15bfe752dd93a6771aa76e3dd84710ca63320d7599f551f40b25ed2294adabaa929a89bbf6f735f2c8a3b121d2a9b4eba429cd2ec03982482409913a2932a0cf5c3975c2dd1d52de6ff7bca4baf072125be6f9d6bd6b9e522e13cb3492309c1b7aeb2f1d3d48a7c4ca1c88ccd749a2e563d009395c684ed716deae1e24c7fc7171840ab50dc5a2a09e01be0ee44276c8272c731d62b322b61aa6e8cea1cbc4a7614ea30e816ffaed435258c668b1f9e26743414f8ce1cfcef07a8739abea0754c8a962db2ea2e1802308117f8027922a71ff4c68dbc1b67e67d4b48a8bb32b1948e7bfded58be46ba35987032185664abab7bd4a9b2fdd56e0c6679989b2448a144c55d5b58352f28a4818e5cfbaf02537a1ff289458148ab368478b172754c1d91b151e6ed352caf68704f834ab93d3e01bcbaeb23ec618498dd0af1903abf02793e2dbac1ced61df17579e61850faee02b18a9c72aec04fc064a8726a0b1bf2edd45fe5a1e395c696311ec96256173643e2202894415e15b05e967517dcc0b7ec41785859024cf7089dfc0afb9948df11bf9eda7abdb670c828e0ca850e24fe4af91550269bd97e3b503ea58cab2b3b91897e4456fd194e5960a03a6a02381bb73a51d62f2ef1f769f74de8df9cc3bf92746f7c0217299af549404f24d7182901a0e821477db4db99f612b6fc5d9970b1b253db6732530e32e3e546aa656804a55f494a61070be6f48a420b7306a05d839abf929ae86b8a7fab4cffe35202dbf26a6649aeb374fa225145ce55d89976db9f60fa677d0455058f854b68cc69aabeccaed6e0ee15c21a902c29b2282b89a4926f8b6523558a2533bda4a8f40155ec77de63d7d91f6ac6a3412de377b24e13c52dff3ac0244824685b68a31cff41dfdea1909cf36ee851c27bc01166960253be2d7cf07d858d911c3f9035078f0b766eed6fb0a7a3b6eb937390d2a633e36de865eb090cbdbbbaef9962ae4e62daee835d53ced249bb17e52d14d49859751c4ad0185a1da05ee14ad99967a6b3dbff3ec54bd62d210ab5d637857690598af03377135373de5f4926e12f7246d3ad5be19b69db16068833bf4a7065498cdd39b95817665ef6138e672400ace9532af4b14da9c1b3eb9c0c96a44e7905f921d0b9f72365169af2466bfa0100066c28f1d98cb9b8ae3839ee76c19da1cc771525927561d4b65d21289329c84efbca6f4f01eec7c1944bfa0bb48fb853aa487c75de0124e41f8555ef3f55b4a22f94440064ab1b3466708cb974eca521e15a00fd99cac47cfd7807c65bb40cfad06810408179ee4ac79b76030a0257e02ff591bc000a5f1e70f7641a9405de9bed9921b7cdcd06cf9fd354ecd8b8fbb8c685a6bc0facf1952de8fa19ad5b44f0944f45b694a3291aa615a9fbde55d433b085c49b9e183f098c9de93296a0bc939a8ea48406839eaf2df21aaf88cb6dda9e826537da25f166f4655fe8d4f9b4739e6543178a90874657555f0adb4f049c6fa8e59f632d4fc0eb4ee0e54ce5c826912efbc2b8db3ea019f134e95821f65e9a771ddb45b5f4eb0cbd6a1dd3bc6c030ad11c746fdcd768e09d51ac6b9f9ccfef594d0a0e9389b02c1fcaa658b3730b56863be6db27b0d7591aa8a7350daa8c3ca670e3615e139939bc761b3ebf54718b8c18cdac6faab392c09297f3856735265a0ca3b00dde12a052c1aac0aeab4ce185e1099b63e2383ddbbd085cc1e9554e3cade6e5cd07c7f3e8f7bc48405c18b70764845d9f48e5031539bc956e6daa8796a204e41194a79f34a6c53a6e8adcc2bbfc33880ec8e7ad43897ca6267263c67efc8ceaf28dab6de8ac0949ea79bc3d7871e9942df4c4b0b07c4516e9ce4ccd14828ee7a3eaa5e6b636aae375b7aa504ba82365af047ce1f603b71cd15c587f1c1f2f3acc2fb27e793b5aca88943d3247d3ff76ae900af294f129674422b58fe70bd5cd8643355ef32bb8d16b4c85221a4dff57b7553c9cc92b614aa72d78057756f5ddff8cc6724b6013a1360eb1f964984a701a17c2d173aaecdddc6021e8a0b2ab420d446010b3e826c0bcd362ff95a90e9178ce735d9a5d7539780255945efac00abf4801be93cafc5d106418e9923c129201016e3880a16ba8ed623e72b805fd4e221c465d0adb9571a2693d1397d7247dd35b5b421637b1c8924ebad15478fc3de72c39df125d1d8284c260fde835c959f1c12c7ec1d585c244a34041e335809586c221adaaca2aa15ada629b13cb173110bd91ba8fb21500b8a8673015e6463ca5b9911acb289a57d964f7e724a025b3d87c5ca49829c326386333c0987eae256815846f517dc5231bb8c01bd3ff966555cc9b8bbefe0708d508bb2e08b9b12ca778408b7dae784712cdbea701390fd01c9fa6b8a634b9349795a828163fddff6406237f3c907ea849df6af304152188197524fd626054c65d8bc2bb4da0b7a21b28fa932840b629ad8458dcd044d6e7ba97a11c663a000a089ca0bf5a769d70a69a3b2aae9cdf2afd5eedcb8b85b16df9d6ae06f0a2ce1ad8d78f981f3a87315ce6fbad04c0f76073df303fb35d1360202069149c1abade6bd9109cabcf1b9661b8b515757d1dc61f5d5a47a5689220de6cc637e7675f980e0561f93e17b028c5b85dc56155ed838b946b232c486e54058d66d4a348cec0ca3d2b75e3b08b184083e94551a272aea0f4a0ac318113dc1a2dc635eb9793aef16885d59d61e73950fab351c269e27dc07f5906d62b1f6030245a368f34cb4aa36b4ddac73073dcffce1d1ff301ff41c9d5c7f0fc16b68c8f6ef8b87066f8c3cbff6f52fedae2a7cb4fd418291a31bf12e3aedc094cf76ef757c4c4bf8a8b5d562689cf33c522d574810aed7c79db3618b9960457a4e6b888696cafd59a79bb8b1f478e7d37c8bfb25ae762ef16638aed3bd725412eccffffd044960b79fa7062c9748e397367d3a921dffcdf9978ca4284c3a2d9bd611c98cff036b6e1260b295dd0134da3b7b53c24cad1127cd801014c18f9d06295848321fa74fd131e80d14566bf9b288556803e6c7832c1ca53822b3b13aaad0a7cd96d02aa1bd765b751e03584e1b217999e3bda71ff1539ee88540498a0b493f8f7e1b54204d7699a2527b06eec1c68c519c23e255f298ba5ae9b52717bede34c585b73b649b72737a4fc965f6faa3c1fa214dd4a353589137b8b1b43519540377467da9316312306c8cd11b796ba789fe638e3417237d19d2b14cd8b0942953e741a39b02236ae73ccc0e2ac4334a34bbeabe8a83f5443c39bf6124ca39ebfe235d65849c243dcc016b0f724c5f8d0e728fa636cd7c1a2a7f5baa644d2105a226a4b3e4536dfa48067e3431d18772e08b7d4f99fd2960c246a17285b98ff10b08bea2bba73e096b1d990e438345893f16a7fcefe34f573925f0184191caf89a677e9530993eca0362c92c7e7e2c5446b358f827828389e8414ac28dbec74d3f5066572c1d85eae48f4ea4d43af50dd58b054a71798f15af52f914bdcb65b716d528096e26e2ee956e2da103621060524d042a1c459bb66c82c45a9c8e18286564c6849c9e1c9e47b7b0161b9a538ce913127b89cfcf8afe38621d4e8e3b61ba9c3406e72753d81750978ef95bc7d1f950d923a2db22178784993b1dec3f9c033b9b663580f37170ec30b48112786468b3109ef8264f303eea3c58d0070bd66c73fedbe23f7621ff9cd7f8ad909f5e5cea47538bbbf1216bc3afde79ac1ff2fb6712383ce394c529843b1a5a69360bec20b724c1ad0d76b84ecb0b62566005893c2ae15da782f65d55cd390be8c848232c756e633a20bb6e3baef35a1a444e2dd3a26c538594f44c7e1e4bf757ea3290f1ad036853eb160b0940de31ea545d46079aac9a42ab6712c3a9550e6053cb2f1acbef9c8a339816c811eeebbe42c83df91d2ecbc9bbe73b8a862c98a7af81c259227d949df1bb86dcf8099016d3830c672e76abd736693d50b368fc1054b7b356c0166ce9b01e230105cea6a829fc977f1804983e5da591c75dff32089ff1862479700998e984b939ade4e9aa768bdbbf20c9d06b387f9ccbcb57c23bbe95c4dff222e305bc9004a0e9b0a941c9f3359e9de255bf16e85e27d1caa2ace654aed615accc3227c0fed8e56fe49445343f39963bc0f5ead988234e3", 0x1000}, {&(0x7f0000000380)="37e7808d261bec9c1bd75b90021762cee7a7ed7d069c1d12468c1ec6fd0c", 0x1e}, {&(0x7f0000001b40)="4d99b133c598cf6673aede0a4058748e54b5fa468aaa66d46239417945177739373fe048a9fd9a9e49d02ebfae6d958fe22adbffc78cb4436fadff4905d1812897b86e134a15f439428864d03db6fe4dee228b05e9b2a78e63ac581dc349524b90e01a1afe02aece5bc2665613461d76b8cdb502e4d4fc8558c50b21920c7188c49ab99245a23f4ba286621ea7d5a3105665cb9161e2637314c794fb97f3d275f9efe3aba999fe626b80ed909d5fdad7921f8e6e94a46edc3e09c3fd30c6113b3441ec230cd87d69e6ce762efb6e248f9803", 0xd2}], 0x4, &(0x7f0000001e00)=[@hopopts={{0x198, 0x29, 0x36, {0x2b, 0x2f, '\x00', [@generic={0x1, 0xe5, "2002629b3c47c2e4453885fe276d4b49124fbb14a4da1bdc2158b4b64c62b6c15b302903c61cad97ce4c4788bfbc3502fee421feb66084b0d4b933515f2847615b82d1594feaf79fac18cfcdf9edf623222dff74a5a4be7e3bf118c1aa80c2326a986b26299d34eaaa156305d1de344ca4643901246d2446bb5a275d09f3c18a2764083ef8ba3b3b698e27ab0a8be3bf28b91ffa9657b63d1982cf67648caecb870e7df2dae4f9dc7638f467556ca64ee160b3034ae82ca822cdbf35e88da4da40fd1be0e3472dfd052c033b6cd64d681d00923776b67d52a2aa550cfe21f53c30a6510d4f"}, @calipso={0x7, 0x18, {0x2, 0x4, 0x3, 0x1, [0x6, 0x9]}}, @pad1, @generic={0x13, 0x48, "700f8e8d47d1819a8f99a8fc2e58f1c4e6a02e94d2fe4a9c7ba4db4f052340e4aff8c18b0da02a8811b3c9b50c80e3c6d866349735ea1989f9257bf40f8d0d5ecef527fc27eac3e4"}, @hao={0xc9, 0x10, @local}, @padn={0x1, 0x2, [0x0, 0x0]}, @hao={0xc9, 0x10, @private0}, @enc_lim={0x4, 0x1, 0x1}, @jumbo={0xc2, 0x4, 0x9}]}}}, @dstopts_2292={{0x30, 0x29, 0x4, {0x87, 0x2, '\x00', [@jumbo={0xc2, 0x4, 0x4}, @pad1, @jumbo={0xc2, 0x4, 0x40}, @jumbo={0xc2, 0x4, 0x10001}]}}}, @dstopts={{0x58, 0x29, 0x37, {0x3b, 0x7, '\x00', [@padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x30, {0x0, 0xa, 0xff, 0x8001, [0xffffffffffffff81, 0x8, 0x3, 0xb420, 0x2]}}, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}]}}}, @dstopts_2292={{0x38, 0x29, 0x4, {0x0, 0x3, '\x00', [@hao={0xc9, 0x10, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}]}}}, @hopopts_2292={{0x20, 0x29, 0x36, {0x3a, 0x0, '\x00', [@ra={0x5, 0x2, 0x8001}]}}}], 0x278}}], 0x3, 0x800)

17:16:19 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x8}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r1, r0, 0x0, 0x4)

17:16:19 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000052c0)=""/86, 0x56}], 0x8}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:16:19 executing program 0:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

[ 2075.345237]  kasprintf+0xbb/0xf0
[ 2075.346265]  ? kvasprintf_const+0x1a0/0x1a0
[ 2075.347243]  ? kmem_cache_free+0x249/0x2d0
[ 2075.348211]  ? p9_client_create+0xbfa/0x1230
[ 2075.349206]  p9_client_create+0xc1b/0x1230
[ 2075.350191]  ? p9_client_flush+0x430/0x430
[ 2075.351152]  ? trace_hardirqs_on+0x5b/0x180
[ 2075.352150]  ? lockdep_init_map_type+0x2c7/0x780
[ 2075.353238]  ? __raw_spin_lock_init+0x36/0x110
[ 2075.354306]  v9fs_session_init+0x1dd/0x1680
[ 2075.355296]  ? lock_release+0x680/0x680
[ 2075.356205]  ? kmem_cache_alloc_trace+0x151/0x320
[ 2075.357305]  ? v9fs_show_options+0x690/0x690
[ 2075.358323]  ? trace_hardirqs_on+0x5b/0x180
[ 2075.359306]  ? kasan_unpoison_shadow+0x33/0x50
[ 2075.360366]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2075.361519]  v9fs_mount+0x79/0x8f0
[ 2075.362338]  ? v9fs_write_inode+0x60/0x60
[ 2075.363280]  legacy_get_tree+0x105/0x220
[ 2075.364222]  vfs_get_tree+0x8e/0x300
[ 2075.365081]  path_mount+0x1331/0x21c0
[ 2075.365952]  ? strncpy_from_user+0x9e/0x470
[ 2075.366947]  ? finish_automount+0xa90/0xa90
[ 2075.367942]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2075.369014]  ? _copy_from_user+0xfb/0x1b0
[ 2075.370004]  __x64_sys_mount+0x282/0x300
[ 2075.370954]  ? copy_mnt_ns+0xa00/0xa00
[ 2075.371850]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2075.373033]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2075.374227]  do_syscall_64+0x33/0x40
[ 2075.375079]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2075.376238] RIP: 0033:0x7f916d656b19
[ 2075.377093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2075.381267] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2075.383010] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 2075.384613] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2075.386251] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 2075.387852] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2075.389477] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 2075.391503] hpet: Lost 3 RTC interrupts
17:16:19 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:16:19 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_NOP={0x0, 0x1}, 0x1ff)
sendfile(r1, r0, 0x0, 0x4)

17:16:19 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r2 = accept4$unix(r0, &(0x7f0000000000)=@abs, &(0x7f0000000100)=0x6e, 0x800)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000180)=@IORING_OP_TEE={0x21, 0x1, 0x0, @fd=r2, 0x0, 0x0, 0x6, 0x8, 0x0, {0x0, 0x0, r0}}, 0x3)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r3=>r1, {0xee00, 0xee00}}, './cgroup.net/cgroup.procs\x00'})
syz_io_uring_setup(0x1aa2, &(0x7f0000000200)={0x0, 0x246b, 0x4, 0x1, 0x292, 0x0, r3}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000280), &(0x7f00000002c0))
sendfile(r1, r0, 0x0, 0x4)

[ 2075.396332] loop2: detected capacity change from 0 to 131072
[ 2075.416692] loop0: detected capacity change from 0 to 2103296
[ 2075.429323] loop6: detected capacity change from 0 to 2103296
[ 2075.455212] EXT4-fs error (device loop0): ext4_fill_super:4967: inode #2: comm syz-executor.0: iget: special inode unallocated
[ 2075.458640] EXT4-fs (loop0): get root inode failed
[ 2075.460037] EXT4-fs (loop0): mount failed
[ 2075.463077] EXT4-fs (loop2): bad geometry: block count 512 exceeds size of device (128 blocks)
[ 2075.463316] EXT4-fs error (device loop6): ext4_fill_super:4967: inode #2: comm syz-executor.6: iget: special inode unallocated
[ 2075.467034] EXT4-fs (loop6): get root inode failed
[ 2075.467665] EXT4-fs (loop6): mount failed
[ 2075.475159] EXT4-fs error (device loop7): ext4_fill_super:4967: inode #2: comm syz-executor.7: iget: special inode unallocated
[ 2075.477291] EXT4-fs (loop7): get root inode failed
[ 2075.478236] EXT4-fs (loop7): mount failed
17:16:19 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000052c0)=""/86, 0x56}], 0x8}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:16:19 executing program 0:
msgctl$IPC_RMID(0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:16:19 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

[ 2075.559452] loop6: detected capacity change from 0 to 2103296
17:16:19 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, @perf_config_ext={0x800, 0x5}, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000000000), 0x0, 0x40)

17:16:19 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000", 0x1a, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 2075.628772] EXT4-fs error (device loop6): ext4_fill_super:4967: inode #2: comm syz-executor.6: iget: special inode unallocated
[ 2075.630414] EXT4-fs (loop6): get root inode failed
[ 2075.631062] EXT4-fs (loop6): mount failed
[ 2075.652519] loop0: detected capacity change from 0 to 2103296
[ 2075.695270] loop7: detected capacity change from 0 to 2103296
[ 2075.698681] EXT4-fs error (device loop0): ext4_fill_super:4967: inode #2: comm syz-executor.0: iget: special inode unallocated
[ 2075.700322] EXT4-fs (loop0): get root inode failed
[ 2075.701016] EXT4-fs (loop0): mount failed
[ 2075.732670] EXT4-fs error (device loop7): ext4_fill_super:4967: inode #2: comm syz-executor.7: iget: special inode unallocated
[ 2075.734725] EXT4-fs (loop7): get root inode failed
[ 2075.735390] EXT4-fs (loop7): mount failed
17:16:37 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000", 0x1a, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:16:37 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a73, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x4}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r1, r0, 0x0, 0x4)

