00000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r2)
write(r1, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(0xffffffffffffffff, r0, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

13:59:48 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 2678.981502] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2679.025114] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 2679.037144] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 2679.057828] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
13:59:48 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0x0)
sendfile(r0, r1, 0x0, 0x20d315)

13:59:48 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x25, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000380)=<r5=>0x0, &(0x7f0000002a40)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_READ_FIXED={0x4, 0x5, 0x0, @fd_index}, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000100)=@IORING_OP_LINK_TIMEOUT, 0x5)
syz_io_uring_setup(0x3b9d, &(0x7f0000000340)={0x0, 0xf07, 0x10, 0x3, 0x69}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000080), &(0x7f0000000180)=<r7=>0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, r7, &(0x7f0000000680)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r4, 0x0, &(0x7f0000000640)={&(0x7f00000003c0)=@caif=@rfm, 0x80, &(0x7f0000000580)=[{&(0x7f0000000240)=""/36, 0x24}, {&(0x7f0000000440)=""/19, 0x13}, {&(0x7f0000000480)=""/246, 0xf6}], 0x3, &(0x7f00000005c0)=""/118, 0x76}, 0x0, 0x1, 0x0, {0x0, r8}}, 0x3)
pipe(&(0x7f00000001c0)={<r9=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r9}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

[ 2679.119035] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 2679.125431] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
13:59:48 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d36c)

13:59:48 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x0, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

[ 2679.190141] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2679.195771] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 2679.238714] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 2679.267407] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
14:00:01 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:00:01 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d36d)

14:00:01 executing program 7:
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'lo\x00', <r4=>0x0})
bind$packet(r2, &(0x7f0000000580)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @local}, 0x14)
ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r0, 0x89fb, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000140)={'ip6gre0\x00', r4, 0x4, 0x2, 0x3, 0x2, 0x0, @rand_addr=' \x01\x00', @local, 0x20, 0xf869, 0x5, 0x10001}})
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f00000002c0)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x3fe}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x801}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r7, &(0x7f0000000240)="01", 0x1)
r8 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r8, 0xffff)
sendfile(r5, r6, 0x0, 0x20d315)

14:00:01 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x0, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:00:01 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0x0)
sendfile(r0, r1, 0x0, 0x20d315)

14:00:01 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_EPOLL_CTL=@del={0x1d, 0x1, 0x0, 0xffffffffffffffff, 0x0, r0, 0x2, 0x0, 0x1, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r5}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:00:01 executing program 6:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="497766646e6f3db82bfd75d9d7652f0b5a67cf10cf73cb", @ANYRESHEX, @ANYBLOB=',\x00'])
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:00:01 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r2)
write(r1, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(0xffffffffffffffff, r0, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 2692.418195] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 2692.427201] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 2692.428296] EXT4-fs (loop7): VFS: Can't find ext4 filesystem
[ 2692.482861] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 2692.487068] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2692.555956] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
14:00:15 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x0)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:00:15 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r2)
write(r1, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(0xffffffffffffffff, r0, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:00:15 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
rename(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='./file0\x00')
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:00:15 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x0, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:00:15 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10010, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
r5 = memfd_create(&(0x7f0000000080)='wfdno', 0x4)
close(r5)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:00:15 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0x0)
sendfile(r0, r1, 0x0, 0x20d315)

14:00:15 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d36e)

14:00:15 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:00:15 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="7472616e489fa60abc97d86e6f3d5900", @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB="c5ad0d189a8547967a41d5550da20d87fe4bfb034914f9ccfff8ffa14249fe08fc5e5359ae2b3e7cb582a83adca1de5a8294cad740695ba6848e6fdc01426329c1a73b173c7acf5fd56930873dcf4556236f7e93a0976935b2c32ba51487fd05bc8788c0551b39546c7b0677cf5bba7c3119fb42ae06433aea86f6861d6cec34c154aeda33a6"])
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

[ 2706.113428] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 2706.114827] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 2706.115574] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[ 2706.118208] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 2706.120934] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 2706.121737] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 2706.143731] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
14:00:15 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r2)
write(r1, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:00:15 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:00:15 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r2, 0xffff)
sendfile(0xffffffffffffffff, r0, 0x0, 0x20d315)

14:00:15 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(0xffffffffffffffff, &(0x7f0000000240)="01", 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r2, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:00:15 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

[ 2706.319373] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 2706.387448] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
14:00:15 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d36f)

14:00:15 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140), 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 2706.434567] EXT4-fs (loop7): bad geometry: block count 256 exceeds size of device (11 blocks)
14:00:15 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r2)
write(r1, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 2706.457911] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 2706.495525] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2706.520707] EXT4-fs (loop7): bad geometry: block count 256 exceeds size of device (11 blocks)
14:00:15 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:00:15 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(0xffffffffffffffff, &(0x7f0000000240)="01", 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r2, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

[ 2706.577120] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 2706.587543] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 2706.594341] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
14:00:15 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
pipe(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}})
statx(r3, &(0x7f00000000c0)='./file1\x00', 0x1000, 0x10, &(0x7f00000002c0))
write(r2, &(0x7f0000000240)="01", 0x1)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:00:15 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r2, 0xffff)
sendfile(0xffffffffffffffff, r0, 0x0, 0x20d315)

[ 2706.664441] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
14:00:15 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d370)

14:00:15 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
r5 = syz_mount_image$nfs4(&(0x7f0000000080), &(0x7f0000000180)='./file1\x00', 0x400, 0x4, &(0x7f00000013c0)=[{&(0x7f0000000340)="8718f66ff2f13cfb081500d26c7548f804e3b10011e39a9b76788564d660ec255f63ddb1a891ce26fec3686748756244a4ccc5c04307460988aa44e169164337deb061ad659e0ed2781b8986805fb7d0eaa27d829cc4b7cfb92e6052f0a3dcea09ce1acff6a78d4819f40e173f370181a8a18f72c3b8b47e950165b712841001bd18248aa62fae6380a0dfe0d34a4a8511363934c44a0070798625cc95a6a427c5b7d148f4237737f7275b888b9bac4a8a292f58905ae849f05c57ba5c12d6847d53ffa3d5034c51c73c5c4c5b3b1fa91682b9f25a50e834cf96508fb66bd0427f7266a5199f8280fd012447d551c06d60f646588dd59a4b6204ff259ee958715d54900b4dfa6d39c1fb561042f14c688f872769df8d7e455057b56912b654163d6671b571eb3887a1d4cf84d4f939f9dedb20e2d9323e2e06bab8590ee239a0179c23567f4d0dde1ce7c48253ea13f539670ab39ef4edcdf24525d465c96cb6263711d8a27092d369217f3f031df5a215f9e276451987318eed14adea1b7c0b84ab80e9c723f95c5c4961e51c1e6610c699cd30273b6095960c5cb2224dd50b3fe5668f9c89f70e88140b6c6310e77a7cd359dfd0f26f723a403b55558a94aceccd732d618db83ba29f88953712947ebf59f4ddfd5797172808a6b8f3e0ca8e8518c41c1b1cf7234c0c1020ef8bd401cabd41abfc3d0e00e6ef988e7c8815ec13747d445e495c220bb8203879f3645fe82db04b887f14697b7001994b2c7842efadf3149da1e22c2083fe78f2b3d70737b429a47fa568ccf72fe3f6a04508ad79b052ee0fa7a5b581f44c62f765cba511c255c4091602c42c2615027fee769b0e2fd6fda5dbeff5e3f3189249aec17199d73723bb3c0b094cef8556a0ef435506f2ab8b08134086f4f6555c234d6021d8496cc4f10d2d8207a12acafc5f5644c0274732ce350ed9b11f93dd12da1dc0aebc6702545459b13de966fb103ffaf14897a250875e3a886749587b8c570c3c4d7c3f37e6150b4e3c08579b1a47135197e3e39b0cabbb18b807e87a033e65dcc4bf4c89671c8c71a972d8a6c693b29ab89c0535cf747405284278232a28d29f1642cd0e9e46934d7f63727c4b5077e1b2e7d0854ed5d1dba5d8bc5cd56ad58fc5a89f4d6486d6b2c27113b4e3c2f657799d5a4243012665cd1c76b84861b368a3bf09e0c4a9f208b98019ea4b4fd629f9a2cda3bf774fc4bf823757f4cb5705223599b68b2320404d995c2b489ec5ffd70b8da80ef4c3acde1b745a50d9e9213026d584be47414740ad4f633f5ced77bdfb9feb11feeb4969cb237eb50f558faccbdbe627bb03001fd6f4f8a67e9044f8bf950972e727c2d2bd296a1905e210eb2b0ee76a0f8fc9767bf64397096390e8ce65075adf7168979ded73b98058d9eb64130ad66d41522514ba0ac7d94aa5c12a4fe9125f2a1585b5df3cb6ae0d2e6d127bd5273ee7ae466497ceaebed4be6c8a6f2e9c578136ed08f8a98fdfcf363aa6c5cddde6ecf9e44b91b03d9ff85ba78ac5bb695caa22bfd391023fb8c4c014bb49578052020d5466aaf3415d4ec7dc2104672921ccfec0d9b993deafafbf56aaed5622d3e0cb34c11b82836c0e46b3154a37576e5041c44c114edf20a5fcb301b00c4e76c1bbdcc11214a0588762d28315e42c63fcc33b8d0f46c80b01ff3a13c0a90114c317707ecea26c2caa63bf82c880c116b1e7f337683da667ef2a1c2fe251457ef174b25813c95a5c5ae80396b716faab9584bfcbd81990f72b3bd95492561488627909c268e9d20fc518013397e140e447f272b9f2cce4e599f862292da33d6b1067ffecb0ef7bb0a056c50f63023462c64ff89ee02325bafb223bacc15543a8a5be3e44a313f1a231671a1e42d27999ffa401ccc594eea37bbc1af4132cd7f6cd539498795895f1527d5c1af018cbf4582b4fcd8ad51b13fd6409a930a3aebd6f4b61325604e3569161a7272f3c2bf4af86a4f11ef0ec59fbd4ef5263aebe2d2013b2d700f511d5771f990e43f40e75db8ed8537a5a7554c02a22dc63d98e1f6bb64455775b969f34fba207b67f2051d8839aa7d5c26ec331cd99593954a4e257ff804f62b1db6b67c636a9d7f145092bcf8f26b363a3437e8b0fd81b755d3cf2d5310f2e18767d6fe8367940a35500d1cb452d401ef9289f71e4dc19be9d44e566c966b1984a752991b8f733a08b652ee3242856caf45dc18b81d4f7ce11c32b3dcaeee1772d884ae3f0a0b41c35b5103d5c2cb75c93497c1dcb2d291840baeb25b9bcd78d6d38483de769dd268c020b520974d42f06a320bf8fd8f01857b3a39f8fe69b3893f0d26aee79d8ccfa30f35c535adce6e4b38dcc086cf40d2317ee93d135a25b90e5b4a35eb40ecd0b6850e0e643da40add5968cdae265c347118230f58346bbb7c41b9c4c27448dfb5a1d2b90fde8560b455e8ba58f5ed953011d0d44b52a592f7d0ae5e2e39091c2f5231b4b929e42d181671bc8e6b6266706c50890a13b53bc2aa6500f24bd47d85a002d634155f723787da9fcf72342b71917424913d0ad4aa48b5ef4ac5ddad54f2bd99d32a358ff3aa046c19b48791e7cd9e13c38f2b0274f45c42139eaf279a748eb08a308716e58c3243882f7c8a4972f1affc5168a6c59627d50630f6afd87ad5ddeab88bc720731aa66140d1b919d6a0a3eba634fe0a7f9e6cff3da247b1e029b3d700ac0f38e120d17b0ce1c74a0ef32a1f76dcd88151aa7ea4a3e6ea722bcef6097ca91fe0ca1ce9771e1e5c3d8bce578609b6f31ff52f2a7cbfb31b8a03dd1fd7f5861cfb52924467ccaf24b6aa67e5ee702ccac9ca605b2d5cc89cd0387c2ff62a616b22a51f93845924ebfe308d6f34b87af1748a101290bdbc59b43959d5b0afbb1a77c55c82c72fe4b6644104483da9dec9658731fb1b2774493909cb1e91fd63e707c7125b82e0102bd2c4eac2800e37fc36701d6ef998c8e834a4b6908ef9c95f3a5da549d3cae482e6c7d7afa36bc7fefdd41fa9e78264dc87663744840e30fb20ccb465a6921adafe2ed76c48f44d3319c99eaa29ab49880c0808f33958458ada2327bbac6c1ece8a65bcd8a1fe737493e7203aecbcc04d285de4b5e595401170433e6d514627e29924776ac382538ca4749893875976ee8ce2bc5594c8fa21352bfe2ca97e452e45b3fcdb799b7eb52a21f189d1f49c5223ec7fad83acde6803968af72a7e3efa1bb9759f8a2be37fc66cdafae46139db710c3ef19cd8c3484add57ce38ecf22d71d748a20a1c6b375c219a1ef7000f9a6846fa1416c30a831f5e419af0f8bca45b19ee067137805bc7b61540948bfc3f7e1479a3ec743b4002b82c9bca5bff4954852db0a434258bf99f6e9795b8487a32f9ae0bc502edff76d863df1c1bade66e0b8ac8818ed2db43e6bbff3b844f6fddbbb8ba967e8440ed1e25a85eb13d2145aa2bdc72545aba7f36654b4a5b83b9431926370939055900c63aa86a694719b01a0dd1074e4c05a79828349e57f5f05d6f0262134f4973ffcf1b09d4591290b52d96a7fbc9c70490c388ed5a5bc5f71e6f77c3dc25aab7a65b036c86c3bbe65117168f1460855fc9ae053f9b1168a125eabf8f1c233bc439e356521902cd67673f53b4fb53dbd34d7a07c47debf88c314ef7209790395689ee7601eba634c644c02ce884438dc44d8fb96ef7b9859cecd739e420e2a2b2f0d75999a9c977ea600b73ae6c5765afda12cabd5986a5a382ae6ade606f5ead41562235c77a7eacbb4731dba593cc4386b8c37f068064e6f0292a2cc5e575ea9266423edf4ba02234c87e48c8ce7acab0fa8d2f3127a961d5fc3aaac63ba38518247049163eee7a711ab8c9a2c128033d2070122adf35ce8ff75e91ef48497cd25c0dced6a922e42f34db5b565082634d8e6944a51de12ea8ce20cff04144a127c88f3549692a506ccb3829c24f9a3e9ec695e0295700d44445dcfc14547205a2f80b5675c303f1d59d4573016fbfe048d276ddab9fe14a5a1394f88df585010f3b96b142c31a4e402e1a60cc164553788b6857f687f868b2b47db08552ab916ad876d3ed26b3a1566266b4101462691fdbd23dfad3a4f8f69efd00872fafa08d31d103aa5ba4278adb5074eacba6aacedb652935d714d6e3b55b589eb016eb91c843b467c334b000ee2fab5456413d90b7a6d6cadb8b2e36ae6c6abcf41e8d72dd96477b2070fdf6f3bceeeeebb7ad2476bc15f15eb911641f167dcc80c0aedba0ff9c3dd8b593da0acfe010b2139d538e5b39432619009fd7ef71d9da917f817326b7f5d24f26c8c49aa3144b0bc3d79d03d980dd126d6983024162d7a8ab04c97ef0496070c0fe5216e44a606a29adcb3c99ae7bc36160e7ff58c24ae3afaf63ec5b36ce209677e0bb90c254fa25d48828f11d18ba28adc7f1f68666ddfbbe8be7ff1bb27e598fc93392211ab2753f600811f545c7d98c05e172e75bd8ac5c662dfb30b83b0c284a53e86452f2fd1a95065effa2d7d56671fbf8051422309934dd50cf7a9d59a7109ddf9c2c84646b4b374b7dfd5021973ac2509e07094214ea4150a032c5eb29aa5cc8c212a3f8a04d8aefde20d3f3ac51c21d5e3d8908f356ac8390600b7458a5eacc1198d45757af10061c92cfb5cd043785c596acb5f3a5bd3a84f3484dc91e10a83044a5427a0e9267ef9f442523037f50dec7d013e857e62a187f479378125ca5129adae5cb74eba9cf8f3ef0b84ce4062c83dd3c85ab9a1342d15fe2963c3355b954be213e08a8816917ecd95498b0abd206f621ee53cd725a376926e3e5e1b44620956cb2446c01462c86b29f5cb557e69310557d3ac68dd4f937ad76c188f2e2973c118ec343d98b1202951fcd32e1dde9540228b146491209e1180380e2b81e5a77aabc018cd3e8c7d3400e14d1233247bdef3ce22f146221aeb683fdfed264f060191df7284c24452bbc8a26bae3e871c3212a8151253b72485edefcd6bcd8f4e857e4688fe25aa546ff39a3fe898c3874762fab5387c95152c093fcaf8bdc16d44d7daa7c780600217efc2578dd9c5ed2182000461d88509d3b18dfe26e4c9675049a946de778c180bba29e902935e339b686cb0129728513090b783d04c8401120cad0e4ed395bd1efba85ae0d305ac43fa464c0ae63b84ea5adef4bc4e6dddacdcef22d4e4f7ca4c2a9f637448bfedb9a362144b561b6fd7514b640ffb850ccbe20b9d464f9985a9885762a5b3dc646db856b1e8a97bbb88a75db5e0536d80f288a51a25351dc328edff587792eec46362693f0a8865711530941b6f23df4cced5f44f4146a39fb2acc7570d62e4daccc8f4be259046f4153f6de0f1f36eb6eddc620d040c81357bed0caf4ebd10b35819cc1c94f6cf80eee0fc7839aa6109cefb156e6d1852982e9fb665d4d82d558e937cf0b2cbacbfb5b1958fe3ae030477265aaf0244e6c54399ceafd40abd5af785b4727fe577445e9518d5aa1b21a4a8155a6c12dcc324ae01d330e029b650614c6781b69d071a9ab0ddb2dee51d5ad4e3e36cca04db7dd71a91d401a9cc6f1b315a51c35bd97102ce506ab59ef66d4971f21cb1434a0b7b5c1f8bc6d83959d4269bacd2746497af0d4c8cbe3afebe784e42dfc87a274851d232677201c2d09fd8c47c40c9acaf32674c1b9cda9b459087a92a546c51d19a0bfcea99d955e4a3a2815d2c90da1e761fc4568537d6a6f2b8fd3156d7b16f4611139bfed089aed879f0c79f25ab93b6b4fb383033658a5e1932995a", 0x1000, 0x8}, {&(0x7f0000000240)="ac5e263ffd9d1e07b58f323d006e7e", 0xf, 0xfffffffffffffffd}, {&(0x7f0000001340)="00b3f61d67", 0x5, 0x1000}, {&(0x7f0000001380)="1f3b6d03ba686cb23367397d645942d83d0db3982a39e6", 0x17, 0x8001}], 0x800080, &(0x7f0000001440)={[{}, {'wfdno'}, {'rfdno'}, {'{('}], [{@hash}, {@fsuuid={'fsuuid', 0x3d, {[0x38, 0x64, 0x39, 0x31, 0x37, 0x34, 0x37, 0x31], 0x2d, [0x35, 0x61, 0x66, 0x62], 0x2d, [0x66, 0x33, 0x30, 0x39], 0x2d, [0x34, 0x66, 0x30, 0x65], 0x2d, [0x33, 0x61, 0x37, 0x63, 0xa, 0x66, 0x36, 0x53]}}}, {@measure}, {@smackfshat={'smackfshat', 0x3d, 'trans=fd,'}}, {@fowner_eq={'fowner', 0x3d, 0xee00}}]})
execveat(r5, &(0x7f00000014c0)='./file1\x00', &(0x7f00000016c0)=[&(0x7f0000001500)='{]!#^-\xf2#($]^\x00', &(0x7f0000001540)='\'\x00', &(0x7f0000001580)='\x00', &(0x7f00000015c0)='9p\x00', &(0x7f0000001600)='\x00', &(0x7f0000001640)='(\x00', &(0x7f0000001680)='\x00'], &(0x7f0000001840)=[&(0x7f0000001700)='wfdno', &(0x7f0000001740)='*%,$-\\\xa0\xf6!(!.\x00', &(0x7f0000001780)='@\x00', &(0x7f00000017c0)='+\xed\\-\x00', &(0x7f0000001800)='\x00'], 0x100)
ioctl$BLKZEROOUT(r4, 0x127f, &(0x7f0000001880)={0x15f6, 0x9})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

[ 2706.686310] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
14:00:16 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r2)
write(r1, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 2706.743641] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
14:00:16 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(0xffffffffffffffff, &(0x7f0000000240)="01", 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r2, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:00:16 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r2 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r2, r3, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 2706.885352] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 2706.904956] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2706.913569] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 2706.925487] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 2706.930213] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
14:00:30 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r2, 0xffff)
sendfile(0xffffffffffffffff, r0, 0x0, 0x20d315)

14:00:30 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140), 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:00:30 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r3}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:00:30 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r2 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r2, r3, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:00:30 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB="975d3115bb4a630daa", @ANYRESHEX=r2, @ANYBLOB=',\x00'])
mkdirat(r1, &(0x7f00000000c0)='./file0\x00', 0x134)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r4, &(0x7f0000000240)="01", 0x1)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r0, r3, 0x0, 0x20d315)

14:00:30 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d371)

14:00:30 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:00:30 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:00:30 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r5, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
dup3(r4, r5, 0x80000)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)
syz_io_uring_setup(0x25, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000380)=<r6=>0x0, &(0x7f0000002a40)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_READ_FIXED={0x4, 0x5, 0x0, @fd_index}, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000100)=@IORING_OP_LINK_TIMEOUT, 0x5)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x84082, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000180)=@IORING_OP_TEE={0x21, 0x1, 0x0, @fd_index=0x2, 0x0, 0x0, 0xffffffff, 0x8, 0x0, {0x0, 0x0, r8}}, 0x3)

[ 2721.361080] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 2721.399152] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[ 2721.404780] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 2721.412357] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 2721.413789] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 2721.420350] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 2721.421523] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2721.446016] 9pnet: Insufficient options for proto=fd
[ 2721.495918] 9pnet: Insufficient options for proto=fd
14:00:30 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r2, 0xffff)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x20d315)

14:00:46 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d372)

14:00:46 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140), 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:00:46 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff})
recvfrom$unix(r4, &(0x7f00000003c0)=""/165, 0xa5, 0x12041, &(0x7f0000000480)=@file={0x1, './file1\x00'}, 0x6e)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r5}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x1, 0x5, 0x0, 0x3, 0x0, 0x45d, 0x2000, 0x2, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0xaa67, 0x0, @perf_bp={&(0x7f0000000080), 0x1}, 0x48882, 0x41, 0x7cd5e011, 0x1, 0xffffffffffffffff, 0x2, 0x8000, 0x0, 0xfffffffc, 0x0, 0x9}, 0x0, 0xc, 0xffffffffffffffff, 0x0)

14:00:46 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r2, 0xffff)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x20d315)

14:00:46 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0xa08000, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x15)
close(r3)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000180)=0x4)
write(r2, &(0x7f0000000240)="01", 0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
open$dir(&(0x7f00000000c0)='./file0\x00', 0x400080, 0x12)
ftruncate(r4, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:00:46 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:00:46 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r2 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r2, r3, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:00:46 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 2737.383630] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 2737.385945] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 2737.386720] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 2737.397357] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2737.402708] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[ 2737.413955] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 2737.416518] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
14:00:46 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r2, 0xffff)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x20d315)

14:00:46 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:00:46 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x0)

14:00:46 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:00:46 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d373)

14:00:46 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
pipe(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})
bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e21, 0x6, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x9}, 0x1c)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r4, &(0x7f0000000240)="01", 0x1)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:00:47 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r2 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r2, r3, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:00:47 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
r4 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 2737.829735] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 2737.851393] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 2737.878502] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
14:00:47 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x0)

14:00:47 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0xfdef)
getpgid(0x0)

[ 2738.039121] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
14:00:47 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d374)

[ 2738.059876] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[ 2738.070778] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
14:00:47 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
syz_io_uring_complete(0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file0\x00', 0x0, 0x40)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:00:47 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r5, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
ioctl$FIONCLEX(r5, 0x5450)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

[ 2738.144375] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 2738.167515] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 2738.204886] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
14:01:02 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r4=>r0}, './file1\x00'})
io_uring_enter(r4, 0x23ea, 0xb89d, 0x1, &(0x7f0000000180)={[0xfffffffffffffffd]}, 0x8)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r5}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:01:02 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240), 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:01:02 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0xfdef)
getpgid(0x0)

14:01:02 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r2 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r2, r3, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:01:02 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x0)

14:01:02 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x0)

14:01:02 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d375)

14:01:02 executing program 7:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r1 = openat(r0, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r3, &(0x7f0000000240)="01", 0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
dup2(r4, r2)
ftruncate(r4, 0xffff)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}})
perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0xff, 0x20, 0xc0, 0x9, 0x0, 0x4, 0x40002, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x57, 0x1, @perf_bp={&(0x7f00000000c0), 0x8}, 0x1000, 0x759be5, 0x3, 0x9, 0x7, 0x3, 0x7ff, 0x0, 0x4, 0x0, 0x400}, 0xffffffffffffffff, 0x6, r5, 0x1)
sendfile(r1, r2, 0x0, 0x20d315)
unlinkat(r2, &(0x7f00000002c0)='./file1\x00', 0x0)

[ 2753.027157] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 2753.030875] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 2753.030952] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[ 2753.038676] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2753.042329] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 2753.050037] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 2753.055453] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
14:01:02 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r2 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r2, r3, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:01:02 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140), 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:01:02 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240), 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

[ 2753.283171] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[ 2753.291662] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
14:01:15 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index=0x7, 0xfa, 0x0, 0x9, 0x3}, 0x101)
getpgrp(0x0)
r5 = syz_open_dev$vcsn(&(0x7f0000000180), 0xff, 0x4201)
getsockopt$IP6T_SO_GET_INFO(r5, 0x29, 0x40, &(0x7f0000000340)={'nat\x00', 0x0, [0x4, 0x40, 0x4, 0x4, 0x2]}, &(0x7f0000000240)=0x54)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10010, r0, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:01:15 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0xfdef)
getpgid(0x0)

14:01:15 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d376)

14:01:15 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r2 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r2, r3, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(0xffffffffffffffff, r0, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:01:15 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0xfdef)
getpgid(0x0)

14:01:15 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240), 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:01:15 executing program 7:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x40000, 0x0, &(0x7f0000000200), 0x900082, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
setresuid(0xffffffffffffffff, r1, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000300)={0x0, <r2=>0x0}, &(0x7f0000000340)=0xc)
ioprio_set$uid(0x0, r2, 0x6000)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
setresuid(0xffffffffffffffff, r3, 0x0)
mount$cgroup(0x0, &(0x7f0000000180)='./file1\x00', &(0x7f00000002c0), 0x202000, &(0x7f00000003c0)={[{@name={'name', 0x3d, 'ext4\x00'}}], [{@defcontext={'defcontext', 0x3d, 'user_u'}}, {@euid_gt={'euid>', r1}}, {@func={'func', 0x3d, 'MODULE_CHECK'}}, {@mask={'mask', 0x3d, 'MAY_APPEND'}}, {@func={'func', 0x3d, 'FIRMWARE_CHECK'}}, {@appraise}, {@permit_directio}, {@appraise}, {@smackfsfloor={'smackfsfloor', 0x3d, '-'}}, {@obj_role={'obj_role', 0x3d, '%[\xfb\xf4\xd0V\xc0\xffX>id\xc9\xc0\xbd\x1d@\x1b\x96\x82=\x12\xea}\xf5z\xa4\n\x1dk\xcc\xfbavj\xcd\x99\xeb\xd3\x1d\xbb7\xfdB'}}]})
r4 = openat(r0, &(0x7f0000000080)='./file1\x00', 0x1c50c2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r4, 0xc0189372, &(0x7f0000000380)={{0x1, 0x1, 0x18, <r5=>r0, {0x3}}, './file0\x00'})
ioctl$AUTOFS_IOC_SETTIMEOUT(r5, 0x80049367, &(0x7f00000004c0)=0x2)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
fsetxattr$trusted_overlay_nlink(r6, &(0x7f00000000c0), &(0x7f0000000140)={'L+', 0xfffffffffffffffe}, 0x16, 0x1)
write(r7, &(0x7f0000000240)="01", 0x1)
r8 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r8, 0xffff)
sendfile(r4, r6, 0x0, 0x20d315)

14:01:15 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r2 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r2, r3, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 2766.031844] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2766.057122] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 2766.078097] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 2766.086821] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 2766.090305] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[ 2766.094188] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
14:01:15 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f00000000c0)='./file1\x00', 0x600300, 0x24)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:01:15 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r2 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r2, r3, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(0xffffffffffffffff, r0, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:01:15 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:01:15 executing program 6:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r4=>r0}, './file1\x00'})
io_uring_enter(r4, 0x23ea, 0xb89d, 0x1, &(0x7f0000000180)={[0xfffffffffffffffd]}, 0x8)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r5}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:01:15 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d377)

[ 2766.239521] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
14:01:15 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0xfdef)
getpgid(0x0)

[ 2766.329699] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
14:01:15 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r2 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r2, r3, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(0xffffffffffffffff, r0, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:01:15 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
sendfile(r0, r0, &(0x7f00000000c0)=0x3, 0x20)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

[ 2766.483371] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2766.513856] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 2766.514793] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
14:01:30 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:01:30 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140), 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:01:30 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d378)

14:01:30 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r2 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r2, r3, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:01:30 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x404}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x200}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
[ 2780.803156] EXT4-fs (loop7): VFS: Can't find ext4 filesystem
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0xe000, 0x2)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:01:30 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="74dc616e733d1e253ba3664b6e6f3d", @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',\x00'])
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
r5 = perf_event_open(&(0x7f0000001d80)={0x1, 0xfffffc93, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000100), 0x400, 0x0)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000080)=@IORING_OP_CLOSE={0x13, 0x2, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r7}}, 0x8001)

14:01:30 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r2 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r2, r3, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(0xffffffffffffffff, r0, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:01:30 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 2780.848447] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2780.849560] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 2780.854573] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[ 2780.870040] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 2780.873984] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
14:01:30 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
r5 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)
ioctl$EXT4_IOC_MIGRATE(r5, 0x6609)

[ 2780.898100] EXT4-fs (loop7): VFS: Can't find ext4 filesystem
[ 2780.918209] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
14:01:30 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
chdir(&(0x7f00000000c0)='./file0\x00')
sendfile(r0, r1, 0x0, 0x20d315)

14:01:30 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r4, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f00000002c0))

14:01:30 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:01:30 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:01:30 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d379)

[ 2781.146925] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2781.178184] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 2781.187425] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
14:01:45 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:01:45 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:01:45 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r2, 0xffff)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x20d315)

14:01:45 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_POLL_REMOVE={0x7, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:01:45 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
mkdirat(r0, &(0x7f00000000c0)='./file0\x00', 0x80)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:01:45 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d37a)

14:01:45 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:01:45 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, 0x0, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 2796.616647] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 2796.635953] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[ 2796.649989] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2796.728609] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 2796.735042] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 2796.744695] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 2796.766731] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
14:01:46 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d37b)

14:01:46 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r2, 0xffff)
sendfile(0xffffffffffffffff, r0, 0x0, 0x20d315)

14:01:46 executing program 2:
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:01:46 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:01:46 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
recvmsg$unix(r0, &(0x7f0000000740)={&(0x7f00000002c0)=@abs, 0x6e, &(0x7f0000000640)=[{&(0x7f0000000340)=""/105, 0x69}, {&(0x7f00000003c0)=""/168, 0xa8}, {&(0x7f0000000480)=""/131, 0x83}, {&(0x7f0000000540)=""/17, 0x11}, {&(0x7f0000000580)=""/140, 0x8c}], 0x5, &(0x7f00000006c0)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x60}, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
creat(&(0x7f0000000180)='./file1\x00', 0x4)
write(r4, &(0x7f0000000240)="01", 0x1)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
r6 = openat$cgroup_type(r3, &(0x7f00000000c0), 0x2, 0x0)
ioctl$FS_IOC_FSSETXATTR(r6, 0x401c5820, &(0x7f0000000140)={0x7, 0x0, 0xa0f, 0x6, 0x3ec8})
sendfile(r2, r3, 0x0, 0x20d315)

[ 2796.913949] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
14:01:46 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, 0x0, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 2797.008907] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
14:01:46 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 2797.086113] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2797.086738] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 2797.113691] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
14:01:46 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0xe3b, 0x2}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000001680)=ANY=[@ANYBLOB='=\x00'/15, @ANYRESHEX=r4, @ANYBLOB="2c7766646e6f3d607a18e65d42be2053b39250f1f582977a395c334f0b985eb99ee125db06000000a7e89ccb5e8a3103c0cf2adc75390ea132c7f7b7bba6d8efa88923b6936dd311d235e643f4f5305f7ff9c236c59589b60258ecc415de84ecd8e2d8c62f19ffb8", @ANYRESHEX, @ANYBLOB=',\x00'])
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)
r6 = getpgrp(0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000001ac0)=@IORING_OP_POLL_ADD={0x6, 0x6, 0x0, @fd, 0x0, 0x0, 0x0, {0x2600}, 0x1}, 0x401)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r7, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
r8 = syz_mount_image$nfs4(&(0x7f00000003c0), &(0x7f0000000400)='./file1\x00', 0x3, 0x8, &(0x7f0000001b80)=[{&(0x7f0000001740)="5146a6291affcdba5be94965d7d0af830950617aa7e7ae40198f1bfde2ad1b35c45f3fdc4653c762ebcc6cf3a671072b3eaba43d9ca6c732be056afd3c5d3bc44213e1dddc1548cb0da462b12d068e97d95e9a0ea6046447df76864280843796326363cf95c313e30c73119328b49f0a773fbb122c02", 0x76, 0x10000}, {&(0x7f00000017c0)="ca62e6ee30787419840182b1e3a4aa38113c8b03dad0f5fdeb118520c945e9e0071862a3169a324d55d47fb7f56389acc248211c4dd9eb7adc93040a4731dea7a9a8357494bc01988f43a4ee7943b6a0d72e3296d9807ac1fdc738b3a1aa888e86f2e081f13e5b3c4abeab5b898c5bdf7f6a46ab751f21d0b0f0d2b926e750cc820a4e39e6f093905b04e8d0dd8d4d6e2fc4bc7fb139c3c0f016aed23589a26ceeea69f41652b167fbb38974fae58e12317daf834579bbc280dc740cf02469536e2348d647860809e079130b53f22a8e4033c985aab0b2d412ccf1fd6d47e40f33fe6ebf8dea148dad166786909b3e", 0xef, 0x2f6}, {&(0x7f0000001e00)="aa8bad985dd1c765c7b864b64c68a5ef26dd9c554b850ff14982da7b3773010628ecef6c244f9e8e260ec50d95f06168d4484fab93531e020f0f45b24c6a836c48b37982f009ce2afb3c185422cbbed10033dbb71d56662b4a90f8b0e6f54372046d7c463e182b7f1314e161a2dcad3e5b088c5617ca698b3a3e947feeee926c7d4baee1645a248cd0e2eff901971a05f93cf18edff2709eb5693ddd13ccb1598db38a597f14d925b1622e0356455c1eaabca7d2c0752f897effadad1ff630d75cab0603a1af0683900f7fbd6e802104274f4dc81195292d4e15ddfcdd4ba99ee2f511855e2da0e087daf3a0aa7e6d30fc1556d53ef667198360e866759955a63c3265693eb6740f75e012bce08569cf4b177e540964fd05106cf6015d139a64f491dad9b2874a51052b60b691803e0fab8b9d1d72b2e678edc01c6b12f93840de5a8acf2fcae9516672dfda765f4d90df5947a1369013456ab74f44561e79282f21b3b3f70d21c91138c07024007944f4b65120f07729680a17efb1569fc7bfc37bd1d23ff7d181eede552fb13b4467eb3540126a111d6dadec30c9e57c74ae0a0384236d879c18d329fef9dfac5bf5fe7b2dcd1020ec0757473baf7d174223575d5d525b4ffb2169fff0eb095b40ee82b835925f802f71ca3c849fde3f3111d6e0753519de18347b87fbce906da6ae87b3d39ed3cd5d659d068c2d636a6e83dfce4bdf77aae4528278773b18dc950930b12d4af750e7f1bff9258c77a30545445808a3bd5cd3204ee7b37c0a66f31478ffe4cd0340c77d1a8bd5106965930a01a8f8e40181e6e5e7ac4d07809fa64ea864eb250d7ae18a87dcff9ce15adef81b8df2a473fef5dbfecf6d9bacfc0da006cb76ff3906ff6a4bebb3f8e42606a231e42275708f054f76d02484a2b7079b07132664255efae1913390a19935a78c1a65b7311b393c19a9c5415295a34e75e2e5baa279d4b2e6a8ccd9e4ee231f5f627ac26be63c9f001b38a9de8b2b569d2ce4b3741cc4da3660fe7fdeda9cc7be3a309999ec840cff54b9368637f9442a4ec76f5528897ccd9db8650f9a42c63461110d52b3acf20ec8cb09e272bf89193f86a10b54a63463513025963148b3f1b436b4cef9fed378013eb6940d98a72d9492201939e78922352be491c7b305d509898543faa4214e580e2b808fd6969020577d37db699b6a45d013c3a0d546e2810dce29dc818a566a9999df214a2a29109ae1fb0970030647f4d1cbae47610131e0a4288683570495aba145792236b22dcf0195285608f30f933b377ddaf8e5f691e2562f0faf6053700e0601e7c587e66107eec12f7ea6d0f80a98710ecc7d979599b2af9a9dc41e693cfde468671316b49bb3e20fa4aa170beaff7d53ea1a18fdb6f36bed46c814b62d31191e03b3f37b4304ab0af1baec84821b02aba84e2ed3eaddddc4a150f69bb245bcf637c4b08fdf1d729fb44956047a87fab5e3e0779dd8fc5b50c89d63411b2ef2723735a9e9c8144e296f9db485de95d33eaa7d0e0ac739f7511b05a931fa74fe6e618c89dd275810580abe55e43b8febfe5a755f6c37f4e2c0bb1de2bc0c2b9f35de7793ae57c579c473495090261083278f6e81183d9f57dd9051edfb70db31a25bd90115aea8694e01728f6bbc0aaa0c2d375a25b303170e3bf09f5d9abbd62429a04ae1b7f0d01099373d520def61e0e0e114d8067aecb70a7d763e93b7957eafd2480d94d3b8ae05e8afd2622123eb0a99f838290b43e85f1b7a3c8f8cb685eef12d3f61dc5266cfd8fca458c766c1ab1e18abad5f3de7239a802ed718bf50218a34e87564b18faa4a1ccf7fa168db559a3f73fbc55912a0d082ffe205b250530fc42b11f4c13586299ce220f5cbba3072664283b5985b28c357eb0b158f1769f9457d5ff0c3741eb9be0f4194b7c4a3c39e9630da050366d2895fc6ae4f74179afb00788c9a16230d4d07533e73532792ad487d51c44d3c7488072433a92a552401a2327787e100c67dd28c388f377865628658a84d8b9d5980bbec4be1419c4e8fd85c8f6db27981c0b2203b911d07aaad180a93725a6704d1d6322f3a8c0af07bf6d410eaf0bd5271470942fef680e0b3ed361a5610b39b945117db43599d3768facd52624cdc6faeb5730d67ae6be5830f9591eb02c722490aab59af2c48917f1f9a6e8ebb8ef3938ac748268bceb81fcd9a25ff4e54c9b459cd630ad0ef6b4eda27ded5febcb8db6dfe5f589d6a6c0c7b1e7de208fe9adfca133a14ce6d24eda9472ebf8a161548da060ec1376598cc305b3cb465c414547154fe8aee8954537eb4a37ab94dbcd604e6c06332558e37d4fdd3dc63b4864f693646b0ab88d07c765dcc7b34eaf1fa669cf77254a8632ec9dc2ac8a3e7a9f877478aa7f1c301428adf69005849f23dbc4ad7493bb6fcbac7cd3f4f29d05b3ecddec0716f949b5905de8457e6a4b794f7e7b657c9fb8c08b9962cee7b41ab4ee2233ae45acf81f66196a06957824307505cc2e87191f85d1cfde4609e3c7ccd49714a31904fb5c63a0066a28539047557fa0d3a8f0d5d6a869987269939053127415cc7d55e16c6b4a053d40437049c177af04f1469e7a478e66ac7351a36f46afab5e5478f97ab6e5770e3b1e1fa3f37917afbbfed85d09a088416e32496431ff2c65fe2c1998042940ccc5fb0e1e4d312bdd9e089c8c74e440eb51b89d0bcb90a9911b7421ab948c9bf09638c50696f5f0100e01dee13ff2bf528a4f842dd057b2b0edc4eede18db99f9ee75ca6b93a0bfe4f4bb561987265e46c672bd351036a994c61d6b2fd3253685573361e63920b5213980241e4d657a2d1945a2cbfb82a91e0acedfc2e3a311e0dee42bf7dda1bb2715cc032084e09e42b06b003fef39c3d0385bf20d0baab6a96d91ffd2fee850267393bfcced1ce72c1098a0adaa886349a447f89543e968477e3ebaa4c3a6a405347b61104fccff76387a0cb55b4f2be4aec4cd1e271ca48b6a3a4c9ec68786164502c12a741004372aad42a05eb9140a644516da46a099740a5d6b8210a6818522d9ae0671b67945a2029653ab1371c8ec94cd7a2ee2c190c71d3653dbb1863377b234f95d8c6acc807fd6b1a7da973d06d050b985a2eeb7f3eb9401ce4143c6374741b1e3cca6e0563fcb0170e3896edd89f08e04c15e09db92301d838c4cecca1f00d86fb0630cb09fa85879ad8bbfd9c697eb841a3d2d6bc8655935baf9ce589101bc60b64f9c1f5983a36c465c2a4355e02bce7b70a3c75f8edbf49cae679ba817ae89df9fb9366355eca0daef771fcd49501ac56265865c11e01c25edefe95d08843ea6a8400b98e398d6f754e9b23c9ac729b9c384ee6cba71cb277da2fdce5aaeedf562be6f31f71135db3aaf2b306f34da7a7a2c9acaf498100f8cbd0b4a2bcf33ef12f3079aa08df63672feeb0446195086e3b999224c57cb4a28631f7b1f0508958f34e27a7c8d03871feabc613cebeed49a95da9023da3acf7a533bdf3d5a5a1df44cea4d5fd600eaa741f240ef45db24896cdb544e0842acc127676a16656245acafb2789e0bae2d2d5850fbcaa564fba0f94575963f5e69cd89c1b8b7d7ee436cb76cefe635b0f87be783477f1a97faa03e11d9b517442c2b50d5997f67522cb247167484af129e317484f6c7eac3b064e6eca8599f0d55fc290743eb86c584f27bab39280d72b533f8bec92fec37408787242780c14a822e7ab5b55d1fb7c7fc83effeac99ab8f07b5feffcb664994aed0506f04e6098601ae32db0d4c51b1a68ac53b689f20834930f503df6fb8ac269131c24f64349a4ba77a5c1495d64ffd2c3395d7a796e72ec737ec993621ad10f96f3f093314899d54ed7d8bb10be31bc5432d4072834ed9ee9852a973fae381fe9a55cf608c827fca2ba057510c547a3b7f71a7f92bc465adbc24e4454833d673cce8cc79bd3460951a95e52821cfb831691c374e19f5a6c46a12623d8add0b609300f1a476f4cea32ec4f952e73edb067ddceb35fadd8b08ead6277438b0268dd95692183b5f8b0b8385df379b36cd15868500c33c9915d5efaf3f6fa0f2b26e3410826dc87c739c89b085809286eca6e0b7daed07a6bc71d0a5e12b8b387bc3d37eda913659f6935e169e4545d94de543a64bb5c0e90d217b8c2b2801b4173ce6d72b84c50e63328e0d880e1650ec222a256b166b9983fdd405234e4fa9c4eb98ee0792cf049a2c85928b773b946b702b66503f1e4f28b8954cb2662b760fb68037c55072100bd528b411ed631de699894ae3c5a6ff816ade61b9a7e7f01e035dcbc9633344378528db39ecdad768c8ee3975cff0cd2f1cf64781c3fccc6592d18cf6620d8448d2a3977ccc5b7f29e5bde2d6f29f2e36b0f40e1ad48760abb65abbd52dd2cbf4e272f13b99b9d56fd9066762403558b7ebf74e2b34334c20028b2cc45f3cfa12e78ea7771da30daa1f4e2a563356445406d3f8db1d8b42b4fe8095cf2f0932f7920b401d33484d7f9238582dfd3f77ce7b9a25f16205aac03a9d9d35591bbd1204655702e0bd043fc2661ee49e39f8f721fbbde9cf5eade81059bae6b5988a0449a33114db164c2db4da4587b321d6ca991c50f8c51bea64bbdf305c59c52ffd6b93a2891417d200c4e1f8d6e5d3cb4100d8f823da8989bf186bc8af186fe2a6fbb6e3078fe7d52c51993573605a621b6f61c2016b99ebd0d807e77c8a599e220c9a81f88da71881a8c0120f79b0d772e1355d1b77bfed7dc44b8d5363850ee852514b6f1728f1ac2b3802b500e23869a117573683cd90592cc1c2d11f8495fdc271ec665d03fb8d992eb26ade44d3ce8cf9f0e501faae7e4d104fcecd3814f782cbcd4bb25c564922cb6bcbc9fc944bd26832c445e37ecb58e8da60594cca7351f1696d9c98d2b046cf9e5071e2218301a394b6a3d36f6273d2e87cbd1abd8580d2713e8c463b44c8c82497fe5c44fbe4ff846ca013820ff123b4e6ce1d286a18afbaa63eae69dfa8622ae61d42c24168e7ceca9ad83f0ee7ac1d7d9bf446fddf0e61063a2b75bbe93dc6df1aa1f3d08b00da315739bcc0c54f90d84274e49e90f1ed494cfff56c0c4e58269ac98246c7594cf82403b6cf11d085628199bcbc9ba5573a7e859676f70f3f42fa630679b6c40af3471746f509e6f165f84529bd828c5144115b366937664792d1eca3a2f409f3b06319699e5f26152478629db6721466cd308114942c3ff7326dfb6ed5fb90e6a1d323081ca3eea0999e85e186bed393cc8e1b5357d1c04b1aa5b204a67aa02cad90d8c8d54b7383ed8d6c050911a92ab269b18d8ea09e392bc3016ec45989bd8eb9defb29c56e9743a13143d707250cc7b4ed8314485941a21635eb94044ea11cbbd96e946d459783f1ca54d6b6bffaaf779f0801650680bbb784eb68e98cf82054d813860594147c77a4b64d83bc25b547a35761ab0ac753fa193f8dbaf1faa2552754a14b3c9ab1ebcab6edea69e2610ff6047bb11aa76b465ceabd9593d921c40844bed2cfbe47b2dd0a0220a9db9adb2c33988e3f5a61c06a50892f448dbcddfd3c1e612ee2c1fc600ea03d860271578bab125e61359ed55fd58eebcf3fde7d1dfed8efa9835ac76cd3c12737000dcac4cf2344a6a3a18bd6ef92ae061a178a1e747029a4916a9f4bafc718571679a18c5651f3fdee6232613a9203129e3cad183fca9ef06cf653e7f8f19026d56feb10282df5313a5130457d264f49f942bb23b8dc0d22c9aafee0a93d956dac3db", 0x1000, 0x5}, {&(0x7f00000018c0)="976235d668a5b66ae82e6f17be45d734dc6750a7c4b6abb8466802cdc5e2a3c12d8cca09b3d0818d5c8d9b348955fe185612273582d65a82950bf070d136622b7f4be0c1fd5a9248d394f04fc17de98435f9d5ab9cbf69a035d39b42deca9aec8f", 0x61, 0x40}, {&(0x7f0000001940)="7ecf8d82f179cd6a4f8f18b0c8ddabcd369385cc9458d9b7eb6d6098a7e26750e5acce2e3c3b738920c71344309be641394f5d81efc8dbdddd69a95322a471511b9d90a461c9be6a59", 0x49}, {&(0x7f0000002e00)="077abe66137734732fea3d10c0779931b2ab578192256d4d017acb679dfcecdb1ac6bfa9622cae1c2bde48276c8a882e33ccc1c95dac8e721cc2bf9d306776e0e7b8aac583d6f5cf38713ddb20b3d167e53c538e7e923758b3c7f0fb50dd0601065a21a1d89364f253963f5f8e9755361b9f24ae57ded441ca3b7c039dfddb35bfe0ba1d6f207bb4cb67796de725402cf536442baea24725984c2cfc058ac1c414079f2988a5fc84af64436b426feeb60cfc9b20126266dbff4314138c022d62bf98803af8301a61622a3e385bee2f20184a474f77b3148425c913febfb8e2c898a1be79a4f1a04135f92050d64cdb6a8d277c58666bf6ac7e0074470dd057358ba481864a7dcf6473eb3b6acbc2828aedee8dac93323d355e33c29e38d6f054e2d7916adb7f7a6ba6ef36be6585ceccc9a9c058de0fa27c593d52b9284936d52168172b04766afd6b46a3203fa9085d27ea52f3db2dcbb0cca9f7af43bbcc97cc057c3174a2b84a01d3f819de1aae89fdb04927713dd1e4826c98acb58d4857b9faf237546ae22c142e2f1b98c8af17c37fb2e6b81f0e8648a5be5331c27d28c84a76fe8c46047dfb00f1e367edb931dcd34c765e640c4d2c741aef2388d8f084d1de3ee13fee30e5b21496a0e890c89748ee7e534e434296e50098baf0fa2091e980a97af7fef4462223a646924cd317591ea7fedaea76edd1b88af10b1f77ad6bf11744f6056185cf3122fa3a19d6041927720018e81ef38c9c04477690b81e73ba22046cea28a2bfcb6981a026d500b105cea64e089a32b934675a4cc7071c262ab020baec80e60391755e999a5272b20c78f4c3e0c4448d3698c2f7d510d8e550666a10a1fa9a09bab726dcec7f4224870e56e1f0b9c4cc3a9616cbf6c950bd59ac53205afcc2cb9405363ebb7c247bc450e4e3ddfeefd3cb5f820ea897d06d4436bdaeee47f88680df07032963651bd9f590c39eb744ecfc41c16deebf8cfd74250ac2575fe36bd3a88779bff38fa880351cb681b86b61b6b1937c1d4fa851665e9fcf030eaa1053e7befa1cef56d6142f4cc21c9741731f2931085761dab783a64cfa5f9ada313dfaf9dfc22b73488c0479abd105a59ae3bd25279cd96e85531fa31b794b4832c4f7f27797a80265c232d518f110f1b6bd8a216369be76be2aaabf47903e94530a0ab336b7542e987f911b16666a815b4a9e46b5cf26f6f33857f5c42754b080f7015b4582c3fe6592e499a846002d5ca7f38d1730cf57d48f628ed14c96a9fb8ba01be497bf72111638bcf69cb33a1584bc4e6c13dce43ba6c8c64ee0484592f40b098b6cd08122612064885ebbf0ef35c39bd49af669e24c4d98490e9f8b3d05da5c6ff7ec70d624e563dca6d9cc7c178936cfd078ed82dfd5a0ffe295e69a7d4e794394e1cf5a371f7dae554cb3696484aa3c23e43acdd4a075503f189832578616ea3a3335272de10a59488b0ef4206083d1d046fd52876e4367dbb6b8b93184a6b6ef33225c03a76ee65d103049ca7fe8ed972891830e3c2ad40d3733155c041d6d37801894662885aabd7d104dddfb16d3ad64c020afc4872178ec39b37e45d9608bd43f1d663970dde21be04c853e77ebfda036b988965083d0e9bff9c52894b4ec31805da236b1976b7f4fdd62e5ece3ecb3e69dc136f3a87683b7cc8be256e9bf868ff1b49b8ca71325d57b2bb703df9c44b5d289cc310583f9c4aba75ca08754dd1bf0f1a32f8802d36cc6d31ca5533847aaca837705bdd869a460814ec7f24cf5f3b1d2c3b87dfdd169b2fa005d22da644e1490f4cd6cf54dd334486c87d49f890013c2656414088404947418f405a9c631a94c38a361b92cf7e29da7da43c460ef7e88a324c42047186e6bc500c405988489baa37672f508208431897905dceefea6b35afe466b4eab523e8d0d75cf11379b3bb323e54497ae4d48d7dad9ff21ac4c24296f58261d861d71a46c7539fa59933d0954ea292b4da54478b60e940005f8ec5daf4194c19f7d84e78cfd7363f0aa07627d42d500d259e8161ba3371b4b652edd4d5a12f8df026ad197250fb57ac749a95fb3fbc3a6cd7d86fc85a29aaa47b623747706b0566c9f3473d057abb1aa537f747c1eaccef766ef003d13ab58c0023f6da271137e281dd0bbdbcf30319a7a991299c643645dbe038bc9f25c86af34f57d2c27e63d08f8e34122ca096b4c615aae73b394c10a6fd087ebf21a9c558faf14493b85a80f6cd377abbcb2e2ce5329a2065a07e195bde50894a5d4f2bca83851cbbea8718408dbc59dea16bbd34729ab3e5f038002d9557747a90438657c460c6b71538bcfaecba8ab20fc7434ba68914b0fdfd7b8a1175a5ca95c575c3aabefb2fa597418242d654d37268414351632bc79c7d7fb81a154c37e8bf856d38d0c3bbfe54daf55ffe9c907f83bfb2ab5fec5464cac5d47443123f94fd3e000b98742cedc102b0cf572fa25d85432de06a74461c6aa1c9533e96002d70854e00516e0fb6e8a31dd52d2edf0f94819f7f6e7e42628df090b73b97a615e22e536064025be9cbf8f15c1e2270ea82e107b66fa0026ec91e465986b95ffe5fa5cef90e3b1461f5a94261524c0329ce420cd956decb2e0e62a5d33c5c4a0af64b5920ca7a0d8c3badc951b07e3f8f3e883b076a4461991ddbaf08faf6426ea2a7d38ab3db4c36397f41acd5b210edaae859d20a8c59768362977880f6d0b0f7bfdd7de2cb192274d427da2dc60f42ee51200b01de5ba1bdea6a19e32413b36cc376f345d9d0b241916898f1624d5b527330af77251d26e3295862fd8e9ebb4446024990e25e2cd6a1d01b3ba6b1d52e211ea54a3b06d1c8155a4c20406fa2ad141908d483b0600432e0322305dc3f28210b65e47ece0cdc87247f9f60a083c5f77f74450fadd052a4adba298c930dc256b8e95ba3be965693c16124684c2b9f0e533efde01b17c593019d969c240b1904ddb630d015d1517c1832752376c8a5de75f3b38de00310803fb180f95f4d14ade4ea4a56de33c2179df21e5fa407fa31d782da2cb2c579ad59d31b17a6e92368bd8e61ff049846d06c5a2b84d3baa303d34b16ae34a4077a2fcef33cb20eddece267ae586b974bc0b2886378134e7ea8e4a517cdc8d2c9fe681663b1d58f70913601a73bca18c26f36b00d6c0290d1ba47a1663e3a45e3ee1612fdaf9e55fe8fec8b5e51d04b9860b355b1063c774af1cbcda079e0ae234a58309103b2c7e3e0757c34ac202ddfbc5d058e6aee9bc49569dc39907d12d7d1d7231c2fe024337892df50997478962728e0cc6921804bc262416d78918f9907531880c6c5d17ecceecda343fc75b98ee6402396b9949067053f2430870e846f51456144231b5a454dd47205e07df3b1477b59371f316b680e48fca640aa2cc363ac249f3a26e901f84732ec8b8be3bff6d09c7b16068ee261cbb986510a419931cea63ebea1fcbfed3a29e1dc3316bd4d5c2b3d37b84a370dacd1bbd4a74505126306a2f751d6b9a04ee98966d6be6907631cb6107827541bf9ecf361f388041c0c622e49ad792b9c422dbfa4bda88b569709de608615cc0ddf567774452fc03ad11bb0492ad86afcddabfc2b9e888d544b64b4b71f9b6ad3bb56055e71cf48554e77cbb6410f0534d10146c7604c3044d4a1aaeb246a45c233c1bec65b1a764254877e3e4fb15a77bc8c745a5994f3538358f06962f587d5c34153a3f0b899b119560fd5d1b59bccf9bde24d6385a8eee0a601c7e902c9c982e42fe64322a16b70f7ec34d198245169fcab3c974dfe24881470cad9254c40e6275df4511ef55d8d6cb0763f0b6ca8929bdf57a28659dba6e21cf7647062a390b809f4ecc3566ede557a8a5c562f2157f3bfffa6bed30720c2aaaaf193be4c8a7bac4ed074084c228ac39f43d0e4d28de8f18ba8d3f46e379145e8fca15c76b2f05263bc37c84a59c3bbdd4e72f833bc37b21ec015d248ae493f0ec7c3bd0014ab64dee58cf0a3b7fd3a4437b0d16c8ae7201e10e0f5f862ba7a6c980b56a69b0f4b9cbb4e524332743000d9b456c11085920a6ebbddcc036ac3f589418d1818266d228d93fd23e4870bb85d536b040a6f718183bd05af3f74449b9a771f78068a3b0515455cdbfb109635fb61a5a91a2c68987c7a4b9237da297c80a3fa65cee28e2ac5aea106b55eda4239961409e43a13c3bdd005358124165506a6109bdcd312dddc11d79f3ceb053841b9be4715a6a887f8ae0ac1b81564abf5c464781dfe445a2c6a228f2bc00cd194038bf58f77073832907ad8d89da0ca1e3642a09c044a0bcd3205b314664fe7d5ac8e869094cc958a69852475870b64177570a505680c6953c528455f414080e571740bf99e023b8d5e9453c07e1da26b8bcccb598e4923a624fcf26a80f417d5b397a8c45ab3f94536a4e94d10e4c616a5c226179809e72a3ef6aed7b3a3eecde43e5ab40441fbbb1ae83888a94e2b53b837266a0fcde340cc0254170b2a95aa9fabf0794d519b41558a217d95fbca904123e96ad8f2c3b2f2bca029b608692ddb1bb6f2434cd7cfc8f2245fb5b84d47c16bd75b47de148c57911e9b80f9f81aa2730a59bf20865384f0c8454ea2fe3b1b73312b358cebba9a197bc9a44a36341a15ce64c92adb981a9eba939c8ad5f6d044622cdd6b584727ee08459913dfc58aeed53c6b6bfc82271dbca5215db45848502f3eaa99b968d0d86379e01157ca46a6c8a8c567b31826dc5917f9ec4214a3be0e77a5dcd2bf859ab6de840d5183505e5ab44b19f1f7aa932493a069f0c9223a4a9926ce60311d80febd08ee23390ed97e6dd9a6c9fd0c87a4f816c26bb28af442f628d33788abbea025b2ed75ec2524c20d8a2ddec436c4650e8167b290f13646ffb4ea0ce9a398cca5bda6d57ef702447efcd3618f80beb00aedab81aaaaf323ed5f65ca6bccece6ab6b6e05a0a2d57646ccd961d181f6d092d01c947f3a1a799484b435cbb050fbd8db74ae5fe0b49d6d93de0965f62c5155e310daea3e8fe4b0f2f3f08a492154097deeb47c1ada389c40a119385c6d6f2c6bee1a75d616bbb85f49480e69c64a97aa59af6e069f75d5e732825773929078ee9c072c3ebeb4c6ed1f842d4aa5f81914cb804590a93d757ede0f732a6e73547f4e2b87c5f0fa5efe46d733fd6da79ad3984f9d57b8daef55bc48d9b641f685c87cf598b9a3ded67a32fa9f2551d6e64897b7ed2696fde1085460861d0f8f1e435558f1a8f07e5056add403b1393ef602a94d76389a0aa1a3be2f438e8ce5dd8a83bd7b312d29dc78e40d90763f9673bedc7975e905b7383f4b20d553f5658ff996c1cde7d93f8604a01a3dd3d60ddbcd65c7341b2a83c6e620059b45d1de91c4a614ef73ca1f66505790fc12a646075e4c4ea5f5f57227fdcab3b97c6d8109c1cb2685e7f225807a652d70c97af8e0266408cce8e0707ad8d5accd0f220b894aa894bad147babb52c2ed1c70ef5c34b324d011320d237de1c8b79ecbf54994a3eac2509a02c60ad0d725375122a40c685f13a666ab2d65bafac90e41ba02d8f887e097fd86f785890f2519a219bbd69720373c3f725ca44e2d5b216b8e69c0d28abc5b9b250e93bddb13f620d3de031b94e8a95ff3a4b96a48a58e96e5ccef6ff3627fb08333216013ef3cc48d49febbadbccc44bf8b038342e10a182b37ad462a8f046a3bfbd01b66d3cc93f42b286d7f72e6e2b9d6c9a3e374510248e49f338ff6b87a622a48a0f309a92412879c389a150bf", 0x1000, 0x200}, {&(0x7f00000019c0)="2b133b2eff6e9a929d2c19db83670965318ec77c77bd95b5e38e259ec36bf679a0dc90ccad332d76275053f1ea15d2e0b0ae70de8f8856f6eb55e896c28e348c2353f559e0f0e9126be1661d242f0c0100ec7835856dd3ac2af16bbfa0f7194b05f1ffa82d4e9cd12538caef2f932c48c41bd2297f5f727635cdec80b6698bc3282aa72ae4c75faf43939b3c25aa5d763a77e9c52d05d04d89a8d71cd4e4e54a4285d51472cae9a5a52a300418", 0xad, 0xff}, {&(0x7f0000000440)="a289b7288edb8eda57ebb030", 0xc, 0x9}], 0x20, &(0x7f0000001c40)={[{'\x00'}, {}, {'\x00'}, {')G'}], [{@mask={'mask', 0x3d, '^MAY_APPEND'}}, {@smackfsroot={'smackfsroot', 0x3d, '\x00'}}, {@fowner_lt={'fowner<', 0xee01}}, {@euid_eq}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}]})
syz_io_uring_submit(r3, r2, &(0x7f0000001a80)=@IORING_OP_CLOSE={0x13, 0x5, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x333e)
ioctl$INCFS_IOC_FILL_BLOCKS(r7, 0x80106720, &(0x7f0000001640)={0x4, &(0x7f0000000240)=[{0x5, 0x7a, &(0x7f0000000140)="4fc3f428a1e053e54bd471b529b8b68295ffdfab6a6b142ffc0b5b16e33836c6b23129f80bcd395b12fcfe77fef55970b78ef60fd2f2b4efd7f32734b83ef4429a44112d0c2b50e24e4ee658c7e514e467b91e2757c8026d417b9735265d96e5bb05346e9aead3fb112fdee0039b5449cc1ecab8e735bdecc292", 0x1, 0x1}, {0x1, 0x1000, &(0x7f0000000480)="4821c6282717e180d0b2d8fe81dc9228d61f6981dd58c4cde8b07e2a24e82eff4965a1e944dc229ad515a528853f0a915756fca244f459db64fccac508dff7f9b2b477c497e6190089e789c21161878dca2871030ef1764b12fe2ab88add877936b6bc416cc728dbfefea1cde219c2e029a618a4294867c0028715f5c023ec57f1e0f4b17017913461b56c4dafacd3c84581b50c42935281bcd83ba66040a2cf022e3e396c370fb7636bd08028b61d22139f64537af9e50c508c1c9b25eac4034e286b06a187b216b32f6b7c004a71e72cd6245724a6e1c4eb0652dca14c93e41f97ad7f153a2db807b6c2bc6fab6448667728b12845e22da7780d7faa36cbeb54d6f6fc574f51355396e3929f35d1730e772b8c14117a57f635bee04dc2b1645bcf1b42637a417632fe1b54ec835a6ec1547810fa784fef41a7c581466a95029dc510cd98281f1110d31b2afe7666e2a329b626786953766be0cf99ac7bc3cc93caf2cddce8e039e9fbd7a3b845857d60f629695dcb2452c5a22eaedce1c32956c2c397fe60f45c87759feaa48841f8ac29971673d1ac85a3a0a5f39b4d45c0e8cbfb285829f36db7952a48d0c541ad1cc2d2f172fb11477fff5c99c0314104ebf072be89e0ae9e7972cbc722668e062b85e1de781cd7760bdcd14ccfe6964559e2ffdd0da73be0a39670bdf0d1499f40357ae5b6dcec5fe1ffc18ff5cabd6147de751e0b99fc7124b74a0034990ebf13898f35f09ae9964681a30fe281842059663f10a0f87833761d8c87e2bb032dfc90f679d9483547aaa1990527e8948a4ca258136444446db9f98efa3e322c2816e78ce995426bb855230bbc2d4697ae046952dd3d59ea232943de51753fa49aebfc4bcf26a1b5c9e96826fb8be644cfe301e06d458065fa686bcab3eee7721a7f5365078c573b5859523aa8c99c82f3ac23ee2efd8cd1356d2d62b65523db0fe85acf0a19ce74056ce14eb526573e7763d8033fb89ad7104621cd3eb283116aaa03959b07f1a0b1268f678beb0ebd80e7203752f60a51382b772a80f8a3aedbc70eef41705f28f8b9df3cd1fd93a04ccd7e6fe71dc59350cab280e94512edd000ab31ef17f0a54dfd405270ebf89d5de77f8f31bda2b19dc5b2fea35a5468b1f67dbe64b782bd6339c8fa2dd3769f23c4aa0f0cb307003cfd6c5d08b08c30fb01755380594772ebe5c77939310a1e80fe0de3e439e677bf4e39b5aaf2ffb9a5262ff566eeb7b1e058e8232c1427a4ff69073fae4a6817e8c805bc137ee65506245c12dbe5946fa7a12dec111d83e910e09021fd30ab694c2c747d391e307e251d6249669851033c153cc70f3218ef6edada27abf2fa075e01438506faabd59e6e8d41610adced9db274cfa92076ac682d6e9a94fcfc4e2826c5790c132c0769aa7e37aa23a28ff4d8d06ac5ce3d6397a7c337476a63cde08de3280c973f40bc0ea070e1e32e0c134f264b411b8717d8c1736abbd0c58f1fc0c80874d67affc9e2c95d074d9419bc7997fece89f09ac194f65acb0bf36261f9aa86ebfe1d16df593f90c6e8a066e23cbffc52d36ded78d976935f1956b896a230c7add33fc9320a8d42d37f227cbd41f149972b771f130c6540965f67eb27fee56f06e71755a08f608018f67fafc289610ae4fb1370a2a87c70761f2a0128a130272a434aab00f76d79b6409b63bf6f3831aa80b6de838f6f4087bf83752d7ff48d3d4ed7b2db6b25aa4e4da8c4f1c6273e10ed3f7bb8a04efb86e170d755097d28bd9093912cbc937527ec3755a77b616e43a89520b38d98ad3437f5d8fd223b87c0e9a94d4bf176cd5015df683ac2db994e63d5b7a49511df287cba3f52341c65fec52df2c2db560f72ac7177b5ae2753f38394fbe6ea191c54129fcd4434a318f67138cc61d08337cb2a34eb1c41367b847e9f69e35ec826ad8b7cf03094bda94265c03eee230b66ab50bea4b5d7f5a1b3a6709cb1b199beff7630c042703f95a3eb94281591cac9f7181dcb25f0f813437c863b194a9f6c341ff6bcad2fe66abb702c0e7117fbfdc9be9116e7f01b6a583461cbaa0dda51b29db75bb2f824e223aa395c05b284d62f3f7163ce15a320a164f2d61ce3aad3f4b665908cf6833abdf74245a014b229e11b50187883f58e46407aa371bcdd90a6d25584811cf89a8d7326bb3d16d6fe46863b32ee39e94ab9d8d81827261922c04b1d3d6a7e47e294fa38742532d773ea056958f1c703c6867471961f3076eb0b6efb9a9d7b283367208bfda56521c43ff6a293a6159f69e634d5cf732407cba22ef8147800694312c3bf5b7783cea90adc988f4057e0ffc4c97c99ff628ec63671dfde647edf6a772da53a7f7b0fa10c938fec39da6e0d1f938556bd0ceb96d5ea7b7fc4cf77e3116092669459da6555d585d8f96c2b393d295ea4e8e8ab5b16207628b818b8c83d98fe93d5374faed1d51a759ca441bc0e9bc94d686af21b36962a9961b384a908b9b993667d64c2ca74662719ee006736d067e4ed1c8529490b1c79b9a8ab20d291ec7a9ade3694d0413614f3b94da31a4352a94aad575ebec9fb68b2e2c72699908bb4834dd06770690f0e0491bc58cfd375f115742d5d545bdcbf616ff0c15619059e52b2a69dd743c3a215ffea6bdbfd403e8b3d1356fc34ce9fb6e19c5f52908220c1e9f258e0819732d65499b7a7e87b63f18963f725c41bebc35dbddec4f1bb3e7556710073a7e8948d8bd2d3ee0b288c24999763b3ab61d420ddf2657f5760e7274043b6c109d597c0fb4bfb62b1c976c45c8088f1d1c6b66db6156e9efe674cc8f44f57abd5c42cffaeb96b6fae35af456ff64f2501955de5dc3ae5a8a3c4dfde3334ea345362508a5ac6c7268ef4d3de06e998e1c13113560059bcd862dfd9fce91a4ee8da210469d4130355345c96877530e932889de90d179c714d54a0575ccf83869d2f2dc97d5502688b8c67a8972d21c51ed5f99b0587cc7a4f11181606c89e0e78a573554257fe3702d0bd775a30434c702cc745bf0d9977df02b97e55623c59dc3766bcd89f2c56372ba8aa47da0cb3a3febf01b01d362db1df5da195c8fc4dfd8f1d0db3c72343533587db6feb417d6e6e41860fb5bf39f47909cef1455dd759553f07e9bf47d9995427d30c2e0be6e5b91e4e98293e5ebf210c41fa92068a648a61070e4eb5d9381b9767ae56bb85c88ab328aade18319915e8b52b541103e3b5eecf3753e959792ef981ebcac909d4afd22720013ed828b8f5892db96c3f6e679a2a80823997e53606c8c2a844306f5e03da1c219d509c54c832ced72401bf4dfd398d4fd3aa0d16a108c24feab91dc8c98e7c02fe0b22451fcd25fbefeb3a85fc138906ef024bb6f606338bf2e719951e2cfeed77d0c8ee4a585591c5148ea741bbfe0cb0b4bb31ac032bacc0fa23d7a0189ea0c5c5e7c3df2bf718417c1cb20dc3936d75050027d17315c32651a9da4e7e7ca3897a5d59d4da8e158918c032115785f9219b3735b8940c049b590b28f4f5e8861e99691c75e9bdfe87ec687cecf4a231e1e5473a85fdca5d8a2c4f7f762464cb2d7acbf4590dbe20562f2db01e40b47db1063cc2a10d4ec2b7c4af44890ead2ab869b1d91520c22f818a13aa4792226bfda089f12fb9e6ad415d10351d07e195f1d7954c83cebc11ffef05338a0288d68c0cffd2030da2c427490355aae215c7347b4dd1f6803cf7391e0d7f1853e942ca249a1718fdd30f94d1ac6b985313e3c2c7642a90f2ef4ddadac23b99880111f1cd052585d2cd867af79d2b904ed29b7efd095b8908d2ae335d2a50a01d6ea10950524e6b765918dd6052154e124b5fe8c416193ed83cb3d19ef61c2f91d57bdb8b4a1ad02f0ad261fa458877d0641f71009df0b30df6485e789172e4cd9515dc56c511c6bcc3c9b12beb277d9d12d95e93c5a5db1bc6c7ab87bb6c8c29ec870f80b053cfc9f8ff9dc59d6e362ef674b7a68046909352ac99111aef4b73cef50352bdd9ac214fce16664431f8dfbc61cabcc19633294cec37a5e8713c2c56976f29f22db432247796c77ab95c35e0a1072622e8872f61b3c80afff124e136ff21aea94753e24a05000ecee0a63855271bf2dd8fa046b63f4e0238469619d64c7aa7fe6bf2529b347d4939c515b6a99e628e21cd5853aaf2883a449a641d9ea6468b14ab644c58bc685126f4df1d206cac2b96711c9072490418e54e28d8183a62337b0d2071632e9bea3415492d7e4d4ba37a957226c0cfe7efa1864376dd15d32c324af4debab743814f318b836e5bdbc41aa43dbed40546ceddf8eb110b88de5fbb9718f1deec1854610aea09cd75026cda842d5ede82185ef8afc5bb28170feedb38da9c97ee05a5390fe534f9ed8e6c6e32c26a20d7bb7ee230269b119d4711f74794fd87d61987255e96a0f883123a1d4c3a72527ba6c37898fa11b292a844e8c3f5d6f11877774f8900d20cef68d287bf671511cb9014b91673c9a452c7a4e40d4886f3f79d5f37564e78aec7230ff48139af639a24837dc4c79e8c36ab616025dbfa18d13b8b8fef7d7ae5d322935d0b2ba04391db75d13e47c85fea914643af6ff0a0061bb0837ea23cbbda02c75e0bff0fbe3e095d25ce9d4a3e701a51c9ff6840ad3bc7841a31d516115c13dd88bc53c68dee156ed2ef4ff92577ab2d12851b97d7b26598e42b0a3670f34cf579f96f54a5af8b0f71909bc084a8004c86abb33731407d5ee76f802ada9917addf8e46d1e5f56697181edd7a49d644547e35ee8534d102a6a660cd387470310db6d3625ac5335dd4f3b28882280704c28eed153372f0414432afc7f1856938288a785648828a2992669bfccfc70f4125ab34e0b7e32831d445b1f62f2b6e0e893a173695732b9d86d17483a4101ef1163da8b35e26fa629e3ddaf9a83f945ccd4ae8543dade0db3b7cb4d1b4790681ccdbb0ed75a644a0aa5678779cf07bdc6ed6e4f52530ee0953f71a97798835810032505d9a443b8842233b8447e9a0fe3b1f2152123235750c1f7f4f73bd57e72889ec08ab83f63f3b62b10c6f66d2a3429e2f168de0dbca4ae70d032271d326c802996ad383409abf24babe1a0dd04b7be2f9d27407182f1ee42ae65d40aec64af7d36d01892877b5c8a4a24bd5249a5ef9bbf3c38b7aa0df9f9171d8c053d0eca4cfc44146de87bfdfddbb55f72a74de46bb4cf4b68b4f39f4f86aef08945813616515ee36883063a14bcff6bc567baf586e9e008e9fa714046b4d07cd727f05d1cf15be6c8cb2c2e567147b2722590e62781b06d9cdbedb3737ebac3ae8d8459140bf455624582bc47d86dda3e2d9098c43c5ff41365859c0c9411beeb720c07b1f6ae81dce4d41aa46934541ac4475826bffc13568bf0506ebd9117d94025f60fa1b6be46ec005fb9cfa3546e0eb4433b48d4b3d5f6c107aa97a6c59f719e6f10d1fb694fb8c4dc88a49befc739a84d302a928118d9ec08dc205fd8a2721157a4a397fafce9c4a50ba41f8b9538c4e064a99fbef9e9649a5189dc7c28151ade41453ca75f013840ba9c7e2cc0d4949e5142369f0d1edf94f7a9d40fdf877fb8afaf27d3433e936a974224588204137a2a737fae49d1f48817ec619cc01aaf9e546f4d2d290464d75d2a3c277fe7f36d93329daf1ca61a5756dea3d822be4e7fc78ab8df61b11f08afe287016731163bde88841d080b7bec6c04c4eece508853d6dfaa927730b9e0bb6f86c89fd415ad8b2b4de14bb541fb52deaa36432c2821e35c926bb"}, {0x5, 0xc8, &(0x7f0000001480)="4bc0a93db9cd51733bc8adc7f4202a3490dd09c288f1466ae83666efcae63350a49d4f84685f03d1f47e74ccd5319ded6499d0c1fc1209ee9e88624136cd5d6bb425dbbbcaa02efe50a17b153b0ff61df12fd9f9fbb287049a65c3f0dcfaa233a63f3bfb910fcc38b5f3d54ce34fe7a7a98b9112b30e95aa10497359f45c6efa956452ce608fd262f44e6a390a10a9c0235b52e8ec24ca9b3e675fa4b5d80a7f4d7370e5dee7ab641647ea24059d746fb87989408330c2e167f70a2ba2486c6218465405e8f5ed31"}, {0x200, 0xa5, &(0x7f0000001580)="679560f3dc6d8849ce88100958bec6df0903122aed71206ac77e3986c9a912c6bd4124fa393ba3f379733e34cbadce027e1ff48d07fa8deda3eb6dba40aaf45614d1390aba206c6ae836c98bca0d352208f7e20e35cf511ef2defacafba5447d39f4f638d5f2d256249fd7add5248783a0e8c33c513841d9742ad758c4d574de3ce6afcac95b337c5d4054a3761fe1fcb34cb4fefcb0372f338d0385dbcec9ac5077a84e8c", 0x0, 0x1}]})
pidfd_open(r6, 0x0)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x4, 0x81, 0x5, 0x2, 0x0, 0x3ff, 0x80, 0x8, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3aac9545, 0x2, @perf_config_ext={0x2, 0x100000001}, 0x2000, 0x205, 0x8d8, 0x2, 0x1, 0x9, 0x3ff, 0x0, 0xffffffff, 0x0, 0x4}, r6, 0x1, 0xffffffffffffffff, 0x1)