17:16:37 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4, 0x1, @empty, 0x7}, 0x1c)
mbind(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x0, 0xfffffffffffffffc, 0x158, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000000)={<r1=>r0, 0x8000, 0x9, 0x6})
ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r0, 0x89fb, &(0x7f0000001e00)={'ip6_vti0\x00', &(0x7f0000001d00)={'ip6gre0\x00', <r2=>0x0, 0x2f, 0x5, 0x5, 0xcd9d, 0x18, @private2, @mcast1, 0x7, 0x7800, 0x21f0, 0x6}})
[ 2093.239230] loop6: detected capacity change from 0 to 2103296
sendmmsg$inet6(r1, &(0x7f0000003400)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}, 0x6}, 0x1c, &(0x7f0000000200)=[{&(0x7f0000000140)="ac6c826fbe538276570e593ba794e6d442", 0x11}, {&(0x7f0000000180)="0f7a0596bdd4ebf2a7c9250e94e0c1a5a18b0bb65a207c1cc8a88c61e13ccecdc4d582789ebc8b0d5982753c730677fcc76f3a46fe0a36e6f2ac540ae3473e80c8af71cc8dd8b6a8d8fb124d6ef2cea380e21306e8389a419f451522770cb2caac30614c3d85dd966c", 0x69}], 0x2, &(0x7f0000000400)=[@rthdrdstopts={{0x78, 0x29, 0x37, {0x32, 0xb, '\x00', [@jumbo, @pad1, @ra={0x5, 0x2, 0xff}, @generic={0x7, 0x3a, "8f69be768924129ce61b8f2f6b281265a30b33edff64a23be6ad367e0e0ed93b2d2b7850d484122bc8d7f3c00242ad564ffd476036b7323f15e0"}, @pad1, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @jumbo={0xc2, 0x4, 0x7ff}, @enc_lim={0x4, 0x1, 0x9}]}}}, @tclass={{0x14, 0x29, 0x43, 0x401}}], 0x90}}, {{&(0x7f0000000240)={0xa, 0x4e24, 0xfffffffe, @local, 0xffffffff}, 0x1c, &(0x7f00000008c0)=[{&(0x7f00000004c0)="f56fe20817e449eceace906cd2cade5c65359413b43f4f50082165aef1a8c097e5dc6ef975dfce73a7111143be5ca62ed7d265f863fcf757091c2cebab251453ef699b83cd8dcb82c9ef16cbdd881ba41c9fc50c260e48b278de8bac38c42c03ac4d5955e299fce5dcab0dc27b79ea99cf4903dcd5a9bb6af7c8e7c8948b9aa7b8ce0ce7a6cf6d60076d9e252b177a29c9fb339174d257fd5eaa4b323a46c1db20e1c5e551a7dab63064603d1253d39606526567c28d85882cf1f966dea31f3306d1c3624a904bc18d18099aa9f3531df5903ec0d26be6d784f62ff3f3764d509b0a8e0fda49965ac590", 0xea}, {&(0x7f00000005c0)="093f47509442f24afde5aea170197a00599f08a7da8e236c54fa112bd157afa33bfa7bef4f91875fb33461f095117394916f467698b0e7bce95fd32d81224094589e320ff54a23e41b798cec755b1665774aafd0890f6f86ab61d7d93f0bc8fab1c4c42ddd2df19afa04dc2f3571868a310a92fc2bf800b4baf51cf48dcaf5bcb2c9c2c181384bfcabbe0b7abd6cb3630684a1f3efc51fa47e361c4c3497b48d6a0d1346755919402844a9d40de49bed9b52c027d3321984202762e1a5e9ccfaeab88e68f8986dbd4dba2725233203bdf467", 0xd2}, {&(0x7f0000000280)="eca70707a2a70039a4c3130f046b718cae5acfa01f6910f55fcb8efd6c38652ab1734a06052109530db3b3c9cdf65f82451d7999c0207fd72c96b06238aa6f", 0x3f}, {&(0x7f00000006c0)="fd7eeae41244ab002737d8ae178116bc4ee5a5cf963dfd208797fbfdbd9da5e185a7136a1923d5275406ec90536c19305da5032f4fcc8631bba448a45851bbc558b488ecb19adbdb06a1ba30dcee2e5b06225294ad8371214ecc9bba3410e644d5e4e6eeabc0a24450698d70c7913eac40040afd3e5a3cbb9e7c4aaf9f307aae2acb1e651c8b002a0f0a355c7459e7291b9cd54039781f42d9a1befc7de2f827a60bab0d98ebd9c22308406f60eddf5828cdd39f406d52219027ed64dbc14e7a06ba3397d333e5ae7ca88d3622821bc251c372996fe701384faeb6bd397d7354293c0127d7af", 0xe6}, {&(0x7f00000007c0)="0826353499bc2645a10464cc558547fa75a4edd8256797c55450f184e0143eea83f83ffcd5cbbc73820616d50bab89a4466bdf7fdbe4604c9aa632e8a0d8a614dab4f08efc5d784d6b7e97614816c99ea157879ae17cf479f3ffc8bfff60583bfaeb98399a4306c33d62295dcb14dc34a6aa620b6a119bb001337d660533155c49488b09c69845f70a45d783bc3337d5c0af04087878fa96a0d7387f619ad0143caf59a4e9535ec9a4580bdb78a266a25ab906e583c96ed57c73af7f444019f39e66ebdaaad39322abe7da420a7163f32e9a3c9a58ed94131ee9c72c0a620ed459e9", 0xe2}], 0x5}}, {{&(0x7f0000000380)={0xa, 0x4e20, 0xc06e, @mcast1, 0x3}, 0x1c, &(0x7f0000000a00)=[{&(0x7f0000000940)="8fa35cc1fd329397b47d6ee6d634bc4a082635c94e0866b340466c03e509b5218031b2040de6709225e47f7c7514b7e3d233515d787ee97cd2c41629075079cfbe98a9b2dc6b2e35b3016c04b628486b66a380131a1b3f70a87e538d88ea6efcca926b97b70ae0fff68e3a147fa0ec9510ba73a55afc33814184ad21746e08cc3c130d54c1e42127608056d1c9bb6326baac58460628aea71dec0a74", 0x9c}], 0x1, &(0x7f0000000a40)=[@rthdr={{0x78, 0x29, 0x39, {0x87, 0xc, 0x0, 0x4e, 0x0, [@remote, @loopback, @private0, @remote, @private0, @private2]}}}], 0x78}}, {{&(0x7f0000000ac0)={0xa, 0x4e22, 0x9000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x5}, 0x1c, &(0x7f0000000b40)=[{&(0x7f0000000b00)="2268c6018b1e0988df60c23815442ae239546af653eb5dbedb0d11bd5b16c81937ed49763161593f", 0x28}], 0x1, &(0x7f0000000b80)=[@rthdrdstopts={{0x1030, 0x29, 0x37, {0x6, 0x202, '\x00', [@hao={0xc9, 0x10, @loopback}, @generic={0x7f, 0x1000, "1a0b44535bd7b1a71f17dfcf34eb99e017164fa8fa66607bc0877ffa9aabcd9636b099ef51b21e6d4f66eb59df835ff00293db6642d34d6fcab547b4d765b54a82b75add70b5f640375970dc7277c44ade2b985fb42a7f94b3b3a230c7f0f5c38bc4f780199270837fecd49cc88273fb2788b96a930a3a956149d4028626f4896ba2d6a7112282289549ebe5ed1722c99f628e26655ece5160f51aa3ef6672e8757beed5ba92894eb2bf960106af90d0c4a577276606c2d82e1a61609406e6b3bde01d4fcd1c23827c85a7da46d39bce6f569a89bd39da3e3b78ad7232bf8cdd6e50055bdbba0c500cf14342a47ce63acfc6475e77073d14974d34eab2bedde9a702be893271729caba23e82287dd2f9f7e2384fb56aab0b91cefdf4dd7f115ea5c56a8f8f431b61c541ad679d5aec5576f57ea08ce1567b2f4c997ff19300cdd6d8c797b04bf9833918bead6718ac224d68c10ffff1e7a844443fe06f985c43c6533f5043875dd1f12c328bad9ab40bed9214714fd82b19355b5802d17c83dfffdeb101d5faaebba87c6413732ea44717f38d44a3dcb4edc04c53cbe4e3a55cde1f027abc751942f6bbf14e2430eb200aeaeaf6a1f6a696a373a3b7286730e6a18e60db4d21b31a1e34430f08b1f3f1281bdb7633545ae5d280f5c9831c73349d975ba01c13ae371f43240d22ded2df6e77f6bcaf84c269dba3e65721730c0d4cf1f938c307edcd6d3249f5d95c35e6833a9da4d7f53ef33b0e7018875615f0151f04a115b7f5ca141aae5db61595568888febff9859606bf841cbb795ab6021e902c6bea0212b7d56e2cc53b2f532949559ad5161e5b5f276253a76c4225c62e92bb1ce6b19907bf241473cc0878735a15fc3ab6a3021e587127cc377b30ebbb878166246e457a8021b53785306c8672db44f4d523697870ef303c79287827ff71d1fdfa991ceb473129c643a82d8487777eb7a53c0acdf598ebb93f1af476e4026a03891279258377106c3a9b63576f5bf8f4e688b61463f337c936fd3a5e94fec2ec98b57def2ebe66e3e1a5e513972cbdc0feea640e2c3ae6137495c7475a5c4db04e39d2742971a4ed07b143d1b3c3195f3f86df1ce7ce93ddfcc010f2c7a1896ac0fb77bb78e3e9b6ec22248547b0a8c1dbeff53043c28de01c43f203a68ee3d97a06d6a3f802c6c0375f9585c865eea4722717a9050958df841818fa2b07decd4688bb070266e57c243e3c1da867e1718692bc2ad5bd18f1f2dd661d38c5a48b7dd205c85f06d8c42623d0a6e039280d477ae975c71aa0a6cb86fe435f3a73f43fcea6a2912f9d9754254bc690c080d1efe24260308611985e9fecf3d8c7c7c13f030dfbf927249853f425e208f973badbb42caf81db7ae2e8be7a6336205ccdee95435e91c807aaf8da455152214366c84da33e3c82894bc68602c43399a77936172c5bc91e890b445fb5d1314553efa7f5d076e8cd29cc553798e55f139f6780f3a0fe512bde9b8eefb2380ea218bdbf1ae04a3c6ead6cd25f57c21ca250c5d48926147367d0afbeee22617a9c4a935d3d70b146df5ae834446de177c29eb2ab60f484dc4efe323bb9ff9b34c8abb6c2857bf616727e6cd2392f523cac08f6287c5dd145831acf068734eea637859e1114d9c54c7cc1521edc26ee360da512105a32bee3f3dfdcd51eaf4799f90f89139b2ece05e4d609da79eb7a584cdc678288e9028444fadea0d6134709d4027e654121666c20f45b1383e0e16a8a5f9728212eacd0371300135545ec3f7a1432f0580eb44ec10480d3710244c3241f3effe539ea6f6548cdf4f30b8a3bb2514db640e421f4b5d8c92538d69ad39b48dc01201b53edf8396368b88f0740570886ef370704f289f41498c94e4637d18fb1733d0a0f08a2518e12b873eeefda634faf3998534f5a7a444586357dbec84d98cc30b29922ebcd619a781520a59021de388b7ddc536f2cfaf24bacc63dbe336cb13a40f4daff296a8ff7bf7602e56ee4e51eada094d2643612f98adb7d8910ffa4e7b7d1c7133df9b1b462ee5425b1183a280437c83cd264f4ee18db4f78c75612cea23134ea60fb48179694e139bd63fa3fb3bfbf9d35edbb07f44c0cae607f506a0a816c45e41a7ee42ac11b9298a7121296f6c771ddde861199a426b26f530197fb9fe4eb5958a51f37930444f50e214146697181fea76de0e7e35202749050c33cde49184e2bbd4b1bdf93475623912dd09c2e68db2222e21cc5279d25f71b339699ccf934edefdd1ba1687b3757fe167c469192ed1815147ca78897549a67db946172d865bea4fa5767c211b7f48e9da79a674bb82299325d753445f7a2d1d98acf07310bbbeaa484bb69557bf38691847d62876cfbcae6badb1953aa436d0c32200764822325355a0578c71d6e3c1498feb122fb713e1f96dab1f3d75d782fade086c66f0e1df3894da4fb2e89db8dc5b9a4b35733357769d341ea30e6e05710f843d96c3c75f0f69a83914c71932a2f56fe2e9703f7a4d361cec1a5a80145d17aeaa74db3fc3658329e363c82ee2f650184baf534d2919a90dfe1ac77970a43caae6c5f9f7e8127f1b75481d9d27229a9fe3d7462af9d2c8569f2df7e45c0daa0d44168ee7867cf5b403ccf165029e7e45ad179085ef122dfc687b9373d3701ebacda60e10b209eb759dae40adb4cfd88174aa18af77b942b030beeb915a9f09593a0af20db283a9dcc3ccbe7dad9de7c58fc45a38439ebbb8df806ee3191a18d1fb4157eb43ed5a9b67ca35a7c055f827b82a9c7a95bb318cdc560ea9feeaebbe97e8495e9533f3b6bd3d110e9f60c004fb2c16159cabac60bd867e0c31c829fb8cd1ee62bf4ed6cb9afce16058df8a4cba7107f3600cb73249491f1594bfcf7693b2749b85a93288680d9e0d1067d99b7bc0b41a11511a8aa658c4e51916199ece4b63e4b69257bca9c45a6b74aca0368e4591ba672ce349f18d3d244dcf496efe358f346d95f4817029af190dbb6a211b11fefff110cf60daf8fd0ad4bc8ccd0b42a1e2896842623bb96db7983a1736daa81cdc2f303f0bacd6b35ce172a46a165755fd5125a2772592e80e6e5461efd6ec3d103f7ee613bf234e61a7072ab758dea3581a0da5337c4500505add732200dcc2a9231e55e400a160a361167d25ae0414ec201c2762a85baee8746891507a1a11dc847c873816275a2e973c514325a6dac06de86231c87cbee724899e52624c9e8cde5d007bf63f23c2238aeff094dcb36b59005433a4203cd06f149ad1a64ad65684e35451b5dde520f7ee6036026ca29352b62b5a3d9ef68dc164a054d4318ebb5b43c6666fa8325fec7420dddd420ce0b9d0d51c6ec8967fc7433f2c487e64f981a3a2d09bcaa9c366255a0495e651c255843aa2c49327e00124d4c86c6e8fcb0c2266408cf332ee5bc4e4fdfcc4aff4feae5bb453ca73da7f7c1288415c724fd0297c41a52d77440c1851a60655c3b38d2522f9e0a08840f0255cc7cee964827a47fa0dbf1fc8d3d0798840d80efd84b31e83e382514f257339a7f1cfb6b38c9562dc681193ecf9877db1db6b6c17c4602e595b04c4a4f7bc7f01e1178fef2e5f29a131b2276fc7f13d6b9993ca37d27a38f868363be6f4182ba2982b215749168a9d3099a2ca2bcb4ac332b9efa97b9a88aa018ec6dc7481b7f36b6218824f4f0f26e8d0ab9b3855eb603d36b2a43dfa320f516351188b2f66c0eb4ee5356ced61032e657dde2b2f86c9c2eecd09eaa2b43c0aee39c7ca2b4fb0d5d54a006323600ee10b998831062ac39313d043365d53ef0014d76ea78afc0b63338e7f1721d1f85d3180eeb1a9b8db00bdc080efe5c4bafc6b543684ff66397cc80555c4d44c960de2edbb5d0d8ce2581a60dbedeaccaa25c72cc7510df7a052e8f4eb2cc4e22a30ca35ae209817a3ce4925b404b237e9f1fb09925b5de96d88b7a88c57335642088e53264c0ed7265acfbad8093c046d1d86b287ca95746f6c7666735af0c01d0909a6ef481a9541409c300d77654ded359c388b4e846c9b4d4ccbcc3df821c0b038d8f573b0e30b19123cd8f027a140ef659f82bfc1f43dc289c53f829b0aae059087133c060f6755c802408e7d41a4a74e925e3d4fca58601dc5239ecdf705e1e8c35acfa89b75b33277ed63194eca3c80021749a5b67f97d4a28bae8a23ca4eb847274b2bbbc9d8a5407f38e806ee5715d800a604e8d5237f22ca0293889556b71517acaa597acf6319d7ab591eff5aa11acdcc81e2455ec69a2be800510d37290a0b1325e2e5ad2798f9d9db10a67dfb3e101dacbaafe52acb75843e2e799f1f724d9e63af9f73ee8b6c197c664022a906a426715baee544243d424126121c2d4f9658342db5376b63fb267974b39f6a58cc5271b28711075fcc92ea31b60ed9792212cc363806b964903c5c418cd574ddd0a1e2b2d41298f16b3819c8e30316c56783fd2d9dc19cb1a7a9bb9362e441778b3b67a89792871f4b67190a823e5a18be298812fd125fc730ce17780884b8c537ec879bf6d7dbc4c72c724037aae81b3a7d2505f3a64a88e075e099753dafc0d256b1fc9718bdeabd6ca9eb2553d4f403203ccebbc3e0891d6cc6cf9373808edf42ec6b2f4019738cfb1b57f00af4295bd3e74575692f19d0893bef51120e87b1961f2146293ba6a02babc36dd80ee9ffc9d687bb6da5bbbb5b48e91ae4f356074d04ad2c577934503066126433006463b1b353b3b9562002280efb5bd948e490944fe470ae3c4680b01893b58dd50889647a2580d036bb547edad433a1086bc47ffc29ceffaf35bbd3929e4a0b28ab29ef89190d93cd70fa973c76d669b59e8ffd085c8a0438001c9879d8ac7c9b20bf95c0a8f933c29496a0b506401e66e5573286235039ee2bf528efd828316dae38e8df82b50914b4b4eecdb32f9d4a7adb0c6152d87d7b8a0b7b809eaf15b4b30ce86629525f1b0e792aae4e9273e6233142ea853ec9891417eb63dcb17c36eb5e77de621e61c7f6e6a649e594701d1b62f18a66dd4a0baab86aad063e195935d2dd41e8f9fb79aadf88229a2a83b00f8ff4a2bbab3a906fce5ee3de3fd1fa1b02b1a68f7c8f7140efa94f557d055dde20e59408b27a53820812790c2274e34407c6873581a83726205bd0bf11b0bbe526261f2a0aab9bbc3f92ad44735323460a382f9badad7b0b4f3839d2c0f311dcd19b3b280e51c80ab34bbd4e9303b95bf6c42abd93f5682336861d3d6806d55783315857c9f0838f2780e26b05198788f82378be2a09ae7e68516a7cad9d1f4e501b9bb3a54e0a7fecceb7a0b63662a20ec829ff24652f1333c71ee372e08d4ffe64910dbbd97e66658235207cec9c944cb965d7a78e90b9d23f537c616a317ed7d613d549ea269f1358e671808c9b578898077e0d27c2ec20a8f42233ddea3b9c84d9e901b7d62707796357edff77b32fbcb35e7f9bb3addc852e7751c060d95dff1cd5df85f2fe4bfb014f60613ea9a2182b1961e184240b4401da1e310c94da26e7cd6ebd4ed741cc2f3e97109abbaefcadca87b0575707788bc83966a92a931ed54bf316e1db3ba54aae15d157758e84feeee15481da32c2371927dbe859e046a89b5bc04bf8e34f29c2bb3d1f5ecbfd56d92800bbe80df265161c0d855c08f44d47adc94f5a41faffb477d648392dd924a94772cf050719459e1a7bd4e2af0714b4035c654bbbad9fcb600e114cd5cf1d8a318e6e15172a88754ee3c1f3d6c2dcc61185ba95e2c2177badd"}]}}}], 0x1030}}, {{0x0, 0x0, &(0x7f0000001cc0)=[{&(0x7f0000001bc0)="8ee5eaeeb7de11c061edaf77653f9eadfeb78b1de67a1379337f890e713f2be2c382cb64f51b5c7f5cbc412b9061a41e227f8afdb894061dff398abbf513c512b37978cd99485d0a5cf7d7c91ab3c7f08536d9c4c8eb85a3fe37776df622c1fe1b8e8681e6f645649c247101aa041a85905282015b5eb56bbaa2371bbdc399e41db6467c1748b0ab7a363af8", 0x8c}, {&(0x7f0000001c80)="da16934d689ecabde699e0b1ff010678c3a4392e66c54b40e3b8367223574db175174c3bceb8aab4", 0x28}], 0x2, &(0x7f0000001e40)=[@pktinfo={{0x24, 0x29, 0x32, {@dev={0xfe, 0x80, '\x00', 0x30}, r2}}}, @pktinfo={{0x24, 0x29, 0x32, {@private0}}}, @hoplimit={{0x14}}, @hopopts_2292={{0x70, 0x29, 0x36, {0x8, 0xa, '\x00', [@calipso={0x7, 0x40, {0x0, 0xe, 0x89, 0x1, [0x8001, 0x9, 0x3, 0x20, 0xd2ec, 0x7, 0x80]}}, @hao={0xc9, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @pad1]}}}, @rthdrdstopts={{0x1f0, 0x29, 0x37, {0x29, 0x3b, '\x00', [@ra={0x5, 0x2, 0x7ff}, @padn={0x1, 0x2, [0x0, 0x0]}, @ra={0x5, 0x2, 0x400}, @generic={0xf7, 0xf6, "dd7de62a3cc75ca7b18d21d51a0862bff82fd68e1ddee75fc9a9a9ffa170834eaf7827a383883f2a54c1e22c13222a5af01dc1ac4640673704f0269e69e69748301d6f40033dd29e3920f0f319eb357d2878ce9a04487dd8fa48a2db8126f651078f56462eaeb9b9634d1843191d5073ed836bd1b980b0fa18b141275ae64973ed01f1a460de701a69b40e64b31caaca270d5edd5a4ffc3bc4e21642bfd5321fc6baa664793354204b895121e4e693f31f873cbaa465a0c2528a45c4f224f22137f2b5e954422486aa252af6f2afe3dfff9b449a4914e81163c29d128ff14829604e204b16e2d260286aec4d6f612684d3e5fee61255"}, @calipso={0x7, 0x30, {0x3, 0xa, 0x2, 0x4, [0xc6, 0x7, 0x6e7, 0x1, 0x9]}}, @pad1, @generic={0x46, 0x97, "4016a021636e9fdc35f90d9ac8ecdb4fc5c38c312ea8baac721e1c0bfbac21da3c0be46103cbb5fe779a8789b4e94cd5731876a442c54b1176e16d65c22e17b8ac47a4e2f9e99a8b35f51c916e9171f0d6717090cb9268bf2851237c6dee368e0ee93a6ae3e5f8c57a4adacd1eba7a9304e6abaa432fda7c1fe583eaa0cd8558015fd1ae5b20bdb67eb4628107e3d043a2e39804c5540b"}, @enc_lim={0x4, 0x1, 0x20}, @pad1]}}}, @tclass={{0x14, 0x29, 0x43, 0xffff}}], 0x2e0}}, {{0x0, 0x0, &(0x7f00000032c0)=[{&(0x7f0000002140)="272e75127cfbb355275fc44d8c84ff3da2310dd87b9100f96f823c7b0a0c7aa3802d7a9d7cf2e108be68c6df3c17bafe80ba4bae070bb657c5c02c680c326af2c09efee9b48ab5fb32d9739a53c04ea72310e4df4cdaaad5b289bceb5b6dc3", 0x5f}, {&(0x7f00000021c0)="63c372704ce4e2b48739cd2cf38ac68d306fef69c1026c30270639d2e9c9512634e28a0a0593f2faa832e5a2d64fe65b9bdaf648327e0701be7be804fe4c4c21f8c061ace91465489812b2d978a4d099e533d2038492bb25838581d49863e3a5f227b5ac5320022b151635bb4d189fbdf39b84f7ff96e0c157534abae9cb6878c8cdfbdce1f7a5ac274c0dc4e2113bc0471e5ce5fcb55539418e0b411a17c938d62af0e1b1cc835e22600edc95c2cf42982a21e1afcf00f287d2ab6ade4f39def5efeebd51d62c8e48f6216e86adf7a07804ee9ed7c79bb2874e1cf6bc209e420cd6f3cbfeda49e6f71f1df687ad1746492414aa7c64de11d90edeee0963903473a67c5e699b1edcea0a0ca684a5ca0773cdafbfe0ae0a66886c37b33e49874f0db52e206f6398c8b131507ec6ba94978a465e2febc555366aff7e65156f219ffb253231d01477f0f7906f877ea1ce33b838d701ce4c820525ce0cc0734190abe8abf65e34b23b76d2f6a49ee0930f047f2e33990e57ebb72a8db0bd440202ec9266b3fa9c415c2cd2ce34b81fabfa7f317415a0bfdbe03f385d42295651a3adb01d90cc76c748bef96ae02fbd870500c6e5132b4b94b17c249daae9a9b37c4ad69d10cc8cf2fedb6ea6b72e547f1cbf36f74fc06cacf7ea45c6aa84f08d91c8e31be887a39d1ca752f8afb310fade17f1c62cda05e910a9042f540155aedc8d59c51fc700a4c3a35f6593de2bac949d0cef387d58d91d5a57f417864a04d245a5f0bf91c89f17d145c484f1b2be03d3fd15c0e4773523c530be64bb70865893813fd0132a1e9fc8d0bebfcd0d3880057e47ffdc07839e33dc52fd337f25ec32f72ba924e5b0010a3ef3fa004b39cec11bd815b761a0e3627d0bc98d6831ba43e60938392d005194ea102f860c2a5e9dc788afe679a4421aa7bad333046ccdf2409221ffb424247952ea36bbcd26ea89e08220155f32edcc437a3f7892a02df8277b91674b4ec0c7925a58f80248706fe55a9510636cb3562eb960a1fabdf7e48d32d330b711591e37528b8d962b4ed8e74001e43df8d65d365d39c9cad932b542e1a7dea689473209120be9c325f175b77aa7ce9701964a750bd0712d658a8a8cfbac89548568655179639d3442a54b49938e975864519f1f62bb4112510110a9f1e0bebfc11c1be54db4eb6888cda1b795e94c77092f78d7afacc9309e6df4acfba66978255f883de8f982d8492d60ffa6eb89d3f016897775a63949d288dc7649f8851af9699594cd899047fcc9448a443824fe8236bc93697545f62dc959c2f9ba80faf09539ab174251d4d39f862b1794ef4c372a49475eaba9fd5ed2d334d7e155c89aa8bfc3e8181f0ca2a5ac275a15a0bf3705ea5543179cfb043402d699553251bf9885246371804df43c2859a2d2920c9850917c7a7be1df39d8fff5770c77ac86b6cfc8178cf750d0daf99a560df37258056ccfb4fcb49c4070c712c84733c196dc05f12c3a25f04a24c181dcbb18364b6fad2cfcfe532bc50a8967311a3134750ba397ce15cb3cf069f2d6d6cce6a7cf6a204a394f0a9a44152767d75deaf03bac8fde6a8ed876c53b79e3e478fe429580b77c546f4386ab8fd250bf37b329eac25c4efb6759f84da686f2362e6fba3ebf9953f989fa17a0904a835b5863429d4a077a5336837e773348a1c1d6c2049924718ca84ac277c00597b1d43c7a9f4d41683c425ef6e3cc1fedab4a8f43f6abfd26ca8c758151c6e68cb65f9342a110cbf0fa84ca23c759a2fb8b8580ced794da3f40f79775ec1ae67dbb7aa287b73012a37cb2354908cac2b982158d6baa9952fa4a078f1f977dc802752cbd5841332098c628adfffd0caf5622a8d8ab9f74ed0bbe52ce34e2e82eb1f3550c722a906aa7ffb889947f799df2c96816582a0ad24201d098e0a56ea5abd47eb4736fef027433562213308bb9cda20ea6f5eb8785219aaedcbc3d004fc875906dcd83aafbd131e0f2a3862cf6d866de5690177a89e2be093d79abf95d4f78d2f5ee31d65aa4e708e5f182e54248e06da7cf6c721622b6271d6721eb6bdf44472a4ee86421625a852a230ba421043e9d5e0f6bb5d7b9dde37ba8c96ca89537a3cfaa3d5f4091f4541dbd7e1a0b71d1ef8492c5d7cc5f5970cac15191b364f546067bbf6cce855783496b488ca111944f69eebfe17a5902275c33a8db9df790636a5505535916e263279cc23d2aef5d8bcc7c90471d75dbddc5a803310f86f077da2a6a38fa116e2fd21b291f118754c6e8190b7b21e6217b9a68cd5879936ad5e0c3dee1da9b598dc7e8b17f683f01e17126cb745bd2292f0abf53a053cc96e942678bc88c774ed4d4cd0662c2d1a430a9a418f35728cd2f331d6990b55d0a80108a05231e20b1d4d4796914eb342544b99dbd9cf6a5dd37127f36980ca91f3d58980a1901f48c44ff932c5c654ec3bc456ce3681b9eb7c9c9b1ce9a7771c4765087f92d1125b5453d73f56ff39acc661389e8fcf9938b7d4e345d0e658fcc2952c6300fde47b390f4483885da5426cb080a14e3de5a2ea145c02c4e2452e6d1ca083c004ab69c601d40ffc7c949411fa76000027924a358e47863a8c9e14ff1ce6d8d5c3718faa6018c01a62d9a0c7045b2bf45783a0906a5bf36109ccd02f74ea0491d1e9e9957c4a2339011fba9f7418a5c31dc24a3e9ad5f667a81de6bbf3ab25aec0d22fad62f07cb02f675756e94e2db79d34bc91d09b7b53414b526b1a3d334829b57e056c4b39707837fc621d93a95d8651ff149b579e80fc0c0b2dab8288dc0102afb004a420bf065aeb8c6334420903b9ba368003d947b25dadf3189c917df394d7ea96d4fdec473dd501b076802830fd02ef2bee86c53be6c6dc254456043a0e09c706fd0199f5645fd74f9bf394631956ed0f71533a3641e9b5019f06e354538e059c451654d5262f044e035be14ba279a1709e6ada85d00ed10c9e4c041946e78c01562936f1a9bd0d38393455abb9189c467531eb50a22e012eb041e8dcbcfbe5372ee4cd721311c6be60d82c37720c5f58a6c7dd087a15f144d47ddb647be88ca856f9d9169df69383ccafa7862e900bf7e3339db89e7ec5099ff1ad68b427a9b3832d6c7bc697c0fcaaf4e5668bcd27bbf910b109aed54a6e4b71b7074beadb93266f9514fc2a12401849de992395906bf9de35ebdfc97fb2dbe0cac088970773606a0564cc90b88d5a2bd6f08067db2c6d7e094227e5e60a60d8c20a4c0a4036c28fd5887e4b0276012e157e87d18aeefa56925497683560c04d83a3bbed96e64237298f228dbe1bdfd588ad4fc02a90b92ecdcbf17d841ccda62d0396f6dd88bfe55a0432a67009ab2e0b9d51febc6f57270f9ffe6c4239ab4a323a16e227d0d9fd8f80931eee91dffe8fce8fa7103149f3c702a0802e774220ecc7a1381e33689344619c8c106754d4a57daea176c43e9186772b9d037a6c92631915c8f024c80d9677695573202584592109448205b6f427394bf60caaf14cc6cf40113971df2221c0c44e5963141e8f89517a75a1899e07b2fba82dcd75b70aa0b8d10880e8ba0dad3326a2cdd0938dff7d1a7792fec3bb40c737aaf5c092458c6e95d41655ede6313e89f379a3be5f140950a597d5438be183abe694fedd2f281e37d62f1fa96cfd4013cb69a2d9513d6de27daabf89f9773d15965abd5dc92d852a570f9e9575fb90f32dfa9cf5e72a068612bc0f851140cb0edbb45faf5809a71905b960e12c73efc5abee2d4fad5b8103f199340433d17a58107d98c352e35c853365479ed8ed21a4de31c3337c8f4152b8ac9e331914706d88beb358fdec552ab2ccfd7583202438d54caeb24e2c31a21f7556b35e38a57a7423720e61162cfe8ba0ea74764a5b12b46d831d8438dbaf79e039bc3a9be6b5832dd0ff72fb71de12dcab62a4a5a98f3bea6d1d3d2930c4d8ebb476629c1c082032cf7dfc321726cdfac05b3f81e8882445eaa5f8d1598641dd3716e7951688f83eeb6ac59b0ed4e3cc076a58781ba5ebfededd6652bdbea3dffd55953cb6bfd6a75a6d99d9d47565de04b4eec607e5a2f076844e49955056c47d97d7ade186fd8ec35ef0233446cce54be51d9f9bdd84dcd2752defeb2207f0100345b3dc25267c2ba0e3693927ea33d06d93565f2873f043216092a37725fc94056aca6aa5b19be7f03713761edb6891f8374bcae07723dcbee64feb118a09f3fd05719c76628086d0fc551e5982e962e643e157840c4421f1dce0bd3d2fc594a17716ca798a069e6fd52570e9d2e2737e2dd728072cd802766d21ace892516e21d9d032acf9988cd02642f230e990e95afdcbe18f2845c728af0586a93c84fee7948b87e5332582a17548e29308210f58e7bbd36fec0c4d7af4171574867d5a1f2d5420396351b5d97e2f23b64f8c89faf2d853598da73ad85d16e44c085491c005a5fdb2eb6382cc10acdf6966aca263d91637d4f0a14d22730973d9ee9228c7d6a13b826273aa019d3c27c14117a97cf085d7979ec9457cee514bb6c2a9bdc9d4c07bf573214e1c4ee5bd0a86b4820a010bbd88a05e81cf1a3da998daeafdb349025a96a4d6d334c89d68e0dafafb1070f54748548fc0342c8d690ff2b6fda6b7be4977f1a51774d53975e09267547d9ea8cb98bb5d3a0aff1688299671159c92ae44a0b5d020f062c24c5fb58fc6f1520e1907f9a84acafc67e501a640443793933665b29a54283edbf4024a16f96531ef9e3c52c63306ea40e86c7331dd49f4de61569dbcfbc06665e5285121d00eb4c6d35c13d06ee302bee3fca20402ec971ed0739c5d25371a744db246d8bfd151ee3e21f8c6198b9d6a3321469dc39a08ef9f2013ec1c02bd71de6795e60c813fe2471781314110545afacb914e7d4ea9a745ae3ee936ef46b2c6a184d75eac8fecb61ee5f9b59c65d44613def44c69b7e282bb1763bd81e24e74667e16d00b42e4dfdf73875c0114b3bf60e0eafe40d44d1a7db48030a39d65a55343c324910d16d6bd6844c6780788a09bdd267ccf37f95e8d34934d611e7535539228795cd86d9ecbd4929f17405de3d659a98ccc72ee747b88708937201ac177fb09268828eb1742b9d48c2108ec0923c7eeb8708bfc692832e136183c5b3acb4ef6b00b111cd59e3e903368e2134e7789cf43b9eef773dce4a0a09525f4efdd9d8b5ef0b8789df8b96375c44c911d7a3735b0445cd9c371478b779ed4800d3b4255f6ab45ec5f7b3c61570019c2f654d4f00529e5501bba69371acf4f88113a482b496016fcf0d34579c194062afedf0626a754528d9fa18278b5c639454dacb08168157fefb7736c5486208b662862f8a6dea6ac7e7742531d88e93d3c8500889a57eed6bbe4a94709fd1f04e91c77fcf19cf951790c59deb651156dc49337406f307dcaf581fedbc652579eb80e004e8fdbc25f22f433a2b7d767a4a93ebed144c9fdb1ba26d90b58a4b5b4892ac43ee8bfee46725318e7c149615a8edcab9b2c5c5719579524756cfc253ec484c13c648352a955bd9b6e5f90963b3e62f40740b0a5b7f80f6d853f6bacfd1b06861de1c2e283eede50930d8ba4903093678120aae233fb0626477a8261efbcec707d2f9feb79b732ed383821cd660efb5786b50ec9e0b8bc3f9ad82a1d7e2384b33e4b07d07ee7709d306ab0dc0843ed45b7b607f94290af98779bf443307c66944a841b61051f1fdb6f786743a269cdce4905381e98e395f883943ded3437f8265ef5d8f1862c5a2", 0x1000}, {&(0x7f00000031c0)="943d1db9aa14f5bae2ce61797e2438442c6e9b3d8622b9cd8f8604da09952995844a6132e8c171e8b2ea73f0267bafeb8ec1b640a2fa9df85ae4adc27eb594c0c421b69ec6e875379bcf51d2fcb5dae3940ea0b1ab9d207eb944067d4d9b7c2de1a9a641816e9a5b15bb03821923e0d66d0e41f04bcad941d33943c7397ee0e768bc7ce82f19f4479fbcd9b2188251f3e9490a9646b56499136eead2339077d92cecd1a782b673d2aa0f84f45718d6b9113d0b4868516da7eedb16495a0d03b6d40126df1124e9d3bb0591cd029f0a63efd6d25ce148b680a64d31611f713e", 0xdf}], 0x3, &(0x7f0000003300)=[@tclass={{0x14, 0x29, 0x43, 0x401}}, @dstopts_2292={{0x68, 0x29, 0x4, {0x4, 0x9, '\x00', [@enc_lim={0x4, 0x1, 0x20}, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @enc_lim={0x4, 0x1, 0x2}, @pad1, @hao={0xc9, 0x10, @private0}, @hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @empty}}, @padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @generic={0x1, 0xd, "7f6bff0aa75c91a5b095a8c0c3"}]}}}, @dontfrag={{0x14, 0x29, 0x3e, 0x8}}, @rthdr_2292={{0x58, 0x29, 0x39, {0x6c, 0x8, 0x2, 0x81, 0x0, [@local, @private1={0xfc, 0x1, '\x00', 0x1}, @loopback, @dev={0xfe, 0x80, '\x00', 0x21}]}}}], 0xf0}}], 0x6, 0x44001)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4, 0x4000010, r1, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x20d315)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r3, 0x0, &(0x7f0000003640)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r5, 0x0, &(0x7f0000003580)="e002578c481050af876dffe0ee9792b6e5ba08c0be4f8adce92b6594e65cd9ecdae71e6a3c5b1e9b1f0f15625f913c677153646e803e8dcff4c996d07f7a6b13b42c7f07456ea4fa06724ab0bcc2351f05f9d5221dec515ee6d153b6665ce3262c4b9d717e6b78a81831fd7d97707c2d2140b07701f34a57220d67ee65dc795f625d40525221cf6d654f6e4b195d1dd20619e8ad8f2785ccd1fac5d1664575e3f0bad07960cee93031fdcf", 0xab, 0x10001, 0x0, {0x0, r6}}, 0x1000)