[ 2797.166396] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
14:01:46 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d37c)

14:01:46 executing program 2:
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:01:46 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:01:46 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:01:46 executing program 7:
chdir(&(0x7f0000000040)='./file0\x00')
r0 = syz_mount_image$nfs(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x8001, 0x1, &(0x7f0000000180)=[{&(0x7f00000002c0)="6eddbe3155db040369167480ad01379ac11b4776ff9a09723540b86fc0b56635eb63b9776ae3a305f098cf4859b281d1e571717382349f06d234e63af2ee57a6de5115efceeffc1a06ee5d4a94cae01ec3d441372988b4b2ed0a65b184f38aee64aec5ef098987764b8724f11568374a77977df80945365f9e9a9b274045eebf1708210ee69d727295faff8bdc1c4e80b4e63004d72ca43f1035787416a200a1670976fb9e10fac78467ab64fac58cde", 0xb0, 0x1}], 0x1300008, &(0x7f0000000880)=ANY=[@ANYBLOB="3d6ddf3236ed6fbf444fd77099842c5e2d2d5d2b5d2c2c65787434002c61707072616573652c66756e633d504f4c49803f0000000000002c61707072616973655f747970653d696d617369672c6d61736bf4c570a024b22d7054452c007e22d3ebd7fce3a2f23885a731db26b409eccaa69e6b73ac361e645b05d3a960d4d32eb429c5d105cbe1355c974e3b977fa5aff84f2b191766d858188bc7c738c812b2b603ac926867c4cf751742cfe0a115bd937440f12690654a7755aed39d51a26919098d52c461f84510d0f5749f6f497e1c18218d492ba4f48327d8cc72f7e710f4b7f1c73924067f0ac471ddc8b9cabf3dd073a6d769f2e6cde3759fc939fbb645ff130853db5a095352ac5a9a03dd9dcb79502d1e72e179688b712b14af09d29ce8625f7ed19bb6b22532eb5a4f5a184923668e818e04397730f444bdbb80a4f15ff8c77b83f271cd7978f5e4a303cd7acb4a146d0bb5544339743702200abff39e749fb5499f8fafb9b6424f465c22a2b1c54cbdca00000000000000"])
creat(&(0x7f0000000440)='./file0\x00', 0x1)
r1 = signalfd4(r0, &(0x7f0000000480)={[0x8]}, 0x8, 0x1000)
execveat(r1, &(0x7f00000004c0)='./file1\x00', &(0x7f0000000540)=[&(0x7f0000000500)='func'], &(0x7f00000005c0)=[&(0x7f0000000580)='appraise_type=imasig', &(0x7f0000000000)='[\x00', &(0x7f0000000600)='func', &(0x7f0000000640)='appraise', &(0x7f0000000100)='\xae#$]\xba\\\x00', &(0x7f00000001c0)='.,\xce.\a\x00\x00\x00\x00\x00\x00\x00[%@]\x00', &(0x7f0000000380)='{{$\x00', &(0x7f00000003c0)='#*\x00'], 0x1000)
openat(r0, &(0x7f0000000400)='./file0\x00', 0x610000, 0xf85dbfd98b1da648)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r4, &(0x7f0000000240)="01", 0x1)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}})
openat(r5, &(0x7f0000000740)='./file0\x00', 0x80000, 0x4)
r7 = openat(0xffffffffffffff9c, &(0x7f00000006c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r7, 0xffff)
setxattr$trusted_overlay_redirect(&(0x7f0000000680)='\x00', &(0x7f00000007c0), &(0x7f0000000800)='./file1\x00', 0x8, 0x3)
openat(r1, &(0x7f0000000700)='./file1\x00', 0x402, 0xdcb0d7ea4bbf799b)
sendfile(r2, r3, 0x0, 0x20d315)

[ 2797.321620] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 2797.366369] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
14:01:46 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:01:46 executing program 2:
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:01:46 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(0xffffffffffffffff, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

[ 2797.496882] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
14:01:46 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d37d)

[ 2797.562966] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[ 2797.704394] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
14:02:02 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d358)

14:02:02 executing program 2:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:02:02 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d37e)

14:02:02 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file1\x00', 0x40000, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0xa0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0/file0\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
lsetxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0\x00', &(0x7f00000002c0), &(0x7f0000000300)={0x0, 0xfb, 0xc6, 0x1, 0x80, "5c1668d831692bc42609521303612ebd", "388b89ad59c89a5fbb03e8809df8ba28b6f7290d473b54f1830b86b6611ea65d623fb65114afc0d8a95ec8c15cfb6b806c537aadab059e2e10ce2fd65d3ed20f9ac3fe7e767136b025eff7981a34437e19f95d3aae5a3a82a1491b64b6f4091e069046e2d7e57331147ee257bc9f1c5f80603ab4e9ac06f3f2e8aee646140f1a3bd9e6a8bbb5c5a8305810ec9ed0f15b90ed0373c9b7f525a317037f44e4f579ea29facc6bc445ac5f079c2e8eb2b2a2b0"}, 0xc6, 0x2)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x3c11c2, 0x81)
ftruncate(r3, 0xffff)
getsockopt$packet_int(r0, 0x107, 0x3, &(0x7f00000000c0), &(0x7f0000000140)=0x4)
r4 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000400))
ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r4, 0xf504, 0x0)
sendfile(r0, r1, 0x0, 0x20d315)

14:02:02 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(0xffffffffffffffff, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:02:02 executing program 6:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
mkdirat(r0, &(0x7f00000000c0)='./file1\x00', 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r3, &(0x7f0000000240)="01", 0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r1, r2, 0x0, 0x20d315)

14:02:02 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x100000e, 0x13, r0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000500))
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="85ff03000000000000b695eb36a6fcae37b64a6f4af7108a080bc64ed8349c7b00d9dd94fce5cff17793868478e411010fb9802d29fcf3a91aa22a2ed85e8ccc7d42291bf4d94d5bfe40b0169a2eaaa0bdadf48622dc4aa262e03665fc12f8c1a74861d069e2b57109eda9ae0b6b285a673e1e60d0b157008abbfccb25a05b41f27f4e1516a7898feac9aaf30c01beb307d78e07b218ea13440720610781d8964883116c51c537a04a95b358c795077a3ca6e3eddde09b698d569a22eca3488ab1ec77d4c132e4ad28c83727ded2ed6d4dc6427a62212773d91980e83498d0842ad05a288d", @ANYRESHEX=r4, @ANYBLOB="287766646e6f3d3b03bee3d0ee19f756418995fc018ab03915ebaa5ad446f00970c045a9eac4a112e5f6ee19dfed8f6fe9b8ec251e504486f18e87a22068b967d4786b14c445c46eb5e6e8b85377da82d96c6c1ed0787653004fa1b822f1ab602cfe2dcac07884e6b551942251e842ccf8b8bc62882645d0633228d9bb955a5c6f7bd598a1943aaa264cc3838ef64f975d14744911fb1f6e331f7d927c6ec00284c6", @ANYRESHEX, @ANYBLOB=',\x00'])
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, r5, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:02:02 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d35b)

[ 2813.734660] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2813.747926] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 2813.777744] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[ 2813.788213] EXT4-fs (loop7): VFS: Can't find ext4 filesystem
[ 2813.806668] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 2813.820856] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 2813.823640] EXT4-fs (loop7): VFS: Can't find ext4 filesystem
14:02:03 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}})
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r5, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
accept(r5, &(0x7f0000000340)=@pptp, &(0x7f0000000080)=0x80)
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:02:03 executing program 2:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:02:03 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
getpgid(0x0)

14:02:03 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
getxattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="73656375726984792e6578743400"], &(0x7f00000002c0)=""/43, 0x2b)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x2, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r2, 0xffff)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x20d315)

[ 2814.052429] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2814.072797] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
14:02:18 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(0xffffffffffffffff, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:02:18 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x4, 0x10, r0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:02:18 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
getpgid(0x0)

14:02:18 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:02:18 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x1fffffffc00)

14:02:18 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000", 0x5c, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:02:18 executing program 7:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x2}}, './file2\x00'})
chdir(&(0x7f0000000040)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
recvmsg(r1, &(0x7f0000001b40)={0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f0000000500)=""/181, 0xb5}, {&(0x7f00000005c0)=""/165, 0xa5}, {&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000000140)=""/119, 0x77}, {&(0x7f0000001680)=""/195, 0xc3}, {&(0x7f0000001780)=""/170, 0xaa}, {&(0x7f0000001840)=""/148, 0x94}, {&(0x7f0000001900)=""/66, 0x42}, {&(0x7f0000001980)=""/204, 0xcc}], 0x9}, 0x40000120)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f00000002c0)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
write(r3, &(0x7f0000000240)="01", 0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r1, r2, 0x0, 0x20d315)

14:02:18 executing program 2:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 2829.661091] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[ 2829.674399] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 2829.727606] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 2829.730456] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 2829.740942] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2829.748094] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
14:02:19 executing program 0:
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000080)={0x9, &(0x7f0000000340)=[{0x20, 0x4, 0xa2, 0xffffffff}, {0x1f, 0xff, 0x3, 0x4}, {0x2, 0x0, 0x6, 0x1}, {0x2, 0x0, 0xf4, 0x3a}, {0x4000, 0x6, 0x3, 0x3}, {0x3fef, 0x1, 0x2, 0xfff}, {0x400, 0x8, 0x4, 0x57}, {0x3, 0x0, 0xbf, 0x6}, {0x80, 0x0, 0x6, 0xffffff00}]}, 0x10)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="74726104733d46642c8377516e6f3d", @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB="2cec511e315b47b7185ee91e4029c5"])
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x2, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:02:19 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:02:19 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
mknod$loop(&(0x7f00000002c0)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
pipe2$9p(&(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x800)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r3, 0xf503, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
write$binfmt_script(r2, &(0x7f0000000680)=ANY=[@ANYBLOB="2321202e2f66696c6531206578743400720ce3b1b2496a227ac88afbb4a16ba7268580247700f45cf9b541225831bc1083ba503ce34fd477973bd212a16a9572d7e551d24120215c20402c5d2927c174202a5c2a2421022928200a634c948c5fabe8a4158f0b1f0a7cb671dafe0d12cd50a62eb517fc84fc3a1034f9b0b52b342bc56d03656b5de15e4d65aabad730dedf12fdc3e08fb94dfd6442e77c9655f0436b6fdfbb71edffdd5a0c3bdffbbe822adb3b24e00cdbfe15945e0c3ff190e7151a0038f3f3de0b28118b52d1088141a7b5601c6ff7b193b634f4e64100cd044c6eefde736a28808f5031f383cfcf1528a01c89597a21ab653722dac51977535c8bbc65d9ee49621350e4b9f94823f2ba85987b7871e6b7606f2dd9d7952c8e729321e362ae58dfd0d4d7eabfca8a81d30b207bacaac7b5227b8285fad0dff133e83200b667ab168a928fd5bc2512a4348bf5ae7d0bd69e83cf796cb953306879824b2a7434bfc617c4fabb40a051f83d38f8065fe733f6f3e4bb0b128661800a135e95b154126c73b825e693444a95770be3e0b715370b750ae8ef866734c28a0b4b2b8fe0f2bbf0cc5b618e7f3c0d"], 0xfe)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}})
openat2(r5, &(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x4ca80, 0x40, 0x5}, 0x18)
ftruncate(r4, 0xffff)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r7, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
sendfile(r7, r0, 0x0, 0x20000000020d315)
r8 = creat(&(0x7f00000000c0)='./file1\x00', 0x41)
openat(r8, &(0x7f0000000140)='./file0\x00', 0x381e00, 0x0)

14:02:19 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0x0)
sendfile(r0, r1, 0x0, 0x20d315)

14:02:19 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000140)='./file1\x00', 0x2c8000000000, 0x0, &(0x7f0000000180), 0x204004, &(0x7f00000002c0)={[{@nodots}, {@dots}], [{@euid_lt={'euid<', 0xffffffffffffffff}}, {@fsuuid={'fsuuid', 0x3d, {[0x30, 0x38, 0x62, 0x65, 0x66, 0x32, 0x35, 0x65], 0x2d, [0x64, 0x62, 0x64, 0x39], 0x2d, [0x65, 0x62, 0x35, 0x37], 0x2d, [0x36, 0x66, 0x63, 0x36], 0x2d, [0x36, 0x33, 0x36, 0x37, 0x64, 0x2, 0x5b, 0x34]}}}, {@smackfsfloor={'smackfsfloor', 0x3d, '#.'}}, {@fsmagic={'fsmagic', 0x3d, 0x8}}, {@dont_measure}]})
sendfile(r0, r1, 0x0, 0x20d315)

14:02:19 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000", 0x4a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:02:19 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
syz_io_uring_setup(0x1733, &(0x7f0000000140)={0x0, 0x23c9, 0x4, 0x3, 0x3d9}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=<r0=>0x0, &(0x7f00000002c0))
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff})
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r2, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x24020, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}})
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff})
r4 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r5=>0x0, &(0x7f0000000140)=<r6=>0x0)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[0xffffffffffffffff], 0x1, 0x0, 0x0, {0x0, r7}}, 0x0)
syz_io_uring_submit(r0, 0x0, &(0x7f0000000380)=@IORING_OP_EPOLL_CTL=@mod={0x1d, 0x5, 0x0, r1, &(0x7f0000000300)={0x4}, r3, 0x3, 0x0, 0x1, {0x0, r7}}, 0x9)
chdir(&(0x7f0000000040)='./file0\x00')
r8 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r10 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r10, &(0x7f0000000240)="01", 0x1)
r11 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r11, 0xffff)
sendfile(r8, r9, 0x0, 0x20d315)

14:02:19 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
getpgid(0x0)

[ 2830.117355] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[ 2830.136835] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 2830.143105] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
14:02:19 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 2830.196064] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 2830.207749] EXT4-fs (loop7): Unrecognized mount option "trans=fd" or missing value
[ 2830.215121] EXT4-fs error (device loop3): ext4_fill_super:4962: inode #2: comm syz-executor.3: iget: special inode unallocated
[ 2830.222057] EXT4-fs (loop3): get root inode failed
[ 2830.223840] EXT4-fs (loop3): mount failed
[ 2830.266076] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
14:02:19 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0x0)
sendfile(r0, r1, 0x0, 0x20d315)

14:02:19 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:02:19 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(0xffffffffffffffff, &(0x7f0000000240)="01", 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r2, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

[ 2830.417280] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
14:02:19 executing program 6:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f00000000c0)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff12a1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff9dcf57618093f87d5affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r2, 0xffff)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r3, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r4, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
r5 = syz_mount_image$nfs(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x3, 0x8, &(0x7f0000000840)=[{&(0x7f00000002c0)="7efe6f3383c2bd3937909d2f77b833aa45d9e4fef03ce391b1661e16889896d21173346a174362aacc552d6ab84c83fcb4445fbe35687df365a06d24c6e3cc9768675921c4342df1c0ce8000440a9aa36f739b2c2fc0d47b61e3cba2f357777633b9b4486175a690adc7f5cee462b5d4", 0x70, 0x4}, {&(0x7f0000000340)="94599e2de71fbc99ba39f775a1d7846e7ecaa0be82a8a30d5ae9b225609dc505c4cf57dc7782c03349d133fd1c43c94791", 0x31, 0x8}, {&(0x7f0000000380)="f86ee75b41b67d7c51f9ff2f55f50941bfad27460bf79b272f60dd76d98f81c8f1143ff837a09be3f20508309b43e00d157cee816d1ba35d6d901190b0", 0x3d, 0x80}, {&(0x7f00000003c0)="b3cebccc93f8fd80989b6c4a4e782c8b1127dd3707f7b9631de42060", 0x1c}, {&(0x7f0000000400)="bf4e192e13e2d6b50b86b22fcf4c9b25cfb9a6e1811d775b5b584f50939990bbc98fb6cb631d5d19d0b88dd0ce147d767092aebf1d72f87a38777bfcc4fcd07b7185f136710bdf96b6a4b1baef0721fe2f4c26a97be83fe49aacfdd4b709b2254dd26b58a52c6921f1815f7eb1fc6f7a0dbba2ec1ad0b7f4315b015360b9760db152", 0x82, 0x800}, {&(0x7f00000004c0)="c2b1a6ff37809ec86369104505488debd97e073b9b6ca7aa091bdab552aa5d407b1ef1fec5cdd1ad73339e8dd65ea748ece1aecccc8baf62ba0e931d7411e5210e07807c435bc23dbf9d2ea1856a2c5f6da321bc641b16b07ee792e4fd6c2596f64dd60592587d1dfadbfca1e79c2864ad66b74a5cfd8f73fdaf2ee5567e92e75d0176f1ca4503d365fe74b017b85eec15d8a87203a8dfe676f291a292121df79abf4b6903321a1d97df9a9f7bcc1f0452a9afaff205991bd14b85e27778a7aaff", 0xc1, 0x100000000}, {&(0x7f0000000680)="a4b524709aa3a2f7d398d2644e63ae4112ba5058cf1714181ab37f7a7a3c24a428281e65513f94e72fefd51a7be068cfe668205b8a7dc5888eab36db3153a74c9e9011fbfa5ff1828621611b4b40bcbbe08778befdd54c4f2497e96361768e6bd0af68d1f5d5079b4f865864fbb8cd30cc59c6cdd4481f70502d966d4a310b5e1bee06273745bfd40c454c9a383abf7fd17773b96749a237eab31abbe240acde258b52e4c7674c74ca27ff9187d312031cbc4f0ee3335c488ee6ab397468037e781ff99577ca88f8e469f6d2769f17460b892c0639cb07b936160314388f6226660d3bc929e3134d8e0736962b18", 0x105, 0x92}, {&(0x7f0000000780)="64d18de7fafc537eee30a6434d85e2126c5f04f455253dc84ac55ac1aa23ca72ef92f8688b0b2fe5ccb86d16a8a71faaaea8d57d0e30469f420241f9d6f3210ea964a66068c83bfddac860a097d78741c158091dbccc67c4b22b3547b6adb44ff8a48451ae41f4bca4fac52225bcd28d560149e5bccfba1bbbd4f2a0e9307487030bca931306e7d29de8c18a22ce28", 0x8f, 0x7}], 0xac5802, &(0x7f00000009c0)={[{}, {'\xb9\x06\t\x1c\x15\x9f\x94\xb07\x85\x1d9\x0f<v\xd8\xd4\x89'}, {'[:\'-.'}, {'ext3\x00'}, {'ext3\x00'}], [{@appraise}, {@measure}, {@euid_gt={'euid>', 0xee01}}, {@smackfsdef={'smackfsdef', 0x3d, '\xd6)'}}, {@obj_role={'obj_role', 0x3d, '-'}}, {@euid_gt={'euid>', 0xee00}}, {@dont_hash}, {@rootcontext={'rootcontext', 0x3d, 'root'}}, {@euid_eq}]})
fcntl$dupfd(r5, 0x406, r2)
sendfile(r0, r4, 0x0, 0xffffffffbffffbff)

[ 2830.547931] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 2830.574678] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
14:02:35 executing program 7:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x4)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r3, &(0x7f0000000240)="01", 0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
openat$cgroup_devices(r1, &(0x7f00000000c0)='devices.deny\x00', 0x2, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r3, r5, 0x0, 0x9)
dup2(r2, r3)
write$binfmt_script(r0, &(0x7f0000001300)=ANY=[@ANYBLOB="2321202e2f66696c65312065787434000a92bd0c4ab71f76f331b2348bcc2c867da503eb8aeb1fff820745741d36d5383bb6944eab32994076356253b36ba54b070bc3a9c36320a905bec11ced8caca4eb1e67a3d12ec1429ebea623d523325e6adc7ceb95284e61f87a7414bc7ab91adfc3ddd9be33151d24bea367f9db9efe8c1c3924129adbf23727f4ade76a261b2a67e24a280c2fd47c04f5b75769c49cdfb2fc7bfdfbf0efc1576796c0a40f2f47f768d8764aa72136b3d0ea5845d6e98c63fd22cb6203e8d86ebcd1935df3eb06b19ac9759fcc88d6210ea6a94f0b92bafd83d91d0b2158ad0ba75ec76edc2004c8a2342a3450e309c1c9a6875c4f91aafaab9fce14b8ac5e34d011b1c8ebd84b78b722e277ced3501eb09ce665fe66fc560d2e67fe4e305aad650330201e5ef33374ab9aa0fe9d11dff1027f94447370f3ebbbcb09bf5db3d80e4587ed665a1ebadf099255ea75cfdcae8dbd9b40339a5ee5d012222ccc8b9e59d33154be40d237957d5ef6e2b3647eacff10e1ec343b3a30b8be982363a7b6d71376566064f717eee2b712580adf1e069965253f2c5c5617e66271993c0e55b086a7402f8578ff208ab33bf579b90fad66f22c640e22114d0e499997ef637b49d0e4db181d0872c9b80f35a8e839a6107b9b52b7bb5435fa03725afaac2749cf35bec2c12a77e3ae7f065c21d035342dceeaa2a11da8c3ede135d743e3f808c516c74a44bdd392c90370c1c57ff31e1b121ffae1fb2e424ab23e21a78c082e0fc8fd7f27fa8a068e054effb5ada1d1c13ecd54ce99774d26009aff9e5ee1a487149a516beeaa8378f20d7d4c634ed8c2f03da6dc0b8421924ed32536532ca3dd51115506cec6586b3088319920fd3dd2e4a05dda3be6d52220687ef6ab213658ca36e51a28eacf89dbea58d899980a0a8b7f1ca2686fbbc0b145d8bb5ec9a13bf32512ca2b4ac3fae81423b338fab47986aad99f9a61f4eab5b3019ceef32d2369e0ac4644d200ea0b415eb6bbad06e242ab82d9a5394197db53eb28df102e53f7e5c16de2233780220fa22f76b11c00279e835fa1dd745fac7bf64be2289dcaed73fad1e915109c632cddf87a96c8f21d5b9d33d020d1b5956574aa9eedb0efae6f13e5e7acc80cbf510ba97ead16d4b9180912e2f70de0ac10705762b9492f89adaa75d36119825035ebe3a720aa4b0e70e9e215e855234607c529aa981fea74b9287e28833b4374c5a1f98672dd3fc4b610bc0324d486d32ed661f3cd63410304bfbcce6f5a81bdc0671b0745acac715e7a598a1bd58b55e5a9b58c71a64f9178e576c1234ec453072f4d8b3b772ef88f6646648930940c0b41f03ed65388aada691a71d1f67249ac95b4006d9f2d334acce0817f02b8a9a464c15d72841a59990ce6d1bc28244eeeabf508fe16c7b91d25eec9383a1de294a9de3dcc62a3a767ce08d8a0feff12e7706f05f1d503bd19d709f4fa621ee5fdc3cc5bf5e098d7f974ba3b43ea89c4ca0e5ce444fe2b8b0027cf3a1da7cb7e1a4bb7d1c77c4c937cda338ac6a68de60831408d96e6171a2c4fc81d964ffbb72778cedbb0e5c11358b5a6b6a8b2599308cc451cc8b332096f9a24ac6aceed82966d2d01b581a63d43de0a460ab3d9d5d2e48403c58fa20f58d358331b955a1cbc5ec5fdacccc046c3ca69030e93c899d2310d046434978c3754f1fbe2b69d97793d837a2e18c93f4e95340cbcf5601c3ea461ed7ca9382907b4a40047f416dbc8a2fa6fa95f69631964f4ca5108dea3017dfd5a677c0f99753c74558d7dda6926aa0abfa93909edcbe750398c3223320647e1d9f245e84e8106686acd8bb3b214835f6332143fe4695f1bdbf4e46e5f43b37e7961d7234459d319f47ddac6dcaff3ee6d1398f6104d6d09f2729dc9db2149c269eec7a4eb16db7b10fe255208dd5414682a61d38a15fd38dd2d32b2279420f365a3a2031db08c85c7875d47bf07b36b33cdb862a11c5582d175768e3f8d40ebdb188a3bbe4656c10254eb5fe9452a463d4cf41950b9cda6b94c9de68f07a006e5a8f8db312fa6df515831dacf5efcdca6234fa850b5b57c7537252b633972c4f5576edd804f0a9959e042c88ff2a0972f51bead3de8c482135ac8b1d742e3aa3f1c55d1c8dd72ef10a0dd5ec34cb6096f01b70d887fecfd98a451d1e19874354537d7319953114cd969213f2e73f686b82d7befc2b79b783a613fd46048c984cc025f4789b049e19adead8e12c40511f1fd7b31bc5040a4d51da129b488a5fbed83db5114353b36422d8f805e85ff878ecb916f0bb91eb41c0efe373a794d59053e2e1eed621ef132404c18b0ea607be8453c7afc916bc7c9b1112212cd6498af31f84363c9eb8f9f7841f5a88a4511b258641db7987ae087a9e1d2681b86b7dd24640f459f81eb3d0847550e08d57bb6cb6a0b34e6d55c8804b2c5e39ca419a55a555817ebda61e74425a7c1d067747977fdab215e5a51a30cb9189b7377a35dbef4cd051140f79ea9b5e56e3507e1560cdd9b94924775fea4697631f55abb6ea3984344dc71e8e04e42e94a1e1cee645e0017802e881e09cec93d7ed2d4e4036266a4f7775c9bc02f781b9d0343392d2c6cc261eea51432a3bc508f90c15f796d0d15a6f8c4963153010a4f5f9364a5268dc81dfc8674c37551c187a667d979d3b3e0f012228881a7c2b14cbed9b08c1a7d12874c7ef9e617afac5c6369d9ddc06880d3d0aa6045a477eed105bcd1ab48280991d0d3de013d421c16f14caeff7afc4f3393148bdeacfce9afbd30efe23ff8ee2442d75f1970bb6ee92efb3a1f58ce87bcc06c9ce4e54b71cc9607d7e65ebcf7756c6eabd75dd2643501bb428c04b2bcf2771f5da58e6ca35dc5bab4f051d74486d3b8fa443c9044ec0e3bed8a4ee80ecb3a7298ce2f7e38d52dd100debd4ce9f9fa59e61f0679a522bde31145d33c80678ac7e1fe4c9759301e6a0336c10fa38dbbfa6ff688e04f5d80ad835583fe34a0d3deb5b51001809d46993160307a959493f65d3b8324d8a3c394d99b7c58261c2f485fdee4b47f347d2c1f07f5c376978c8a5de9c17c23fa1542a5b3eb6207c3d12e18d894a5c27061755ad759f124d01474807de6cd2b777701a955869a3c3fcc07150c91bea0a21679db7a91ea07095247319adde43663fd17352d115de55142340aa065886b594aaae47f5bd3cb192888364ef6075d3f312eb709dea21fc161fc0e2418537bee7a136e9af02169556c57a7068760d5bfe37c97d954601ce308bff5038b919f4dc28af1b8f45a1cf5a097fa9d80f562d57946775a341664d5d35c402a45ad3a758a315d89437e5ddfc1db6bedb86432cca7c2c7c22a8e14b5cdb29819ab6d4f8465620490331f92c6e749dc591e863275f80108d5f974bf72057cd6ab7d6d6ff7bfb2f9389c93d855a44d522ea8223352096230826d99bbedf3284a8c62dc19263d4e6fd21faec3f668e661bc94e5355232c0eec7e56e981d95aaa6d475f11d8a0adca6d0e24fb738c541cb8b5d53454609f0f2af2e71da1a2cdbc9d85d8e30f43caea350ab24e532cf3c1b225012e5cfc22487a4e8dca69bc389cddac5e4d963fc02daff31e833f09440fe4b6634696d3b2812e8974055fd69f7365402711092efd25fd6d143855fbb68d866bffa7bcd49fca94a877c16dc623d7cdfe8f2c2f8dc502cd5172c8bd1437f339efda9e33c31ccbd613bff71d4ff1e81f9595cc1f8865cb3199a6f15e86dc8f7d5a9f05a5dc053ec537842eacd3880180cd8575b5f47f8e0c621e26eb9cbec9bdc24228f2cdad1f8cc741cfb631d854c9ec6015352bd0d98f291112676e7631ed36db13a9ad4c1a4f3d0544f96d41e9b71be15837cec63211f427b032c13f2e52af84d95e11fe4782328096be781251fb040dd88c27329f7e772a40867a489c58a5580884636e2628fb2b3e7b660e814b0c7128246451cfce0950dadba104407b4a8f15c5164a55860996d27fff8aa4c900906d780e616a3a4d29f4aa8449a91133839d40ea925007034b695c894c5083eef2b53c5782d7c051d53953f64988c72e74631f32794590b7736edeccd51a34bf178985d4f9f67ae82a554dd2ba625085a2f1ca5741e35077ab7521da763cc8266483d1ce8b20be1ad94378b65321d99013b2cd5a6bf5315dc85b841160c17e08a5f98195e375b3b4bd1fbbc3f88730503f9cdfb1484cfc380a6c6f429807cc941bc359ffdd851d712631b36e0b178baf8f18a7b7ef4381a9401ed09a8ea9e639768455594181c14b7015e1034d353c7d2732f9125a3ab65812e92fc8fef1627676fa6c694a6b4823d75a9509cc2a5a995fd65b4077128f93860a709e4920d722a33e3e14f2e2a4265b7187ca5c57c672d0a763ab051a6ec41c336aae34f4de070d9c5d115adb976840e73efa2692d10bc4d75ab9419e86405b0e75950d4fa16e900d164e2c4ef59c832725157c0a92df601948af3ab27822ccc9d09805be5d3856287feefd8a3bed561fa27796ac10b78d3f4074bff160e8580c98b7de216871892fc935ec47199c9e112068bc3340925d2946a416757fbc149aa148a6d9cc9e61b98973bbca5fbdbc081cd61c5f15358c79e6932968e34bd205526ba9b1af6f2ea2bc919fd3053b7f8be51115450d2735eba5afd02bbb9f544c6c286279420268ce59031b2647b9681721ac826c5ec9fbd953d77a8a47a5fadc383d8a10a7a87399985d68c0c7e6e383363be187951172853265c525a3e354be111ca3aa79b4ba52e9f441b382711607376876b12c00a68c038751e155e004998c96f2baf64f31fdd285f7cd0494d1a60af6bd31a4032e5e067728f7f009dcfe61a42b3110ed34e622df81aaa1f2d795ca71057dbcbe928065a9d3981e859677533614d786b31784429bde0c7abd38ebeb8b7d1a78fb495981ae7f304d5325554f94cbdb75b9e7fdd0ca12f53244d64949c8d22caeb684dca1b3d9099d1a100c8dbfc7e6a66718ecf182085b3359789a3bc6ff8b802a8fecbd95d51889686d591bf8c3e29f691c77496e0b544d1c60d2550221e41f35781c830622d6ea3030a8775139521da716e8016e33e9ccefadc77043f0e400753d810ace8f1c3ec30e7f22c544993f7465043e7284a5c0228d3ae78790f903bb468bae5a0a22c6dfb652846e9b6fd3764b6cd4266081aa44d1671ff3916f1440ba8a11a9d08cc6d0bf2c3f6acd087227316c730959cd1e5b7b64b8be0be1b3f194989127f9f07ece3632340f65d384ca4affa1c0856af05f6cc56179c8e5e35b9a724d843a645cc5bbae70f8cb2e7918f86fa7adfd74ccc08a4a6abbaf6eaad5d320ad0b7c8b280f1ea6e15f872f6504ef04cbaf4e04e6f339c284246be89e33966951b18379339b56115209e867fd194a5922a9ecfeb527799db1d83c0474ec92631b6fe37b1051b7021afbebee8270ef01903ec07284a6485d7e93a04e979a10fd8b3ac71725aef500231a0590533f27fa22aaa19457be5ee380480a51c075601aa41e9e3045146ee96359f0e2fb6c799f8eb97051ec2ee6d7ff06daea29cf5faf344ea0b827a5211994aa04391797da52d77a7aa873ba63f55820e26229f4bc73d2483f0da073099c816c6875a66e447e8cd2eb7c6184d56daaaab081e42b465e76f3a1db4b04f8e96c5434cf3525496cf835413ef92e6bc6a53e2a7f21a7770ee6c095ed8ea9ceebfe95fcc05befbc05f02ea62e8e0f94d927e6cd33ee079554beaf375c8a7d6a9cf8990bf29bb5c7d8f53fbdfe366c87419ccf2461534662dc07a1da2a51da7cb9328da"], 0x1011)

14:02:35 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x3000009, 0x12, r6, 0x10000000)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r5}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_setup(0x25, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000380)=<r7=>0x0, &(0x7f0000002a40)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000040)=@IORING_OP_READ_FIXED={0x4, 0x5, 0x0, @fd_index}, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000100)=@IORING_OP_LINK_TIMEOUT, 0x5)
syz_io_uring_submit(r3, r2, &(0x7f0000000340)=@IORING_OP_OPENAT={0x12, 0x4, 0x0, r4, 0x0, &(0x7f0000000240)='./file1\x00', 0x85, 0x8182, 0x12345}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)
fsetxattr$trusted_overlay_origin(r0, &(0x7f0000000080), &(0x7f0000000180), 0x2, 0x2)

14:02:35 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:02:35 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:02:35 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0x0)
sendfile(r0, r1, 0x0, 0x20d315)

14:02:35 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240), 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:02:35 executing program 6:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f00000000c0)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff12a1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff9dcf57618093f87d5affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r2, 0xffff)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r3, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r4, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
r5 = syz_mount_image$nfs(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x3, 0x8, &(0x7f0000000840)=[{&(0x7f00000002c0)="7efe6f3383c2bd3937909d2f77b833aa45d9e4fef03ce391b1661e16889896d21173346a174362aacc552d6ab84c83fcb4445fbe35687df365a06d24c6e3cc9768675921c4342df1c0ce8000440a9aa36f739b2c2fc0d47b61e3cba2f357777633b9b4486175a690adc7f5cee462b5d4", 0x70, 0x4}, {&(0x7f0000000340)="94599e2de71fbc99ba39f775a1d7846e7ecaa0be82a8a30d5ae9b225609dc505c4cf57dc7782c03349d133fd1c43c94791", 0x31, 0x8}, {&(0x7f0000000380)="f86ee75b41b67d7c51f9ff2f55f50941bfad27460bf79b272f60dd76d98f81c8f1143ff837a09be3f20508309b43e00d157cee816d1ba35d6d901190b0", 0x3d, 0x80}, {&(0x7f00000003c0)="b3cebccc93f8fd80989b6c4a4e782c8b1127dd3707f7b9631de42060", 0x1c}, {&(0x7f0000000400)="bf4e192e13e2d6b50b86b22fcf4c9b25cfb9a6e1811d775b5b584f50939990bbc98fb6cb631d5d19d0b88dd0ce147d767092aebf1d72f87a38777bfcc4fcd07b7185f136710bdf96b6a4b1baef0721fe2f4c26a97be83fe49aacfdd4b709b2254dd26b58a52c6921f1815f7eb1fc6f7a0dbba2ec1ad0b7f4315b015360b9760db152", 0x82, 0x800}, {&(0x7f00000004c0)="c2b1a6ff37809ec86369104505488debd97e073b9b6ca7aa091bdab552aa5d407b1ef1fec5cdd1ad73339e8dd65ea748ece1aecccc8baf62ba0e931d7411e5210e07807c435bc23dbf9d2ea1856a2c5f6da321bc641b16b07ee792e4fd6c2596f64dd60592587d1dfadbfca1e79c2864ad66b74a5cfd8f73fdaf2ee5567e92e75d0176f1ca4503d365fe74b017b85eec15d8a87203a8dfe676f291a292121df79abf4b6903321a1d97df9a9f7bcc1f0452a9afaff205991bd14b85e27778a7aaff", 0xc1, 0x100000000}, {&(0x7f0000000680)="a4b524709aa3a2f7d398d2644e63ae4112ba5058cf1714181ab37f7a7a3c24a428281e65513f94e72fefd51a7be068cfe668205b8a7dc5888eab36db3153a74c9e9011fbfa5ff1828621611b4b40bcbbe08778befdd54c4f2497e96361768e6bd0af68d1f5d5079b4f865864fbb8cd30cc59c6cdd4481f70502d966d4a310b5e1bee06273745bfd40c454c9a383abf7fd17773b96749a237eab31abbe240acde258b52e4c7674c74ca27ff9187d312031cbc4f0ee3335c488ee6ab397468037e781ff99577ca88f8e469f6d2769f17460b892c0639cb07b936160314388f6226660d3bc929e3134d8e0736962b18", 0x105, 0x92}, {&(0x7f0000000780)="64d18de7fafc537eee30a6434d85e2126c5f04f455253dc84ac55ac1aa23ca72ef92f8688b0b2fe5ccb86d16a8a71faaaea8d57d0e30469f420241f9d6f3210ea964a66068c83bfddac860a097d78741c158091dbccc67c4b22b3547b6adb44ff8a48451ae41f4bca4fac52225bcd28d560149e5bccfba1bbbd4f2a0e9307487030bca931306e7d29de8c18a22ce28", 0x8f, 0x7}], 0xac5802, &(0x7f00000009c0)={[{}, {'\xb9\x06\t\x1c\x15\x9f\x94\xb07\x85\x1d9\x0f<v\xd8\xd4\x89'}, {'[:\'-.'}, {'ext3\x00'}, {'ext3\x00'}], [{@appraise}, {@measure}, {@euid_gt={'euid>', 0xee01}}, {@smackfsdef={'smackfsdef', 0x3d, '\xd6)'}}, {@obj_role={'obj_role', 0x3d, '-'}}, {@euid_gt={'euid>', 0xee00}}, {@dont_hash}, {@rootcontext={'rootcontext', 0x3d, 'root'}}, {@euid_eq}]})
fcntl$dupfd(r5, 0x406, r2)
sendfile(r0, r4, 0x0, 0xffffffffbffffbff)

14:02:35 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
openat(r0, &(0x7f0000000380)='./file1\x00', 0x4000, 0x3)
write(r1, &(0x7f0000000240)="01", 0x1)
recvmsg(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/168, 0xa8}], 0x1}, 0x101)
openat(r1, &(0x7f0000000180)='./file0\x00', 0x40, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r2, 0xffff)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r3, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
sendfile(r3, 0xffffffffffffffff, 0x0, 0x5)

[ 2846.326063] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[ 2846.327391] EXT4-fs (loop3): group descriptors corrupted!
[ 2846.342878] EXT4-fs (loop2): bad geometry: block count 256 exceeds size of device (11 blocks)
[ 2846.366884] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[ 2846.376613] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 2846.400693] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 2846.408741] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2846.429026] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
14:02:35 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r2)
write(0xffffffffffffffff, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:02:35 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r2, 0xffff)
sendfile(0xffffffffffffffff, r0, 0x0, 0x20d315)

14:02:35 executing program 6:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f00000000c0)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff12a1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff9dcf57618093f87d5affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r2, 0xffff)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r3, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r4, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
r5 = syz_mount_image$nfs(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x3, 0x8, &(0x7f0000000840)=[{&(0x7f00000002c0)="7efe6f3383c2bd3937909d2f77b833aa45d9e4fef03ce391b1661e16889896d21173346a174362aacc552d6ab84c83fcb4445fbe35687df365a06d24c6e3cc9768675921c4342df1c0ce8000440a9aa36f739b2c2fc0d47b61e3cba2f357777633b9b4486175a690adc7f5cee462b5d4", 0x70, 0x4}, {&(0x7f0000000340)="94599e2de71fbc99ba39f775a1d7846e7ecaa0be82a8a30d5ae9b225609dc505c4cf57dc7782c03349d133fd1c43c94791", 0x31, 0x8}, {&(0x7f0000000380)="f86ee75b41b67d7c51f9ff2f55f50941bfad27460bf79b272f60dd76d98f81c8f1143ff837a09be3f20508309b43e00d157cee816d1ba35d6d901190b0", 0x3d, 0x80}, {&(0x7f00000003c0)="b3cebccc93f8fd80989b6c4a4e782c8b1127dd3707f7b9631de42060", 0x1c}, {&(0x7f0000000400)="bf4e192e13e2d6b50b86b22fcf4c9b25cfb9a6e1811d775b5b584f50939990bbc98fb6cb631d5d19d0b88dd0ce147d767092aebf1d72f87a38777bfcc4fcd07b7185f136710bdf96b6a4b1baef0721fe2f4c26a97be83fe49aacfdd4b709b2254dd26b58a52c6921f1815f7eb1fc6f7a0dbba2ec1ad0b7f4315b015360b9760db152", 0x82, 0x800}, {&(0x7f00000004c0)="c2b1a6ff37809ec86369104505488debd97e073b9b6ca7aa091bdab552aa5d407b1ef1fec5cdd1ad73339e8dd65ea748ece1aecccc8baf62ba0e931d7411e5210e07807c435bc23dbf9d2ea1856a2c5f6da321bc641b16b07ee792e4fd6c2596f64dd60592587d1dfadbfca1e79c2864ad66b74a5cfd8f73fdaf2ee5567e92e75d0176f1ca4503d365fe74b017b85eec15d8a87203a8dfe676f291a292121df79abf4b6903321a1d97df9a9f7bcc1f0452a9afaff205991bd14b85e27778a7aaff", 0xc1, 0x100000000}, {&(0x7f0000000680)="a4b524709aa3a2f7d398d2644e63ae4112ba5058cf1714181ab37f7a7a3c24a428281e65513f94e72fefd51a7be068cfe668205b8a7dc5888eab36db3153a74c9e9011fbfa5ff1828621611b4b40bcbbe08778befdd54c4f2497e96361768e6bd0af68d1f5d5079b4f865864fbb8cd30cc59c6cdd4481f70502d966d4a310b5e1bee06273745bfd40c454c9a383abf7fd17773b96749a237eab31abbe240acde258b52e4c7674c74ca27ff9187d312031cbc4f0ee3335c488ee6ab397468037e781ff99577ca88f8e469f6d2769f17460b892c0639cb07b936160314388f6226660d3bc929e3134d8e0736962b18", 0x105, 0x92}, {&(0x7f0000000780)="64d18de7fafc537eee30a6434d85e2126c5f04f455253dc84ac55ac1aa23ca72ef92f8688b0b2fe5ccb86d16a8a71faaaea8d57d0e30469f420241f9d6f3210ea964a66068c83bfddac860a097d78741c158091dbccc67c4b22b3547b6adb44ff8a48451ae41f4bca4fac52225bcd28d560149e5bccfba1bbbd4f2a0e9307487030bca931306e7d29de8c18a22ce28", 0x8f, 0x7}], 0xac5802, &(0x7f00000009c0)={[{}, {'\xb9\x06\t\x1c\x15\x9f\x94\xb07\x85\x1d9\x0f<v\xd8\xd4\x89'}, {'[:\'-.'}, {'ext3\x00'}, {'ext3\x00'}], [{@appraise}, {@measure}, {@euid_gt={'euid>', 0xee01}}, {@smackfsdef={'smackfsdef', 0x3d, '\xd6)'}}, {@obj_role={'obj_role', 0x3d, '-'}}, {@euid_gt={'euid>', 0xee00}}, {@dont_hash}, {@rootcontext={'rootcontext', 0x3d, 'root'}}, {@euid_eq}]})
fcntl$dupfd(r5, 0x406, r2)
sendfile(r0, r4, 0x0, 0xffffffffbffffbff)