17:16:37 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:16:37 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 50)

17:16:37 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:16:37 executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:16:37 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000052c0)=""/86, 0x56}], 0x8}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:16:37 executing program 3:
prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0x6)
prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0x4)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
removexattr(&(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', &(0x7f0000000100)=@random={'btrfs.', '-\\/,-\x00'})
syz_io_uring_setup(0x2a07, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x1}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r1, r0, 0x0, 0x4)
prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0x0)

[ 2093.289200] loop7: detected capacity change from 0 to 2103296
[ 2093.292658] EXT4-fs error (device loop6): ext4_fill_super:4967: inode #2: comm syz-executor.6: iget: special inode unallocated
[ 2093.296308] EXT4-fs (loop6): get root inode failed
[ 2093.297428] EXT4-fs (loop6): mount failed
[ 2093.313276] FAULT_INJECTION: forcing a failure.
[ 2093.313276] name failslab, interval 1, probability 0, space 0, times 0
[ 2093.316179] CPU: 0 PID: 14128 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 2093.317670] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2093.319507] Call Trace:
[ 2093.320082]  dump_stack+0x107/0x167
[ 2093.320875]  should_fail.cold+0x5/0xa
[ 2093.321704]  should_failslab+0x5/0x20
[ 2093.322598]  __kmalloc_track_caller+0x79/0x370
[ 2093.323581]  ? kstrdup_const+0x53/0x80
[ 2093.324420]  ? kasprintf+0xbb/0xf0
[ 2093.325191]  kstrdup+0x36/0x70
[ 2093.325899]  kstrdup_const+0x53/0x80
[ 2093.326716]  kmem_cache_create_usercopy+0x12f/0x2f0
[ 2093.327796]  p9_client_create+0xc6a/0x1230
[ 2093.328732]  ? p9_client_flush+0x430/0x430
[ 2093.329131] loop0: detected capacity change from 0 to 2103296
[ 2093.329650]  ? trace_hardirqs_on+0x5b/0x180
[ 2093.331830]  ? lockdep_init_map_type+0x2c7/0x780
[ 2093.333039]  ? __raw_spin_lock_init+0x36/0x110
[ 2093.334272]  v9fs_session_init+0x1dd/0x1680
[ 2093.335436]  ? lock_release+0x680/0x680
[ 2093.336504]  ? kmem_cache_alloc_trace+0x151/0x320
[ 2093.337773]  ? v9fs_show_options+0x690/0x690
[ 2093.338962]  ? trace_hardirqs_on+0x5b/0x180
[ 2093.340105]  ? kasan_unpoison_shadow+0x33/0x50
[ 2093.341312]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2093.342665]  v9fs_mount+0x79/0x8f0
[ 2093.343605]  ? v9fs_write_inode+0x60/0x60
[ 2093.344659]  legacy_get_tree+0x105/0x220
[ 2093.345693]  vfs_get_tree+0x8e/0x300
[ 2093.346719]  path_mount+0x1331/0x21c0
[ 2093.347763]  ? strncpy_from_user+0x9e/0x470
[ 2093.348763]  ? finish_automount+0xa90/0xa90
[ 2093.349880]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2093.350973]  ? _copy_from_user+0xfb/0x1b0
[ 2093.352061]  __x64_sys_mount+0x282/0x300
[ 2093.353001]  ? copy_mnt_ns+0xa00/0xa00
[ 2093.354007]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2093.355199]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2093.356555]  do_syscall_64+0x33/0x40
[ 2093.357360]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2093.358702] RIP: 0033:0x7f916d656b19
[ 2093.359569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2093.364387] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2093.366139] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 2093.368021] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2093.369537] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 2093.371076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2093.372606] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 2093.374455] hpet: Lost 3 RTC interrupts
[ 2093.375592] kmem_cache_create(9p-fcall-cache-309) failed with error -12
[ 2093.377045] CPU: 0 PID: 14128 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 2093.378525] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2093.380755] Call Trace:
[ 2093.381454]  dump_stack+0x107/0x167
[ 2093.382420]  kmem_cache_create_usercopy.cold+0x17/0x65
[ 2093.383808]  p9_client_create+0xc6a/0x1230
[ 2093.384927]  ? p9_client_flush+0x430/0x430
[ 2093.386036]  ? trace_hardirqs_on+0x5b/0x180
[ 2093.387186]  ? lockdep_init_map_type+0x2c7/0x780
[ 2093.388430]  ? __raw_spin_lock_init+0x36/0x110
[ 2093.389640]  v9fs_session_init+0x1dd/0x1680
[ 2093.390778]  ? lock_release+0x680/0x680
[ 2093.391836]  ? kmem_cache_alloc_trace+0x151/0x320
[ 2093.392868]  ? v9fs_show_options+0x690/0x690
[ 2093.394023]  ? trace_hardirqs_on+0x5b/0x180
[ 2093.395019]  ? kasan_unpoison_shadow+0x33/0x50
[ 2093.396239]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2093.397328]  v9fs_mount+0x79/0x8f0
[ 2093.398277]  ? v9fs_write_inode+0x60/0x60
[ 2093.399184]  legacy_get_tree+0x105/0x220
[ 2093.400254]  vfs_get_tree+0x8e/0x300
[ 2093.401055]  path_mount+0x1331/0x21c0
[ 2093.402061]  ? strncpy_from_user+0x9e/0x470
[ 2093.402997]  ? finish_automount+0xa90/0xa90
[ 2093.404133]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2093.405133]  ? _copy_from_user+0xfb/0x1b0
[ 2093.406233]  __x64_sys_mount+0x282/0x300
[ 2093.407118]  ? copy_mnt_ns+0xa00/0xa00
[ 2093.408144]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2093.409271]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2093.410645]  do_syscall_64+0x33/0x40
[ 2093.411446]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2093.412794] RIP: 0033:0x7f916d656b19
[ 2093.413598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2093.418442] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2093.420198] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 2093.421715] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2093.423241] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 2093.424764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2093.426277] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 2093.428049] hpet: Lost 2 RTC interrupts
[ 2093.449125] loop2: detected capacity change from 0 to 131072
[ 2093.469271] EXT4-fs error (device loop7): ext4_fill_super:4967: inode #2: comm syz-executor.7: iget: special inode unallocated
[ 2093.474161] EXT4-fs error (device loop0): ext4_fill_super:4967: inode #2: comm syz-executor.0: iget: special inode unallocated
[ 2093.476640] EXT4-fs (loop0): get root inode failed
[ 2093.477638] EXT4-fs (loop0): mount failed
[ 2093.487116] EXT4-fs (loop7): get root inode failed
[ 2093.488359] EXT4-fs (loop7): mount failed
[ 2093.504289] EXT4-fs (loop2): bad geometry: block count 512 exceeds size of device (128 blocks)
17:16:37 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r1, r0, 0x0, 0x4)
openat(r0, &(0x7f0000000000)='./cgroup.net/cgroup.procs\x00', 0x100, 0xc8)

17:16:37 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

[ 2093.649077] loop0: detected capacity change from 0 to 2103296
17:16:37 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {0x0}, {&(0x7f00000052c0)=""/86, 0x56}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:16:37 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:16:37 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000", 0x1a, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:16:37 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 51)

17:16:37 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:16:37 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = signalfd4(r0, &(0x7f0000000000)={[0x8c66]}, 0x8, 0x80800)
setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f0000000100)={0x6, {{0xa, 0x4e20, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x723}}}, 0x88)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)

[ 2093.731897] FAULT_INJECTION: forcing a failure.
[ 2093.731897] name failslab, interval 1, probability 0, space 0, times 0
[ 2093.733642] CPU: 1 PID: 14176 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 2093.734669] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2093.735881] Call Trace:
[ 2093.736275]  dump_stack+0x107/0x167
[ 2093.736809]  should_fail.cold+0x5/0xa
[ 2093.737370]  ? create_object.isra.0+0x3a/0xa20
[ 2093.738044]  should_failslab+0x5/0x20
[ 2093.738620]  kmem_cache_alloc+0x5b/0x310
[ 2093.739221]  create_object.isra.0+0x3a/0xa20
[ 2093.739901]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2093.740693]  __kmalloc_track_caller+0x177/0x370
[ 2093.741368]  ? kstrdup_const+0x53/0x80
[ 2093.741937]  kstrdup+0x36/0x70
[ 2093.742419]  kstrdup_const+0x53/0x80
[ 2093.742965]  kmem_cache_create_usercopy+0x12f/0x2f0
[ 2093.743701]  p9_client_create+0xc6a/0x1230
[ 2093.744332]  ? p9_client_flush+0x430/0x430
[ 2093.744950]  ? trace_hardirqs_on+0x5b/0x180
[ 2093.745600]  ? lockdep_init_map_type+0x2c7/0x780
[ 2093.746297]  ? __raw_spin_lock_init+0x36/0x110
[ 2093.746977]  v9fs_session_init+0x1dd/0x1680
[ 2093.747607]  ? lock_release+0x680/0x680
[ 2093.748202]  ? kmem_cache_alloc_trace+0x151/0x320
[ 2093.748899]  ? v9fs_show_options+0x690/0x690
[ 2093.749542]  ? trace_hardirqs_on+0x5b/0x180
[ 2093.750171]  ? kasan_unpoison_shadow+0x33/0x50
[ 2093.750850]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2093.751607]  v9fs_mount+0x79/0x8f0
[ 2093.752139]  ? v9fs_write_inode+0x60/0x60
[ 2093.752751]  legacy_get_tree+0x105/0x220
[ 2093.753361]  vfs_get_tree+0x8e/0x300
[ 2093.753898]  path_mount+0x1331/0x21c0
[ 2093.754481]  ? strncpy_from_user+0x9e/0x470
[ 2093.755120]  ? finish_automount+0xa90/0xa90
[ 2093.755857]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2093.756550]  ? _copy_from_user+0xfb/0x1b0
[ 2093.757168]  __x64_sys_mount+0x282/0x300
[ 2093.757775]  ? copy_mnt_ns+0xa00/0xa00
[ 2093.758358]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2093.759158]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2093.759944]  do_syscall_64+0x33/0x40
[ 2093.760506]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2093.761267] RIP: 0033:0x7f916d656b19
[ 2093.761821] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2093.764540] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2093.765664] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 2093.766735] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2093.767777] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 2093.768834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2093.769883] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 2093.792681] loop2: detected capacity change from 0 to 131072
[ 2093.806533] EXT4-fs (loop2): bad geometry: block count 512 exceeds size of device (128 blocks)
[ 2111.118297] loop7: detected capacity change from 0 to 2103296
17:16:55 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x4)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f0000000580))
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)

17:16:55 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:16:55 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 52)

17:16:55 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {0x0}, {&(0x7f00000052c0)=""/86, 0x56}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:16:55 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:16:55 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup.net/cgroup.procs\x00', 0x440001, 0x20)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r1, r0, 0x0, 0x4)
r2 = openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000040), 0x2, 0x0)
ioctl(r2, 0x6, &(0x7f0000000180)="e404799a7aeafeb9c87218e69bed6a16bcd8049d7657f143afaa71681f9f840e218416c7bb4ab52c88a80fcaabeb74cf7f609cc0195654a7fca0cc9af301c974c85d7b92566147c80a9afaed82266d34aacb37eae3029eca5f63e1225e3031724b03835fc0b4812b7eda80a10d813f2c3f10831260d6fc8bde0dbe2ee8517798cc9e2e525061652c5485b3790f225a2a2d588c28ed6b2c4a8f3b8d63cdb20fa06d34f82bac0d27eb18fe4ac9165a01907dadaa817243cbdccec82abae0d1b46cb5acddec60082e")

17:16:55 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f0000000000000400", 0x1c, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:16:55 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 2111.145601] FAULT_INJECTION: forcing a failure.
[ 2111.145601] name failslab, interval 1, probability 0, space 0, times 0
[ 2111.147526] CPU: 1 PID: 14199 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 2111.148546] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2111.149789] Call Trace:
[ 2111.150190]  dump_stack+0x107/0x167
[ 2111.150739]  should_fail.cold+0x5/0xa
[ 2111.151307]  ? create_object.isra.0+0x3a/0xa20
[ 2111.151992]  should_failslab+0x5/0x20
[ 2111.152556]  kmem_cache_alloc+0x5b/0x310
[ 2111.153170]  create_object.isra.0+0x3a/0xa20
[ 2111.153821]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2111.154579]  kmem_cache_alloc+0x159/0x310
[ 2111.155211]  kmem_cache_create_usercopy+0x190/0x2f0
[ 2111.155957]  p9_client_create+0xc6a/0x1230
[ 2111.156597]  ? p9_client_flush+0x430/0x430
[ 2111.157229]  ? trace_hardirqs_on+0x5b/0x180
[ 2111.157872]  ? lockdep_init_map_type+0x2c7/0x780
[ 2111.158587]  ? __raw_spin_lock_init+0x36/0x110
[ 2111.159269]  v9fs_session_init+0x1dd/0x1680
[ 2111.159905]  ? lock_release+0x680/0x680
[ 2111.160494]  ? kmem_cache_alloc_trace+0x151/0x320
[ 2111.161210]  ? v9fs_show_options+0x690/0x690
[ 2111.161862]  ? trace_hardirqs_on+0x5b/0x180
[ 2111.162612]  ? kasan_unpoison_shadow+0x33/0x50
[ 2111.163308]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2111.164060]  v9fs_mount+0x79/0x8f0
[ 2111.164584]  ? v9fs_write_inode+0x60/0x60
[ 2111.165196]  legacy_get_tree+0x105/0x220
[ 2111.165797]  vfs_get_tree+0x8e/0x300
[ 2111.166350]  path_mount+0x1331/0x21c0
[ 2111.166926]  ? strncpy_from_user+0x9e/0x470
[ 2111.167555]  ? finish_automount+0xa90/0xa90
[ 2111.168193]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2111.168873]  ? _copy_from_user+0xfb/0x1b0
[ 2111.169491]  __x64_sys_mount+0x282/0x300
[ 2111.170089]  ? copy_mnt_ns+0xa00/0xa00
[ 2111.170661]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2111.171450]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2111.172216]  do_syscall_64+0x33/0x40
[ 2111.172771]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2111.173526] RIP: 0033:0x7f916d656b19
[ 2111.174072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2111.176783] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2111.178009] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 2111.179065] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2111.180113] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 2111.181143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2111.182183] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 2111.198848] loop0: detected capacity change from 0 to 2103296
[ 2111.229607] loop6: detected capacity change from 0 to 2103296
[ 2111.253318] loop2: detected capacity change from 0 to 131072
17:16:55 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

[ 2111.284026] EXT4-fs (loop7): corrupt root inode, run e2fsck
[ 2111.285656] EXT4-fs (loop7): mount failed
17:16:55 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 53)

17:16:55 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x20, @private2={0xfc, 0x2, '\x00', 0x1}, 0xc9}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)

[ 2111.309274] EXT4-fs (loop2): bad geometry: block count 512 exceeds size of device (128 blocks)
[ 2111.311155] EXT4-fs error (device loop6): ext4_fill_super:4967: inode #2: comm syz-executor.6: iget: special inode unallocated
[ 2111.314431] EXT4-fs (loop6): get root inode failed
[ 2111.315570] EXT4-fs (loop6): mount failed
17:16:55 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
r1 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)='3', 0x1, 0x10001)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105142, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x20d315)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0x0, r2, 0x2, 0x7, 0x1f, 0xfffffffffffffffd})
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x20}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r4 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105142, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r5, r6, 0x0, 0x20d315)
io_uring_enter(r5, 0x19d1, 0x4ad7, 0x3, &(0x7f0000000000)={[0x8]}, 0x8)
sendfile(r4, r0, 0x0, 0x4)

17:16:55 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f0000005180)=""/32, 0x20}, {0x0}, {&(0x7f00000052c0)=""/86, 0x56}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:16:55 executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:16:55 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:16:55 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f0000000000000400", 0x1c, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 2111.396132] FAULT_INJECTION: forcing a failure.
[ 2111.396132] name failslab, interval 1, probability 0, space 0, times 0
[ 2111.398764] CPU: 0 PID: 14228 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 2111.400227] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2111.401968] Call Trace:
[ 2111.402527]  dump_stack+0x107/0x167
[ 2111.403305]  should_fail.cold+0x5/0xa
[ 2111.404105]  ? __kmem_cache_create+0x10e/0x520
[ 2111.405258]  should_failslab+0x5/0x20
[ 2111.406062]  kmem_cache_alloc_node+0x55/0x330
[ 2111.407005]  __kmem_cache_create+0x10e/0x520
[ 2111.407942]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 2111.409002]  p9_client_create+0xc6a/0x1230
[ 2111.409916]  ? p9_client_flush+0x430/0x430
[ 2111.410816]  ? trace_hardirqs_on+0x5b/0x180
[ 2111.411733]  ? lockdep_init_map_type+0x2c7/0x780
[ 2111.412770]  ? __raw_spin_lock_init+0x36/0x110
[ 2111.413745]  v9fs_session_init+0x1dd/0x1680
[ 2111.414658]  ? lock_release+0x680/0x680
[ 2111.415519]  ? kmem_cache_alloc_trace+0x151/0x320
[ 2111.416543]  ? v9fs_show_options+0x690/0x690
[ 2111.417485]  ? trace_hardirqs_on+0x5b/0x180
[ 2111.418401]  ? kasan_unpoison_shadow+0x33/0x50
[ 2111.419373]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2111.420448]  v9fs_mount+0x79/0x8f0
[ 2111.421201]  ? v9fs_write_inode+0x60/0x60
[ 2111.422080]  legacy_get_tree+0x105/0x220
[ 2111.422954]  vfs_get_tree+0x8e/0x300
[ 2111.423738]  path_mount+0x1331/0x21c0
[ 2111.424548]  ? strncpy_from_user+0x9e/0x470
[ 2111.425466]  ? finish_automount+0xa90/0xa90
[ 2111.426385]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2111.427381]  ? _copy_from_user+0xfb/0x1b0
[ 2111.428273]  __x64_sys_mount+0x282/0x300
[ 2111.429133]  ? copy_mnt_ns+0xa00/0xa00
[ 2111.429970]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2111.431082]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2111.432182]  do_syscall_64+0x33/0x40
[ 2111.432973]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2111.434056] RIP: 0033:0x7f916d656b19
[ 2111.434849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2111.438744] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2111.440350] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 2111.441859] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2111.443385] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 2111.444893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2111.446386] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 2111.448058] hpet: Lost 2 RTC interrupts
[ 2111.449326] kmem_cache_create(9p-fcall-cache-314) failed with error -22
[ 2111.450781] CPU: 0 PID: 14228 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 2111.452226] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2111.453965] Call Trace:
[ 2111.454516]  dump_stack+0x107/0x167
[ 2111.455291]  kmem_cache_create_usercopy.cold+0x17/0x65
[ 2111.456399]  p9_client_create+0xc6a/0x1230
[ 2111.457299]  ? p9_client_flush+0x430/0x430
[ 2111.458315]  ? trace_hardirqs_on+0x5b/0x180
[ 2111.459236]  ? lockdep_init_map_type+0x2c7/0x780
[ 2111.460229]  ? __raw_spin_lock_init+0x36/0x110
[ 2111.461191]  v9fs_session_init+0x1dd/0x1680
[ 2111.462098]  ? lock_release+0x680/0x680
[ 2111.462948]  ? kmem_cache_alloc_trace+0x151/0x320
[ 2111.463955]  ? v9fs_show_options+0x690/0x690
[ 2111.464890]  ? trace_hardirqs_on+0x5b/0x180
[ 2111.465795]  ? kasan_unpoison_shadow+0x33/0x50
[ 2111.466768]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2111.467834]  v9fs_mount+0x79/0x8f0
[ 2111.468582]  ? v9fs_write_inode+0x60/0x60
[ 2111.469451]  legacy_get_tree+0x105/0x220
[ 2111.470307]  vfs_get_tree+0x8e/0x300
[ 2111.471093]  path_mount+0x1331/0x21c0
[ 2111.471878]  ? strncpy_from_user+0x9e/0x470
[ 2111.472785]  ? finish_automount+0xa90/0xa90
[ 2111.473686]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2111.474704]  ? _copy_from_user+0xfb/0x1b0
[ 2111.475589]  __x64_sys_mount+0x282/0x300
[ 2111.476440]  ? copy_mnt_ns+0xa00/0xa00
[ 2111.476948] loop0: detected capacity change from 0 to 2103296
[ 2111.477264]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2111.479114]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2111.480207]  do_syscall_64+0x33/0x40
[ 2111.480971]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2111.482044] RIP: 0033:0x7f916d656b19
[ 2111.482841] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2111.486746] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2111.488370] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 2111.489878] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2111.491394] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 2111.492897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2111.494397] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 2111.496069] hpet: Lost 1 RTC interrupts
17:16:55 executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

[ 2111.540289] loop0: detected capacity change from 0 to 2103296
17:16:55 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:16:55 executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

[ 2111.572048] loop6: detected capacity change from 0 to 2103296
[ 2111.591419] loop7: detected capacity change from 0 to 2103296
[ 2111.597303] EXT4-fs error (device loop6): ext4_fill_super:4967: inode #2: comm syz-executor.6: iget: special inode unallocated
[ 2111.599207] EXT4-fs (loop6): get root inode failed
[ 2111.599922] EXT4-fs (loop6): mount failed
[ 2111.608158] loop0: detected capacity change from 0 to 2103296
[ 2111.632150] loop2: detected capacity change from 0 to 2103296
[ 2111.647015] EXT4-fs (loop7): corrupt root inode, run e2fsck
[ 2111.647719] EXT4-fs (loop7): mount failed
17:16:55 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

[ 2111.711386] EXT4-fs error (device loop2): __ext4_get_inode_loc:4406: comm syz-executor.2: Invalid inode table block 0 in block_group 0
[ 2111.714420] loop6: detected capacity change from 0 to 2103296
[ 2111.719757] EXT4-fs (loop2): get root inode failed
[ 2111.721184] EXT4-fs (loop2): mount failed
[ 2111.736819] EXT4-fs error (device loop6): ext4_fill_super:4967: inode #2: comm syz-executor.6: iget: special inode unallocated
[ 2111.740594] EXT4-fs (loop6): get root inode failed
[ 2111.741682] EXT4-fs (loop6): mount failed
17:17:12 executing program 3:
ioctl$TUNGETFILTER(0xffffffffffffffff, 0x801054db, &(0x7f0000000080)=""/137)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
r1 = accept(r0, &(0x7f0000000180)=@l2tp6={0xa, 0x0, 0x0, @remote}, &(0x7f0000000200)=0x80)
sendmsg$AUDIT_MAKE_EQUIV(r1, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x4c, 0x3f7, 0x400, 0x70bd2a, 0x25dfdbff, {0x19, 0x19, './cgroup.net/cgroup.procs', './cgroup.net/cgroup.procs'}, [""]}, 0x4c}, 0x1, 0x0, 0x0, 0x51}, 0x80)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000380)=0x9)
writev(r2, &(0x7f0000000000)=[{&(0x7f00000004c0)="674f303a6b333d44685169eee3402d7453b1c8fd1c5d76c11b1dac894a7e552f4f85f24e6f8e22d952c547fbc1d3416cb51edeefe5fdea0e3ec7cb3016ae8bbf44b7c7372e50a1c5505e069cd2c3d2349676e372d3af52e42d333fae128084991769952cf105f044a4d3923d4cfc4795832d3b6e2db559a74666b10f17d67de1943997beaf75f9b4109bc62c666a2cb6ec5c0bfa8a5e2a375a1c1d208b91cd95a6156cc5eea6a7b4fb6ae3ff1f36cf9bd8555cbfceeadc5efbce8b991fb05a3475b46453372b69dbe712f3926bd9646fea882034458a6f12dba5eb47b2656d60f9b051118f0d716f4d6e492cc1eea5f6785b37fd3a3d86060d5241fe7a5796a25017058618b7fcf072f722eea827398ef20efcc8785799a4bebe4b0d7e5d9a4fb03da3e9781ceb1832f327035e51f401d837385373754fc2122e7c805efe3ed4752116efa3759ef923dd2e0f2b96968531b94081a1fff99f678e1ea4f3039b140e7b00f231f638e43abbaf343f8ebbb1d6abcd25a77b14b307f25e02c9863d28debbd28074063b3e201e554fe88ac70445148d383b6839fb8e43f3aa1e0f198340173e08c0f4615ccffb180b19e72d95337b5c6b6a8f41fc07d95d33e177578e38da64ed2b97ae4876aaa7e2b3d2cae9de074b46ba7c9c3ca47a9ffef8e63c8f164f079ad35e957e232d17592e38695ea7f53304ce960b7effa1a21300aa3e83d1d7b62d7ce3c3fdaa223e1edfd7f786ca4b663bd14da156aad16f74584c72ff383df32726e2b300efa20a128bd0f6b86c1d922e5c52eda1c555bcb51d9a16eb9d9c5c0a6d4afc7dd1ef186a77a0a85ee024c9378c65eb66cb490d841c9689fed562f3abb5df4361f0d17d02e42177efc6d6781d4fa7b85302e745fab395bd0a37c8fa3db3c95467784eed20d60af3f247bdabb77d5e157906eb4f6bfe734a0bbb0d4cbc89dc2e895995e0c66ef044b0f9248912b812d88f900fa92b8c9d8044ffc9a84e715ad4e6d09a17a930280ddbbb744991a2843ef5af28babeb931b35e2276c5fabbb330add86aa60669249c28ec214a92f8fd96f09a404ea2eafcce0f7313ba22aa764b07e9e2a1c149cf4616d92e9685185942bfcb36bc5dcf3a0b6d3b2e9e9e663a2889689e64db4ebdbb5c87587139b196f48fa5daeabd77f931f068bd2f223ccec13b0f0e827ea4c2908f46d4999648f4510acf13ee93c20e43f876e5abe1ef89565e5dee37b6ac55247b0dd22a6c024e83021f3bdefb5f7f71272d69c0f1393bbfea472aeba34ca79695416f1b6db3038c6795f5cf4c1e14df68135dad4f2c1c58385634fb7b0195f97bc4fc8feebb827b95187839d3ca0a05522bfa16ba08f0f7134b3f43e9b9474e56f0cdee4fc9860edbd82e9ce0306d51ec978df5be98ddc35e130478a3498036f873b0ae0162f5afbff0cc14c41582a7dc3f2a2a0b875a5a65ebb34c688a1792028ad07f24b1ec7253e146168339a15d7ef03e1bc11cc6a1b86a72196f309923ea748775591b0277cc03089d5cc18a4dd2ac8ff34597471418bdbc3418f6e157d8e59cc1feb9484cc0dcb2228228e2466266fd0116790bf1fb2c0e32cd6aba950d43dd217c2f91e0002fcd6290021e555db900f9504eb64e72a52a4d6acc5637dd45bf981d4327dc853f03df083e629233319d7a89b8af805e56ae5f46ecc672bf8ddd9539b41882238164b918118b93ceddb8a744cdffe36c67957b1ef541f9cb29a4186662c044fafa903af67e7652861fea0aa2191eed8629c64e72ea235f98a94245721cad57ca4a63707617938cf205bf6c37de917e0854d09383b55933a100c93ce31e5fe9ea7495ded9050a5c91cb331ef17f85d243edf8f046ac467d19f33acfbe465bbc51e12431d2a1e3f745603a81310c4cb05037aa0e06805db239f4f722ec422d38ae590c5f1e15c4f0caeca0be6c74044f36a37e736c516ef82090fc82196fbbcbbd32e96c02087627d13ce27c88b7581a499f94a8b04dbe7bddb52b3aabe64346f44d8fe7c563fd46a09b75", 0x5a2}], 0x1)
syz_io_uring_setup(0x3a75, &(0x7f0000000000)={0x0, 0x0, 0x2, 0x4, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r3, r0, 0x0, 0x4)

17:17:12 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:17:12 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 54)

17:17:12 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:17:12 executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000012b00)=ANY=[])