[ 2846.563064] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[ 2846.608783] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
14:02:51 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000140)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f00000002c0)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0x44}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1603}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
recvmmsg$unix(r0, &(0x7f0000001180)=[{{&(0x7f0000000700), 0x6e, &(0x7f00000000c0)=[{&(0x7f0000000780)=""/254, 0xfe}, {&(0x7f0000000880)=""/177, 0xb1}], 0x2}}, {{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000940)=""/170, 0xaa}, {&(0x7f0000000a00)=""/36, 0x24}], 0x2, &(0x7f0000000a80)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, <r1=>0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x60}}, {{&(0x7f0000000b00)=@abs, 0x6e, &(0x7f0000000c80)=[{&(0x7f0000000b80)=""/168, 0xa8}, {&(0x7f0000000c40)=""/30, 0x1e}], 0x2}}, {{0x0, 0x0, &(0x7f00000010c0)=[{&(0x7f0000000cc0)=""/78, 0x4e}, {&(0x7f0000000d40)=""/29, 0x1d}, {&(0x7f0000000d80)=""/220, 0xdc}, {&(0x7f0000000e80)=""/227, 0xe3}, {&(0x7f0000000f80)=""/113, 0x71}, {&(0x7f0000001000)=""/163, 0xa3}], 0x6, &(0x7f0000001140)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}}], 0x4, 0x2000, &(0x7f0000001280)={0x77359400})
openat(r1, &(0x7f00000012c0)='./file0\x00', 0x8000, 0x122)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r3, &(0x7f0000000240)="01", 0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r0, r2, 0x0, 0x20d315)

14:02:51 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:02:51 executing program 0:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000180)='./file1/file0\x00', 0x1, 0x1, &(0x7f0000000340)=[{&(0x7f0000000240)="57c37914b4ed0da8147e85c7a756", 0xe, 0x3}], 0x810002, &(0x7f0000000380)=ANY=[@ANYBLOB='shortname=win95,rodir,nnonumtail=1,shortname=lower,uni_xlate=1,shortname=mixed,context=unconfined_u,seclabel,seclabel,dont_hash,euid>', @ANYRESDEC=0xee01, @ANYBLOB="000000020000", @ANYRESDEC=0xee01, @ANYBLOB=',uid=', @ANYRESDEC=0x0, @ANYBLOB=',smackfshat=9p\x00,hash,permit_directio,\x00'])
mkdirat(r0, &(0x7f0000000480)='./file0\x00', 0x6)
r1 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
syz_io_uring_setup(0x25, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000380)=<r5=>0x0, &(0x7f0000002a40)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_READ_FIXED={0x4, 0x5, 0x0, @fd_index}, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000100)=@IORING_OP_LINK_TIMEOUT, 0x5)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000002, 0x20010, r1, 0x10000000)
syz_io_uring_submit(r5, r7, &(0x7f00000004c0)=@IORING_OP_ASYNC_CANCEL={0xe, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x7)
r8 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r9=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r9}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fallocate(r8, 0x20, 0x8bc, 0x1)
getpgrp(0x0)
syz_io_uring_submit(r4, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:02:51 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 1)

14:02:51 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f00000000c0)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff12a1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff9dcf57618093f87d5affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r0, &(0x7f0000000240)="01", 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r1, 0xffff)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r2, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r3, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
r4 = syz_mount_image$nfs(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x3, 0x8, &(0x7f0000000840)=[{&(0x7f00000002c0)="7efe6f3383c2bd3937909d2f77b833aa45d9e4fef03ce391b1661e16889896d21173346a174362aacc552d6ab84c83fcb4445fbe35687df365a06d24c6e3cc9768675921c4342df1c0ce8000440a9aa36f739b2c2fc0d47b61e3cba2f357777633b9b4486175a690adc7f5cee462b5d4", 0x70, 0x4}, {&(0x7f0000000340)="94599e2de71fbc99ba39f775a1d7846e7ecaa0be82a8a30d5ae9b225609dc505c4cf57dc7782c03349d133fd1c43c94791", 0x31, 0x8}, {&(0x7f0000000380)="f86ee75b41b67d7c51f9ff2f55f50941bfad27460bf79b272f60dd76d98f81c8f1143ff837a09be3f20508309b43e00d157cee816d1ba35d6d901190b0", 0x3d, 0x80}, {&(0x7f00000003c0)="b3cebccc93f8fd80989b6c4a4e782c8b1127dd3707f7b9631de42060", 0x1c}, {&(0x7f0000000400)="bf4e192e13e2d6b50b86b22fcf4c9b25cfb9a6e1811d775b5b584f50939990bbc98fb6cb631d5d19d0b88dd0ce147d767092aebf1d72f87a38777bfcc4fcd07b7185f136710bdf96b6a4b1baef0721fe2f4c26a97be83fe49aacfdd4b709b2254dd26b58a52c6921f1815f7eb1fc6f7a0dbba2ec1ad0b7f4315b015360b9760db152", 0x82, 0x800}, {&(0x7f00000004c0)="c2b1a6ff37809ec86369104505488debd97e073b9b6ca7aa091bdab552aa5d407b1ef1fec5cdd1ad73339e8dd65ea748ece1aecccc8baf62ba0e931d7411e5210e07807c435bc23dbf9d2ea1856a2c5f6da321bc641b16b07ee792e4fd6c2596f64dd60592587d1dfadbfca1e79c2864ad66b74a5cfd8f73fdaf2ee5567e92e75d0176f1ca4503d365fe74b017b85eec15d8a87203a8dfe676f291a292121df79abf4b6903321a1d97df9a9f7bcc1f0452a9afaff205991bd14b85e27778a7aaff", 0xc1, 0x100000000}, {&(0x7f0000000680)="a4b524709aa3a2f7d398d2644e63ae4112ba5058cf1714181ab37f7a7a3c24a428281e65513f94e72fefd51a7be068cfe668205b8a7dc5888eab36db3153a74c9e9011fbfa5ff1828621611b4b40bcbbe08778befdd54c4f2497e96361768e6bd0af68d1f5d5079b4f865864fbb8cd30cc59c6cdd4481f70502d966d4a310b5e1bee06273745bfd40c454c9a383abf7fd17773b96749a237eab31abbe240acde258b52e4c7674c74ca27ff9187d312031cbc4f0ee3335c488ee6ab397468037e781ff99577ca88f8e469f6d2769f17460b892c0639cb07b936160314388f6226660d3bc929e3134d8e0736962b18", 0x105, 0x92}, {&(0x7f0000000780)="64d18de7fafc537eee30a6434d85e2126c5f04f455253dc84ac55ac1aa23ca72ef92f8688b0b2fe5ccb86d16a8a71faaaea8d57d0e30469f420241f9d6f3210ea964a66068c83bfddac860a097d78741c158091dbccc67c4b22b3547b6adb44ff8a48451ae41f4bca4fac52225bcd28d560149e5bccfba1bbbd4f2a0e9307487030bca931306e7d29de8c18a22ce28", 0x8f, 0x7}], 0xac5802, &(0x7f00000009c0)={[{}, {'\xb9\x06\t\x1c\x15\x9f\x94\xb07\x85\x1d9\x0f<v\xd8\xd4\x89'}, {'[:\'-.'}, {'ext3\x00'}, {'ext3\x00'}], [{@appraise}, {@measure}, {@euid_gt={'euid>', 0xee01}}, {@smackfsdef={'smackfsdef', 0x3d, '\xd6)'}}, {@obj_role={'obj_role', 0x3d, '-'}}, {@euid_gt={'euid>', 0xee00}}, {@dont_hash}, {@rootcontext={'rootcontext', 0x3d, 'root'}}, {@euid_eq}]})
fcntl$dupfd(r4, 0x406, r1)

[ 2862.379125] EXT4-fs (loop2): bad geometry: block count 256 exceeds size of device (11 blocks)
14:02:51 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r2, 0xffff)
sendfile(0xffffffffffffffff, r0, 0x0, 0x20d315)

14:02:51 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 1)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:02:51 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0xffffffffffffffe4, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x8, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r0, 0xc08c5334, &(0x7f00000002c0)={0x4, 0x5, 0x1, 'queue1\x00', 0x6})
clock_gettime(0x0, &(0x7f0000000140)={<r4=>0x0, <r5=>0x0})
futimesat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)={{}, {r4, r5/1000+60000}})
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

[ 2862.396463] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[ 2862.413844] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 2862.419235] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 2862.420318] EXT4-fs (loop7): VFS: Can't find ext4 filesystem
[ 2862.450517] FAULT_INJECTION: forcing a failure.
[ 2862.450517] name failslab, interval 1, probability 0, space 0, times 0
[ 2862.451971] CPU: 1 PID: 18743 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 2862.452829] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2862.453892] Call Trace:
[ 2862.454240]  dump_stack+0x107/0x167
[ 2862.454703]  should_fail.cold+0x5/0xa
[ 2862.455186]  ? alloc_pipe_info+0x10a/0x590
[ 2862.455720]  should_failslab+0x5/0x20
[ 2862.456198]  kmem_cache_alloc_trace+0x55/0x320
[ 2862.456779]  alloc_pipe_info+0x10a/0x590
[ 2862.457293]  splice_direct_to_actor+0x774/0x980
[ 2862.457916]  ? _cond_resched+0x12/0x80
[ 2862.458435]  ? inode_security+0x107/0x140
[ 2862.458978]  ? pipe_to_sendpage+0x380/0x380
[ 2862.459538]  ? selinux_file_permission+0x92/0x520
[ 2862.460180]  ? do_splice_to+0x160/0x160
[ 2862.460709]  ? security_file_permission+0x24e/0x570
[ 2862.461377]  do_splice_direct+0x1c4/0x290
[ 2862.461940]  ? splice_direct_to_actor+0x980/0x980
[ 2862.462561]  ? selinux_file_permission+0x92/0x520
[ 2862.463197]  ? security_file_permission+0x24e/0x570
[ 2862.463858]  do_sendfile+0x553/0x1090
[ 2862.464377]  ? do_pwritev+0x270/0x270
[ 2862.464879]  ? wait_for_completion_io+0x270/0x270
[ 2862.465525]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2862.466153]  ? vfs_write+0x354/0xa70
[ 2862.466627]  __x64_sys_sendfile64+0x1d1/0x210
[ 2862.467191]  ? __ia32_sys_sendfile+0x220/0x220
[ 2862.467761]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2862.468408]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2862.469056]  do_syscall_64+0x33/0x40
[ 2862.469520]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2862.470208] RIP: 0033:0x7f47d2c10b19
[ 2862.470668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2862.472933] RSP: 002b:00007f47d0186188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2862.473926] RAX: ffffffffffffffda RBX: 00007f47d2d23f60 RCX: 00007f47d2c10b19
[ 2862.474843] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 2862.475732] RBP: 00007f47d01861d0 R08: 0000000000000000 R09: 0000000000000000
[ 2862.476638] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000001
[ 2862.477524] R13: 00007ffd9481803f R14: 00007f47d0186300 R15: 0000000000022000
[ 2862.498519] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
14:02:51 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 2)

14:02:51 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r2, 0xffff)
sendfile(0xffffffffffffffff, r0, 0x0, 0x20d315)

[ 2862.570806] FAULT_INJECTION: forcing a failure.
[ 2862.570806] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2862.572350] CPU: 1 PID: 18772 Comm: syz-executor.4 Not tainted 5.10.194 #1
[ 2862.573173] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2862.574225] Call Trace:
[ 2862.574566]  dump_stack+0x107/0x167
[ 2862.575016]  should_fail.cold+0x5/0xa
[ 2862.575549]  __alloc_pages_nodemask+0x182/0x600
[ 2862.576161]  ? xa_load+0x12d/0x2c0
[ 2862.576677]  ? lock_downgrade+0x6d0/0x6d0
[ 2862.577233]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 2862.578071]  alloc_pages_current+0x187/0x280
[ 2862.578663]  __page_cache_alloc+0x2d2/0x360
[ 2862.579242]  ? __xas_prev+0x360/0x650
[ 2862.579758]  page_cache_ra_unbounded+0x207/0x6f0
[ 2862.580409]  ? read_pages+0xbc0/0xbc0
[ 2862.580929]  ondemand_readahead+0xc6f/0x1150
[ 2862.581537]  page_cache_sync_ra+0x138/0x170
[ 2862.582138]  generic_file_buffered_read+0xc74/0x28f0
[ 2862.582826]  ? pagecache_get_page+0xc80/0xc80
[ 2862.583420]  ? lock_chain_count+0x20/0x20
[ 2862.583946]  ? mark_lock+0xf5/0x2df0
[ 2862.584428]  ? mark_lock+0xf5/0x2df0
[ 2862.584921]  generic_file_read_iter+0x33f/0x490
[ 2862.585532]  ? lock_chain_count+0x20/0x20
[ 2862.586120]  ext4_file_read_iter+0x184/0x4c0
[ 2862.586666]  generic_file_splice_read+0x455/0x6d0
[ 2862.587266]  ? pipe_to_user+0x170/0x170
[ 2862.587770]  ? _cond_resched+0x12/0x80
[ 2862.588267]  ? avc_policy_seqno+0x9/0x70
[ 2862.588782]  ? selinux_file_permission+0x92/0x520
[ 2862.589402]  ? pipe_to_user+0x170/0x170
[ 2862.589950]  do_splice_to+0x10e/0x160
[ 2862.590394]  splice_direct_to_actor+0x2fe/0x980
[ 2862.590910]  ? pipe_to_sendpage+0x380/0x380
[ 2862.591416]  ? do_splice_to+0x160/0x160
[ 2862.591900]  ? security_file_permission+0x24e/0x570
[ 2862.592522]  do_splice_direct+0x1c4/0x290
[ 2862.593008]  ? splice_direct_to_actor+0x980/0x980
[ 2862.593572]  ? selinux_file_permission+0x92/0x520
[ 2862.594232]  ? security_file_permission+0x24e/0x570
[ 2862.594872]  do_sendfile+0x553/0x1090
[ 2862.595379]  ? do_pwritev+0x270/0x270
[ 2862.595879]  ? wait_for_completion_io+0x270/0x270
[ 2862.596493]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2862.597078]  ? vfs_write+0x354/0xa70
[ 2862.597576]  __x64_sys_sendfile64+0x1d1/0x210
[ 2862.598189]  ? __ia32_sys_sendfile+0x220/0x220
[ 2862.598790]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2862.599489]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2862.600175]  do_syscall_64+0x33/0x40
[ 2862.600670]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2862.601346] RIP: 0033:0x7f7ecce43b19
[ 2862.601858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2862.604183] RSP: 002b:00007f7eca398188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2862.605160] RAX: ffffffffffffffda RBX: 00007f7eccf57020 RCX: 00007f7ecce43b19
[ 2862.606110] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000006
[ 2862.607021] RBP: 00007f7eca3981d0 R08: 0000000000000000 R09: 0000000000000000
[ 2862.607944] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000001
[ 2862.608859] R13: 00007ffc4b59a2bf R14: 00007f7eca398300 R15: 0000000000022000
14:02:51 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 2862.649146] EXT4-fs (loop7): VFS: Can't find ext4 filesystem
[ 2862.667826] EXT4-fs (loop2): bad geometry: block count 256 exceeds size of device (11 blocks)
14:02:52 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x0, 0x0, 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 2862.773857] FAULT_INJECTION: forcing a failure.
[ 2862.773857] name failslab, interval 1, probability 0, space 0, times 0
[ 2862.775374] CPU: 0 PID: 18783 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 2862.782555] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2862.783652] Call Trace:
[ 2862.784011]  dump_stack+0x107/0x167
[ 2862.784497]  should_fail.cold+0x5/0xa
[ 2862.785012]  ? create_object.isra.0+0x3a/0xa20
[ 2862.785619]  should_failslab+0x5/0x20
[ 2862.786165]  kmem_cache_alloc+0x5b/0x310
[ 2862.786699]  create_object.isra.0+0x3a/0xa20
[ 2862.787278]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2862.787933]  kmem_cache_alloc_trace+0x151/0x320
[ 2862.788513]  alloc_pipe_info+0x10a/0x590
[ 2862.789157]  splice_direct_to_actor+0x774/0x980
[ 2862.789705]  ? _cond_resched+0x12/0x80
[ 2862.790336]  ? inode_security+0x107/0x140
[ 2862.790862]  ? pipe_to_sendpage+0x380/0x380
[ 2862.791378]  ? selinux_file_permission+0x92/0x520
[ 2862.791973]  ? do_splice_to+0x160/0x160
[ 2862.792482]  ? security_file_permission+0x24e/0x570
[ 2862.793136]  do_splice_direct+0x1c4/0x290
[ 2862.793674]  ? splice_direct_to_actor+0x980/0x980
[ 2862.794321]  ? selinux_file_permission+0x92/0x520
[ 2862.794948]  ? security_file_permission+0x24e/0x570
[ 2862.795600]  do_sendfile+0x553/0x1090
[ 2862.796115]  ? do_pwritev+0x270/0x270
[ 2862.796595]  ? wait_for_completion_io+0x270/0x270
[ 2862.797167]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2862.797765]  ? vfs_write+0x354/0xa70
[ 2862.802375]  __x64_sys_sendfile64+0x1d1/0x210
[ 2862.802987]  ? __ia32_sys_sendfile+0x220/0x220
[ 2862.803590]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2862.804280]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2862.804966]  do_syscall_64+0x33/0x40
[ 2862.805460]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2862.810216] RIP: 0033:0x7f47d2c10b19
[ 2862.810748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2862.813098] RSP: 002b:00007f47d0186188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2862.814113] RAX: ffffffffffffffda RBX: 00007f47d2d23f60 RCX: 00007f47d2c10b19
[ 2862.815010] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 2862.815920] RBP: 00007f47d01861d0 R08: 0000000000000000 R09: 0000000000000000
[ 2862.816852] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000001
14:02:52 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f00000000c0)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff12a1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff9dcf57618093f87d5affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r0, &(0x7f0000000240)="01", 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r1, 0xffff)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r2, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r3, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
[ 2862.817778] R13: 00007ffd9481803f R14: 00007f47d0186300 R15: 0000000000022000
syz_mount_image$nfs(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x3, 0x8, &(0x7f0000000840)=[{&(0x7f00000002c0)="7efe6f3383c2bd3937909d2f77b833aa45d9e4fef03ce391b1661e16889896d21173346a174362aacc552d6ab84c83fcb4445fbe35687df365a06d24c6e3cc9768675921c4342df1c0ce8000440a9aa36f739b2c2fc0d47b61e3cba2f357777633b9b4486175a690adc7f5cee462b5d4", 0x70, 0x4}, {&(0x7f0000000340)="94599e2de71fbc99ba39f775a1d7846e7ecaa0be82a8a30d5ae9b225609dc505c4cf57dc7782c03349d133fd1c43c94791", 0x31, 0x8}, {&(0x7f0000000380)="f86ee75b41b67d7c51f9ff2f55f50941bfad27460bf79b272f60dd76d98f81c8f1143ff837a09be3f20508309b43e00d157cee816d1ba35d6d901190b0", 0x3d, 0x80}, {&(0x7f00000003c0)="b3cebccc93f8fd80989b6c4a4e782c8b1127dd3707f7b9631de42060", 0x1c}, {&(0x7f0000000400)="bf4e192e13e2d6b50b86b22fcf4c9b25cfb9a6e1811d775b5b584f50939990bbc98fb6cb631d5d19d0b88dd0ce147d767092aebf1d72f87a38777bfcc4fcd07b7185f136710bdf96b6a4b1baef0721fe2f4c26a97be83fe49aacfdd4b709b2254dd26b58a52c6921f1815f7eb1fc6f7a0dbba2ec1ad0b7f4315b015360b9760db152", 0x82, 0x800}, {&(0x7f00000004c0)="c2b1a6ff37809ec86369104505488debd97e073b9b6ca7aa091bdab552aa5d407b1ef1fec5cdd1ad73339e8dd65ea748ece1aecccc8baf62ba0e931d7411e5210e07807c435bc23dbf9d2ea1856a2c5f6da321bc641b16b07ee792e4fd6c2596f64dd60592587d1dfadbfca1e79c2864ad66b74a5cfd8f73fdaf2ee5567e92e75d0176f1ca4503d365fe74b017b85eec15d8a87203a8dfe676f291a292121df79abf4b6903321a1d97df9a9f7bcc1f0452a9afaff205991bd14b85e27778a7aaff", 0xc1, 0x100000000}, {&(0x7f0000000680)="a4b524709aa3a2f7d398d2644e63ae4112ba5058cf1714181ab37f7a7a3c24a428281e65513f94e72fefd51a7be068cfe668205b8a7dc5888eab36db3153a74c9e9011fbfa5ff1828621611b4b40bcbbe08778befdd54c4f2497e96361768e6bd0af68d1f5d5079b4f865864fbb8cd30cc59c6cdd4481f70502d966d4a310b5e1bee06273745bfd40c454c9a383abf7fd17773b96749a237eab31abbe240acde258b52e4c7674c74ca27ff9187d312031cbc4f0ee3335c488ee6ab397468037e781ff99577ca88f8e469f6d2769f17460b892c0639cb07b936160314388f6226660d3bc929e3134d8e0736962b18", 0x105, 0x92}, {&(0x7f0000000780)="64d18de7fafc537eee30a6434d85e2126c5f04f455253dc84ac55ac1aa23ca72ef92f8688b0b2fe5ccb86d16a8a71faaaea8d57d0e30469f420241f9d6f3210ea964a66068c83bfddac860a097d78741c158091dbccc67c4b22b3547b6adb44ff8a48451ae41f4bca4fac52225bcd28d560149e5bccfba1bbbd4f2a0e9307487030bca931306e7d29de8c18a22ce28", 0x8f, 0x7}], 0xac5802, &(0x7f00000009c0)={[{}, {'\xb9\x06\t\x1c\x15\x9f\x94\xb07\x85\x1d9\x0f<v\xd8\xd4\x89'}, {'[:\'-.'}, {'ext3\x00'}, {'ext3\x00'}], [{@appraise}, {@measure}, {@euid_gt={'euid>', 0xee01}}, {@smackfsdef={'smackfsdef', 0x3d, '\xd6)'}}, {@obj_role={'obj_role', 0x3d, '-'}}, {@euid_gt={'euid>', 0xee00}}, {@dont_hash}, {@rootcontext={'rootcontext', 0x3d, 'root'}}, {@euid_eq}]})

[ 2862.834986] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
14:02:52 executing program 7:
ioctl$TIOCNOTTY(0xffffffffffffffff, 0x5422)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
openat(r1, &(0x7f00000000c0)='./file1\x00', 0x80000, 0x40)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:02:52 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r2, 0xffff)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x20d315)

[ 2862.925195] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[ 2862.974345] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 2863.099205] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 2863.225213] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
[ 2863.336366] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
14:03:08 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 3)

14:03:08 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40004, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x3fe}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:03:08 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x3e}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = open_tree(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x800)
syz_io_uring_submit(0x0, r2, &(0x7f0000000440)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000040)={0x0, 0x989680}, 0x1, 0x1, 0x1}, 0x5)
io_uring_enter(r5, 0x6e45, 0x6b5e, 0x0, &(0x7f0000000240)={[0x101]}, 0x8)
perf_event_open(&(0x7f0000000340)={0x3, 0x80, 0x4, 0x0, 0x59, 0xe1, 0x0, 0x3f, 0x6c418, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, @perf_config_ext={0x400, 0xa}, 0x4, 0x10001, 0x101, 0x1, 0x2, 0x8001, 0xc8e, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf, 0xffffffffffffffff, 0x3)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff})
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x8, 0x10010, r4, 0x8000000)
mount$9p_fd(0x0, &(0x7f0000000300)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r4}})
dup(r0)
ioctl$FS_IOC_RESVSP(r5, 0x40305828, &(0x7f00000002c0)={0x0, 0x3, 0x1, 0x6})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
getpgrp(0xffffffffffffffff)
ioctl$sock_FIOGETOWN(r4, 0x8903, &(0x7f0000000080)=<r7=>0x0)
getpgrp(r7)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:03:08 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f00000000c0)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff12a1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff9dcf57618093f87d5affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r0, &(0x7f0000000240)="01", 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r1, 0xffff)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r2, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r3, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)

14:03:08 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x0, 0x0, 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 2879.571803] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
14:03:08 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 2)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:03:08 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xcc0d}}, './file0\x00'})
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:03:08 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r2, 0xffff)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x20d315)

[ 2879.604647] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
[ 2879.625975] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 2879.628510] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 2879.648098] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2879.651530] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 2879.654770] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
14:03:08 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x5000003, 0x12, r4, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:03:08 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x0, 0x0, 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 2879.691078] FAULT_INJECTION: forcing a failure.
[ 2879.691078] name failslab, interval 1, probability 0, space 0, times 0
[ 2879.694888] CPU: 0 PID: 18830 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 2879.695767] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2879.696809] Call Trace:
[ 2879.697160]  dump_stack+0x107/0x167
[ 2879.697642]  should_fail.cold+0x5/0xa
[ 2879.698156]  ? alloc_pipe_info+0x1e5/0x590
[ 2879.698701]  ? alloc_pipe_info+0x1e5/0x590
[ 2879.699257]  should_failslab+0x5/0x20
[ 2879.699764]  __kmalloc+0x72/0x390
[ 2879.700225]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2879.700902]  alloc_pipe_info+0x1e5/0x590
[ 2879.701439]  splice_direct_to_actor+0x774/0x980
[ 2879.702115]  ? _cond_resched+0x12/0x80
[ 2879.702617]  ? inode_security+0x107/0x140
[ 2879.703156]  ? pipe_to_sendpage+0x380/0x380
[ 2879.703720]  ? selinux_file_permission+0x92/0x520
[ 2879.704352]  ? do_splice_to+0x160/0x160
[ 2879.704871]  ? security_file_permission+0x24e/0x570
[ 2879.705535]  do_splice_direct+0x1c4/0x290
[ 2879.710184]  ? splice_direct_to_actor+0x980/0x980
[ 2879.710828]  ? selinux_file_permission+0x92/0x520
[ 2879.711466]  ? security_file_permission+0x24e/0x570
[ 2879.712130]  do_sendfile+0x553/0x1090
[ 2879.712643]  ? do_pwritev+0x270/0x270
[ 2879.713122]  ? wait_for_completion_io+0x270/0x270
[ 2879.713775]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2879.714394]  ? vfs_write+0x354/0xa70
[ 2879.714930]  __x64_sys_sendfile64+0x1d1/0x210
[ 2879.715542]  ? __ia32_sys_sendfile+0x220/0x220
[ 2879.716117]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2879.716771]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2879.717441]  do_syscall_64+0x33/0x40
[ 2879.717928]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2879.718615] RIP: 0033:0x7f47d2c10b19
[ 2879.719082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2879.721412] RSP: 002b:00007f47d0186188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2879.722401] RAX: ffffffffffffffda RBX: 00007f47d2d23f60 RCX: 00007f47d2c10b19
[ 2879.723229] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 2879.724077] RBP: 00007f47d01861d0 R08: 0000000000000000 R09: 0000000000000000
[ 2879.724928] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000001
[ 2879.725879] R13: 00007ffd9481803f R14: 00007f47d0186300 R15: 0000000000022000
[ 2879.739813] FAULT_INJECTION: forcing a failure.
[ 2879.739813] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2879.741881] CPU: 1 PID: 18824 Comm: syz-executor.4 Not tainted 5.10.194 #1
[ 2879.742824] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2879.743898] Call Trace:
[ 2879.744256]  dump_stack+0x107/0x167
[ 2879.744739]  should_fail.cold+0x5/0xa
[ 2879.745248]  __alloc_pages_nodemask+0x182/0x600
[ 2879.745862]  ? xa_load+0x12d/0x2c0
[ 2879.746358]  ? lock_downgrade+0x6d0/0x6d0
[ 2879.746876]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 2879.747647]  alloc_pages_current+0x187/0x280
[ 2879.748206]  __page_cache_alloc+0x2d2/0x360
[ 2879.748770]  page_cache_ra_unbounded+0x207/0x6f0
[ 2879.749405]  ? read_pages+0xbc0/0xbc0
[ 2879.749894]  ? ondemand_readahead+0x2ae/0x1150
[ 2879.750503]  ondemand_readahead+0xc6f/0x1150
[ 2879.751038]  page_cache_sync_ra+0x138/0x170
[ 2879.751566]  generic_file_buffered_read+0xc74/0x28f0
[ 2879.752227]  ? pagecache_get_page+0xc80/0xc80
[ 2879.752781]  ? lock_chain_count+0x20/0x20
[ 2879.753310]  ? mark_lock+0xf5/0x2df0
[ 2879.753772]  ? mark_lock+0xf5/0x2df0
[ 2879.754261]  generic_file_read_iter+0x33f/0x490
[ 2879.754834]  ? lock_chain_count+0x20/0x20
[ 2879.755354]  ext4_file_read_iter+0x184/0x4c0
[ 2879.755911]  generic_file_splice_read+0x455/0x6d0
[ 2879.756515]  ? pipe_to_user+0x170/0x170
[ 2879.757014]  ? _cond_resched+0x12/0x80
[ 2879.757502]  ? avc_policy_seqno+0x9/0x70
[ 2879.758007]  ? selinux_file_permission+0x92/0x520
[ 2879.758689]  ? pipe_to_user+0x170/0x170
[ 2879.759195]  do_splice_to+0x10e/0x160
[ 2879.759678]  splice_direct_to_actor+0x2fe/0x980
[ 2879.760259]  ? pipe_to_sendpage+0x380/0x380
[ 2879.760812]  ? do_splice_to+0x160/0x160
[ 2879.761318]  ? security_file_permission+0x24e/0x570
[ 2879.761951]  do_splice_direct+0x1c4/0x290
[ 2879.762505]  ? splice_direct_to_actor+0x980/0x980
[ 2879.763109]  ? selinux_file_permission+0x92/0x520
[ 2879.763708]  ? security_file_permission+0x24e/0x570
[ 2879.764345]  do_sendfile+0x553/0x1090
[ 2879.764844]  ? do_pwritev+0x270/0x270
[ 2879.765344]  ? wait_for_completion_io+0x270/0x270
[ 2879.765969]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2879.766596]  ? vfs_write+0x354/0xa70
[ 2879.767089]  __x64_sys_sendfile64+0x1d1/0x210
[ 2879.767662]  ? __ia32_sys_sendfile+0x220/0x220
[ 2879.768259]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2879.768941]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2879.769615]  do_syscall_64+0x33/0x40
[ 2879.770156]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2879.770797] RIP: 0033:0x7f7ecce43b19
[ 2879.771282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2879.773583] RSP: 002b:00007f7eca3b9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2879.774541] RAX: ffffffffffffffda RBX: 00007f7eccf56f60 RCX: 00007f7ecce43b19
[ 2879.775350] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000006
[ 2879.776178] RBP: 00007f7eca3b91d0 R08: 0000000000000000 R09: 0000000000000000
[ 2879.777002] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000001
[ 2879.777835] R13: 00007ffc4b59a2bf R14: 00007f7eca3b9300 R15: 0000000000022000
14:03:09 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 4)