17:17:12 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f0000000000000400", 0x1c, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:17:12 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f00000051c0)=""/197, 0xc5}, {&(0x7f00000052c0)=""/86, 0x56}], 0x8}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:17:12 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r0, 0x89f7, &(0x7f0000000c00)={'ip6gre0\x00', &(0x7f0000000b80)={'syztnl2\x00', <r1=>0x0, 0x4, 0xff, 0xff, 0x3, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @remote, 0x8, 0x1, 0xfe2, 0x987}})
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = dup(r2)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r5=>0x0})
ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000240)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7a})
ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@private0={0xfc, 0x0, '\x00', 0x1}, 0x0, r5})
sendmmsg$inet6(r0, &(0x7f00000016c0)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x2, @empty, 0x1ff}, 0x1c, &(0x7f0000000380)=[{&(0x7f0000000040)="608b", 0x2}, {&(0x7f0000000100)="c736852ad5b7a8f60da0a61ee6332a0d5272d87344c28c531693bdd17285b4340c68f3257d9e3a7142866661c0e239e3f18e89f3836ff86c70ee7c225323b15c13a70062c53c5efef445d251f2b262ae0bb0fafd180a7c7472d6ff240f06c67197c85738f281199d18f6c01c81ae496b1f9d766a5cc9fe986bff319ef8386681f7f2e80c8d2f7983eebd1732083a371ce5362925a03ba47833dcd86f1b2c1b537fae8cbbdff5365fc9f5e046533b9337536eccc8b21fdb222634a3aeabb2eff7fc8db194396c47b3a00a59c94f98aa9ca9f3968683", 0xd5}, {&(0x7f0000000200)="990bfba83db9c407b5e8fa1e5d8943608c9e39efa1c602af0ec8fffbc185", 0x1e}, {&(0x7f0000000240)="ec9ae2457b827d3584e30faa8f93228939d87361d6f64fdb343d96cc3949d6e6e1eb45246c56feaba5feedab0f11ae3b2caceb53bafd106492267134bf0b4bae68cc769f7e5366f57256862a571713606b18d9f3bd31a07d4f6b1108f07d8e9bb52ea368a58132389a3667d3", 0x6c}], 0x4, &(0x7f0000000580)=[@rthdr_2292={{0xb8, 0x29, 0x39, {0x29, 0x14, 0x1, 0x3, 0x0, [@dev={0xfe, 0x80, '\x00', 0x3a}, @private2={0xfc, 0x2, '\x00', 0x1}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @remote, @local, @private1={0xfc, 0x1, '\x00', 0x1}, @local, @empty, @private0={0xfc, 0x0, '\x00', 0x1}, @private0={0xfc, 0x0, '\x00', 0x1}]}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x4}}, @dstopts_2292={{0x138, 0x29, 0x4, {0x1d, 0x23, '\x00', [@jumbo={0xc2, 0x4, 0x6}, @jumbo={0xc2, 0x4, 0x4269}, @enc_lim={0x4, 0x1, 0x3f}, @calipso={0x7, 0x38, {0x2, 0xc, 0x3f, 0x2, [0x6, 0x9, 0x7f9, 0x2, 0xd877, 0x40]}}, @generic={0x2, 0xcb, "a7dbed56d3e26948cf61bff7afaec5f7acf18f51f94e67b793c02b2f03493f49a6d2d37f86444e1c3307c21ea4a90f3a0e8046a7afa5a3374c756cf1b14e3340c761558963cba4c83793f8d7037a41c8b0e78b2e41d315d692b2d4a5110d7b296057d6124f1f3e6e496d12547a78ec59fa3c0b650f63191da070df1bd71f150979160a33d3ef4ea5afcf8e0c629d31987f5b53b197b6bf19ff15baa8dbf660dd291dffff1159da0d3ae40cd72e0cbd674e80e232eb95d79c942a5967796f5fe43775c98c65a5725bb315a9"}, @padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}]}}}], 0x208}}, {{&(0x7f0000000400)={0xa, 0x4e22, 0x1, @mcast2, 0x3f}, 0x1c, &(0x7f0000000b00)=[{&(0x7f0000000440)="d08dd163966bdb9811ac5e729e9c8eff39f4d599339eb2b28a11c3ca00b4042692ec98ba2ce659125b7cf8af9d3202f26c0bb28d3632bc18cb8a9b4ca28b217c9b76132a21a6c88d075f71b876e6151ee2168a1d9f6a945700ec334192eb1eb9caaaf0d4c0f9c2d4eaea8e62d62d7bbe876e2d149a477a1286cd6c1a86f7812d915e79a3ffb98b3b0f9202be3a72f96b59d1a47becadab6545eb733185029771076552725e4a6d218c76764cace30cd6504dde7873a52216", 0xb8}, {&(0x7f0000000500)="e03a1f649a314e54", 0x8}, {&(0x7f00000007c0)="649da7af4dcbfaee1313266b6046eacc88302c29e48b26fc6389217885f813f1087e7ccc9687e7a3e5d51876e4ced62e9685c1f723d76184ce2b738a4c7cbc98a82cc7a2b854f8dc81bdc8a8609c49ca4ea6d43c25b45fea5cc7c83cfad7b46c7b103fbf183dec4d49b69624ed44b1099529603e3057f3e0bf70f12cd112f1314a0cc4e4848e673f072ea07252a0108358abf598b8ba0be2e7b685b08076b176d37fe6263e3d92c8870ec4d2429dc18ba09dc141be71cc1ffddd7d7e1edcd991f36ba1d7c7ba813e8b42", 0xca}, {&(0x7f00000008c0)="c3e2495f5e0e8f18470d57a5002e78764d8b27bb2babed9b19d5bc4f0ddef817a0a59e12ce7616d941f0741b9fcf275158b93c5609a13c38dcf510b2176ed65f625b6b2bbb73b9fe6d0a683780257be6d83344c6c53c923848a4449cd3683c50a5", 0x61}, {&(0x7f0000000940)="1f89afa085d68d53b46324d981006eaef1d9728eda967a84e4e61c6642dc99c2c62cc7b3122f051765caa0d76d59b119cf880627bb8bfb7f862030b66a3799a3f1dacb25bdaf47005e60f89ffb7dd85ec8e86a3818bf705b69c32515bd1291d0db904dd5ec9db0f7d8bb", 0x6a}, {&(0x7f00000009c0)="0cec1b6a58530b57569ae121ab5a4ab41564285e90a9f03ef296ef1afb5d8c6e841a9efb19b9f15ba3ce1269e8300c550e95aabef63d246945a3bb27b96ceb836aabd667bd7f488f2e22758816b89516b8207ebb18df2e2d05f47619b8cfccd8996772fcb80578b06f6b33a20efc3ceba0334edcd60d57bed4763d4375e87a5f1be6a73b4e767839df03d49152caf6d386dea90cb1b0c4be4b3cb6a439bbafaeef7a3ff795fffb4d68e264a402419c4c272284bce8e252c9f9fa15b5323afca80c413669757a93ae0142193dd12ae6c139e2e145f86d914eb7ef85a0ffa628ca5c401720be70530d", 0xe8}, {&(0x7f0000000ac0)="19d544c77529145d20bf0b419a9d8e9ccef40fa2d156babe987d49a1ce", 0x1d}], 0x7, &(0x7f0000000c40)=[@pktinfo={{0x24, 0x29, 0x32, {@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, r1}}}, @dstopts={{0x28, 0x29, 0x37, {0x2f, 0x1, '\x00', [@enc_lim={0x4, 0x1, 0x2}, @jumbo={0xc2, 0x4, 0xfffffffd}]}}}, @rthdr_2292={{0x48, 0x29, 0x39, {0x6c, 0x6, 0x2, 0x6, 0x0, [@mcast2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}]}}}, @dontfrag={{0x14}}, @tclass={{0x14, 0x29, 0x43, 0x6}}, @hopopts_2292={{0x50, 0x29, 0x36, {0x3c, 0x6, '\x00', [@pad1, @padn={0x1, 0x1, [0x0]}, @padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @pad1, @jumbo, @jumbo={0xc2, 0x4, 0xef}, @hao={0xc9, 0x10, @private2={0xfc, 0x2, '\x00', 0x1}}]}}}], 0x118}}, {{&(0x7f0000000d80)={0xa, 0x4e21, 0x565, @local, 0x9}, 0x1c, &(0x7f0000000e80)=[{&(0x7f0000000dc0)="c23eb8b803190600a71dd830b6369254c3eedd4f4b35e8c65fa1d05ef5299ab449803daec6c7e3d70637934ee6d814217282eb5a527e6b18", 0x38}, {&(0x7f0000000e00)="315cd1d4e1843860578968d0cc2a1bf6cd399367c03983da14106998c4824f33436696258c99ad7edee41f16d6e12c697262d15497cc0229ab77548f563433bc7867693ca0258dce6ff419e8212caf1f0bcd90ee53368455824b44abb6e930", 0x5f}, {&(0x7f0000001e00)="0f57e5a6fe987969f1a802361fee2fd21913e2d531e22e81e7ac2652952ed9070d7cb8877202f05b16077ee2023512f6eca8070d1abb9fdfd0a179fd23352779ce8df1b401646929f4bcbffe01bb8620b058f5279030083e3a8ad85a023450df93be17ef886d06f1b83dbb724a219caec7a1ebc91409af8b89f8af0c59ce9def017249f8fda98cfd3bb027bef5a0cbac5e0cfe594cc2dafbeeea6894ee19e617e0d32ad6a5bde7025ec0a282f665f3df5d13ed1e56624619c34bb2122389881bf182ec60392902de6caaafe441bf8750c72b42a56ef145530e3474f6a138ab0c0060f165c112cb7dcd0f4eeeb27d5d473088aa60a6aadd8ea8747b11d22d27760e4350fe942988816bd5201e07d9f4b0214aa56be5e73ab7e00aed006f6900130e7c51e56beb252c08404e95f510fa65b05b4e14217d0eec61d85e4ae2786f666802810245b1eae66c5b41dee07952e8705b902ca1fcd1f78d2fc1f43c7831cbef1da1a648bd091ebbce29c90ea0fc2adcf377adf45f19639a3382703db1df223f4ca5eed3dd213086cb030406a597366a9cbbde954e05e04a3df8ddcb64e2b86ee38f32249f5d31846b158f8d0fd82ef18ce5ae63385a3e1696bd4da66a4c91f695d62bd70e65601fc3f3d0eb5440beae4545db3d887538c7330950b49fb5b0ea7c75c3e31db80d36e63aab8af01e832121d374501c644ae9e690394ee3d92f1b110de2c0fe34465e749e9707a066bbddce7dd3d8a93af21930586f514a3f8ad6aee452e9c3cc5acdb7ec196ae2ccd168a549540f166279bc5e7582516e7763a25081dce2907127d583050e6aed460054bb390558c8fc2e91224471ecb30e614055018fc51a65c29f8f65e0e36c4a4bded2f2d389763ff1cae221bff7e8a80aa6957beaafe4ba2f6b191685a64fa8cccb4759bfa972bcf2d2ffc926392e1f66c45c51bd42fe77f99d0a3cfa9952859310640a1f632ddd97bb5dc617c3deef6bed097c6d1b6a2a137cd109086e42191332e15feb35879aef59ced04c9e88434130f83e4284ca86b0e9eef1fff1804c14bde9d5c186be18a6f79f7a28c57008fe564bf87832381ec30a8b68869e41c33642083063450717f7911087c22190bc573dca2fb6fcdb88a79cc914992ed89a06b5185353442f16db8e42ae8e5115efcc31590b0b66da9430890a4d27ffafb5a8ec4db12886bf1f199c5195d83b92645444a5b9ce2fe0496804b1414c4ae06430abe5c0e67700d146cd8c90d54ae37f59c830b75dbeaea34732197716cff14d5865f5a99c67bed11c08ca64f8fd15b610ce4c499f709458294d13dda9a08b178fc15588f2b913f504295fff7972cb1d74b0b20b52dd6c4b9866e426d5b8bf08cc5e65b671cd35cdc446ff4247ba4e655960d7d032c856b720ba5dd3d6f135bfaddeecd6d49089abd1ede2ccbd63d439baf74c1bfa60e3ef9d110d2e08389d9ef98b3bfa5bb18c773559c7d80ff1ebd2b9cc19340872aa6837bb85e07316614e6b9d83a56d3f72144fdaa61ac939e38985832bdc3770fc3c4cc1c9ed387e709811ed04ce5c27ca257d1619439b0bd9ded0bafa2f7226bb067d8e3be89d79a24d4223c27892776ad263995d2093968a6b3ade9038aaa9435a9ffdb9a6fab717b5e7fe1284c77421285fa6a79cc9844755f0a9e7d18c2dd9e6a6a00ed8cee644160acb0852a1676dc2ea4c9284c95dafed57e4c3e44e0c1fd595948e3fe2e5bc17fb47a28594c91c5e167a87a41dbd61caaf61da4f6656886539de5d84e896621a30a0b99679a58549891f84830d04109c840a2faa18d2088348db2adc650fe9674a1f016c7e273e7baafad825f1e727098c0207a916c5dba0f40763cf47520aff059b2c04698f0c99c1068bd17efb59a27f63dcc52a37c622fd3dcca50b4a85f7476e58ec62f588a234eb3cf2b3a9866eee5ce57d0094468e2f097fa0e2ddce1021d8ea5d74793eb2978e16fd092d35f98b0c5278756dff116f2daef64f6c3191215332e37cd9c01ee9e1ac48f70fa6e3e741091deba10952b169f3cf9b783aef413d5b0f584c4cf382f835e613614b985ab085d68182b1d6c79c8ddecfaac2df983da5a95b4ede65a22124638ac66515df2bff0044426d64902ff29e740e0ab930a40b76b72527a46e03425682fe4d72e97ce959070dfeae969dfd2e24991ba05eda9321642cc80caca7daa34e312d5d17fc2a5449eb72d7e18f21adddb1eff368f1b979764b93a0e7f34aaa8995b7645fdd6b5fccc0472d541ed961c3b4bb07806c3ab056b4e29710df0a8a09df8440ef948a524d45e426b44119442a514880fa2a57412f8d0b7be8f7e18f91cdb087dc3a0cf3d01fe1756e1d6f89136a7ba0970eb1bfb8e7824fec1647772f33f5b6144c30695378160de0b2cfe4c767a7b7d1ec0f6544b6c68669cbad8fda75570aaa3b6ccd361352ca81bde0d260b6af8dbc1c28174eeb55156f24bd20755915fcbd29764f539fa97e635cc81e1aa17c4c14f1b0c675666acc0b38cbbb23bb63fa63177598a4900bce447cdc103dc614573ef2cf8bc175d0e8fb2922c68bd386738421bee12e83025da03be7bd880b4828a5ba82be1d6649885269333e6a3e7b9e55424120cffeb1cc7e44773241ecb0e8041974e5045209d14dd9a2e766d4513f11b01653825f372a733abb709af247ce5ff00008798bc08e208c660b2b525ad48301d36e070a2dff834bc729e19cccb523093e7683ddb9a37bf9eeed856c0dfb0473d4dcf77e0a7f8db8bb53c2b52b3d256c39925fdc1a4af91ca4828e4dd69614b76a10fa8a44f690e96b8f6ca88578e29599e14674c5ea5898bbeaff95b03a990e959e854dfcc4421d1b0c8ca6ea3750ef0cf22814be92600fa5bf2ec185638e1e0f9b677eb81c36fe0767345daba538be27cee4f0838ec67a63f072885e6e08c3c8500d724b98848808f1714db21fb12acb1a300de8a57fc59e7183ed212854a4bac6018acbdab84407a74d74f8ab4361b8f845f7a21fd0c09afa308e5e9a64ee727bf30200a06e4a07c6808174b01aa4d17a7f4b6ce4d24edd0aa1c7505eca8a4449f4ec62a21e413944bc1b46c2c63d7b49b99aab14f3cdf651be98012c938f680b36ca0a0ec2555bb1a241748e673e242b90d9161a5f9743c53347f51ad1afbe86d84302cf8c1360cfd4d6ced0c16cf8999d05062ced7178fd5c1c3062b2ef886a0128e93407c722ce557b3647484bce4d86079de8da89954b40825dff8380595f6a3e219e452ff46c27d67956509e8453512e0521e7e38de1dc8c6755e1a48b5de136ba054ca74cc3a621151b8b30db163c6388babd41a97d4b864a704827791fbad98b4b0147e4b913003a351a046a302c6c57d61283002a63b16f5cc3b9f95c8850c5e79badd1d7c044e69d8c347a34f0c4ebfcc99011939a07f4f8d1d986fffd81a80d1fb90c6615eaeff5184c4962b03d75b50b5180a38338ba9c04075d4a476b672a586b00373d6e80054507746c5d409b57e7643cc185f481853e7d91a68ac8048a541b07ddb77a15550bd1b8381199d2235bf21e8c222eaa51d295daffa4cb058978b49a599a29d2536bf1650b47bacc652df5b5a83b63763abb1d27c6cc90872aa196dd58006bc0826bbc13b83b85891abbeab282bafe6d8e0ebaae7edd9524950a5372fa8961044aea7b86d2d2a721129e07914c59565baf2920cf60643928cad8d84e362436bd9b605419a233786ceb5ba707127b9863c95429a0d1afe5888dd419eb35870f57a71aea87dd4d0cdf8c61ff9d445f1fb3ee61548487a73c5c6f84d28282e04c27a6239df3b60de62728d2be2b8f5436124399d3134aed7b182df913f9ce187be3fdfdbdffa241ea8a38ebf36530c69c09e5f4b882686e5ee00aa2ee2bbd43f9a49b2a10f811f2f6acd6d83225a9a408d8e0df4f1bac25743cf0659437dba768f0708f4dde949a50dff8566e0659f29b5665e2d3fc9cd552c88eba89a758e9aff1dd79df48b79fe3aae6c1e45b109ff68691322a43ebfc3d55152d1bba865888cf2efb07544c83e3c212078351cf16bac3b73973e587fbbbdb28dac0d6e7c78f9ea4faf86e5568012103546d238eb88135411bbab484e15417b11b4f132fe8f5efb467d87cf100b5066f7162fbc7c1ee65384ca648681407112b34aec24465753a3e1f3c6bc0eb2ff619b12e50ce092bbd6fcd9cbcae8f98322970b6773e8f8f6c2c48030340b644512ab1fa3d5d7f88d8a6b6f61a88f307d226e5bdcb2575ad3995196eed732c595aaa9ab381c5c538f27674b010f6939b03cc90e4983a9394fdf12d28b1ccea9a294742e538ba136104f578ec9826ff017a386356a643c873a19b6c573f59dc71aab0f3f74b2d4c6b34305b0a86d27fa46dfe01c8c2138ab54b9163ea635585ce60b0084ba8dcb503daa1c3d506f917896d3ac7a2ddebf8e90d2ea99f7e2d42c720091e9069114a3eca59c221be3be5ef2cc39931c624fa7903a1fe2f72f00a6a6ed29cced2cd2d5583fd6f16565a87244a11c3e35d8529c63950b4d3791a10351aaf32c6fa1b9ac124645eee9dd0f913facff200647405c7c61dc4e63ff026fb848dd077c8f2d7f358c056e8d5b3253ed226449c30c56cd62ff2913ed46794d394332683012b44289b9aea9ef694af89c9df7c1d366212ecde151368661ddcbac3d58bbb74ed71a5d897c440739f4702c8235a3bb35036f65f02b2778fda118a3a652cc9876ddfd1599554efbfaeb7bc7b4c9e1eb48e26f0065e40541b78c92c7b46302671661b63952be07f9788c9c1bfc5453f264f44a67469efa26aa049f782c4a8cdfccf874e4ef002a53c547f0b55db92c6e853c03c1b43380ad95e1e8fd5eda8f542651a800a35cb411a6e2e5f809cee56552a56fc847f04c362da3e4a37529514b3743fec7e73c3995a74d6eb5ef57009adc1ab38661f5dcd4405d21b164f3c158f1df53a08e2d7796b21453eac9fdde3a6b1e7c6a8c099d3dad5682cae43893f64f2b4d20f7c99daa7e96fa6fec8e1e9c766a07e66bbd7555fe1c3a6a37b0dcceb3f8ecf5cabb2d016f5b50fe3348c02fa047cded2209bc8812ae3992d7a1e989933d80e9d15f9cd0083e1e3b11f23f7eefc1a186673034163ec081267160020e47ac719667b0e514aaf13ccf90b2bc96105fb1854c254924c8223f30901ab7ef939b1499bec5688c86aa2c330e61b4f10c44328eabb4742ff19c62abb48d2ddf335bef56c774ebfdd59038c8ed6b66a08cc1a66116e202e96a03d8e1088e796320a2e309e47550bbc7a63ab84fef57200ab5d4d1b271342c79d3bf7f47c85d91af7ff759228411c0829f4fedfaf8002398996f8dc07114a69758cb411496eafb0d4066bc417d6ef2e62fab33e7126e6c48db9ed22c34f12f4b71e8a56318edc046227c5e3c5aa742659f4be76957b7241f00655ed2192f1c03df0399db3ab55f5d1f8d59f2909707ba668b5c071174f5d050a08002f54cd3594567517d7a324223325b5b35012fad51375d2f1e4333683f666a62e7ae3756e2769d7a284c7a0b6d3aad3b01803c7319385ec17643d5fce2f30104c4e64e562daf4dd295cafa2bcef969dbd3fab07f0b7d642765a67876c1a25c554adcc6a37a6857fd2bffd28d02330b091f2eeb8b76061fd5455c70ee677b0a29a8ee9bfac0672e66f2dcbf14287faac3d1dcd4f9747a890d287426e2ddb331bb9ca331a7b26b9caec87a5c3685409a12ea7482cb997d50c50ff9fc3da07d08beac9db39ca6cac3105d386d95b037a3760e65d", 0x1000}], 0x3, &(0x7f0000000ec0)=[@rthdr_2292={{0x58, 0x29, 0x39, {0x2f, 0x8, 0xdb83a19e0946f492, 0x8, 0x0, [@local, @empty, @loopback, @private1]}}}, @dstopts={{0x40, 0x29, 0x37, {0x2c, 0x4, '\x00', [@calipso={0x7, 0x18, {0x2, 0x4, 0x40, 0xe0e, [0x9, 0x8]}}, @pad1, @ra={0x5, 0x2, 0x8}]}}}, @hoplimit={{0x14, 0x29, 0x34, 0x8b}}, @hopopts_2292={{0x78, 0x29, 0x36, {0x3a, 0xb, '\x00', [@padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x40, {0x1, 0xe, 0x6, 0x1, [0x6, 0x3ff, 0x1, 0x4, 0x3, 0x6, 0x98]}}, @hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @multicast2}}]}}}, @tclass={{0x14, 0x29, 0x43, 0x100}}, @flowinfo={{0x14, 0x29, 0xb, 0x1ff}}, @tclass={{0x14, 0x29, 0x43, 0x6}}, @hoplimit_2292={{0x14}}], 0x188}}, {{&(0x7f0000001080)={0xa, 0x4e24, 0x8, @dev={0xfe, 0x80, '\x00', 0x29}, 0x783a}, 0x1c, &(0x7f00000010c0)=[{&(0x7f0000002e00)="cc8a7cdcb686afe567855fcc685e7164d9a56436a3ebd1a093078910737eb348a1a2f1ad9083ba1b0f4fd6dfccf726e5943796d1ce08386ed23fd598b42e183030fb468685b850955f73292547c1c298f905a055339d262db6255c9a186ff754ba8eb5e594252f0716491003739eba8ce6472a47260d495cb96c282a45419611891f307409fafffbded4acfeb2d52e9186cdd5c5cdb28895521b00cccad05730adc971f10e7b67b4e4e4d20b375b5ed400b7837c929e0851a6febc5b2b5acbed247e855adc9db03efd7a1350f9bfb9d57da07176d0c58cbc4e23bc572268cbba218badfe4368da620624d86c3e82221502529e3f32d89fed9d77adb7cec0c76cce3d60a2f079a90d9af2d6788d1e2cf3ff7b2d39cc4d236d25138c50843ea0e7be412cd150c9b0264d5f72c1b7f8fd86079ecac1d1c0334b0dfd078e3f2ef57b3a5b467d497faad2fcbcff819e2614885efcec880d80648eb32cc3c16cf052941f3c73cd3167b9dff8e93fd7c1d239e3db5f511e399dc75daf5e76ca9a49ab0a8c860b044ff798332695a6f297f2739ce50ff98b78833260e13c7e32c95652ae58c109737568406cd5e4097ac53fdb64e358d400283a8b9f7a7ee2e511b2f9374e970a8a5a2a3f9e8aa3e1033ffe72c337d4fac76cb5b735d80776caf53414f8cf3d0afc388351fd47f59597f0dc8019b9d2aa2210092b2c43511e439075cf2e4489134472e45594387dfc9eccfb722ea2cb13f34a2d47d052b65740bc4bc429405219cd0fd44a352ea62280494d7cf95e3a8d2e058455f1894b768b0d2a77888490fef88e0e44a631933742699498f47b0e1c8e160acb38c3126f28d169c9e013dad8a30ebc66cc1313f92c1fde542c3a847216b902074de782fab356741ada85cc0de1a1f3b9d6ad863e42c1c12e3f422257da0c87656b73fb2d5a21af22a3972b967f44c81991d40b61c6f48cee4cb3f9163d119b95f792317f21e9bc9396f2983d68265741a1e88a825684cb3fe07f78df3197a387f80bb3cd2744d50ffbe3684903c16cb095098406289f24c69bc5a503d7aec118a31847c26068480c2ee32bc4b99e77be0f11165d559fee49cfe6c806a5e27b36fc92f5d927f997e996ac2826f090fa6b454b66075100762142c9b2c9ea929c919958eafe45e815089d840b38d096dfe65c1562b8b50e2f407ada23cf30d02dfbe11ede4a050330006731dcb10c07bf17662b9a8bfc47fd5cc85c4014a4f0322a8be09f637d6bbfc6136d6656c3e06a2855ac5943b1ac53fa2279508edea1d43fc7d4b4147e71b63c699b88a0a159b75a6127737dcc813538819f83b3a300a956ccbe97ccceb646200d8827c647a5cb7b8de0d10941f4229f6ef544b77706edb4f1005e541d9f2fd6cb668b7d2e2830d7ae8db1a66519b871f40bddf4c187f4cc92d188b7cf7ef2d21f5ccf197940ef2dee8822c2879f43adef86b72becf32916388ef4fc6f0799269866f05360d02119c19f74f818266b5b216ba6f093a54830444cc130fd86156ef080d4ae026de399d88eee82ef21692fc2702f2e49dac20c29ae34a6482bdd5e8404ed67421526c2345f1a7d1601755ea33345cffb3a4f8f6a1d83db47480c279d1b750e23793b675832021fadcbe7b9244dfb945b47355bb2a023e550db23dc7fb377481cede67b715a0bf77d120aabb877b817b6ab24f01d74979c4e354a164b5c7827c26066756adfb7c4ebac0a725b92fb3e804aad186210da855fb60efd253b0325586ac0c461773ea116dece6f18eebe658ab58e9b4aa9bb0cc7143c5c0820a15d388aa185a19d334eac5b6d3e8618730c2a15d5e6bf1f0844ab4433daa088c420524335cbffc2104a813a477aa6114522ea03581a25746c9c3dee35663f89b5aab2ff55de3ac953e9cf214cb0349683ac5cc38587b220504eeb372e9712ed34e8ccc198d11d400b89463774ad454d0b934abd4b225429394176aeea0c0acb593660f6a594dad024d4dbbe694ef04fe45fa0c00ad4c043304808c2d4853d3086cb2b3b2d92711558d8f3801b9eb6a283a8194ae8c89950a511faae1271dd9429c51f76c38b1cb8ff93e34c9212728c701c17f58af2550a43352fab721de0c1e8be1eea7302c5bc548b31b3b0317675c9e2c72daa8798168cbc12cc1a370ba18f60be410fefc3be27888dfd4dbdfc8cd3455ee1e16e4338690105f27c7ac6aedfbbb1f69063c791294938cee3a2d0e43f3b273ff826cb5d172deab11112e1318e744a1bda06a7d71ad2b6f55f2a711d7e7731a6cce7b0c3802368c1f46b0d03affcec4cf0730fd5e2d8ee2fe41e1eca1920dcf6d7d060113c7a91df5e0d1435a06b646bd70cc2c9215267e1090b78b1bcecdca926eae19c00225af02c5acec4fee6cc835ae362aec61f6a71f197f56d5fcfa6ed475740a5bba103d1dfa0a3a40ac5bd3f0c1d28b3cdbb12700db6a4236424ff6e052da89f9447dcef73302de79a9495525de325582af0011764976bdb564406544526a3e8a1a467558f30e5eebee5cfada91ce2a30e09cf1c78d3afc4b8450be3322d645a5a76bed813981974b396a6c5574c4efbfd55ae0f65d70dc2ec5f065e0ef373a11688ff47cc08ded30998a6e7035a9d0aff2d0bb8202901a0971829d8b625b063e3e2e6f251684a137ab602d22b6d85e4122d7ed5ff7b83810fda11c132b09317198e1c210984a7e3ea6b6311c1d792705cbdb5d859041e5a588b6fbd85fc812f655e409d4749952d5b6eeb328761b33485d043a7a161f051705aa9520b0c03b3fcb1579809048429552b903ebf65984c2e01d9787f24eeae3854830862614661f5436afd7d1882fe5ac41ba503e0fecc746f05463e638012463a549f261d2755a032b3d59ca2c8f1a7827f34e7b63bfcc1942583f346d36896d730b875436c87b509b8e18e5667d889d8bbce6e4ee664ee3dc251ea85258a90cb8c30b7ad5691312c01202d4699f5810b497961d3afc72d483bb079427ea7b5d0c6516e9b702ac711fa26f02ccb9000565a38c879e3d7eb71df34b04ef41e59d898e3416fa6eee5171ffb50c629633cc1d0a225f942bc61515cffc4d969e71f11ab5c378d34a99e476ec6eb3a36adcea3a64ac32dd49b011b549fc8b96613a58d14b81a38243457ee923813af64a04e5ca79ac51ae1e68beae03bb728ce9e4a3222680e1f77d4c6bfe13886945a8e1a9dc05a15242a68b35d257309f6c93eea366d418fe47cfeefce6032a10c287ef813beae8389cced750aa4a56c921027c14d6fc78c275cf69ec566052496ebdd2d53173cd59ef73943c879c5983379ccfc8847c1fc17ed7aabca2d3682186cc01e261ee914dd068082334466b89922f03a875f8f9f04bc506c959dcae05e313c8d857e6f6d513f7f34962e72f99ff084d60b3a8c662dd33e4eaa49f2cdcac2a8b5ff9df02f8f6ba344942785d35d8816c24320de95999b594560982808a2ac7280c5f9afb6d59734d7a9ff8ff0ecdbcec6f87c5c707391b77ee80ea60813cde0caa7603f259f1c3661d6c491b39730747a601ed94b5932fb74a70ce9c05f0bb90aae43e43fa190d3927c983a3da5eeb21a895a4657965390c6f3fb6cbc9f2424acd668f5a2421902ce32760293925e99d9a265cabb863cc99fcca3aea9f1bc6653528b2e2d24748af8773ee52912452432b05c7a9e1bffec7dadc5f7dd1a31d390172d4aa2fae361eab1106b9a022ab3fb73c645073c32a7b33508e109808ac972b9bc4646db017de592189111b4c6c714bd3ef4b2dad8f588ec78bcc86177795c91daa8da4c91c27b11fb3478f25453744130559d86209dd045b455cc6d530a210bbd81b24560c9a18011116b874a62434617684b27ff5e45d1d0efbcbb7ddb24203045d6544b7c295d1cbff4fd3126b9638ba1afcc8e014d81d21458ddfa6d354a0244d38d16934cd1a7d1c229462acab50a7b71744b2e1b014283757452bd56c0d41e742b3255ac1b93c32622b3c9b1c08e832dc67671f1616b89b1f732adf6803c2be59d6dc8b480085bd67890069875ba9a4ea4f93a4ad9b0c47984a15fc1f30b719fc883b34aa221cfeda7581b0afe59bd2f1ff9d3304ae3b278c38123c6b92149ced32aa8b258db757319a84c17e281486ea2d19f434b973d28fc92f31b2cfa1392a9131bbd02b210ef422d7402a353d6bfc8c63d8ca9477d4de5b37379922a4432a306a2d014ab6deeee5d8d92819a5c866e95cd5e3f4bf2709cc3d8e8c2b584b98aa633f57444ca8fac3f53e65ead9772aa929926724fe989b7a5e6255753bb301b70d2957407a672e1f3bcb0562998dd6fe65bf4e5faaf746f9cc6f0c464c05109a822d81b91336f504219b5d21d459105e3b03dbac19bd6f4037d701100b42249fcd848b5f31e20e16bac0d145a87841798e16fc169c9bae2319ab4db5afa3cde788cb7e214ed6a6837bbe91c396208f3594aa7450fdd6e11cc04f173f4fcff4822c805a64c7744d65c5bc52c84ddd00b9dc97455068567307ffb9ea211ae6ce22dca178130c14f6d20c4a477a7982f929691c983f9902a2016be8c30edf5d1a32ab0ef9d14e2807898aee63fd73181654bbad8d9f5b5ee79b8cf474ec7e03887ec7a5f76d15ca63664d89526b6675e92802e206d300c2b06269ce5c10788e3046c0eab22a7c7dcde0a1a2855adf14150b840184ac9d313c6eb15c86dd8dbdd3d3888db05f76536bfd2e00d072cb0e75168eef3a80b4defed2c673ae617f399dd820c0d5979b698081abde1fbb3af81b04b4a591aca4bfc1a4fa1f710582e159aabe4b316922cf2010cfc4fbf57cb6e870c938df9658961bc258d7cbd3aad8e3a4805663b09360022da7dc480f621c376ba13297030fd6f768352dc0257697a3dd351497cb1dcfdf7361770593d5f53651d77a3c746aa46f1cde2b7afe84661b345e033ea52e737823c20bce6ed1c15ca765bfbd34f8ca5019b5f670889a605ab0dfd12b34e69ce96c5cfb1c996368309262fc6f7b4f95838297f05903a481172ae3d31d27e204f597a293f3898c751aa41f9b7f29ff5ac8f5284ac529ae09548f38855c4b8b7c270547d9663ca5e4a730b96c827f86702fa97baa2c28ce53a8e855d6237729afa2f4012c5e77d899e2c77a97f5d43036d3eef401535b7e3cbf183e1be60c03c2df0d7fff720a8369dfcf5a0caadc6079c8fc8fcc0b480a8d517aae5af1e2dd5daa3d5db5f9902ccb271ea85c028d7e02a04a04b8fc435186bc04e02c91c8f50dfdb239167378adb81121f4312b3456bbe2f91ebf3cb53793ecbf1d45ab7b4b0127dadb6fef111f139bafeed2643c8c1f803872e93b0e2ed6537927c01474a9363015d618bebe559b1a27481521839b6994d916372c2770219b0d43db1f7b9046779fdcdf6ac286adaa70477c02a63a840661706592d2e696b7b5b3097cbd51f6d453d38c383841c45e002cc614b79a6307a409bcb5e4302e637ed6b0d99839e9d67d32de1582aeb77babda5cb93449ea021cb25d4cd70618d0b3a22cb26251fe278591796c226f83483319b2c8834d40219059f6dcffc8674d584d1a6c113fdc66e70d504ec6468f93d069e8dba6c1cc2060a0fc1778d9ca9347df7df39de70e845c281474374b6c9b70aa81c93678c6b2f7c1aa2c0659f762cf7d25aa5e0386ccb2be1ab4a96c2014a5f7fcebf41156d380b2974389e9f2b82c065282f79c8e3d3814bae8ad2a6641f4bbbed3145b90ae7543963e2555f9685f3befe04f536aed06402bcaf22ca6836277705f7a1fff5355b", 0x1000}], 0x1, &(0x7f0000001100)=[@flowinfo={{0x14, 0x29, 0xb, 0x6}}, @dstopts={{0x40, 0x29, 0x37, {0x87, 0x4, '\x00', [@hao={0xc9, 0x10, @remote}, @enc_lim={0x4, 0x1, 0x5}, @hao={0xc9, 0x10, @remote}]}}}, @tclass={{0x14, 0x29, 0x43, 0x3}}, @dstopts={{0x28, 0x29, 0x37, {0x2f, 0x1, '\x00', [@ra={0x5, 0x2, 0x6}, @jumbo={0xc2, 0x4, 0x8f}]}}}, @pktinfo={{0x24, 0x29, 0x32, {@local, r5}}}, @rthdr={{0x98, 0x29, 0x39, {0x2c, 0x10, 0x0, 0x7, 0x0, [@empty, @private1={0xfc, 0x1, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x33}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @rand_addr=' \x01\x00', @dev={0xfe, 0x80, '\x00', 0x25}, @loopback, @mcast1]}}}], 0x158}}, {{&(0x7f0000001280)={0xa, 0x4e24, 0x9, @private2, 0x9}, 0x1c, &(0x7f0000001480)=[{&(0x7f00000012c0)="6d0b06dd0f325ffab420c9f4136c445577adc91b5e76a670ade4a70a1db9b705681d1b0deeb745f0eea95bd252d8b2f32c808991b4bf4ddb2b4c28b708254e636da7debc75a8fbe90b6c19a8a176a3bc41b6b0851f114bdf2314991633abccb0ba30c71e3cd3d4e0951d42f22f9426acdd554ee8e16277f8290728f129064acee6e7e80eb55a1ce42793ebeb53c710b008ec8145836076c8a40d6cb7078db6a6f3632cfa02a1c2ba7432f2f15569fd156c1af2c92e17511804d0858ba2bbbffbc2d5335155af44a27068d1428b09d3fb017b64e9e20b9d9914747643153e2b51", 0xe0}, {&(0x7f00000013c0)="357e50eda4b879f854066b18302b7a0b9a5ed84fef3621c5db54917c5619141637d4b38d778a1d36d189a916e76e014ae81696856a663ce25cffd5c4bb10c0ab83e18af0a35da5d491cb14f8176aa6d4687dea449e3dd22d57d4970245111773e7a6d5b8bc48606c9a9eccd3df1089ab3763860a868e97acdc46e0427c9dd6e7a6d2e8cdfa7dfb6594f23924458cfc56c56ffa", 0x93}], 0x2, &(0x7f00000014c0)=[@tclass={{0x14, 0x29, 0x43, 0xa4f0}}, @hopopts={{0xe8, 0x29, 0x36, {0x1, 0x1a, '\x00', [@generic={0x4, 0x96, "597f8f142dd7c12106d04a0342f19b7c06d28baad532dafe442a5440b1944449ec74c6814cc716dfc237fd70a215ec5478bf2c0c2710f6625216f6583dc0f8b7ab555019df80d86b7fa3419a928ef61942d9ec4c7fac2b0d7a093752cccb879ecf8f37105c1af9cd4bb2a89826a029660291cfda69c04386c60a3fc5bd762c644c79d705184c51a7f45c9f276742115311b1fd5f32a3"}, @padn={0x1, 0x1, [0x0]}, @padn={0x1, 0x2, [0x0, 0x0]}, @ra={0x5, 0x2, 0x20}, @jumbo={0xc2, 0x4, 0x7fff}, @enc_lim={0x4, 0x1, 0x3}, @hao={0xc9, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @hao={0xc9, 0x10, @private0={0xfc, 0x0, '\x00', 0x1}}]}}}, @dontfrag={{0x14, 0x29, 0x3e, 0xfffffff9}}, @tclass={{0x14, 0x29, 0x43, 0x7f}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x7}}, @rthdr={{0x38, 0x29, 0x39, {0x33, 0x4, 0x1, 0x4, 0x0, [@private2, @private1={0xfc, 0x1, '\x00', 0x1}]}}}, @tclass={{0x14, 0x29, 0x43, 0x7aee}}, @dstopts_2292={{0x28, 0x29, 0x4, {0x3b, 0x1, '\x00', [@ra={0x5, 0x2, 0x1}, @padn={0x1, 0x1, [0x0]}, @enc_lim={0x4, 0x1, 0x9}, @pad1]}}}, @pktinfo={{0x24, 0x29, 0x32, {@mcast2}}}], 0x1e8}}], 0x5, 0x20000000)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)