14:03:09 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r2, 0xffff)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x20d315)

14:03:09 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f00000000c0)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff12a1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff9dcf57618093f87d5affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r0, &(0x7f0000000240)="01", 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r1, 0xffff)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r2, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)

14:03:09 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000000c0)=ANY=[@ANYRESDEC=0x0, @ANYRES16])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)
r4 = openat$cgroup_ro(r1, &(0x7f0000000140)='memory.stat\x00', 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000008c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r4, 0x3f, &(0x7f0000000800)=[{&(0x7f00000002c0)="011b37e5fa302048b9c71fbadd40f0bea46c0c2c8fe9c83b6e35264d0ba9bdc7346884790cc22647ede43f05e7d28b304fdf2bd179475cc18a25490eb74b0fbd97fa49d56b3d51324d56cab177c56c210e8dbe24ecc7984c8adce7c84bffe7d3056e46d4dbd3b24f357b3b33e826546eb3a8ffae3363be434502818de331959d37327b3973507aa3144c30a606a42181abfef5267c26e58b628b6577efb876de50c8bd8344b15422432d22671842687d18cac0f37d91a466fed5ec4a482bf2fe5e108f2051f337fb2c8d6f816547f566ed601da338e095f6b514b0b5ef537747459c351a", 0xe4}, {&(0x7f00000003c0)="8e075d1a0bdafc06da252a314ebb15b58fb17a7a9adec9305e1f3d1b051a95e723cf3b134c673fd3fd63a06e244c6baec4cbc0cb671505a213db27a042f8f3bf0e", 0x41}, {&(0x7f0000000180)="e2592835a6de272789fca29d622eb451ac5526a50594b8f917a525a68a6b2c91ef4a1c2685910cdba73c0033923f66", 0x2f}, {&(0x7f0000000440)="a542bc1366cdb68c8db54140e374fc7c4c897e3b8d42caa5d5c818c0847606e1222d7edac7d435703de2ae9af648c48ffd78737d89ca0550f845080f4c1a71aac427ed0dc5e949650712d64a4eb03e4593e0c4ed1aee7f5cc315b13d5f20607dce9205183cf1e4c4b206f089c695476404b980db6dcff152e30dff5283576db0ed539549fe38109e92d632a26662053ae0e2f4f2", 0x94}, {&(0x7f0000000500)="36f145bd80e33955913881329e13f65ed9db279a8651d9501c7115b7dd75dea3ff5f436d0d1a90c4bfa559f0bf0c58e6e2676b99324fd644f7", 0x39}, {&(0x7f0000000900)="fe98336c9b72e5bf64f6e041933c2d60919151cdf0e67401531da10a5ada590f3f42a1b0de6f10c4b9980a1aea340128a0c8f2d6d85c49ec595e21e1cf8463e62820925c9f55c9237766317fa63a13bde6bf064e8ccb1cb5fc008a5dd86d527d5e05984e7ccdfe6dd3e4cc6ad776ba106ec65e3642a22a935fdafd913616e5357bccead510fe549cb33116fb3d2c67e63234efc9530e134b2d78930987d13c46ae17ea254783f54bf20b537879f9a1f0b356a74342cd86224b832a5e12d16eff970574463ae0833002dbe6d9b39f9a661b35706cf82ceb086f3a48af52988910e6059a9d6a83504d85a8e03b7483dbe54b69c97b14", 0xf5}, {&(0x7f0000000600)="b437841d38bd07de51bdb0be32bcb0700eea8b1389eaa24a5197fab69afc5e0773ef7e4226", 0x25}, {&(0x7f0000000640)="217b0f7073c86d962f96375a6ffa7d9cf60cb40c4750dcb090c6775e20aee204c5986e1c805d34b340f1dc01ed1c7f02bb3d9917528ac2df0de3a57525bfceb87fd48b38794c5b48bc45c693dfffcce5715abd3264c80eec3e41872014ac25c536e672983f0ec9638b505f63106da6488aa7dbe1f2e40e4802f02a2d4b6a4eacdf837d72e635571c3e7423576a9965d34f1b37244b1d496e9a3675", 0x9b}, {&(0x7f0000000700)="6369913779d3f99b48827663c53f9480272e9348c6aba37374fe949e1b27d4cfa37f742bb550160d824c5a622a3190423bd0e375f26d1f7a7d5cf83b88d5966e66f5d42339bf7cc47d888bbc495a68876e4623e59e75ac4cab30ccd2003c51e80b03c71f2affced6ee43cc26f66ecced05b9ff2635904ce1975ee813a437adf252ea4de46049554688ec4e229ca9018710e73ea57a630f6e276dea32379981d055d493f3bfcbb5668021b9e80b40fc76991ed5f1e94316ee2bfe481b8833a1fa8f91a417b4adf17120f5cfa6ad215264836abd0b223397d84235fefd361ec8074ee8dbc7d43b738336dc38e8646f81690b5807badd8db229d7", 0xf9}], 0x9, 0x4, 0x1, {0x3}}, 0xe3)

[ 2879.953224] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 2879.965705] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[ 2879.979941] FAULT_INJECTION: forcing a failure.
[ 2879.979941] name failslab, interval 1, probability 0, space 0, times 0
[ 2879.981414] CPU: 1 PID: 18856 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 2879.982350] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2879.983406] Call Trace:
[ 2879.983767]  dump_stack+0x107/0x167
[ 2879.984246]  should_fail.cold+0x5/0xa
[ 2879.984753]  ? create_object.isra.0+0x3a/0xa20
[ 2879.985363]  should_failslab+0x5/0x20
[ 2879.985859]  kmem_cache_alloc+0x5b/0x310
[ 2879.986450]  create_object.isra.0+0x3a/0xa20
[ 2879.987027]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2879.987688]  __kmalloc+0x16e/0x390
[ 2879.988171]  alloc_pipe_info+0x1e5/0x590
[ 2879.988720]  splice_direct_to_actor+0x774/0x980
[ 2879.989356]  ? _cond_resched+0x12/0x80
[ 2879.989871]  ? inode_security+0x107/0x140
[ 2879.990434]  ? pipe_to_sendpage+0x380/0x380
[ 2879.990940]  ? selinux_file_permission+0x92/0x520
[ 2879.991498]  ? do_splice_to+0x160/0x160
[ 2879.991967]  ? security_file_permission+0x24e/0x570
[ 2879.992578]  do_splice_direct+0x1c4/0x290
[ 2879.993101]  ? splice_direct_to_actor+0x980/0x980
[ 2879.993713]  ? selinux_file_permission+0x92/0x520
[ 2879.994348]  ? security_file_permission+0x24e/0x570
[ 2879.994972]  do_sendfile+0x553/0x1090
[ 2879.995461]  ? do_pwritev+0x270/0x270
[ 2879.995940]  ? wait_for_completion_io+0x270/0x270
[ 2879.996597]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2879.997224]  ? vfs_write+0x354/0xa70
[ 2879.997702]  __x64_sys_sendfile64+0x1d1/0x210
[ 2879.998353]  ? __ia32_sys_sendfile+0x220/0x220
[ 2879.998935]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2879.999592]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2880.000186]  do_syscall_64+0x33/0x40
[ 2880.000626]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2880.001255] RIP: 0033:0x7f47d2c10b19
[ 2880.001758] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2880.004136] RSP: 002b:00007f47d0186188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2880.005136] RAX: ffffffffffffffda RBX: 00007f47d2d23f60 RCX: 00007f47d2c10b19
[ 2880.006089] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 2880.006953] RBP: 00007f47d01861d0 R08: 0000000000000000 R09: 0000000000000000
[ 2880.007867] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000001
[ 2880.008745] R13: 00007ffd9481803f R14: 00007f47d0186300 R15: 0000000000022000
[ 2880.013566] EXT4-fs (loop5): Unrecognized mount option "00000000000000000000ÿÿ" or missing value
[ 2880.065402] EXT4-fs (loop5): Unrecognized mount option "00000000000000000000ÿÿ" or missing value
[ 2880.069688] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
14:03:25 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:03:25 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}})
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_setup(0x25, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000380)=<r7=>0x0, &(0x7f0000002a40)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000040)=@IORING_OP_READ_FIXED={0x4, 0x5, 0x0, @fd_index}, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000100)=@IORING_OP_LINK_TIMEOUT, 0x5)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
syz_io_uring_submit(r7, r6, &(0x7f0000000180)=@IORING_OP_ACCEPT={0xd, 0x4, 0x0, r4, &(0x7f0000000080)=0x80, &(0x7f0000000340)=@in6={0xa, 0x0, 0x0, @local}, 0x0, 0x80000, 0x1, {0x0, r9}}, 0x5)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:03:25 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 5)

14:03:25 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f00000000c0)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff12a1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff9dcf57618093f87d5affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r0, &(0x7f0000000240)="01", 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r1, 0xffff)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r2, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)

14:03:25 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x0)

14:03:25 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file1\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:03:25 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 3)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:03:25 executing program 7:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r3, &(0x7f0000000240)="01", 0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, <r5=>0x0, <r6=>0x0})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000000580)={r6, r5, "66811f68e0c440bba4bcf609493241b2512dbb6769ef1fdb21219441b9d2937255c56ea8b443729c72bc47cf6386f73b7ce88432ac6f99b63a93b89e7443b46a773671dded77dc24ba79debef1df5ffcd9e2222930e25f8b7e1873aae1853d7d55b7b3b64a43657809e8ea816519bc0c7323593b9e24a473e537db27b2a3ba9b30d958d7ff8d4867d47df99ca9958a196ce0c3c2c20e2a72af42aafe94c107a043d58527121953dfabf2d3ba6f3e7b2f09c47a4a55c3f5a3e68724037035d781567270a828be9bbe626a85ac9fe77bfa461f8903fcd4986a3dcc6fa6ec88fc174630b23dd02e3cf61e2117f78c9d99aa7daf6f8a7d6c4a01ad17f50051be2848", "53e73264eba58c5de5d2384abbe8dd8ea72be01bfcd6daa041050a23a5ec27d5dcf0aed87f9bcc869c6ebf1c3630de884b54dd6680e1dea34f661675f984828459321f42fb83d749067850004e9da3375748fa74a4330a66e3ea1e62f2f6413aef353e78ed2acf544d3beb96eefde8336ba9c02208396979ec975179883dacee433aefb6ff1cd41b6438d2f32e0763cdc310e834afb6b92ba385e602882f705da688e37726aef9cc058a02dab68133c46f77e2355193c18fc3c0d70c5856ca61d344026973f15aa81b370a08537ef3733f3c6e5ca3c7b5de9386956019ec0bba0cd387dd3f63606989591987a9dfb27d9225a164158997325d0ef88eae9e1fc00645611ce229cf3e40de15b3798048876412e5224b27b51f15785fc3f6dd8af730312e558319274b8ada98580edfb7097b11502fce5a5abc504db249764eef116b808513d550660c186ed0f5f4921fb7b6cc0529c1eb72438455c1f667d0bd0b171b89b519612913b0152cd1b420b2a9a4df55199a0ebe110d1fcf5eebb46b91e7ae1c5c95c48038dd738f8cf670c2de9bb3d3a6f092d5738fa7ed3d6a657841bb3bed0dee2895781d82e4e2dc6b51998e88e86ff53f21a4ae8ac780306d35e90eb2dc5a3f3a7d43f5dd7ce3807cb00600f7e8754eabcc815bbef1a5382cd7ca73cc85d53020c051882911aecdf9b0ce7c1bfdfa8d820d5efd4b60bacb7e64d98fac78810f085c51a19b89289772196915c93a0503694ed2af76b6960aecf0f1af22ada485b6ac62befdf35a0916678df405ca99925089cd3812d7b09e3f91f4daa94d464df0725249ede75cc626be7a8ed7cb87c0ed46675ed79618746c44729fe831f1cf4e485815bd9f7cdf455f6437f736858cf3026b18ba39d1bddbf58e9952b7d4b566955b80cc3c058fca3cb7e6c5159c3e7367d09ef3e8881179f51c10baf5cf29c8dcdbebdfa73cda0d9ccf8ab5af9240f88f78633be5d7d91da541cfcc01d59ac4936edf9920b67d19a1a093cfd4e594a8b369da465604212c6af340f0ade89223c631ba2db120ac9cfa9bda5b00358cea4c63d66f2b99dd3d575657609224a8874f12e80025173bfe43d35072e1ca14d097201178a8e27e62d4ecad1833aef65d12690ab97e0a15fd60302d1e7e516c3a9440e8535d0d4615d173607be209fcf2b91227519a808f51bc24197c0d63d0e522cf60427c95fae6e6c4bff0f4adb0902b8746738b1098bcf3a884850b7d18856d5ed07580965a693c8f95654cba9fb33f8c46b01347b074e5709fe982852e0f23e5a83215b3547edca8386bd9ebeda5807f3e6fe9dd1b3030abe916e3b7ba9c0b6130acd60f0c9719b3eb136bc8f3690b3f8e8f0d99f88bc6492024e59be459d5a08eaff70c6be9aa884faf2b69a915e191dd6ad34c75e30a06a714969e7a679756d8a76b1c8524deb5d6c868ef5e216369e6bb5207052fd7e5df3fcf8763ca2bfd9db080558571e851862dcd200491138dfd8e5b285f2e68d5e4968d8259c3df6d28fc5fb636ecc7d3fcb3f4af712c8b1d69f9012b07f7e34d8e5e76708c0a50b75d880b65fff32b4cd092fd1c6b2c36c36bea6a1308144ffc8ef9f6f717fe63dbfdfc0a95fc89ada3cb322a9033c5e72b5bc4cf8aadc1f730955fffde0a2881779e1d61b2874269bf1aec2fd075a1616cd3908edcd912f86a8003f39ad8330cde56d5875d495fa2d0941a07b20502f4211ed029b6546bfc50aa2299f8bcf6d524fac760cb74ed195f9cd8f99a027ab4556ccbb486d6a8a0914e654b6add10e68084c6f2e4c66a001bc09de3bf665642833680e4452a21f4686b865ba8e7ed9ac6a5cb932b25aa71a7b1e0146a4cf6390b96bd66fe6f26117b215a1262c8b8fbeed354937d55ca22a8c5927e20a620f4999bd91c0b523188a22efde8809abd90628c9593df695e4e3aad21831ff7db1d39b8839f476342c77cbeb15d12ed034c483c13cde875dc01fd14c1a8ec5529686d957b061f935cb9dbc24a8396cbc705cf7fb9d2169f7e3558ac7869fbd1c43aa9c9399ef0034366833c275000b59870c2ae4f2589c3c0d6b85b74b0a32a04bb5252e1e5201a3d082755a09720377361c5969e67842091fb92b6f7dc38abfb821bd40d0f1040595eb9481e5d28aa25605d87827e0905b350d9fd2750390f5d9025ef6ea30d15f616e932a4559d5c72b873300c8ff0dd44d4df7cd74f4f12f22d2855b2648bb6ecf492cc967cf9c32197c8ba8ec9d1e71aaf612a4dc4bc77aa49d858a6a0086160d0cabc5b31f8873d76cd4106f6a23031e75f6b97ec47a2fd26761ede9d980e40432d797da8e6e923d8bae939d925b84b944da98cd262a3009049d6983c2c17ddb1e693a24302b03497906af4323d0c5b2fb58eb6f9f5c256e56ec880e4d90e82ccc4b722e8f506217c9831d59e9de32e8f36163a43bb2ceb5cdcad19632d9d12bc64b2516cc8a28ddfb84f5c77e2aac8e1d45a7f31cae51f9fbc8a6629144518c291f2b5d5e7612d72213936c09653a91978a678eed3c90b9234ed165f581bfd1dd1dcf0c1286c1c3ce6fa77cced6db8c7ab033a565aa05193d6435ac3e45cd9957f0215cf0b45e71627f0b67dd979d04b916ac5317e73787704936f14a07988abfdc676b7a2cc5e2ace9e4a8b6773617c9067a01b984fcac1ad4d254c21c3259953e5c63fd3353cc4cb41b109c24280e7f40e8ee7f4dd232f6f774f37484cc9c7b5a7bcee9a1a9fef639d691592f63986777812c2e922a5ce336a8600856f94fd5eb3773794b252b971035b604d375cbd7ae53a42e0d1245b351bd11c02e0aaaa4ee7734c31be793398ef7a01d80a9f10d1265a3ec1f20bfb7434567b0a3e63a4a31edd15fc92eaee1e765c7dc8937a716e095bb1a6ac9cd63c5ad726c3d9b92d56a0f678a36c3ace4184139f2218f2b579458d94eb2c286e8ec8e098e62b76df1c4c9b5a8ece01172a75aadee376586c4b76de4d7b07c703eb35ffc7be32d78a94b0c8eddba4d4d6ff8712791a53ca61a92416afc7005c83193c4258a05d8a4aae34bc3d770a083df1badc1629659804152a351552c66265197ea63cc0ae3712b38b8b88ab1674ebeafd41211e62fb2bf1036c7865456478470a3e7276f2c60343d2a90b4a2799720f3a602930b656f369f59fbfd991d9c9d74fa0f46f8e7b8a37f78e212b03a9de446ef4f6d44e75f754dab9d5f0314ec30a302ba619b5bb85a474695ceef68a9b6669669387656e19335918d3d8537759b79f5a368b4b603f2891f151b8c828340811f87509f269ef4390e3b2a58fc8167b5ae7413d35d55667cab25636790be0beea3fc242af0d4a3a9c7d663fad6dbea1909ebf24fb38e95e014cc6afa979e83c21f5961a674c50300d9f9cb7e73708c316e66a9417719b3d9ae63e1ce33c437e900830c65825354ee88b17dec89dde804b7dc17203fa18072afa405a3add8a56cffb7fb691fac87c79bc09fb238e797f5a12e19ba70ef8f167ba0f45c46f32169295a5e6d86f566be3ee415b14e846bf358681ec554fa9d92f3573f41656a50b88596337ef766f98c5df83ff4f33185694a63d429e152b9f11c954f08f21b2607445be9d533c32fdb637537e94c4bd05ec69eb031c63cdccaa90ac852b0ce95d13ffa86ee708da2463d3d122dc235d50d92dfb55b49db8d6b6dc15701ec36006f55cbf4bdc45a67dc20874484175801514654a01a553b06817b179f92a9c8c34fe0d66529f6ca7f2b9b3f3724b80b6421448b96fd394a2f027864308f2b5788cd7b5098387cdeae1cb2ed26a4452ca0c5e28ef5c3c384181e9431ae5e0dfc7542a2a6037cb70468ee5787648223dc9c05696b9b28e1b8f78446798aed0f98e0092d32c356608b71d0716810fa247886f59eb360370221e8b2720654c6352da009c4bb0e7855a65d40e458739567c6f23b2c519126e012afa244d8a99733a1d1598b6c59f3ec9062e0c892f99540768bc9fe6bcb163577f05a7c1817b1806d3f766169aa1590fccc26b696a3e5ff5e338fd076f36e9713fd2b284ffd5ccbb68cc45d00249cbacf293908ccd47bfe1ce91329c75750762e91be71ef76ad2dddbea7ba8edaf70bf860a80ea8acc7183532b8f3498b1b2de9538e40b6cbc9b7f88c73b8952abd9c2d832d4d92bd2d00830d37418f33e58de35b49321654c762510b54c216a9f698772ddfe5082c8539e8158f3ea4e5b6fb4ce48dbac281fc20a7aebb5ecb021fede4c9c17e01e7fe5d8bda4e6fc6844a6014551044632654be6c519778ab18e28a67107163fff2ee942d2257d5dbeb3e19d6190ce4f9fc117e1d23f1f317baa0c377ea3b72d49ae28ecba77277a516cae36ba6ee91bcef308871efb5245cd9420bac262f3e91c96645ec5097ee802f0f103e9fcf8de5d809404006c91613e5eac580a05b135844e09e412fc728213a15ef64c035ce57c5c68724242d7f039c9b139609f523b9d8b2e90e3c85367ab09133d8c319b2d70b6d85ae0662b37a280ba8d02f80cb62e49dff9d062f536de074992998f0fe94a4a96310f262f3363d084ff5bf8bd0769a6c1f73a241b962310f21af08a8f7849ad64dfd37f665a3cedc817a788fcce1e739f784d8e336f5b83b6a1cf73225be911355e65945af07fef1190e31080d6b177b716f2244167e6eec76a275b4a3125df0eb196fd4fde958924282b47094497c1ffe0a128d6d9e409c69bb0c20a4fdc19a8b7ec4c4a54afb8746554c2846b2b713a91f678e688493db73e46ea8359357fe93e5f62542ecf874a56d7f7417f18b4fd0327b231ab73ad60d6532e533ccff78926faaab23722516a6525588c8b7fd064d12fe22994a19d20303f0761d4b6b59101884adeee090519df00f79b066bcfabbc92de6e9a6e8bf2fa5fb57d0c8cfa0448c61532f77faab33b25291bdd300a2c64c341c2a5a96a326e1a4216b4723c849ce2b6cd084693d0792571751a44ba30b80b62b4ff0cefcb5d508b93688abaf3283f8918861b35468ed4a44d4e2db9196531d9ad4d2ed8cd47457732e522289cc8cb3e45ac065075394826abcdf9787d8f0a89e79e3a053df27007f3316459cc7acb571486fae3e81238c8a329cfc2f2655bd349b29856babab75908b7d07657ffaa6e02981772e328465c2a82871fc1bc63ddbf12e2b124ace7a646e1412f95d04346e4ad5580e4de7a0b5c9deaf8e4449e222504a3d08825d30e745b7e875783cc8127f628c158e39333f07d6b1a14570b0632e1defa0803dbf8d6f987ffd3ac29243facf91ae4fdff11ea015b95df174438984598dea0ff3e820f973a987c6fa69a31fc6e5ba4920e6d7db43fa0cc6765351d781259d05caac19ee5d01d14101e369a567fc67dce565c42c1b16ab3c38a34bff78d64c7df1de4"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000000580)={r8, r7, "66811f68e0c440bba4bcf609493241b2512dbb6769ef1fdb21219441b9d2937255c56ea8b443729c72bc47cf6386f73b7ce88432ac6f99b63a93b89e7443b46a773671dded77dc24ba79debef1df5ffcd9e2222930e25f8b7e1873aae1853d7d55b7b3b64a43657809e8ea816519bc0c7323593b9e24a473e537db27b2a3ba9b30d958d7ff8d4867d47df99ca9958a196ce0c3c2c20e2a72af42aafe94c107a043d58527121953dfabf2d3ba6f3e7b2f09c47a4a55c3f5a3e68724037035d781567270a828be9bbe626a85ac9fe77bfa461f8903fcd4986a3dcc6fa6ec88fc174630b23dd02e3cf61e2117f78c9d99aa7daf6f8a7d6c4a01ad17f50051be2848", "53e73264eba58c5de5d2384abbe8dd8ea72be01bfcd6daa041050a23a5ec27d5dcf0aed87f9bcc869c6ebf1c3630de884b54dd6680e1dea34f661675f984828459321f42fb83d749067850004e9da3375748fa74a4330a66e3ea1e62f2f6413aef353e78ed2acf544d3beb96eefde8336ba9c02208396979ec975179883dacee433aefb6ff1cd41b6438d2f32e0763cdc310e834afb6b92ba385e602882f705da688e37726aef9cc058a02dab68133c46f77e2355193c18fc3c0d70c5856ca61d344026973f15aa81b370a08537ef3733f3c6e5ca3c7b5de9386956019ec0bba0cd387dd3f63606989591987a9dfb27d9225a164158997325d0ef88eae9e1fc00645611ce229cf3e40de15b3798048876412e5224b27b51f15785fc3f6dd8af730312e558319274b8ada98580edfb7097b11502fce5a5abc504db249764eef116b808513d550660c186ed0f5f4921fb7b6cc0529c1eb72438455c1f667d0bd0b171b89b519612913b0152cd1b420b2a9a4df55199a0ebe110d1fcf5eebb46b91e7ae1c5c95c48038dd738f8cf670c2de9bb3d3a6f092d5738fa7ed3d6a657841bb3bed0dee2895781d82e4e2dc6b51998e88e86ff53f21a4ae8ac780306d35e90eb2dc5a3f3a7d43f5dd7ce3807cb00600f7e8754eabcc815bbef1a5382cd7ca73cc85d53020c051882911aecdf9b0ce7c1bfdfa8d820d5efd4b60bacb7e64d98fac78810f085c51a19b89289772196915c93a0503694ed2af76b6960aecf0f1af22ada485b6ac62befdf35a0916678df405ca99925089cd3812d7b09e3f91f4daa94d464df0725249ede75cc626be7a8ed7cb87c0ed46675ed79618746c44729fe831f1cf4e485815bd9f7cdf455f6437f736858cf3026b18ba39d1bddbf58e9952b7d4b566955b80cc3c058fca3cb7e6c5159c3e7367d09ef3e8881179f51c10baf5cf29c8dcdbebdfa73cda0d9ccf8ab5af9240f88f78633be5d7d91da541cfcc01d59ac4936edf9920b67d19a1a093cfd4e594a8b369da465604212c6af340f0ade89223c631ba2db120ac9cfa9bda5b00358cea4c63d66f2b99dd3d575657609224a8874f12e80025173bfe43d35072e1ca14d097201178a8e27e62d4ecad1833aef65d12690ab97e0a15fd60302d1e7e516c3a9440e8535d0d4615d173607be209fcf2b91227519a808f51bc24197c0d63d0e522cf60427c95fae6e6c4bff0f4adb0902b8746738b1098bcf3a884850b7d18856d5ed07580965a693c8f95654cba9fb33f8c46b01347b074e5709fe982852e0f23e5a83215b3547edca8386bd9ebeda5807f3e6fe9dd1b3030abe916e3b7ba9c0b6130acd60f0c9719b3eb136bc8f3690b3f8e8f0d99f88bc6492024e59be459d5a08eaff70c6be9aa884faf2b69a915e191dd6ad34c75e30a06a714969e7a679756d8a76b1c8524deb5d6c868ef5e216369e6bb5207052fd7e5df3fcf8763ca2bfd9db080558571e851862dcd200491138dfd8e5b285f2e68d5e4968d8259c3df6d28fc5fb636ecc7d3fcb3f4af712c8b1d69f9012b07f7e34d8e5e76708c0a50b75d880b65fff32b4cd092fd1c6b2c36c36bea6a1308144ffc8ef9f6f717fe63dbfdfc0a95fc89ada3cb322a9033c5e72b5bc4cf8aadc1f730955fffde0a2881779e1d61b2874269bf1aec2fd075a1616cd3908edcd912f86a8003f39ad8330cde56d5875d495fa2d0941a07b20502f4211ed029b6546bfc50aa2299f8bcf6d524fac760cb74ed195f9cd8f99a027ab4556ccbb486d6a8a0914e654b6add10e68084c6f2e4c66a001bc09de3bf665642833680e4452a21f4686b865ba8e7ed9ac6a5cb932b25aa71a7b1e0146a4cf6390b96bd66fe6f26117b215a1262c8b8fbeed354937d55ca22a8c5927e20a620f4999bd91c0b523188a22efde8809abd90628c9593df695e4e3aad21831ff7db1d39b8839f476342c77cbeb15d12ed034c483c13cde875dc01fd14c1a8ec5529686d957b061f935cb9dbc24a8396cbc705cf7fb9d2169f7e3558ac7869fbd1c43aa9c9399ef0034366833c275000b59870c2ae4f2589c3c0d6b85b74b0a32a04bb5252e1e5201a3d082755a09720377361c5969e67842091fb92b6f7dc38abfb821bd40d0f1040595eb9481e5d28aa25605d87827e0905b350d9fd2750390f5d9025ef6ea30d15f616e932a4559d5c72b873300c8ff0dd44d4df7cd74f4f12f22d2855b2648bb6ecf492cc967cf9c32197c8ba8ec9d1e71aaf612a4dc4bc77aa49d858a6a0086160d0cabc5b31f8873d76cd4106f6a23031e75f6b97ec47a2fd26761ede9d980e40432d797da8e6e923d8bae939d925b84b944da98cd262a3009049d6983c2c17ddb1e693a24302b03497906af4323d0c5b2fb58eb6f9f5c256e56ec880e4d90e82ccc4b722e8f506217c9831d59e9de32e8f36163a43bb2ceb5cdcad19632d9d12bc64b2516cc8a28ddfb84f5c77e2aac8e1d45a7f31cae51f9fbc8a6629144518c291f2b5d5e7612d72213936c09653a91978a678eed3c90b9234ed165f581bfd1dd1dcf0c1286c1c3ce6fa77cced6db8c7ab033a565aa05193d6435ac3e45cd9957f0215cf0b45e71627f0b67dd979d04b916ac5317e73787704936f14a07988abfdc676b7a2cc5e2ace9e4a8b6773617c9067a01b984fcac1ad4d254c21c3259953e5c63fd3353cc4cb41b109c24280e7f40e8ee7f4dd232f6f774f37484cc9c7b5a7bcee9a1a9fef639d691592f63986777812c2e922a5ce336a8600856f94fd5eb3773794b252b971035b604d375cbd7ae53a42e0d1245b351bd11c02e0aaaa4ee7734c31be793398ef7a01d80a9f10d1265a3ec1f20bfb7434567b0a3e63a4a31edd15fc92eaee1e765c7dc8937a716e095bb1a6ac9cd63c5ad726c3d9b92d56a0f678a36c3ace4184139f2218f2b579458d94eb2c286e8ec8e098e62b76df1c4c9b5a8ece01172a75aadee376586c4b76de4d7b07c703eb35ffc7be32d78a94b0c8eddba4d4d6ff8712791a53ca61a92416afc7005c83193c4258a05d8a4aae34bc3d770a083df1badc1629659804152a351552c66265197ea63cc0ae3712b38b8b88ab1674ebeafd41211e62fb2bf1036c7865456478470a3e7276f2c60343d2a90b4a2799720f3a602930b656f369f59fbfd991d9c9d74fa0f46f8e7b8a37f78e212b03a9de446ef4f6d44e75f754dab9d5f0314ec30a302ba619b5bb85a474695ceef68a9b6669669387656e19335918d3d8537759b79f5a368b4b603f2891f151b8c828340811f87509f269ef4390e3b2a58fc8167b5ae7413d35d55667cab25636790be0beea3fc242af0d4a3a9c7d663fad6dbea1909ebf24fb38e95e014cc6afa979e83c21f5961a674c50300d9f9cb7e73708c316e66a9417719b3d9ae63e1ce33c437e900830c65825354ee88b17dec89dde804b7dc17203fa18072afa405a3add8a56cffb7fb691fac87c79bc09fb238e797f5a12e19ba70ef8f167ba0f45c46f32169295a5e6d86f566be3ee415b14e846bf358681ec554fa9d92f3573f41656a50b88596337ef766f98c5df83ff4f33185694a63d429e152b9f11c954f08f21b2607445be9d533c32fdb637537e94c4bd05ec69eb031c63cdccaa90ac852b0ce95d13ffa86ee708da2463d3d122dc235d50d92dfb55b49db8d6b6dc15701ec36006f55cbf4bdc45a67dc20874484175801514654a01a553b06817b179f92a9c8c34fe0d66529f6ca7f2b9b3f3724b80b6421448b96fd394a2f027864308f2b5788cd7b5098387cdeae1cb2ed26a4452ca0c5e28ef5c3c384181e9431ae5e0dfc7542a2a6037cb70468ee5787648223dc9c05696b9b28e1b8f78446798aed0f98e0092d32c356608b71d0716810fa247886f59eb360370221e8b2720654c6352da009c4bb0e7855a65d40e458739567c6f23b2c519126e012afa244d8a99733a1d1598b6c59f3ec9062e0c892f99540768bc9fe6bcb163577f05a7c1817b1806d3f766169aa1590fccc26b696a3e5ff5e338fd076f36e9713fd2b284ffd5ccbb68cc45d00249cbacf293908ccd47bfe1ce91329c75750762e91be71ef76ad2dddbea7ba8edaf70bf860a80ea8acc7183532b8f3498b1b2de9538e40b6cbc9b7f88c73b8952abd9c2d832d4d92bd2d00830d37418f33e58de35b49321654c762510b54c216a9f698772ddfe5082c8539e8158f3ea4e5b6fb4ce48dbac281fc20a7aebb5ecb021fede4c9c17e01e7fe5d8bda4e6fc6844a6014551044632654be6c519778ab18e28a67107163fff2ee942d2257d5dbeb3e19d6190ce4f9fc117e1d23f1f317baa0c377ea3b72d49ae28ecba77277a516cae36ba6ee91bcef308871efb5245cd9420bac262f3e91c96645ec5097ee802f0f103e9fcf8de5d809404006c91613e5eac580a05b135844e09e412fc728213a15ef64c035ce57c5c68724242d7f039c9b139609f523b9d8b2e90e3c85367ab09133d8c319b2d70b6d85ae0662b37a280ba8d02f80cb62e49dff9d062f536de074992998f0fe94a4a96310f262f3363d084ff5bf8bd0769a6c1f73a241b962310f21af08a8f7849ad64dfd37f665a3cedc817a788fcce1e739f784d8e336f5b83b6a1cf73225be911355e65945af07fef1190e31080d6b177b716f2244167e6eec76a275b4a3125df0eb196fd4fde958924282b47094497c1ffe0a128d6d9e409c69bb0c20a4fdc19a8b7ec4c4a54afb8746554c2846b2b713a91f678e688493db73e46ea8359357fe93e5f62542ecf874a56d7f7417f18b4fd0327b231ab73ad60d6532e533ccff78926faaab23722516a6525588c8b7fd064d12fe22994a19d20303f0761d4b6b59101884adeee090519df00f79b066bcfabbc92de6e9a6e8bf2fa5fb57d0c8cfa0448c61532f77faab33b25291bdd300a2c64c341c2a5a96a326e1a4216b4723c849ce2b6cd084693d0792571751a44ba30b80b62b4ff0cefcb5d508b93688abaf3283f8918861b35468ed4a44d4e2db9196531d9ad4d2ed8cd47457732e522289cc8cb3e45ac065075394826abcdf9787d8f0a89e79e3a053df27007f3316459cc7acb571486fae3e81238c8a329cfc2f2655bd349b29856babab75908b7d07657ffaa6e02981772e328465c2a82871fc1bc63ddbf12e2b124ace7a646e1412f95d04346e4ad5580e4de7a0b5c9deaf8e4449e222504a3d08825d30e745b7e875783cc8127f628c158e39333f07d6b1a14570b0632e1defa0803dbf8d6f987ffd3ac29243facf91ae4fdff11ea015b95df174438984598dea0ff3e820f973a987c6fa69a31fc6e5ba4920e6d7db43fa0cc6765351d781259d05caac19ee5d01d14101e369a567fc67dce565c42c1b16ab3c38a34bff78d64c7df1de4"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f000005aec0)={0x3, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r9=>0x0}], 0x9, "134a81fb45fd38"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={<r10=>0x0})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000001e00)={0x0, r10, "9e568d0d7458ae96e0481797d0a7327d3e142f9d7ce71977ea545ce435c9273cb31f78b78971b0342df5b723568c0c69eb7dd2211de5ea09860f9d947235a9922d2016989695de7a13a1d3207685f7a8edf7eb76fb4746a1cc09a1c6acea192586d9749686f1fa8fe5767aa946b123affc7c9888ea56a7e0be8de9bc0b966932f5d773d59a8507c9732fee07b1195245eb8d531711af64693365a4d28557a9530753861f1ba8344a7f49bf557935c3eff1c949f4dd78175b553affdb007f91c4fab3262acd80c8e8c457f0258359736b8a81ab725ca4e10ad79d2b9a06398911a227bdc54a807ce5e8a5d1953bd61d75deb05440fb3c037847446eb3afc17468", "198eb587f32f4bd3f093bd548fa5c55670dff2bfe68c89a4b47ce9eb0acbf0883caec4853cc2081746167fdce4231c03097e28ea5d29bd96a95aee4cd85bb5ac7030ef5866d644ed2142f9af9f4a465d544c286f37d796597c5b9ff010b71390043b529c414fa234524a5d155ff1b7856940bfdaaf6390bba282877ab3a1c972ff34e639a4b0e03228c21a6898e7c8559f7152e8889e6754ec66be6887efc86591d563838a721413543e8117dca522ac227c1539d9d0dd940ae21563e86be9dd81784524f6e434c6f7729def6c934acfdabd28ad6834567eac6e4131c2aa88635ae21b7c7fc4c4991821ae937b28d8a999007a73a8a761bb02ba32f59db2e80540a9dc49f91bf00220f954d6282d7794756b31d6a92c51046bccfdd49bab0cc466f3e0a488c369d3c9a2794b53c79d270a153d232f5428bcfd48f58dba03d716a94446939b00daa544aadaf7747cb708f5dc4c986525caa7fbe7d8c24df5d853d2acfbbf5080ef2d2a248e1d2f25e6b10dec54ca8695ac87691c7299c97f6a6e0edaf1f408a41bb4122e8ff1653073eb90e41fefc0b44e75a55d6cad95b9fe60ec3450cdfb297287ca725e66557eda3f60d81c05509314dbc03f57a69eb519b8331377a41f4f4b87dbbc05c460640472c8d72025e383cdf1d18edbd0e54406206a60c5f12197225d2fc5c1871c4ffe9f740a4784afe569961e70cb019bceaff8c44235c4f2f166b634387e22e666fcdde2b8c0389f331acc03a08b19d1db53a261f5341a9b011c7788c440685e1c567e200bd5eb7b26ee04da022c8bed7b8463718b91230cd526bdf8d3666a6c6b571712e548bfdae06f8e55051f433297f7d096aa643fc7b1f9bb3bb83c6768134b4832c46ce24cd924a3aa141099e91fad235fd171908c8eadf29ee9f857bde58273ed37c54e1dc63bc40f007a674c1bdde31b7f3c86c605a26fb79e0c0bf7db1652ad15a487a59283eee36a636f1e690fdf7ab2745d55f3c867261d55b798553a82f9f2ee2608b00bed0a6236b96629d703a7af11c4d6c3b6f6b4ecf674b7ad99a691bd494d9088ec0fc4ed2d4876e5b48f75d78dd1f7c4f8bdd5a087a7a7bd7bd175da7b0e95d08671984a9b678dd0447e5627ddb61cd3f9113fa190f7ac1bab2e608aa29c4ef27fc9e6c9f60212e780b0613c8754af40bf07258896a7b3c6251d63ebff39ca6d9029782bc9031c557098c0ee2f41dacbe39088aadc4770aa2b6c3cc8810e6c19b56488388cd71274d8b13b1368f4a5b5adee45235f64608646b8399cf4a1e5b54aab3a9377b35b94fc2cb834ca604ff76b7f6fe9f7eee40323d3c06718a2ab91ac9d578f615a00d02ee8fea8d4f40894c0ad1372889294051a1ccccf7dfaf3017a328399b61e3602c4495deae6f6cb23641d1c99539ceada1467e8c69fd17924385b53209a8c2db60d86dae28a45770210b782225483c75024156791dcde650b9fb9fc2d46255cc075aee5ec7e9a5ee058612d9e0efccc91430d55764dc03aeac4cb9f1a71753bb33b158f257cc3347150af8ea75013521187f4bba8c0373a18d7de77f08a317662beea5f98b0f12b3124c561f74daf6a193252518027ce75f498e63013c3ae23c44c8d6271e21d0f88913d29c8a1eaf469f3f9bc10ffe41b94b987f071ae4cdfe4e9b844cac001760c73427ea1fde41eb2ac0e1100f3a540be86c1858e2c2a86dcd3ba7e25a7e054a44ce75593f7ca6e4c1861ad6b8a20cd2c376ac1230b71b242287aed3e5f0a89a1f3181b7cf07303b976b180223803bc06e8731d9701a0b7c8bd2fe7254c65d61b93effa602b92674308bb9b7e6a2fd7faf1f422e59172ecd6309fc8dcef31d12d72c6d652e5df7b97436ea0d313874a69ce62c364587525a394eabc663b2383f0e078b8968f2922d559cdd2d8730c4c2080149cbcefc6f807a0fccc487ab7fc33d6ac7eff9731eef13433c4daa645c2b2a2bc0ffd5eda80af97897a2e3743a26f06d788c00b70c9cef2ac17040e31108e5177071fcbb4d1741a54354465ae24db9bdf108719611205024da343048a6f0735ec6d47a41a398e4b6cfd4042ce71234f0e6b61d69dd4b2481082003313fa0a09d420e26a093e46fe5475165f30d67a1b7d8e20876cf8f9fb6117e2df45bfd34c2eab932f4b08ffe52ee64b8387fb2886585d1586e6a3db9b7e97ffc7f7f683b8ea7e5cbb2c62962c07636f7272c498a70466aa78267807f3fc6e45d7e3334c60f65f8d701be23fe0a05987cadeaaaf86eafc1701424f3a0b7db05b38b447bb4c34985222bcdf305c34af5d1eea0f5cd80337f140b6171d1c088ea927dfc39cecd3dac525f4f2649f191f437405261a13d05b1ef92a6bc4bced00c7ee712d673ba6f2f935472405e481d293c842a2603ee01f57321dc55869d5fdf57ca0c7fbb912cf9ab88fc4d1ef61e5533530bb93cc96e3bbf70f336ce19ced240eb7c30a0a7f222f10f961203faa81651e429c8b47329dc1cc5e73313fbb6574fa7bc490010bee3c6d6751e1b1402cd7e356513316cbcfa9774efeb40ef62fdaf0c44682e90be6893f0cc277951aa33fdf1c9c436b0d7e752629797af8da72ee90409ffc026928721c2a69a081e03ace4f608427647b724f0174d558f161c3928a87e59323a482feb7b90b0d69f3a2fcc00fcfdbab4694c4e48a00e8ebf7b2198df6e50150fae8c8642d8d47bce4e57edbf90d3662c325bfa4a08c36d340ed33cabf6ef47cd734b3931ece00ae79543beb71620de0f33d8123581d7dd3b75a45a015632375da9d0f1e2b246655351e77ad79d39ea8381267cca781f804b33b8c98f7e25e4fdb93429578becaf55bcb2468b126cae192402e9fd9c753cd57af8f962ed1ed034f5169759ed38d867400cb231e565f6f1293089e806c532f55833161525d861f841274c3b0dd4a210c3672a862e89591556dbc2613be0a87181ad752da26a6188bf0e87f647077cf6ef0d21e66baba799089afde1424640298c319130f33d156100fa29b0974ba87d7ac461a86af6beb80b908e45b94a78c01f26af4b79387c529a350f047212def4f67258c518e8d06b7a460efdc3480432a29bc610e456d2cc15195db87e06dd72cc8b812756ef5df79ef36f6e358da7d5fd48cef332dae4179465f3e038879b282147830b0713b26acccddc63548416fe4df45577015c07183fd375cbf0c211224f6b092be11f52eabfa8c6c013c7bb8f623b99696186271d48c7675c3dfacd59feb77d2398f0fce23a684863af73c62846a7d6beb1a0f723fad4b9763515bb415a8b8611de6291d023f0a84f61cbee60e3145296c6cf215b3847db68834feb5097d391aef656ed8b54dbc47f296af3334e3ea4de3f7bcc668cdf7162ff6d5a42f6fa77065424a9c26b986f09abe82b1b7b19d0b60089977d20af814a6d32ac13040d28690fafe95439fc97a69c21907623df8652c4e91f62e29c18a587db6617ef8781ce536aae99e11530ab0dfd2ce9abf533ff708919a6177a7ef01f0c2cd205b959cbf0ed9f5d63d2bea3eeb7371659ca26f15b1c2360e75300b537c04255462ba3f64a678849642a2d8e8f6df620057c06f00b38ecd635e8dab3b02eaf40c310e2bf8a3f855ae56b0ce9341b26430e58b8d365c04ea6b32c5afaba14d7280fb17f63f89c34885a67af3195b550ff0a241b0437b3605b144d48243c1121ab13399f650364e8555e124577edb015565981467ecdc69bd2a1ec25b1b801d2433000709a34366ce59706c778382252a2860d1facdec61ceaf9b7c37cde4df8fe7295a00f3f699eee58f310cd3b15a43dc0793acac37128a852c1f2deae19188f7345c5e20e6c72280de08d5afbc7f4f25980c8850b68cbbf840ad5c7e6a67aa7be1d9d9ee63f312536a5c0284a97cc3c08a504c2f47d40398272e720b6bdbc2d88a29f4fda3b77ada6f640c40d4c02f4e11c3c984d2d239d52c1d29b955cd0c2ab86935def69307bc99557004157f4ac998214159a6e5719c0e94b3560cf43579a9153cfe7283b1b649f8faf8ec103151c653870cfffb4646bc0339ff3a6e7906a13400c139a9e1ff3eb1d6bfbe79083d6bca2f0fb2a82311cb57e8372ab1a041dc6b4df7fcab8c64afa5fd5357e2a18eb06cf223b3b5a57ca508cfc9df373ad3e1c1eee0f709640db91f73548bcbeec02d52c76de60b4d736245b940d26764c1152182121a0fc8d7427412c49a14c66be1823f55ddad30f077f437cb8461afbfcc0871ca9a53b2747f31481b001b1e5c19ec39e287dbc61c4c7f03d5af6aac049210e1472ddd18a261a1983425723effd0f055428f99e6a39cfabc8af6363e27c72ea9ff2fbb714b2836cd098b2467cb7df8613e6f90f47f63895761c7e29fa55e35e150329cbcafc8f8d29fc97e59d21b182bedc1a89126e7544c77fd1265930b05b72e84849188e895eb30df9c6ed1c61035b350070d408de9ecd8aab3853a4c96c2d307085779c299ea2ae98ee185cc6aa1aafce616be295f519ea0c9629da6a7ab7ce6fb3a4cf699212b1eee27dc1491056a16fdbaa9e23c623567a67d215924a3febc6b612f97bac3954128ccfdd57d0e5f7bd83ae69a9e8f92e1be48c672ea2682bcac07a15cef78baf1af890f90c6d65d2c69024df1b6fe2cfa900347b619df2f7c76c0554e5953b530f247b4973fbc1859b76244c28f8b79c6ad6a725c2f103c0ab11ac4ab71a97909455bd6344f7f608beab4b1f985b43870359f48a456e6c43282e45fdb660d00de8ba22af5ab6428243534e3dd3a043e7a8c56e3fb0f15cea53b83008bf39421372c607757d48a8a00be59bea6124e41fdecc6273afcef2b4757c4a795feee0157f47c1e5c8eef69b979a4650d75f0f71e1e088b9b0968132dad9d60b723573dafd21a29f02eb3ab772c41f74f30995c9998f4c91015523f14f8fdf85ab8fb20af6fe3e8ec893355a6df7d2c867ff1ee47e269a96823740a0a083ce98c97f1e775834df932640ed9386228aca92bb857f22b836ad17fa7ce679076bb6c650a8af8e850319a7e86c53bcae9239b0799251c94b35dd61951d727228fa5b9d454258e8c184bf59b85eee93ba191b9e33d2ddab90427dea61a1ab33e5f33e241a0b5548f91b834de396ea0f89e30dede3cbc6b8a8f353ad6f292053cd79685756f29b1b88b27d45152a4688bdf1ffb477d8b57765428a501d4b945720982f4741cd96564b8441f9c3b5fbb3bd62730ed5fb5e4f799da543dde210676286d5ee015b97577f123a3c7f62abbbfd484b4049a544f1566262ea85c372f09b52a8c3b6079f90869bbd945c8a34721388be24790a5d435aa307faf5d3a5efd593fc671a9db7d296836130acd70f121c76548dd3692b0d821f3a0dee1f5d573ae1e46cb57d7461a0897"})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f000005bec0)={<r11=>0x0, 0x0, "90dd25312d654e5a1b30e154a13cfd42e6293bd51adc4769c0097df831cba2bc4fa7dcba0dbe16d6a47a797e6821f5ea741693286bd6a17ac3fb243a7bdc3c927c5bcaa61c021b878d381a8666fc35e163320a607bdfee2125307ce804ffd63a1ab8bbf883b936a9b91c1c9f3ba48552a08651a039865792ba9c435b801174fba769f307fc4eaba912166cec4db918f1064c018d4ffe9c2a32f60892b276e7b1f47100dde811b233714bd42d6857515b5412933016083afbfcbe40c9349b8c3569e6fb04e6b670a11301b5d20ce9de1b365d99c37fb0cd48b3148851b1d651d4edd59aae426de605e4759e2f8aead16bb612bdb25e6c3f5c271cbec488fe88c9", "5ab7675069f851089d50d232493a365efed9d2e603a8eec3c8e935749e0cba9507f46d412abd54fe38dfa23d195cf526f6b4588111f80e679e719d448d1c448e451e8c72f57ca01ef08c89bc60d5e865da5d524c9b331ee64c960c625961650b3a5529553a753eb95fcf82130ec89b31346330d382da7519ee8c4979d6a43321ca9358878246a481d2766e8399a968a487afbf1fcab9241ed1491de0bdc5998ab60ec891408baff93471833f70f63c4bcdda6d0bb7f3ce3970cf216cbb8bd9eacb20f70873a915ea87ea21246a704d651eb3a640f60fb7a578bca580edf2f73d296a5d03d5070a13b2919bb30a793e1284030c7872c3d9c6b6443f984d3f05ffc02c9540ad6d9ba48bb5e01e91507b0420a0081a85e8a6646ccfb809c9946352f252da9295ac9c81f19e09c6962445dbf4017b7c0cdfc86b20ca1967da8a21b5daa665350b3af96aed71dc32e2a77de10aca149c4d2140251c991cab4c3efa19933facad67cc14738788934f48829c3a26179c921644f336ea2a723f63b5a5553ef37a0677fd53f4810f8133eeec385b8da034d34a7e6bdffdaeb200fff4730fc089ca47ac02d4aa84cd7ffe44efd0fa0595fdeab7700798fe3448be5928b235cf871116c4d40f6e741554740d42dc7a23517789c30fed716a995e1cccd46454616d5f4f530d7ca3f332d596873af3848c28068735cb109cc528794ca87b7a1bfa95b53feabe98062f0d969aed60d33516c966903c6bad65d826411687774c7fead611aa2d879d797056add43f262e26d1a2202345aa34ed32c7efddb36bbef41e62e88160817ef7f50a9b841dec47d31447e5c15c28f9bdf2ebfaa560eb83d899721b7d959e29dd76efcc66e5839cf9f36626af55568fdd5dbdfc315c0218a42f9458c6506a422c168d678c9b58dc9c0996748bff8564f2661f530f4f327b7d791912294feb9c5b6b866b13d5e8594d6c12d5667acbe920409130d85fa9fb0a4f2eeb3860f62a676780475686f45ae698005a94f13aedfefbbd8f2b184064a60d7cd9f9d06791bfe7d91cf7c63578eb03218c2909772b4ded1013925c20c4a99355b94713e4c5440d4867e943e4c748f667a06d32b9f709d650795126c74a9e550dd2d93a5156354ffa4bac86d4dc6b33911708b9e42c163515d69bc6376358912ea5f52a50bde77fcd7bf957f27d43f72adb5b453948353c34a3e9c423ec08ffa987932ff8cc8473d30a8bf6dbefa379a18ca1653b0296ac2ff895fa49d58f4ccdf8bb5cf1d7817b66839256a1de0da5ab1065a618d563f62ff44216bc0eb7426fcc7fc5f8ef5164425236b6cd1486488db6604b8f11b9f48831b851d001ed8d19c03d328f3e71a8d4e1795bfce32121ecc1017c542d1592dabfab0c2c4a99d91306d291452e6f0d7cf07e18509cf146424f23773b478e6e9ad91ceb3a443974ce68392cdd21b01b6c0f57822c1bca3f913f71b81b7cc3795506c011f51997d0077e654142286c1f2ac5879302416ef0cd9795e927c3c1ceae171781eb283ed892e16b15368820490aac5dd5b9bcf08098b6dbc13aec8310f8192475d10d77d8ad6ac619dd407742d2cf9149985802d1653ac3fedd5ea5abb5e99103425ada7a8b4bba2803b573ec590337bc296fa7326df03e6691df0a496a4437fe1596fd6f8e2c70e62510cb6d92b4122e5d8f23fe283129a8bfb6e23d5ee8b22139a6adf8630b4bfe756d87a8c1ef173beecaf553b3c81594c26c9c2ea5063d7c73a113b57ab3116cbf8043a2fa665b04e9c854304e9e0558f538948e618b40b093ce160b596c9e0f1496b215daaeaf044588b14c4a34e30415fe62414c446e017d366af92aca9f67e382e444c1ac8db56cdcb2972b9b6f9f2f402329af55ddc7f8a94feac9c668fd7ae7aa9aeba5dd4cf9d62c6065bceae2408376305c9d087e9a6350453adfc9c0877ffacb77e15c083d1a03df791a9d7f11e716c8bc24f5589336ae10a43f75155513ae9ff6627066dfae8e6b9293059f551aea88c3f5c96f1f8101d6d7621b8e24785ed8c4649b297b588e274ae971aa2e5a4dff117b79351b658ecd86bb6022744329b647eadf8d11dd204f85047187010b19b6a056e960117d17c34c6f24066c43e703b2385cdf5a8047bec5df5a2a42227673973c7c1812a10bc4fcce64fe48479cd7e098410ec51a16a4c1b9b72e20ce8b3b4692ff7f063215ca0c8866724386a63623c59f6be49f5857ba2c47f395f814bf046cb9b90005b6c59efd2db4ce9e4e9f1a2d6d2d64e9f09239ed3ea3440956457308911890324bfac89ee8c804f09fe23fb420349965a3e185ab98e53c4af94fd238f35222d4ea0b5dde5ce0a87d06408d43b8f89902267ba83a289dd816e15cb70de35b8e1e86204cfda93c277563f53421ca832b1001998cb324567ba78856f2e8d96d37f3313b9211024feaa69d20cea2c5118e1e37f40749ba3e801aefdf9fd9ed22e8eb57ac9b402d753c75f873bad81213d0b8af84b48bd6b6e5768c5247ea36717658efd5eb36c67f3b0d900927a96adaa736a033f5267623b42a84fbc092b97bb473137aaf0db82c9ba8764c2a5ecdee4afc85c992211c28dfdfb54c3d6141130df854d20acc990673d89b0e265f70a28255350464a35522ec622cb02b5bde01fc7af549fed8fc533af71e30f3220dd6a0417e952eaca3fec66632ec27aeb59e6b045eceac25137b67218fbafc60ee5f2fd56b15a7cc7e8b20cba7b5966b0bb0a1e9ecef421037a38483b0cd01945adc32ba7eecdd37dfe9bf9da5c0933ca065e77b563b795673abd6757300384ff116873bd3aa5630901336006f5945c4fa59473c2fdc337c5e0f512fb9e5410f3fcdd07656ea40a1df828f27fdbc6883473294d18e87e6cf1afa2e434e51b6e313b2c9047f3abe5ce0f5da890da185a0df8640360326ef5649eb67dee1cce59f20ca58d5c3987f2194ba38b55f17a214bedf6c61bfd139b727886cc6e3678499409c9354b61ab265f7db28ea4c334ba27883448d1932d2c9a29e69893a0d486c69a31b131fb702b6071d21c53265c3f3a21408b60b8a1d951fe6846d9d55b1c71a9a3dc35c19faf319a8747ce19327b51aef64e59b0a12d4814c2a6f6ac2e203996f9a927b26dd81b37caddbc824d592adea0f7db5478bc5ffe4da5f80e574b3713aca8a5ddce7123cb0f6cfc546392ba114eb71463089b21039913d41fd9dfdbc945b6eb8d7165c193625338b70f3246bcdeb5797a3e7e9dd07f7f31d31dd33077342966b1b3b0b2695a1b79a403a90504aa6fb40124bc1accb9c77aadc444ab26da4772b0b70a995ca0556bd80a5d2c109b5b0815ed8ad96d12f312919efb5278e981ce5735c0f6d0dfef9192a51bb0ab6f4832aa15178e433e9b9f374ddb67d20bae4c00f5848ed56c8ee84fba002e81e162e8ecfc4bbe2a2c698125dc390e2ed108d7f9eab39befec639b9dab6f3da2792929667e594f98c81108b07f398589c449ae9ffae68f76eaf5620951dc00595ea8fdb7afed9d4ee73cb0cbc46e2684d2c8d13e3f42ec4c64b0c4ba7932951dd3e28580901fa8ea3d2858ac1a6288bd0e95686eefd083e310438f3d768a9ad5e7e475efbe84eff9eb9d6008d054e019d886a4374dac7d39da59cb3b06e7e99eeef99d2e472aeb7fd0a14b8d28f2ca6d78679a59642dcd5e3cb0bd1efa03ea3faaad3535e88ceb9e6f9bf3cfe90e49f917f0c9bc100b72f26f92ced929c37e7bc5f26a3cc43760a9c504d4bcf0d656dd4bb74bee9fe316ebebcf65a7915bc3cbd56bd0baf66a1345434aabb699ac0cd41f4dac70df059751b5825afb57182704e4ecf5fb956d3c22ac5a9a13e74f7906d7c49ac49ccdd6f2277cd43d6aa6b1c9d295eccbcc8500661f7ea646902876420a80a47de3006f7f6b4a631cfafe9f671033818317914154933e862fd6eaec48fa19b4253fc1aa20220b319b277c018f0b6846199c27f5468a16ffad6db021848f1f96e3b7c9ccaac7a82fad61fb338101b3db2cf3ad9abadfd25822864e0b863794c75baf7ae5fadcdcf5af2fe31409148ccaa2f49521666200d086eec5dd3ff6863ab6abba205df1a84303023fbb28be817af82abdebf2619165ecac5a4ab2a53cb42dfd8690cab54eb8e855f5eb013cffb870aaaabfd0a3666d39fc4c729e03482c87b59fb6b3aabf12a603c5cc983f275399fba872ba44c813e9f6a9910086a3442bcc9c3e0c024dfd4f2f97fae84f1a7ebfec2b11059db6b41208c278bd681ea6e2405b6a6cf4f7be5046beba67b4f36d90c9a13a8bd8ec603f56092d606fe83d6c46b3712db82edc319f048d65621370228e8f6a72413acba0c4ad05c5c8a9f830f02b9ed04bfc1051897e09703d7cc746d15518a3e78873e41b98800659e2e21a6fdfea0f6ba49cc1652b6bdf78cd25676b4855231335891011b890229e8cfbaa83788841a9f14e471179abc5146c75e93b9ba41bfb51b11367e24993bf62c8b894a7e7b64c3cdc7cd485e939ac326afb58d8f6716c00cbe1eb10635368d7592c9e7808ec815075574de67c1d4b488e1514912e264f9e8f0bb45dcee498f8d373957eaad24d13913dbd65156702f0e008533d360310e6faee158675369f9af91ea303070cd5036e456dcc8e4e2938d9ad4c6390bda7a0ae580c5392d9a551644ca660f2e01e23d7c7577d0e025d65e3d2c972d61d885242b371080b6539fce81ce0557181ef156826478676d86bb565c4c5f091ae5ee232a08a0fb01400e1faba4730d473ee5aa57ee2aaffa039db7609aba1347d3df1c463bc416455e92ce265391578873e44c0a08c13379b8ad49697d278cf025899aeac07330e2ad4bb503da2f8367bb41b0f131e9b735b479a8fbc663f62c798945f52cad01c20ce738e0a764ec3d34e61bffbc4ff2987e0338a5dc1cfde6aed61e7642d1b1672a3760f39cf34ff2fce9291913b7f867d6603f10e3171610c63b3004d97f817ba93b71edd8ef3f7fb41c9cf40e3f087b236580b93c952d3aa63323d5a81e06a919655c08f3cf3273b6cca46b21dc8fbc1f108eb6ff5191b47b8220dce60f87d94b59181b06f078ee85b8591725b7be05a8fa8acc437f16b1f48a33760f8b043def70297b610305d96a60d32896f347775076e72b46b81bcad505e99fb78101b6f887747bccd2cdeecac1a33537849a6c679694f60e49387b9b1f9e5955d91e8f035731586b371590b0e68fb282a00b34ba7abf22192bb9c2e04380f1aabae91cd4e39a4ef9c503ede6c2565b47e26bf84edf3daf942cb71d708c781c1a46511b814ebde0dd64a11786c3ba908ddd8e03aef195f3ac57340ea817fa5f973850335d03ecc95a61937ad49302fd4d38121c3fcfeb277b6856563fc0dbbaa615753e0899f84a"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={<r12=>0x0})
[ 2896.108180] EXT4-fs error (device loop2): ext4_fill_super:4962: inode #2: comm syz-executor.2: iget: special inode unallocated
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000001e00)={0x0, r12, "9e568d0d7458ae96e0481797d0a7327d3e142f9d7ce71977ea545ce435c9273cb31f78b78971b0342df5b723568c0c69eb7dd2211de5ea09860f9d947235a9922d2016989695de7a13a1d3207685f7a8edf7eb76fb4746a1cc09a1c6acea192586d9749686f1fa8fe5767aa946b123affc7c9888ea56a7e0be8de9bc0b966932f5d773d59a8507c9732fee07b1195245eb8d531711af64693365a4d28557a9530753861f1ba8344a7f49bf557935c3eff1c949f4dd78175b553affdb007f91c4fab3262acd80c8e8c457f0258359736b8a81ab725ca4e10ad79d2b9a06398911a227bdc54a807ce5e8a5d1953bd61d75deb05440fb3c037847446eb3afc17468", "198eb587f32f4bd3f093bd548fa5c55670dff2bfe68c89a4b47ce9eb0acbf0883caec4853cc2081746167fdce4231c03097e28ea5d29bd96a95aee4cd85bb5ac7030ef5866d644ed2142f9af9f4a465d544c286f37d796597c5b9ff010b71390043b529c414fa234524a5d155ff1b7856940bfdaaf6390bba282877ab3a1c972ff34e639a4b0e03228c21a6898e7c8559f7152e8889e6754ec66be6887efc86591d563838a721413543e8117dca522ac227c1539d9d0dd940ae21563e86be9dd81784524f6e434c6f7729def6c934acfdabd28ad6834567eac6e4131c2aa88635ae21b7c7fc4c4991821ae937b28d8a999007a73a8a761bb02ba32f59db2e80540a9dc49f91bf00220f954d6282d7794756b31d6a92c51046bccfdd49bab0cc466f3e0a488c369d3c9a2794b53c79d270a153d232f5428bcfd48f58dba03d716a94446939b00daa544aadaf7747cb708f5dc4c986525caa7fbe7d8c24df5d853d2acfbbf5080ef2d2a248e1d2f25e6b10dec54ca8695ac87691c7299c97f6a6e0edaf1f408a41bb4122e8ff1653073eb90e41fefc0b44e75a55d6cad95b9fe60ec3450cdfb297287ca725e66557eda3f60d81c05509314dbc03f57a69eb519b8331377a41f4f4b87dbbc05c460640472c8d72025e383cdf1d18edbd0e54406206a60c5f12197225d2fc5c1871c4ffe9f740a4784afe569961e70cb019bceaff8c44235c4f2f166b634387e22e666fcdde2b8c0389f331acc03a08b19d1db53a261f5341a9b011c7788c440685e1c567e200bd5eb7b26ee04da022c8bed7b8463718b91230cd526bdf8d3666a6c6b571712e548bfdae06f8e55051f433297f7d096aa643fc7b1f9bb3bb83c6768134b4832c46ce24cd924a3aa141099e91fad235fd171908c8eadf29ee9f857bde58273ed37c54e1dc63bc40f007a674c1bdde31b7f3c86c605a26fb79e0c0bf7db1652ad15a487a59283eee36a636f1e690fdf7ab2745d55f3c867261d55b798553a82f9f2ee2608b00bed0a6236b96629d703a7af11c4d6c3b6f6b4ecf674b7ad99a691bd494d9088ec0fc4ed2d4876e5b48f75d78dd1f7c4f8bdd5a087a7a7bd7bd175da7b0e95d08671984a9b678dd0447e5627ddb61cd3f9113fa190f7ac1bab2e608aa29c4ef27fc9e6c9f60212e780b0613c8754af40bf07258896a7b3c6251d63ebff39ca6d9029782bc9031c557098c0ee2f41dacbe39088aadc4770aa2b6c3cc8810e6c19b56488388cd71274d8b13b1368f4a5b5adee45235f64608646b8399cf4a1e5b54aab3a9377b35b94fc2cb834ca604ff76b7f6fe9f7eee40323d3c06718a2ab91ac9d578f615a00d02ee8fea8d4f40894c0ad1372889294051a1ccccf7dfaf3017a328399b61e3602c4495deae6f6cb23641d1c99539ceada1467e8c69fd17924385b53209a8c2db60d86dae28a45770210b782225483c75024156791dcde650b9fb9fc2d46255cc075aee5ec7e9a5ee058612d9e0efccc91430d55764dc03aeac4cb9f1a71753bb33b158f257cc3347150af8ea75013521187f4bba8c0373a18d7de77f08a317662beea5f98b0f12b3124c561f74daf6a193252518027ce75f498e63013c3ae23c44c8d6271e21d0f88913d29c8a1eaf469f3f9bc10ffe41b94b987f071ae4cdfe4e9b844cac001760c73427ea1fde41eb2ac0e1100f3a540be86c1858e2c2a86dcd3ba7e25a7e054a44ce75593f7ca6e4c1861ad6b8a20cd2c376ac1230b71b242287aed3e5f0a89a1f3181b7cf07303b976b180223803bc06e8731d9701a0b7c8bd2fe7254c65d61b93effa602b92674308bb9b7e6a2fd7faf1f422e59172ecd6309fc8dcef31d12d72c6d652e5df7b97436ea0d313874a69ce62c364587525a394eabc663b2383f0e078b8968f2922d559cdd2d8730c4c2080149cbcefc6f807a0fccc487ab7fc33d6ac7eff9731eef13433c4daa645c2b2a2bc0ffd5eda80af97897a2e3743a26f06d788c00b70c9cef2ac17040e31108e5177071fcbb4d1741a54354465ae24db9bdf108719611205024da343048a6f0735ec6d47a41a398e4b6cfd4042ce71234f0e6b61d69dd4b2481082003313fa0a09d420e26a093e46fe5475165f30d67a1b7d8e20876cf8f9fb6117e2df45bfd34c2eab932f4b08ffe52ee64b8387fb2886585d1586e6a3db9b7e97ffc7f7f683b8ea7e5cbb2c62962c07636f7272c498a70466aa78267807f3fc6e45d7e3334c60f65f8d701be23fe0a05987cadeaaaf86eafc1701424f3a0b7db05b38b447bb4c34985222bcdf305c34af5d1eea0f5cd80337f140b6171d1c088ea927dfc39cecd3dac525f4f2649f191f437405261a13d05b1ef92a6bc4bced00c7ee712d673ba6f2f935472405e481d293c842a2603ee01f57321dc55869d5fdf57ca0c7fbb912cf9ab88fc4d1ef61e5533530bb93cc96e3bbf70f336ce19ced240eb7c30a0a7f222f10f961203faa81651e429c8b47329dc1cc5e73313fbb6574fa7bc490010bee3c6d6751e1b1402cd7e356513316cbcfa9774efeb40ef62fdaf0c44682e90be6893f0cc277951aa33fdf1c9c436b0d7e752629797af8da72ee90409ffc026928721c2a69a081e03ace4f608427647b724f0174d558f161c3928a87e59323a482feb7b90b0d69f3a2fcc00fcfdbab4694c4e48a00e8ebf7b2198df6e50150fae8c8642d8d47bce4e57edbf90d3662c325bfa4a08c36d340ed33cabf6ef47cd734b3931ece00ae79543beb71620de0f33d8123581d7dd3b75a45a015632375da9d0f1e2b246655351e77ad79d39ea8381267cca781f804b33b8c98f7e25e4fdb93429578becaf55bcb2468b126cae192402e9fd9c753cd57af8f962ed1ed034f5169759ed38d867400cb231e565f6f1293089e806c532f55833161525d861f841274c3b0dd4a210c3672a862e89591556dbc2613be0a87181ad752da26a6188bf0e87f647077cf6ef0d21e66baba799089afde1424640298c319130f33d156100fa29b0974ba87d7ac461a86af6beb80b908e45b94a78c01f26af4b79387c529a350f047212def4f67258c518e8d06b7a460efdc3480432a29bc610e456d2cc15195db87e06dd72cc8b812756ef5df79ef36f6e358da7d5fd48cef332dae4179465f3e038879b282147830b0713b26acccddc63548416fe4df45577015c07183fd375cbf0c211224f6b092be11f52eabfa8c6c013c7bb8f623b99696186271d48c7675c3dfacd59feb77d2398f0fce23a684863af73c62846a7d6beb1a0f723fad4b9763515bb415a8b8611de6291d023f0a84f61cbee60e3145296c6cf215b3847db68834feb5097d391aef656ed8b54dbc47f296af3334e3ea4de3f7bcc668cdf7162ff6d5a42f6fa77065424a9c26b986f09abe82b1b7b19d0b60089977d20af814a6d32ac13040d28690fafe95439fc97a69c21907623df8652c4e91f62e29c18a587db6617ef8781ce536aae99e11530ab0dfd2ce9abf533ff708919a6177a7ef01f0c2cd205b959cbf0ed9f5d63d2bea3eeb7371659ca26f15b1c2360e75300b537c04255462ba3f64a678849642a2d8e8f6df620057c06f00b38ecd635e8dab3b02eaf40c310e2bf8a3f855ae56b0ce9341b26430e58b8d365c04ea6b32c5afaba14d7280fb17f63f89c34885a67af3195b550ff0a241b0437b3605b144d48243c1121ab13399f650364e8555e124577edb015565981467ecdc69bd2a1ec25b1b801d2433000709a34366ce59706c778382252a2860d1facdec61ceaf9b7c37cde4df8fe7295a00f3f699eee58f310cd3b15a43dc0793acac37128a852c1f2deae19188f7345c5e20e6c72280de08d5afbc7f4f25980c8850b68cbbf840ad5c7e6a67aa7be1d9d9ee63f312536a5c0284a97cc3c08a504c2f47d40398272e720b6bdbc2d88a29f4fda3b77ada6f640c40d4c02f4e11c3c984d2d239d52c1d29b955cd0c2ab86935def69307bc99557004157f4ac998214159a6e5719c0e94b3560cf43579a9153cfe7283b1b649f8faf8ec103151c653870cfffb4646bc0339ff3a6e7906a13400c139a9e1ff3eb1d6bfbe79083d6bca2f0fb2a82311cb57e8372ab1a041dc6b4df7fcab8c64afa5fd5357e2a18eb06cf223b3b5a57ca508cfc9df373ad3e1c1eee0f709640db91f73548bcbeec02d52c76de60b4d736245b940d26764c1152182121a0fc8d7427412c49a14c66be1823f55ddad30f077f437cb8461afbfcc0871ca9a53b2747f31481b001b1e5c19ec39e287dbc61c4c7f03d5af6aac049210e1472ddd18a261a1983425723effd0f055428f99e6a39cfabc8af6363e27c72ea9ff2fbb714b2836cd098b2467cb7df8613e6f90f47f63895761c7e29fa55e35e150329cbcafc8f8d29fc97e59d21b182bedc1a89126e7544c77fd1265930b05b72e84849188e895eb30df9c6ed1c61035b350070d408de9ecd8aab3853a4c96c2d307085779c299ea2ae98ee185cc6aa1aafce616be295f519ea0c9629da6a7ab7ce6fb3a4cf699212b1eee27dc1491056a16fdbaa9e23c623567a67d215924a3febc6b612f97bac3954128ccfdd57d0e5f7bd83ae69a9e8f92e1be48c672ea2682bcac07a15cef78baf1af890f90c6d65d2c69024df1b6fe2cfa900347b619df2f7c76c0554e5953b530f247b4973fbc1859b76244c28f8b79c6ad6a725c2f103c0ab11ac4ab71a97909455bd6344f7f608beab4b1f985b43870359f48a456e6c43282e45fdb660d00de8ba22af5ab6428243534e3dd3a043e7a8c56e3fb0f15cea53b83008bf39421372c607757d48a8a00be59bea6124e41fdecc6273afcef2b4757c4a795feee0157f47c1e5c8eef69b979a4650d75f0f71e1e088b9b0968132dad9d60b723573dafd21a29f02eb3ab772c41f74f30995c9998f4c91015523f14f8fdf85ab8fb20af6fe3e8ec893355a6df7d2c867ff1ee47e269a96823740a0a083ce98c97f1e775834df932640ed9386228aca92bb857f22b836ad17fa7ce679076bb6c650a8af8e850319a7e86c53bcae9239b0799251c94b35dd61951d727228fa5b9d454258e8c184bf59b85eee93ba191b9e33d2ddab90427dea61a1ab33e5f33e241a0b5548f91b834de396ea0f89e30dede3cbc6b8a8f353ad6f292053cd79685756f29b1b88b27d45152a4688bdf1ffb477d8b57765428a501d4b945720982f4741cd96564b8441f9c3b5fbb3bd62730ed5fb5e4f799da543dde210676286d5ee015b97577f123a3c7f62abbbfd484b4049a544f1566262ea85c372f09b52a8c3b6079f90869bbd945c8a34721388be24790a5d435aa307faf5d3a5efd593fc671a9db7d296836130acd70f121c76548dd3692b0d821f3a0dee1f5d573ae1e46cb57d7461a0897"})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f000005cec0)={<r13=>0x0, 0x0, "968061f436269462196ecc922360ce6068f4faea4b76143f04fa19b6a9eab7f89994168edf3e6a86292611b408bc340ece67f6353753a36c69b2f44326df5e80269c11e649d8b34daa93276de9e1969217c9f0d6cc3ee6199b14c2f3bffe84ea9ebdba86beeacb05798343595088bd9d0089d4aa1545699ca1e52feb0b2825806f2f6283da198e46ce4e9136a1bc53983485158a26e32c173dbc48abcba8d552e3e0687daf65e9c6cfb83c61cfa575cc4beb60c7ffdad81e4080e24d3914f183d186dbc5fd79332fac91a70601cf721c219e3353dc8c43e018c757300828e507e0dcde9b6c4db65290a9c9b786c0a56a8b5d2957af36bc2f0adf2a18f84d00a3", "cc4fd5029b6672f4d95b87f6362dffdd644b8a67ea5a6450b505c49b3c1e93b185b4d4bc13df3dfa003ebf25f16db49db34dcfba2a56f74bd0e13913e03766caf4714bf5b8f042e77bc542d03178c0ff98c6cccf644b8cdaa01a14abe8b4bc9f1aa0d88a726c384f8fc9e6c134aacaa408354020f4d6f7b2973fc6741ceef55cac066b265018fdded8055dc214892c65492d195a68dd3ad92426dd83512024ad5387ab43294069cd14dfd283e4d93bc6bc4ac90b8490981d9b15cf000c4b079a0425558d72f73f430d50f202720962c8f77ff9cde829f2678c1ef54deea35d51e89d96eb7c32415ac07964689f86a6568db7d600432fb9f0fbd563218bbe4e9bc570fa8066c5a4db0c5c06a0d3186315f464607c62bd57c44ccffbb793350a6ed10a0a256680620f9c788335d093f479d6f8c2f3869fe0100670dcb2ff6f285fac3f93efc3d9ec6309954d415badacba50e6d6e6cea8fec86e98339566b2dab535bf5b2ee8d2171ffd01e97513ddaea7eb91b5178e6c85eef87a81df5bc9c15884469fc6491ae8abba5474d44384e42b9300aad78f030c4104b763dee9b09b13ae22e16604fc04a8c206bd709a1b10fb7a916ec5de3e025c8d1363bc22a193c184a716cf8408d3f26e24d36d009620b1af4a8ef12f58262b4f36757371a16be6a2110d3f9b36ba280948718d8173b8e778ccc9ad28387bec25684eb74c80ef2405f3a09ccffb6b1abfa04a306c761e169b9f4918c0e6a7f215204d8a725af328136d989029f3645dc61b4217d932695e4b5d4eea3e2dd79317c45e8a16ac7290e623af158430689797c715463e5c99800fe2fcc3faa303045c5796f11ad440780a26e9724d419cd823f58e69c3668f3f00c02646884d23cc25c29c2594a68e345cc04dc8f6cc66862cb89f724c0f6774a65301ca1d4065b88df467550caa4ed99ddef562c7d1ea880747879556aab033d97af145b191d6a5c3d7b1a52457ba2b9c531be131178d922673d49867ed469cf7c4c70aa57bba6b323499ef5bf6f2cdb71a70df092d36fe31adf989fd9d06b514bb6b751dd50fdf4fe6ccc3ada6210c6f2410f3ed91068fcbf8ec32918746ab6fcffe252c681806308fa1577c7311233bf02dbb10002ab5420822bf93d523eba70d3a80b91b5bf17cbb6830ba368451fbe149ca1d7f88970c7b2dfd11bc030047bc24f2443d20636dfbe8a0058df85ef0096262889f7e0f6062f86a097eea34dc6ba34b2fa405e8a81ead219fcdd561490be58cc6eb5cbf45a8f86cb98820642c1fb3d468d7dc6df6096b9ee2756f13b43a43c4a309a46f4eda35c202b8659fc073c5c40ac69959203addee48305fe6f234a8da18c9b0d4a6ac4dc583d3fea5bc526aaa4db606860ca7532f612945cae3978b10248e2675bfa709dd73402286cd61f2ffe2166e3ab5958be23a98b0b4d8f5227071227ed1e50c5666debea29c9edee9ef31f0ee93a22fb50ed42549ca53859f832d005b862b03fca1ed9c24c06dc9e15d14362c79ebb77b9461ffbcc6fcb54dd5b67344643aee49eaa4731efc1ec58e7103986cad005a33797d00e009f4e858f3edaf58df04b72b541724a393fe392223493091932faeec6bc5fda6fea174fbcc3f9402cc03eb368654082b20be98f624ba9d7e7384a3330e192b180688db343804d06e73340c50a9fb7bf57ef5b0fe3d67a70e01c6e4cb5096423170c5aae61205a79ebd4fafa3a054d86f5fa6197b31273b95d59743d2e16b12075b660a1a6177b43d323fab1a9f3fc99eec1de462a9518a46b36926fc1587c11abf65c3c3b9d0cd9f75823d2ae18deacb8a2ec93bd30148c741a897b27bbd99ea3eefbabf1b06bf82140777c81cfb1bc1418e1a8f45fee76c8dbbc5f25797e069dbdbdda9eb8a4a355d26e541783167b4d082682a6aabc552944a06b1f690c6808d202eb87c03092837a5ec8dc401c3ac4fd8f30e855c06b6896ea50fa8c82947de832bf5322373e5d39b526d7f40e8e84e0bdbf4b4e89a867e876c1bf1bdd85a2702086213a442358aefb2a144cb1c2b60c3acce78752434dc6e1cad5636f3dae588571387dce6b66e63be4fd5ce81770ddb68f616b70b8f47dbfdd1436e2939b96a8ca6411c84fbdb7e8faf8b6a8c77347a19df82395421333cab4afc14aedc522761a905b2f6f9958e9ee8feceed61da332a87cd7f6a26c0af5f2b7312ecd0bebfd7a3539cb21c6eedf65c364ebc3fa79059650cd20c468ebb5aa7294641e5a4d81a2bb3d3255c2b34c4a26698ba67373dcddd8b02f985ebf2b2c77b10e21c8cc6a4d89c8c299738a1a16c90b533621e6b0a1dea6cf19dcb675afb62ea4b8dffd577763b85b78de18c6a46fd45ede9b4a8658909694fecd18b17e6cf7ffcafe50359b1ab282cffc16cd056c064dbd478ed907966ac10f035e5222c1e45ac251f491b9fbb28ce0438939a71c47ada87d81fab7a5cb76e7ae61c4f2914d2757f1982d73535aabad793321283254c9a4af85260b061de9af7807fb19ec8b78292ff0faf52e353a8c7563f8d554678092dd103259e11adc1f7bf7a5aee7f41ff5d2685193d8d741e27756f53ff804b824c76d83a08cb8f3288b3b1c0d7c8485517a5b2abbbdcc10f3f853ad6fae6f3e42e03893ac37c3e1ad9c55231da2a28b279ccfa0087ad58a16e07281d945566dc6d4b560278dae4546b40cf531c2a29a07151d82b2523aaef05a4422f77f67dab8c1c1a64bd7523f14448a67fc2dedeafc8c592515113549fad13b6cd8f183634cd314d2ec35d707bc049c71ec7e787e469f5a6a50d7c6fd548952273e72de2f2fcfd1257a1fcc2de5773dea34339eec1b90a0415de9ecf9d4216398acf6afdbbc38bf5778b1dd031385f004e0341fda6c24c00b47454a41425e73220f669e5e3e355abdd28c70887843672ede38c3a52efb52916ac7bf7642f5b7ec92fbd01b90d388f7b2ff5980466037241976ea9853cb7027e7b24508a0d0743614c4154c08992bf912ef430e2437c3085d20f95cf3756643340767337af67643b30a817898dadf782ce07187f611e665491a642369b2c22fa55148d01c259362b8a6ae6684702ab3d37f730f07ec1ffe959bd38635064374518909a7f1d790c49e55b9945e606926fdd530dd98a9fc57e48a0fb52c194d526cb508708b361eb34ae7d1ae903d5ffc4907a6e0da0aff01dd6d17970f2d175899326b34fc0e4de25a08826d87661708d1f47eebc6fce2d1f594f67aca1c7e4a622b34acff2a52f560f681cd21fafdd7a1a216594490b0a5e3f3b150a022d714b9950960dc017d1e4b15d66c12a0f60a47364ea714a4caba8dd023280d2900fc5b0daaf70989815f667e308f47d8e18b3df5abf470a8cb8e12a03c4e7bf99411175819cf838820985cb4b19c2a13a7b0344ed376bf629c153bb72a875af12c7340f432640f4d17266d4dc298ead73672ac6e44616b473190df4d3bffe0ef9ae661af8076f75b997f9d04ca26766da9efac256aa73456fabe6730d0e1212e1061a1d36f57ce0b2bd5ad3ae7c689d17964d01b0a4f24883b5075fd71d8b3adc0025e73a6974b1e2df6814537d058c0c3532feb618f8976763a1037e37ef9d08b3c1a173e69cd0259bbc38908335ddeef6a804932f0a19bac4f73d964d85c8c655eaf68af6ad2a6b7ff18c212d1108158412485b2eed809ebb141e9f1f1fcc2f243e4343012c8884d77a12dabdf60cc7079be2810ce8cf98e71937658aca407e438c08836ee42f3dadae4a0fe6a73d6b7669d97d09202eab6fed11069d0877cb51287f3b5167c675f3f110bc2bb5ad3f8df62aa8478c4367130ad47e626546b0f1e34f166e541df8d4654f48934990cd8bdc5b4adb4aeba63e6a08651cd9bdcb0ddf71368d5adbaaaadb8f8b979cc00964d42135b5569a47074e0015e51895c012ec628eb1674b7eaf3f714640658ee619381d182ae735b1cc38264cb7cd69c4514ec398353672a4b049fc9cc41ef530789015ae4c713b96a4e45d33e344c9b315c2f98b9ce26c04ef7274577f505bc78ae5646597965d1b8955c2059120e37d9f1739fbabeed15ec35b9c447796803dbd4486320070fab5a331ca7a865ebef16e2a4f2c51fe8dfeeff6815437aa791ef85eae6d18b8f0399becea6019e9d4aeb710ba6f8aca38008f214a78c7c817d870c48c69ad9cb3711dd0f3433dfd46bd043ed1d918e025595e7aeddd72e0f45e63d13d0e5e79e1d5d9fe69132f53e2d2df005ef84214cdf52c0ab52128bd1439ce51cca9a184839dfe664d370047ae873e74184775aa280daddb2b2aa4928bfdead8d0a9a566db658ca31331444e5f3c4d34302487a0a1cdaa9d84c8b41ea808bf14a56d0c7ba51d8a24570bafd600fc4a95c60a2a2d24f9f07892d99c805c600116729e7de465220c4e4a92e3ba2c5bed7220ced949793c839da9400b1e2c19b09dcd52f4425635ffc7dad434159e34fe5eb76dced0969672dbc14daf644db49a72be7e376ab951f62c8ccedaff71ce08efe8a41b42246f2a280d187221ff59c1ff6ce85d0b69f314aec16a9794f73c17b3078d9636208bec30abb13949c54d59e7c0ddc1e7790c7296e078a8b35e37eb6c54acf38db68f84240e4fbb6cbf593cb97e671871c03de23e10532a9f8865614e8d1e1067fa778f0e2279edae863c7e681c5fd3b9113b1782598d90ea427de039ee3ffec25fafcadbeba67bd51cea18a87e0c6e7347df38b303a0a271e9b5e7304a32c8e82650f91ab0eea770e064d16bcb7b60c5742b47f18e78f132406e4c63a52405c96214627e958af772a046930b8a4ab60ffa4674a9ea600e74e27e677336038866e6067efc649ef32a4517c4130d04de0a673b7acf0fa4927917637793fe5a61a36fa8c46a840b1f35c7fbb46d54803a785dadc4ed2e9f38559f9e71fbfb17d72e692d4fb1f3390018d1b4809de507fe90ebc4bcb6ab3210f73b3378a81311dc4fe66802f3ea182321d1569599da6d65e3c7527b6f852739901b766af62908325172505f2db6d81b4278f829edb73bbbc4d9174782525f77336c8b7b4f413540f81270b60560cc6d8448a64e1d484db8df9838ae34ee1bfa5da8fcea77a0c1213b6973eaeed52b5eb7aab807b4d9ebb74c8524b64752b13556f71fd9e9b2402689d32206731b320a7d2f2b461c0d4a8be02eefb875b0d9d956aeed7ac42f12eb57dca5e3f9729e7eb67da1920ce1437f2d84712bd6071475f32790ac8a1d3831020358b30da9ab25eed91979e9317b3fc6c67cf70efc68c64b90b56ed43b2dc9b4b4e14b6d2e39be656f503c3e4def5a2d6369f42a86274f9f4cd013380ab4d895275ea07d045a975eacd5a637274a7c95a1dc958ec2c51894f0d9457e3df5af8a52f17a8987f74938e9dc"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005dec0)={0x3ff, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5, r8}, {}, {}, {}, {r9}, {r10, r11}, {r12, r13}], 0xa6, "6c137e8fac317b"})
ftruncate(r4, 0xffff)
sendfile(r1, r2, 0x0, 0x20d315)