[ 2128.337152] FAULT_INJECTION: forcing a failure.
[ 2128.337152] name failslab, interval 1, probability 0, space 0, times 0
[ 2128.339725] CPU: 1 PID: 14282 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 2128.341189] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2128.342949] Call Trace:
[ 2128.343518]  dump_stack+0x107/0x167
[ 2128.344297]  should_fail.cold+0x5/0xa
[ 2128.345108]  ? create_object.isra.0+0x3a/0xa20
[ 2128.346078]  should_failslab+0x5/0x20
[ 2128.346886]  kmem_cache_alloc+0x5b/0x310
[ 2128.347772]  create_object.isra.0+0x3a/0xa20
[ 2128.348704]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2128.349876]  kmem_cache_alloc_node+0x169/0x330
[ 2128.350858]  __kmem_cache_create+0x10e/0x520
[ 2128.351812]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 2128.352881]  p9_client_create+0xc6a/0x1230
[ 2128.353793]  ? p9_client_flush+0x430/0x430
[ 2128.354692]  ? trace_hardirqs_on+0x5b/0x180
[ 2128.355624]  ? lockdep_init_map_type+0x2c7/0x780
[ 2128.356631]  ? __raw_spin_lock_init+0x36/0x110
17:17:12 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r2 = fork()
ptrace(0x10, r2)
ptrace$setsig(0x4203, r2, 0x8269, &(0x7f00000000c0)={0x1a, 0x5, 0x9})
sendmsg$nl_generic(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="e40100003200000129bd7000fddbdf25140000008450ae0c7d6143d3e32a2ca0c1c217efa68b7cee00243014faeb5ddf27558ff376d7a34d74aec0ff517440b1981bb2f3766a687b1f4810023dccdba9371bfa0b7a7b2246bcb3442eb056765c3c27f06478d818f71eaed4ee17fc7fa468b51ad2a834e8bf114cd2350ca3d84135d36676fd03d910cf4ee19377478a96b430a6061367fb0dbcd59bd5cae1751893cf15a3bac9901790c2208db1c98670eae4d96839d2af19bafed3a80f21fef0784d674d497398525d5ac48d84bda07f529d23bb94ead07f8623491ec7e277c0d88b2f06ef5eae5971fe42fc5c6e333ca7e5811c76daa0b4481084f8c63ae2dfa41595d00aed9bceb1700c54c6f39b603df15e847c0ac5168eac0088803b14001b1f0f391a6165c264d998f3ef1b83269f2c03769fdd78b9dab20eca612bd6e3efee56528b8cf70f5239d653c3fb151e1281d3995ddfb835434f604037fef0773e45a59fa52d90e36d9f8abc33b10c5bea68555cca520dd491458969ea921eb95423417d28376f1d835c2e62ac43472f129280587e68efc90a2d53e236260fcd589f0e5812e1636fdc1b3d95bb11d0ba2cf8556df985f0af4faaac616ea6ad56a66a05", @ANYRES32=r2, @ANYBLOB="7229f2640ee720b65d1bbc0357b61006b67c1cc508002200ac1414aa00"], 0x1e4}, 0x1, 0x0, 0x0, 0x8090}, 0x0)
r3 = fork()
r4 = fork()
ptrace(0x10, r4)
gettid()
ptrace$setsig(0x4203, r4, 0x8269, &(0x7f00000000c0)={0x1a, 0x5, 0x9})
waitid(0x1, r4, &(0x7f0000000440), 0x4, &(0x7f00000004c0))
ptrace$peek(0x2, r3, &(0x7f0000000400))
ptrace(0x10, r3)
ptrace$setsig(0x4203, r3, 0x8269, &(0x7f00000000c0)={0x1a, 0x5, 0x9})
perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x6, 0x6, 0x65, 0x4, 0x0, 0xffffffffffff8001, 0x10002, 0x8, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x40, 0x1, @perf_config_ext={0x3, 0x8}, 0x20020, 0xfffffffffffffffb, 0x7f, 0x2, 0x4, 0x1, 0x3c, 0x0, 0x10000, 0x0, 0x7}, r3, 0x8, r0, 0x2)
sendfile(r1, r0, 0x0, 0x4)
ptrace$getregset(0x4204, r2, 0x1, &(0x7f0000000600)={&(0x7f0000000580)=""/79, 0x4f})

[ 2128.357614]  v9fs_session_init+0x1dd/0x1680
[ 2128.358718]  ? kmem_cache_alloc_trace+0x151/0x320
[ 2128.359755]  ? v9fs_show_options+0x690/0x690
[ 2128.360699]  ? trace_hardirqs_on+0x5b/0x180
[ 2128.361615]  ? kasan_unpoison_shadow+0x33/0x50
[ 2128.362583]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2128.363674]  v9fs_mount+0x79/0x8f0
[ 2128.364424]  ? v9fs_write_inode+0x60/0x60
[ 2128.365303]  legacy_get_tree+0x105/0x220
[ 2128.366228]  vfs_get_tree+0x8e/0x300
[ 2128.367029]  path_mount+0x1331/0x21c0
[ 2128.367843]  ? strncpy_from_user+0x9e/0x470
[ 2128.368757]  ? finish_automount+0xa90/0xa90
[ 2128.369677]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2128.370659]  ? _copy_from_user+0xfb/0x1b0
[ 2128.371553]  __x64_sys_mount+0x282/0x300
[ 2128.372413]  ? copy_mnt_ns+0xa00/0xa00
[ 2128.373244]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2128.374350]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2128.375448]  do_syscall_64+0x33/0x40
[ 2128.376237]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2128.377322] RIP: 0033:0x7f916d656b19
[ 2128.378111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2128.382071] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2128.383697] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 2128.385212] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2128.386720] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 2128.388236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2128.389744] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
17:17:12 executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000012b00)=ANY=[])

[ 2128.403798] loop7: detected capacity change from 0 to 2103296
[ 2128.440543] loop2: detected capacity change from 0 to 2103296
[ 2128.450284] loop6: detected capacity change from 0 to 2103296
[ 2128.469096] EXT4-fs (loop7): corrupt root inode, run e2fsck
[ 2128.470255] EXT4-fs (loop7): mount failed
[ 2128.487543] EXT4-fs error (device loop2): __ext4_get_inode_loc:4406: comm syz-executor.2: Invalid inode table block 0 in block_group 0
[ 2128.496102] EXT4-fs (loop2): get root inode failed
[ 2128.497403] EXT4-fs (loop2): mount failed
[ 2128.513646] EXT4-fs error (device loop6): ext4_fill_super:4967: inode #2: comm syz-executor.6: iget: special inode unallocated
[ 2128.516859] EXT4-fs (loop6): get root inode failed
[ 2128.517499] EXT4-fs (loop6): mount failed
17:17:12 executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000012b00)=ANY=[])

17:17:12 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 2128.643219] loop2: detected capacity change from 0 to 2103296
[ 2128.669511] EXT4-fs error (device loop2): __ext4_get_inode_loc:4406: comm syz-executor.2: Invalid inode table block 0 in block_group 0
[ 2128.671616] EXT4-fs (loop2): get root inode failed
[ 2128.672977] EXT4-fs (loop2): mount failed
17:17:26 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {0x0, 0x0, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:17:26 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:17:26 executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}], 0x0, &(0x7f0000012b00)=ANY=[])

17:17:26 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f00000051c0)=""/197, 0xc5}, {&(0x7f00000052c0)=""/86, 0x56}], 0x8}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:17:26 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)
r1 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)='3', 0x1, 0x10001)
syz_io_uring_setup(0x1af5, &(0x7f0000000700)={0x0, 0x201d, 0x2, 0x0, 0x3d2, 0x0, r1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff2000/0xe000)=nil, &(0x7f0000000380)=<r2=>0x0, &(0x7f0000000500))
r3 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0xb55c, 0x8}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r4=>0x0, &(0x7f0000000100)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000240)={0x2000}, &(0x7f0000000280)='./file0\x00', 0x18}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r3, 0x0)
r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r3, 0x8000000)
syz_io_uring_submit(r6, r5, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
syz_io_uring_submit(r2, r5, &(0x7f0000000800)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r0, 0x80, &(0x7f0000000780)=@vsock={0x28, 0x0, 0x0, @local}, 0x0, 0x0, 0x1}, 0xffff)
sendmsg$inet(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10, &(0x7f0000000680)=[{&(0x7f0000000100)="34c52638e619c8bd5a52312b296989900d64ac5a27ae588d605c28f496804f1e9efd826c9263bec16c538f0bca37ef92df47de994971e84b732bf4df844464735762563d16ae6e03a6911586e7db071aa44570ccf57cd0d6dbad95d9f6", 0x5d}, {&(0x7f0000000180)="c3afa24c77bd08264fc912fe730f50595fbea108fb2fc74ad4d9056f12a3d6db67a3e8c5b5d228b6de681accd8ebd077c949d65ea8680c7cd94b5e82f8ed88ec8851d2fbf2ad5435162fdf282b0510dc449effbd76af4368adaccfc1f15c994c28019c76c87f439c2badb35f1a4284ab85a7cde3bab065c136fa4bea709d98996d76d0ca8de568fecac54b370c911ab8f96e19059be11de30ec38cb95cccc601a97efb5b3ac28b8d828bf4", 0xab}, {&(0x7f0000000400)="73f3c2683245a8f52af6acd0fd996c8b110136a07fb06ac11de72e1a36adc5a886df2db3099201a9df5189584436da34c8647e71f3fbd54eb1a31ecc5de6824222f2e69d5c6a2de582cdab76f97f5d844c93c86d4b9048c803bb5e8e3abc9dc6e41c1ea65be160bfef276ca0660ffef5b3ef275877abf9f6cee715544d1c01f16640bac032299853a34b82b01dc22308d8568087d943c90df359cc9d4b2f252d6da96e0c06c1181c2abcbd9e8e6c5b4492ccb5ee17c31611fa008081df15a7bb2301db4b0668bd0783bb124c", 0xcc}, {&(0x7f0000000580)="e497c69e11c01670c061fee4a61510f078987b2b10122288869f1e6366d5e9550febe5f7d221d536f718185052acb0d04eebd183de8a2d63898f670178ded5f56c9cad17a263118db0dac661aac3ed4fb197259ba7292b91319a19edb537a9de3d42f20a88ec4e3274d849ff03641d769cccf24c144a6e9d4ed22183e5e672001e9f56b70cd54383f5a3dd20dda123e8e7145af874c7723fa05564178783d13cece4831aa013ed451f815b7afcac3147ee88933605f1c01ce24142130933d1616564bda211fe48d7075649dd9736059e2b227c9bf053cfbf99e3cf", 0xdb}, {&(0x7f0000000240)="42d5dfd9305810587d7f21437a86d09c027cac9ef28a56f612f3dd5cceda85f1f1b87e978ba4c310bb3be5bd61242d1840ecac5b61107570687e7c3c3b4943280efe786521cdfd0b04d0ddbcb64d428f01ee65ec3084f78f98857a5fc5c420149e0d6a9a13d21f5553aca725bb14b4d7f91779172255e5", 0x77}], 0x5}, 0x10008011)

[ 2142.468713] loop0: detected capacity change from 0 to 2103296
[ 2142.475083] EXT4-fs warning (device loop0): read_mmp_block:114: Error -117 while reading MMP block 64
17:17:26 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:17:26 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 55)

17:17:26 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000000)={0x0, 0x4})
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r1, r0, 0x0, 0x4)

[ 2142.486369] loop2: detected capacity change from 0 to 2103296
[ 2142.500424] FAULT_INJECTION: forcing a failure.
[ 2142.500424] name failslab, interval 1, probability 0, space 0, times 0
[ 2142.503014] CPU: 0 PID: 14368 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 2142.504502] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2142.506313] Call Trace:
[ 2142.506886]  dump_stack+0x107/0x167
[ 2142.507680]  should_fail.cold+0x5/0xa
[ 2142.508503]  ? create_object.isra.0+0x3a/0xa20
[ 2142.509482]  should_failslab+0x5/0x20
[ 2142.510300]  kmem_cache_alloc+0x5b/0x310
[ 2142.511189]  create_object.isra.0+0x3a/0xa20
[ 2142.512145]  kmemleak_alloc_percpu+0xa0/0x100
[ 2142.513114]  pcpu_alloc+0x4e2/0x1240
[ 2142.513934]  __kmem_cache_create+0x35a/0x520
[ 2142.514890]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 2142.515986]  p9_client_create+0xc6a/0x1230
[ 2142.516906]  ? p9_client_flush+0x430/0x430
[ 2142.517814]  ? trace_hardirqs_on+0x5b/0x180
[ 2142.518744]  ? lockdep_init_map_type+0x2c7/0x780
[ 2142.519775]  ? __raw_spin_lock_init+0x36/0x110
[ 2142.520764]  v9fs_session_init+0x1dd/0x1680
[ 2142.521682]  ? lock_release+0x680/0x680
[ 2142.522553]  ? kmem_cache_alloc_trace+0x151/0x320
[ 2142.523590]  ? v9fs_show_options+0x690/0x690
[ 2142.524548]  ? trace_hardirqs_on+0x5b/0x180
[ 2142.525477]  ? kasan_unpoison_shadow+0x33/0x50
[ 2142.526452]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2142.527547]  v9fs_mount+0x79/0x8f0
[ 2142.528316]  ? v9fs_write_inode+0x60/0x60
[ 2142.529201]  legacy_get_tree+0x105/0x220
[ 2142.530074]  vfs_get_tree+0x8e/0x300
[ 2142.530869]  path_mount+0x1331/0x21c0
[ 2142.531708]  ? strncpy_from_user+0x9e/0x470
[ 2142.532632]  ? finish_automount+0xa90/0xa90
[ 2142.533556]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2142.534543]  ? _copy_from_user+0xfb/0x1b0
[ 2142.535455]  __x64_sys_mount+0x282/0x300
[ 2142.536318]  ? copy_mnt_ns+0xa00/0xa00
[ 2142.537158]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2142.538271]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2142.539387]  do_syscall_64+0x33/0x40
[ 2142.540181]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2142.541279] RIP: 0033:0x7f916d656b19
[ 2142.542073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2142.545974] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2142.547611] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 2142.549128] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2142.550646] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 2142.552182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2142.553700] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 2142.555558] hpet: Lost 3 RTC interrupts
[ 2142.562682] loop6: detected capacity change from 0 to 2103296
[ 2142.571225] loop7: detected capacity change from 0 to 2103296
[ 2142.619726] EXT4-fs error (device loop6): ext4_fill_super:4967: inode #2: comm syz-executor.6: iget: special inode unallocated
17:17:26 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r1, r0, 0x0, 0x4)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)

[ 2142.622667] EXT4-fs (loop6): get root inode failed
[ 2142.623447] EXT4-fs (loop6): mount failed
17:17:26 executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}], 0x0, &(0x7f0000012b00)=ANY=[])

17:17:26 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 56)

[ 2142.675205] EXT4-fs error (device loop7): ext4_fill_super:4967: inode #2: comm syz-executor.7: iget: special inode unallocated
[ 2142.681149] EXT4-fs error (device loop2): __ext4_get_inode_loc:4406: comm syz-executor.2: Invalid inode table block 0 in block_group 0
17:17:26 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {&(0x7f00000051c0)=""/197, 0xc5}, {&(0x7f00000052c0)=""/86, 0x56}], 0x8}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

[ 2142.698294] EXT4-fs (loop7): get root inode failed
[ 2142.699345] EXT4-fs (loop7): mount failed
[ 2142.714345] EXT4-fs (loop2): get root inode failed
[ 2142.716121] EXT4-fs (loop2): mount failed
17:17:26 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)
r1 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)='3', 0x1, 0x10001)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105142, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x20d315)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r2, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x40, 0x0, 0x400, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x7, 0x4a}}}}, [@NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x3}, @NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x3}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0x363}]}, 0x40}, 0x1, 0x0, 0x0, 0x4800}, 0x20000041)
setsockopt$inet6_IPV6_DSTOPTS(r1, 0x29, 0x3b, &(0x7f0000000000)={0x1, 0x2, '\x00', [@ra={0x5, 0x2, 0x80}, @hao={0xc9, 0x10, @local}]}, 0x20)

17:17:26 executing program 6:
msgctl$IPC_RMID(0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

[ 2142.775392] loop0: detected capacity change from 0 to 2103296
[ 2142.785534] EXT4-fs warning (device loop0): read_mmp_block:114: Error -117 while reading MMP block 64
[ 2142.797335] FAULT_INJECTION: forcing a failure.
[ 2142.797335] name failslab, interval 1, probability 0, space 0, times 0
[ 2142.798894] CPU: 1 PID: 14401 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 2142.799821] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2142.800913] Call Trace:
[ 2142.801273]  dump_stack+0x107/0x167
[ 2142.801750]  should_fail.cold+0x5/0xa
[ 2142.802270]  ? create_object.isra.0+0x3a/0xa20
[ 2142.802870]  should_failslab+0x5/0x20
[ 2142.803503]  kmem_cache_alloc+0x5b/0x310
[ 2142.804036]  create_object.isra.0+0x3a/0xa20
[ 2142.804617]  kmemleak_alloc_percpu+0xa0/0x100
[ 2142.805176]  pcpu_alloc+0x4e2/0x1240
[ 2142.805673]  __kmem_cache_create+0x35a/0x520
[ 2142.806219]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 2142.806880]  p9_client_create+0xc6a/0x1230
[ 2142.807452]  ? p9_client_flush+0x430/0x430
[ 2142.807973]  ? trace_hardirqs_on+0x5b/0x180
[ 2142.808544]  ? lockdep_init_map_type+0x2c7/0x780
[ 2142.809161]  ? __raw_spin_lock_init+0x36/0x110
[ 2142.809759]  v9fs_session_init+0x1dd/0x1680
[ 2142.810324]  ? lock_release+0x680/0x680
[ 2142.810844]  ? kmem_cache_alloc_trace+0x151/0x320
[ 2142.811487]  ? v9fs_show_options+0x690/0x690
[ 2142.812067]  ? trace_hardirqs_on+0x5b/0x180
[ 2142.812628]  ? kasan_unpoison_shadow+0x33/0x50
[ 2142.813211]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2142.813834]  v9fs_mount+0x79/0x8f0
[ 2142.814305]  ? v9fs_write_inode+0x60/0x60
[ 2142.814837]  legacy_get_tree+0x105/0x220
[ 2142.815375]  vfs_get_tree+0x8e/0x300
[ 2142.815861]  path_mount+0x1331/0x21c0
[ 2142.816361]  ? strncpy_from_user+0x9e/0x470
[ 2142.816926]  ? finish_automount+0xa90/0xa90
[ 2142.817491]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2142.818087]  ? _copy_from_user+0xfb/0x1b0
[ 2142.818631]  __x64_sys_mount+0x282/0x300
[ 2142.819261]  ? copy_mnt_ns+0xa00/0xa00
[ 2142.819781]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2142.820454]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2142.821129]  do_syscall_64+0x33/0x40
[ 2142.821601]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2142.822262] RIP: 0033:0x7f916d656b19
[ 2142.822717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2142.825098] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2142.826077] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 2142.827000] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2142.827934] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 2142.828842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2142.829787] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 2142.863937] loop6: detected capacity change from 0 to 2103296
[ 2142.881741] EXT4-fs error (device loop6): ext4_fill_super:4967: inode #2: comm syz-executor.6: iget: special inode unallocated
[ 2142.890921] EXT4-fs (loop6): get root inode failed
[ 2142.891549] EXT4-fs (loop6): mount failed
17:17:42 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x20d315)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105142, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x20d315)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x9)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
r4 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r5 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r4, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r4, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=r4, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r6 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x200000, 0x0)
r7 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000002c0), 0x82000, 0x0)
preadv(r7, &(0x7f0000000340)=[{&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000300)=""/27, 0x1b}, {&(0x7f00000005c0)=""/174, 0xae}], 0x3, 0x7fff, 0x240d4dfd)
openat(r6, &(0x7f0000000400)='./file1\x00', 0x0, 0x114)
faccessat(r5, &(0x7f0000000000)='./file1\x00', 0xb0)

17:17:42 executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}], 0x0, &(0x7f0000012b00)=ANY=[])

17:17:42 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 57)

17:17:42 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {0x0}, {&(0x7f00000051c0)=""/197, 0xc5}, {&(0x7f00000052c0)=""/86, 0x56}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:17:42 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {0x0, 0x0, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:17:42 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x10000, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, 0x81}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x0, 0x0)

17:17:42 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:17:42 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 2158.855753] loop6: detected capacity change from 0 to 2103296
[ 2158.886319] EXT4-fs error (device loop6): ext4_fill_super:4967: inode #2: comm syz-executor.6: iget: special inode unallocated
[ 2158.887512] loop2: detected capacity change from 0 to 2103296
[ 2158.890066] EXT4-fs (loop6): get root inode failed
[ 2158.890793] EXT4-fs (loop6): mount failed
[ 2158.898714] FAULT_INJECTION: forcing a failure.
[ 2158.898714] name failslab, interval 1, probability 0, space 0, times 0
[ 2158.901537] CPU: 0 PID: 14433 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 2158.903203] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2158.905179] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2158.907165] Call Trace:
[ 2158.907193]  dump_stack+0x107/0x167
[ 2158.907218]  should_fail.cold+0x5/0xa
[ 2158.907243]  ? create_object.isra.0+0x3a/0xa20
[ 2158.907263]  should_failslab+0x5/0x20
[ 2158.907283]  kmem_cache_alloc+0x5b/0x310
[ 2158.907305]  ? mark_held_locks+0x9e/0xe0
[ 2158.907334]  create_object.isra.0+0x3a/0xa20
[ 2158.914402]  kmemleak_alloc_percpu+0xa0/0x100
[ 2158.915516]  pcpu_alloc+0x4e2/0x1240
[ 2158.916442]  __kmem_cache_create+0x35a/0x520
[ 2158.917503]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 2158.918701]  p9_client_create+0xc6a/0x1230
[ 2158.919734]  ? p9_client_flush+0x430/0x430
[ 2158.920733]  ? trace_hardirqs_on+0x5b/0x180
[ 2158.921746]  ? lockdep_init_map_type+0x2c7/0x780
[ 2158.922843]  ? __raw_spin_lock_init+0x36/0x110
[ 2158.923925]  v9fs_session_init+0x1dd/0x1680
[ 2158.924927]  ? lock_release+0x680/0x680
[ 2158.925862]  ? kmem_cache_alloc_trace+0x151/0x320
[ 2158.926973]  ? v9fs_show_options+0x690/0x690
[ 2158.928043]  ? trace_hardirqs_on+0x5b/0x180
[ 2158.929057]  ? kasan_unpoison_shadow+0x33/0x50
[ 2158.930135]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2158.931343]  v9fs_mount+0x79/0x8f0
[ 2158.932185]  ? v9fs_write_inode+0x60/0x60
[ 2158.933162]  legacy_get_tree+0x105/0x220
[ 2158.934128]  vfs_get_tree+0x8e/0x300
[ 2158.935008]  path_mount+0x1331/0x21c0
[ 2158.935918]  ? strncpy_from_user+0x9e/0x470
[ 2158.936935]  ? finish_automount+0xa90/0xa90
[ 2158.937951]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2158.939057]  ? _copy_from_user+0xfb/0x1b0
[ 2158.940057]  __x64_sys_mount+0x282/0x300
[ 2158.941012]  ? copy_mnt_ns+0xa00/0xa00
[ 2158.941942]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2158.943178]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2158.944396]  do_syscall_64+0x33/0x40
[ 2158.945272]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2158.946474] RIP: 0033:0x7f916d656b19
[ 2158.947362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2158.951643] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2158.953432] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 2158.955105] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2158.956783] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 2158.958460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2158.960140] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 2158.962050] hpet: Lost 3 RTC interrupts
[ 2158.972618] loop7: detected capacity change from 0 to 2103296
[ 2158.989224] EXT4-fs error (device loop2): __ext4_get_inode_loc:4406: comm syz-executor.2: Invalid inode table block 0 in block_group 0
17:17:43 executing program 5:
r0 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000fef000/0x11000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x0, 0x0)
r1 = mmap$IORING_OFF_SQES(&(0x7f0000ff5000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x10000000)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r0, 0x0, 0x0, 0x0, 0x1, 0x1}, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000018c0)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000bd81b87afc1f961b041591112692a5d1aab19c6a9e208d1c28da156afb4ddd1c034b19e9834dac56f129ae740f48534d34c69c7c8f7a384336ebb2944c29225ff12f8b046906f15c85d62e0a33ee1e26fa8cdafd5b4230f8a3080ce94c020921c94d3d80cf8e3b0005243578f5cb037d73d389cfca1f80e0d2f968feac4f065ffe3cb0ac3a25ca5c1ff5a7d310a614982b1fd43abc07e6b5975ba7d712426b37c55d1e490df0153a78786913ed7637b1d840bfde0e1b7d339417ed280b1ddb49ee61eafedbaaa0a8d2cbc5bdccb0afa62f64ea4ff187fa6628397f9891a1f34aa8dd36d70ce1b5f09bc0043a0bd1f8bdfb33e073ebbcea086bc8e8da27d76939786776a523785c8d9f855bdebf1edf10e03337ab01cd5cf01d1029cd73f7ed80e25303ae4adcc92c32141d362f09f0ddfd8ac96f4ac935755951deec4790aad73f2a0d0ea95e61d823c36e791793"], 0x24}}, 0x0)
io_uring_enter(r0, 0x24f6, 0x488, 0x0, &(0x7f0000000100)={[0x3ff]}, 0x8)
r3 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000340)={0x1, &(0x7f0000000300)=[{0x9, 0x81, 0x0, 0x1ff}]})
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff)
ioctl$CDROMREADALL(0xffffffffffffffff, 0x5318, &(0x7f0000001a80))
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000040)={&(0x7f0000002ac0)=ANY=[@ANYBLOB="080500988400014637b5e6a174b7b2b317b4044a94da343dd489e684a04f4ca90665864272f2fedc47a9342fef8ad1fc88337e6391545bf80b8ea61a907e1120dcdd2930f3eace765860d93659a6dc77d049d1d90bf956808d12c853d595ab7ea7e76402b517c198dc7ffbdbb38ab65f84f5242824efb291f523ece2d8e79434f9fe77da5ead57c5f16fed9a43b14e466358a6b4c3a1a8361e8199db7e4116e6031e72ada1c25a85ea221f56", @ANYRES16, @ANYBLOB="04002cbd7000fddbdf2575000000c401f08067000b00677cfd4589c7a40e1aae6b18247eb36f74f8f6793b7df9ae3ca9cfb2f5e87ed1ff361592201a1151eabf57ad6fd1950cd215131f67634030aa5f484986ad830a6243bac401c3ee44bff7cea60e881d5f9b616582cf28ec620ccd97d4ceb48c6727530f00050001000100000005000f004000000008000a000000000005000f000400000038010c80050003000300000003010200a207624e07c5690d555d459080990de6741a392aa42eff746330a20bec78fd393092b5f99f54b2a9f6f2db55db3c0846814e79eb43bf7bcd6295c96e7ca16288a8b27c5a225a6d718ad49f0366f969983400ba504c865cca04e4fa00a4b246fa618936f70fe77c1c3e550a5d12d4a9108e7e4216bc693107c3bd4c06e98ec9399de0e98cf205057cbbf688d8a13dc55472fc31954b846e29dbd7d8889b34ead6c83c9b533b666abd65490f2a7e693d55d91f24d5078eb3d34940c02ea1125e7176e254c6bd5531ed067817f0b3278e3dc492571b7da828e728a6fa55742efa33f430739c320b794841adba4c2875044dce9c8959eebe4a5b52d68f9868719f00280004800a000600ffffffffffff00000a000600ffffffffffff00000a000600ffffffffffff00000c8736800a000200ee90b393fc10000046000b005cbb9f225903f92e0cffa77bd5369da32f70909f5950f26e59525d4d3c41b9e512f4a5d3b7aaaf8a0e03f2aa73274b24a04b4a689bf05844d0d2ad278696b14fb4c50000b4000d80af0000001263800a6541e18dae533feb73677b5c9d5da0ee4d7366d47dd6fa0b14ca33d3433171a533a29930fb5e0d9ff2ca710ab0c8aa4b331d58b4a7b3cac9c9b4ef9e7cdb1d3d6da7f0877a5c3ce7ff9bf9e936b1bcbe732bd9037f9090bfdee1d3e45c7b700e6aefa488eb013b27cd7291a7b927dc10e794490c85dff0cb49a1dd0f5514c3ce6c90d8457d79fcd2a3756ccd66b5194a5c69358e1199219e40ffdd6771943cb3fe33f442ae2ff2002c01f080050003000600000005000300020000000a000200957ccca020ad0000e4000b0049a0db966a0311d932607f2a479e651b881a56f4da7d14bde06c48822b0d353198bb85750dc9f0cca70174b813fe94ea80477bcf9dd6b03b9186edb85c476d8762dc273e83aaee35def167cc1c8faffc0e86fa311d66813cbea7e234d79e9d3acd30b5ae5a264e9576efabc94efd7a18b93eddabd9b046d12df487392f1217b77f05bd72f95130a2bda683b7a64c3d6477e3681d83c5e45e8fdae553114b304417851d9687ab3b9c6c7e91af7744d16b114820332c31b35f4358643e4137a9e6b264a14e04605648b50e27e3bb5cbbdaac70655fdff371ece3e08885f0da8d700a000800080211000000000005000100000000000a000800080211000000000005000300c9000000f800f08008000a000100008004000500050010007f0000000a0002005a9cbd08ca8e000014000c800500030008000000050003005e000000c0000b003a3801c2eefaea9df8f27b808f751948873b3fa40dd675c2f1b45ab2dbcdf1903fb052565c23c23d861899509fb26a1f672416325f004d2fdd903c5fa86b4bf1e39074929e71f3a466d345a8e660cd8d401a4772051ab211e24ede74314ef8b7a2c04c8a87b4e5603f7592bc89521d454d3528dce3959d8613c413eafce02151dc1f76a1ace92831610ea0894d9f59407f66cbe556e636be5a3d01253ec1c755495e5196001000000000000017e2cfa917e79a2a35bb2b6dbca97391"], 0x508}, 0x1, 0x0, 0x0, 0x40000}, 0x48804)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r4=>0x0})
r5 = openat$full(0xffffffffffffff9c, &(0x7f00000003c0), 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r5, &(0x7f0000000600)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000400)={&(0x7f0000000580)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="100025bd7000fddbdf256200000008000300", @ANYRES32=r4, @ANYBLOB="0600b400691d00000600000100"], 0x44}}, 0x40)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r6, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)

[ 2159.012120] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2159.015756] EXT4-fs (loop2): get root inode failed
[ 2159.016524] EXT4-fs (loop2): mount failed
[ 2159.025148] EXT4-fs error (device loop7): ext4_fill_super:4967: inode #2: comm syz-executor.7: iget: special inode unallocated
[ 2159.027568] EXT4-fs (loop7): get root inode failed
[ 2159.028365] EXT4-fs (loop7): mount failed
[ 2159.030395] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2159.046555] loop0: detected capacity change from 0 to 2103296
[ 2159.054903] EXT4-fs warning (device loop0): read_mmp_block:114: Error -117 while reading MMP block 64
17:17:43 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x20d315)
fsetxattr$trusted_overlay_redirect(r2, &(0x7f0000000280), &(0x7f00000002c0)='./cgroup.net/cgroup.procs\x00', 0x1a, 0x1)
sendmsg$nl_generic(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000080}, 0xc, &(0x7f0000000040)={&(0x7f0000000180)={0xc4, 0x8000, 0x800, 0x70bd2b, 0x25dfdbfe, {0xa}, [@generic="87540cab613b06bb2ca001151aacf5ffe2d278e1c38b17b52f7111d3785d16bcb773a14f08325b82cea13b2a81dff98c334f52823a115393a847b22e06a9845c35c11f5e7abb80fb03f727eda4111bcc50004726108721ba446b60287261997a342e8b7616664bbb5a6752cd8eb2c4cdeb102ab1a5f004bb98f652dc93a0004ba9747ba9ce6af5fc3b94c5f7a267b69d56b73bf7e73240a61c177176c2dfc1af834bf24a8350e915ae3ac4b9dcf04597"]}, 0xc4}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000)
r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r3, r0, 0x0, 0x4)

17:17:43 executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

[ 2159.117422] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2159.119032] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2159.120684] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
17:17:43 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {0x0, 0x0, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:17:43 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

[ 2159.139524] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2159.155243] loop0: detected capacity change from 0 to 2103296
[ 2159.160869] EXT4-fs warning (device loop0): read_mmp_block:114: Error -117 while reading MMP block 64
17:17:43 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {0x0}, {&(0x7f00000051c0)=""/197, 0xc5}, {&(0x7f00000052c0)=""/86, 0x56}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

[ 2159.193537] loop7: detected capacity change from 0 to 2103296
17:17:43 executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:17:43 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r0, 0x8983, &(0x7f0000000000)={0x2, 'veth1_virt_wifi\x00', {0x10001}, 0x3})
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}, {&(0x7f0000000100)="1eed5036f977f31fb68d6c55c6df9a1418e4a7075014284d4cb436e229a17f78b95e6fd95593bdfc001dc7e77b854c82ba41383005047fd161d7d22bbf0457c5e33cd0576de3435484f3b97a96de6f06cbdd4ef5", 0x54}], 0x3, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)

[ 2159.263608] loop2: detected capacity change from 0 to 2103296
17:17:43 executing program 6:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

[ 2159.283666] loop0: detected capacity change from 0 to 2103296
17:17:43 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 58)

17:17:43 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x20d315)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r1, 0x54a2)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a76, &(0x7f0000000000)={0x0, 0x2e01, 0x2, 0xfffffffc, 0xef}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0, 0x0)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105142, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x20d315)
sendfile(r1, r3, 0x0, 0x0)
clock_gettime(0x0, &(0x7f00000000c0)={<r4=>0x0, <r5=>0x0})
clock_gettime(0x0, &(0x7f0000000180)={<r6=>0x0, <r7=>0x0})
futimesat(r1, &(0x7f0000000080)='./cgroup.net/cgroup.procs\x00', &(0x7f00000001c0)={{r4, r5/1000+60000}, {r6, r7/1000+10000}})

[ 2159.298905] EXT4-fs error (device loop7): ext4_fill_super:4967: inode #2: comm syz-executor.7: iget: special inode unallocated
[ 2159.300743] EXT4-fs (loop7): get root inode failed
[ 2159.301466] EXT4-fs (loop7): mount failed
[ 2159.304070] EXT4-fs warning (device loop0): read_mmp_block:114: Error -117 while reading MMP block 64
17:17:43 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005080)=""/241, 0xf1}, {0x0}, {&(0x7f00000051c0)=""/197, 0xc5}, {&(0x7f00000052c0)=""/86, 0x56}], 0x9}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

[ 2159.341012] EXT4-fs error (device loop2): __ext4_get_inode_loc:4406: comm syz-executor.2: Invalid inode table block 0 in block_group 0
[ 2159.343617] EXT4-fs (loop2): get root inode failed
[ 2159.344248] EXT4-fs (loop2): mount failed
[ 2159.348314] FAULT_INJECTION: forcing a failure.
[ 2159.348314] name failslab, interval 1, probability 0, space 0, times 0
[ 2159.349671] CPU: 1 PID: 14491 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 2159.350543] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2159.351499] Call Trace:
[ 2159.351810]  dump_stack+0x107/0x167
[ 2159.352228]  should_fail.cold+0x5/0xa
[ 2159.352668]  should_failslab+0x5/0x20
[ 2159.353105]  __kmalloc_track_caller+0x79/0x370
[ 2159.353624]  ? kstrdup_const+0x53/0x80
[ 2159.354070]  kstrdup+0x36/0x70
[ 2159.354437]  kstrdup_const+0x53/0x80
[ 2159.354867]  kvasprintf_const+0x10c/0x1a0
[ 2159.355344]  kobject_set_name_vargs+0x56/0x150
[ 2159.355874]  kobject_init_and_add+0xc9/0x160
[ 2159.356373]  ? kobject_create_and_add+0xb0/0xb0
[ 2159.356901]  ? wait_for_completion_io+0x270/0x270
[ 2159.357447]  ? kernfs_name_hash+0xe7/0x110
[ 2159.357932]  ? kernfs_find_ns+0x256/0x380
[ 2159.358409]  sysfs_slab_add+0x172/0x200
[ 2159.358861]  __kmem_cache_create+0x3db/0x520
[ 2159.359363]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 2159.359943]  p9_client_create+0xc6a/0x1230
[ 2159.360433]  ? p9_client_flush+0x430/0x430
[ 2159.360917]  ? trace_hardirqs_on+0x5b/0x180
[ 2159.361408]  ? lockdep_init_map_type+0x2c7/0x780
[ 2159.361947]  ? __raw_spin_lock_init+0x36/0x110
[ 2159.362470]  v9fs_session_init+0x1dd/0x1680
[ 2159.362961]  ? lock_release+0x680/0x680
[ 2159.363426]  ? kmem_cache_alloc_trace+0x151/0x320
[ 2159.363971]  ? v9fs_show_options+0x690/0x690
[ 2159.364476]  ? trace_hardirqs_on+0x5b/0x180
[ 2159.364967]  ? kasan_unpoison_shadow+0x33/0x50
[ 2159.365488]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2159.366148]  v9fs_mount+0x79/0x8f0
[ 2159.366552]  ? v9fs_write_inode+0x60/0x60
[ 2159.367024]  legacy_get_tree+0x105/0x220
[ 2159.367494]  vfs_get_tree+0x8e/0x300
[ 2159.367918]  path_mount+0x1331/0x21c0
[ 2159.368353]  ? strncpy_from_user+0x9e/0x470
[ 2159.368846]  ? finish_automount+0xa90/0xa90
[ 2159.369339]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2159.369867]  ? _copy_from_user+0xfb/0x1b0
[ 2159.370345]  __x64_sys_mount+0x282/0x300
[ 2159.370807]  ? copy_mnt_ns+0xa00/0xa00
[ 2159.371252]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2159.371852]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2159.372439]  do_syscall_64+0x33/0x40
[ 2159.372860]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2159.373441] RIP: 0033:0x7f916d656b19
[ 2159.373861] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2159.375950] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2159.376821] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 2159.377630] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2159.378437] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 2159.379243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2159.380062] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 2159.380931] kobject: can not set name properly!
[ 2159.381549] kmem_cache_create(9p-fcall-cache-326) failed with error -12
[ 2159.382333] CPU: 1 PID: 14491 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 2159.383117] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2159.384064] Call Trace:
[ 2159.384362]  dump_stack+0x107/0x167
[ 2159.384776]  kmem_cache_create_usercopy.cold+0x17/0x65
[ 2159.385375]  p9_client_create+0xc6a/0x1230
[ 2159.385858]  ? p9_client_flush+0x430/0x430
[ 2159.386339]  ? trace_hardirqs_on+0x5b/0x180
[ 2159.386829]  ? lockdep_init_map_type+0x2c7/0x780
[ 2159.387367]  ? __raw_spin_lock_init+0x36/0x110
[ 2159.387890]  v9fs_session_init+0x1dd/0x1680
[ 2159.388379]  ? lock_release+0x680/0x680
[ 2159.388834]  ? kmem_cache_alloc_trace+0x151/0x320
[ 2159.389382]  ? v9fs_show_options+0x690/0x690
[ 2159.389884]  ? trace_hardirqs_on+0x5b/0x180
[ 2159.390376]  ? kasan_unpoison_shadow+0x33/0x50
[ 2159.390889]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2159.391477]  v9fs_mount+0x79/0x8f0
[ 2159.391899]  ? v9fs_write_inode+0x60/0x60
[ 2159.392373]  legacy_get_tree+0x105/0x220
[ 2159.392835]  vfs_get_tree+0x8e/0x300
[ 2159.393256]  path_mount+0x1331/0x21c0
[ 2159.393688]  ? strncpy_from_user+0x9e/0x470
[ 2159.394177]  ? finish_automount+0xa90/0xa90
[ 2159.394665]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2159.395192]  ? _copy_from_user+0xfb/0x1b0
[ 2159.395675]  __x64_sys_mount+0x282/0x300
[ 2159.396143]  ? copy_mnt_ns+0xa00/0xa00
[ 2159.396587]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2159.397262]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2159.397849]  do_syscall_64+0x33/0x40
[ 2159.398272]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2159.398855] RIP: 0033:0x7f916d656b19
[ 2159.399276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2159.401369] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2159.402237] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 2159.403053] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2159.403869] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 2159.404680] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2159.405489] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 2159.410116] loop6: detected capacity change from 0 to 2103296
17:17:43 executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:17:43 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:17:43 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1000, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)

[ 2159.472792] loop0: detected capacity change from 0 to 2103296
[ 2159.489240] EXT4-fs warning (device loop0): read_mmp_block:114: Error -117 while reading MMP block 64
[ 2159.498656] loop7: detected capacity change from 0 to 131072
[ 2159.510058] EXT4-fs (loop7): bad geometry: block count 512 exceeds size of device (128 blocks)
17:17:56 executing program 4:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}}) (fail_nth: 59)

17:17:56 executing program 7:
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x0, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x0, 0x8, 0xe4, 0x0, 0x7})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
setresuid(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:17:56 executing program 2:
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000040)={0x1}, 0xffffffffffffffe0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000000c0)=""/47)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000480)=""/4096)
getpgrp(0x0)
pipe(&(0x7f00000002c0))
msgctl$IPC_RMID(0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r1=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00, 0x18, 0xffff}, 0x0, 0x0, 0x9, 0x6, 0x4, 0x101, 0x8, 0xe4, 0x0, 0x7, 0x0, r1})
msgctl$IPC_RMID(0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000140)=""/37)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300), 0x0, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001540)=@IORING_OP_NOP={0x0, 0x4}, 0x9)

17:17:56 executing program 3:
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0xb55c, 0x8}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000240)={0x2000}, &(0x7f0000000280)='./file0\x00', 0x18}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
r4 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r6=>0x0, &(0x7f0000000100)=<r7=>0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, {}, 0x1, {0x0, r8}}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000000)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd, 0xfffffffffffffffd, 0x0, 0x73a4, 0x6, 0x0, {0x0, r8}}, 0x0)
r9 = fork()
ptrace(0x10, r9)
ptrace$setsig(0x4203, r9, 0x8269, &(0x7f00000000c0)={0x1a, 0x5, 0x9})
syz_open_procfs(r9, &(0x7f0000000180)='net/ip_mr_vif\x00')
r10 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r11 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendfile(r11, r10, 0x0, 0x4)

17:17:56 executing program 6:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:17:56 executing program 1:
r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file1\x00', 0x75)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)={0x10, 0x17, 0x2, {0x7, './file1'}}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000000540)=""/117, 0x75}, {&(0x7f00000005c0)=""/253, 0xfd}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/218, 0xda}], 0x7, &(0x7f0000000940)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000a00)=""/144, 0x90}, {&(0x7f0000000840)=""/37, 0x25}, {&(0x7f0000000ac0)=""/175, 0xaf}, {&(0x7f0000000880)=""/41, 0x29}, {&(0x7f0000000b80)=""/244, 0xf4}, {&(0x7f0000000c80)=""/72, 0x48}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/218, 0xda}, {&(0x7f0000000f00)=""/221, 0xdd}], 0x9, &(0x7f0000002180)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000002200), 0x6e, &(0x7f0000002500)=[{&(0x7f0000002280)=""/117, 0x75}, {&(0x7f0000002300)=""/128, 0x80}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/190, 0xbe}, {&(0x7f00000024c0)=""/24, 0x18}], 0x5}}, {{&(0x7f0000002580)=@abs, 0x6e, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}}, {{&(0x7f0000002740)=@abs, 0x6e, &(0x7f0000003bc0)=[{&(0x7f00000027c0)=""/39, 0x27}, {&(0x7f0000002800)=""/58, 0x3a}, {&(0x7f0000002840)=""/144, 0x90}, {&(0x7f0000002900)=""/189, 0xbd}, {&(0x7f00000029c0)=""/62, 0x3e}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/140, 0x8c}, {&(0x7f0000003b80)=""/20, 0x14}], 0x9, &(0x7f0000003c80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}}, {{&(0x7f0000003d80)=@abs, 0x6e, &(0x7f0000005340)=[{&(0x7f0000003e00)=""/112, 0x70}, {&(0x7f0000003e80)=""/116, 0x74}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/99, 0x63}, {&(0x7f0000004080)=""/4096, 0x1000}, {&(0x7f0000005180)=""/32, 0x20}, {&(0x7f00000051c0)=""/197, 0xc5}, {&(0x7f00000052c0)=""/86, 0x56}], 0x8}}], 0x6, 0x0, &(0x7f0000005580)={0x77359400})
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10, 0x1, 0xfffffd67, 0x0, 0x9}, r2, 0xb, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000140))
pipe(&(0x7f0000000180))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}, {@cache_fscache}, {@debug={'debug', 0x3d, 0x924}}, {@nodevmap}, {@noextend}, {@dfltgid}, {@afid={'afid', 0x3d, 0x345}}]}})

17:17:56 executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000012000), 0x0, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[])

17:17:56 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0xffff, 0x80000, @mcast1, 0x2}, 0xffffffffffffffa6)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xa2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)='K', 0x1}, {&(0x7f00000002c0)="00f150ee55ef60c8750fd340e0e075339c7fa23e632581e7bbc562d285cbc2bdbbac9bb950ab4c86af017dc163e1d3ed82b367bfd554f094e7ad2027a1fcfbab255f58b0b2057ba44859229a5ec72605507162e66f69c3e8765c329a4aab06d41bc7c43fcaf6fdd1e01f8329dcc824900b46c6165d34273becdf030139d1491f743f38f87238b0c22f292682250006bbeed9a57a159ee3ebb00201f980a66eef0eb0", 0xa2}], 0x2, 0x0, 0x0, 0x3}, 0x200000}], 0x1, 0x0)
r1 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
pwrite64(r1, &(0x7f0000000140)='3', 0x1, 0x10001)
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x3, 0x3d, 0xf9, 0x81, 0x0, 0x0, 0xc2124, 0x4, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x3, 0x4, @perf_config_ext={0x7, 0x9}, 0x12020, 0x5, 0x81, 0x0, 0xb5, 0x10, 0x5, 0x0, 0x0, 0x0, 0x75}, 0x0, 0xe, r1, 0x0)

[ 2172.460314] loop6: detected capacity change from 0 to 2103296
[ 2172.470073] loop0: detected capacity change from 0 to 2103296
[ 2172.495800] loop7: detected capacity change from 0 to 131072
[ 2172.498987] EXT4-fs warning (device loop0): read_mmp_block:114: Error -117 while reading MMP block 64
[ 2172.502492] FAULT_INJECTION: forcing a failure.
[ 2172.502492] name failslab, interval 1, probability 0, space 0, times 0
[ 2172.505388] CPU: 0 PID: 14541 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 2172.506931] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2172.508769] Call Trace:
[ 2172.509354]  dump_stack+0x107/0x167
[ 2172.510152]  should_fail.cold+0x5/0xa
[ 2172.511000]  should_failslab+0x5/0x20
[ 2172.511684] EXT4-fs (loop7): bad geometry: block count 512 exceeds size of device (128 blocks)
[ 2172.511842]  __kmalloc_track_caller+0x79/0x370
[ 2172.511863]  ? kstrdup_const+0x53/0x80
[ 2172.514910]  kstrdup+0x36/0x70
[ 2172.515618]  kstrdup_const+0x53/0x80
[ 2172.516429]  __kernfs_new_node+0x9d/0x860
[ 2172.517348]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 2172.518397]  ? lock_acquire+0x197/0x470
[ 2172.519272]  ? perf_trace_lock+0xac/0x490
[ 2172.520197]  ? __lockdep_reset_lock+0x180/0x180
[ 2172.521223]  kernfs_new_node+0x18d/0x250
[ 2172.522114]  kernfs_create_dir_ns+0x49/0x160
[ 2172.523088]  sysfs_create_dir_ns+0x127/0x290
[ 2172.524056]  ? sysfs_create_mount_point+0xb0/0xb0
[ 2172.525119]  ? rwlock_bug.part.0+0x90/0x90
[ 2172.526047]  ? do_raw_spin_unlock+0x4f/0x220
[ 2172.527020]  kobject_add_internal+0x25e/0xa30
[ 2172.528021]  kobject_init_and_add+0x101/0x160
[ 2172.529010]  ? kobject_create_and_add+0xb0/0xb0
[ 2172.530032]  ? wait_for_completion_io+0x270/0x270
[ 2172.531088]  ? kernfs_name_hash+0xe7/0x110
[ 2172.532022]  ? kernfs_find_ns+0x256/0x380
[ 2172.532943]  sysfs_slab_add+0x172/0x200
[ 2172.533813]  __kmem_cache_create+0x3db/0x520
[ 2172.534795]  kmem_cache_create_usercopy+0x1db/0x2f0
[ 2172.535903]  p9_client_create+0xc6a/0x1230
[ 2172.536846]  ? p9_client_flush+0x430/0x430
[ 2172.537771]  ? trace_hardirqs_on+0x5b/0x180
[ 2172.538721]  ? lockdep_init_map_type+0x2c7/0x780
[ 2172.539772]  ? __raw_spin_lock_init+0x36/0x110
[ 2172.540783]  v9fs_session_init+0x1dd/0x1680
[ 2172.541723]  ? lock_release+0x680/0x680
[ 2172.542608]  ? kmem_cache_alloc_trace+0x151/0x320
[ 2172.543678]  ? v9fs_show_options+0x690/0x690
[ 2172.544628]  ? trace_hardirqs_on+0x5b/0x180
[ 2172.545546]  ? kasan_unpoison_shadow+0x33/0x50
[ 2172.546456] loop2: detected capacity change from 0 to 2103296
[ 2172.546526]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2172.548425]  v9fs_mount+0x79/0x8f0
[ 2172.549187]  ? v9fs_write_inode+0x60/0x60
[ 2172.550072]  legacy_get_tree+0x105/0x220
[ 2172.550966]  vfs_get_tree+0x8e/0x300
[ 2172.551790]  path_mount+0x1331/0x21c0
[ 2172.552640]  ? strncpy_from_user+0x9e/0x470
[ 2172.553583]  ? finish_automount+0xa90/0xa90
[ 2172.554532]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2172.555546]  ? _copy_from_user+0xfb/0x1b0
[ 2172.556475]  __x64_sys_mount+0x282/0x300
[ 2172.557364]  ? copy_mnt_ns+0xa00/0xa00
[ 2172.558224]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2172.559367]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2172.560518]  do_syscall_64+0x33/0x40
[ 2172.561339]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2172.562466] RIP: 0033:0x7f916d656b19
[ 2172.563279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2172.567260] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2172.568897] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 2172.570418] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2172.571946] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 2172.573459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2172.574986] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 2172.576893] hpet: Lost 4 RTC interrupts
[ 2172.578059] kobject_add_internal failed for 9p-fcall-cache-327 (error: -12 parent: slab)
[ 2172.579948] kmem_cache_create(9p-fcall-cache-327) failed with error -12
[ 2172.581409] CPU: 0 PID: 14541 Comm: syz-executor.4 Not tainted 5.10.240 #1
[ 2172.582875] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2172.584644] Call Trace:
[ 2172.585206]  dump_stack+0x107/0x167
[ 2172.585999]  kmem_cache_create_usercopy.cold+0x17/0x65
[ 2172.587128]  p9_client_create+0xc6a/0x1230
[ 2172.588055]  ? p9_client_flush+0x430/0x430
[ 2172.588957]  ? trace_hardirqs_on+0x5b/0x180
[ 2172.589882]  ? lockdep_init_map_type+0x2c7/0x780
[ 2172.590897]  ? __raw_spin_lock_init+0x36/0x110
[ 2172.591886]  v9fs_session_init+0x1dd/0x1680
[ 2172.592803]  ? lock_release+0x680/0x680
[ 2172.593664]  ? kmem_cache_alloc_trace+0x151/0x320
[ 2172.594683]  ? v9fs_show_options+0x690/0x690
[ 2172.595637]  ? trace_hardirqs_on+0x5b/0x180
[ 2172.596545]  ? kasan_unpoison_shadow+0x33/0x50
[ 2172.597513]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2172.598591]  v9fs_mount+0x79/0x8f0
[ 2172.599345]  ? v9fs_write_inode+0x60/0x60
[ 2172.600227]  legacy_get_tree+0x105/0x220
[ 2172.601128]  vfs_get_tree+0x8e/0x300
[ 2172.601924]  path_mount+0x1331/0x21c0
[ 2172.602740]  ? strncpy_from_user+0x9e/0x470
[ 2172.603671]  ? finish_automount+0xa90/0xa90
[ 2172.604594]  ? getname_flags.part.0+0x1dd/0x4f0
[ 2172.605576]  ? _copy_from_user+0xfb/0x1b0
[ 2172.606455]  __x64_sys_mount+0x282/0x300
[ 2172.607317]  ? copy_mnt_ns+0xa00/0xa00
[ 2172.608151]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2172.609264]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2172.610359]  do_syscall_64+0x33/0x40
[ 2172.611149]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2172.612246] RIP: 0033:0x7f916d656b19
[ 2172.613036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2172.616946] RSP: 002b:00007f916abcc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2172.618563] RAX: ffffffffffffffda RBX: 00007f916d769f60 RCX: 00007f916d656b19
[ 2172.620083] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000
[ 2172.621598] RBP: 00007f916abcc1d0 R08: 0000000020000400 R09: 0000000000000000
[ 2172.623117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2172.624627] R13: 00007ffdfbb1e6af R14: 00007f916abcc300 R15: 0000000000022000
[ 2172.626361] hpet: Lost 1 RTC interrupts
[ 2172.693711] EXT4-fs error (device loop2): __ext4_get_inode_loc:4406: comm syz-executor.2: Invalid inode table block 0 in block_group 0
[ 2172.698202] EXT4-fs (loop2): get root inode failed
[ 2172.698928] EXT4-fs (loop2): mount failed
[ 2189.415617] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
BUG: memory leak
unreferenced object 0xffff888009cce440 (size 32):
  comm "syz-executor.4", pid 14541, jiffies 4296839388 (age 25.270s)
  hex dump (first 32 bytes):
    39 70 2d 66 63 61 6c 6c 2d 63 61 63 68 65 2d 33  9p-fcall-cache-3
    32 37 00 09 80 88 ff ff 00 00 00 00 00 00 00 00  27..............
  backtrace:
    [<00000000db2eddfc>] kstrdup+0x36/0x70
    [<0000000048073390>] kstrdup_const+0x53/0x80
    [<00000000ea67e928>] kvasprintf_const+0x10c/0x1a0
    [<000000004f0a00af>] kobject_set_name_vargs+0x56/0x150
    [<000000004908f421>] kobject_init_and_add+0xc9/0x160
    [<00000000808bb543>] sysfs_slab_add+0x172/0x200
    [<00000000f3075dc8>] __kmem_cache_create+0x3db/0x520
    [<00000000950b1a3d>] kmem_cache_create_usercopy+0x1db/0x2f0
    [<00000000fa7b44e7>] p9_client_create+0xc6a/0x1230
    [<0000000054e3762e>] v9fs_session_init+0x1dd/0x1680
    [<00000000f401c943>] v9fs_mount+0x79/0x8f0
    [<00000000ac1a12a1>] legacy_get_tree+0x105/0x220
    [<000000000859e74f>] vfs_get_tree+0x8e/0x300
    [<0000000098153661>] path_mount+0x1331/0x21c0
    [<000000001b41034d>] __x64_sys_mount+0x282/0x300
    [<000000006da19243>] do_syscall_64+0x33/0x40

BUG: leak checking failed

VM DIAGNOSIS:
17:18:22  Registers:
info registers vcpu 0
RAX=ffffffff83e953c0 RBX=0000000000000000 RCX=ffffffff83e7d02c RDX=0000000000000000
RSI=0000000000000000 RDI=ffffffff83e95b88 RBP=0000000000000000 RSP=ffffffff84e07e38
R8 =0000000000000001 R9 =ffff88806ce3c12b R10=ffffed100d9c7825 R11=0000000000000001
R12=0000000000000000 R13=ffffffff85679448 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff83e953ce RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fff6276b0a0 CR3=000000000ba8a000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=656a626f206465636e6572656665726e
XMM02=3a29323320657a697328203034346563 XMM03=343120646970202c22342e726f747563
XMM04=6c6c6163662d70392020333320643220 XMM05=32206336206336203136203336203636
XMM06=73657479622032332074737269662820 XMM07=2e353220656761282038383339333836
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=ffffffff83e953c0 RBX=0000000000000001 RCX=ffffffff83e7d02c RDX=0000000000000000
RSI=0000000000000000 RDI=ffffffff83e95b88 RBP=0000000000000001 RSP=ffff888008987e70
R8 =0000000000000001 R9 =ffff88806cf3c12b R10=ffffed100d9e7825 R11=0000000000000001
R12=0000000000000001 R13=ffffffff85679448 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff83e953ce RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fe805b17020 CR3=000000000d6b0000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00000000000000004115d82000000000 XMM03=0000ff00000000000000000000000000
XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962
XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000