[ 2896.117177] EXT4-fs (loop2): get root inode failed
[ 2896.118674] EXT4-fs (loop2): mount failed
[ 2896.142926] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[ 2896.149426] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 2896.155419] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2896.167495] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 2896.173689] FAULT_INJECTION: forcing a failure.
[ 2896.173689] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2896.175345] CPU: 1 PID: 18915 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 2896.176209] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2896.177264] Call Trace:
[ 2896.177616]  dump_stack+0x107/0x167
[ 2896.178093]  should_fail.cold+0x5/0xa
[ 2896.178625]  __alloc_pages_nodemask+0x182/0x600
[ 2896.179227]  ? xa_load+0x12d/0x2c0
[ 2896.179703]  ? lock_downgrade+0x6d0/0x6d0
[ 2896.180240]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 2896.181059]  alloc_pages_current+0x187/0x280
[ 2896.181634]  __page_cache_alloc+0x2d2/0x360
[ 2896.182209]  ? __xas_prev+0x360/0x650
[ 2896.182774]  page_cache_ra_unbounded+0x207/0x6f0
[ 2896.183396]  ? read_pages+0xbc0/0xbc0
[ 2896.183902]  ondemand_readahead+0xc6f/0x1150
[ 2896.184467]  page_cache_sync_ra+0x138/0x170
[ 2896.185006]  generic_file_buffered_read+0xc74/0x28f0
[ 2896.185679]  ? pagecache_get_page+0xc80/0xc80
[ 2896.186270]  ? kasan_save_stack+0x32/0x40
[ 2896.186815]  ? do_splice_direct+0x1c4/0x290
[ 2896.187349]  ? do_sendfile+0x553/0x1090
[ 2896.187857]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 2896.188458]  ? do_syscall_64+0x33/0x40
[ 2896.188961]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2896.189635]  ? perf_trace_lock+0xac/0x490
[ 2896.190155]  ? lock_chain_count+0x20/0x20
[ 2896.190694]  generic_file_read_iter+0x33f/0x490
[ 2896.191291]  ext4_file_read_iter+0x184/0x4c0
[ 2896.191856]  generic_file_splice_read+0x455/0x6d0
[ 2896.192460]  ? pipe_to_user+0x170/0x170
[ 2896.193007]  ? _cond_resched+0x12/0x80
[ 2896.193510]  ? avc_policy_seqno+0x9/0x70
[ 2896.194041]  ? selinux_file_permission+0x92/0x520
[ 2896.194699]  ? lockdep_init_map_type+0x2c7/0x780
[ 2896.195290]  ? pipe_to_user+0x170/0x170
[ 2896.195784]  do_splice_to+0x10e/0x160
[ 2896.196272]  splice_direct_to_actor+0x2fe/0x980
[ 2896.196871]  ? pipe_to_sendpage+0x380/0x380
[ 2896.197429]  ? do_splice_to+0x160/0x160
[ 2896.197934]  ? security_file_permission+0x24e/0x570
[ 2896.198594]  do_splice_direct+0x1c4/0x290
[ 2896.199121]  ? splice_direct_to_actor+0x980/0x980
[ 2896.199750]  ? selinux_file_permission+0x92/0x520
[ 2896.200385]  ? security_file_permission+0x24e/0x570
[ 2896.201051]  do_sendfile+0x553/0x1090
[ 2896.201563]  ? do_pwritev+0x270/0x270
[ 2896.202056]  ? wait_for_completion_io+0x270/0x270
[ 2896.202690]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2896.203264]  ? vfs_write+0x354/0xa70
[ 2896.203741]  __x64_sys_sendfile64+0x1d1/0x210
[ 2896.204304]  ? __ia32_sys_sendfile+0x220/0x220
[ 2896.204899]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2896.205561]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2896.206230]  do_syscall_64+0x33/0x40
[ 2896.206772]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2896.207401] RIP: 0033:0x7f47d2c10b19
[ 2896.207862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2896.210124] RSP: 002b:00007f47d0165188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2896.211096] RAX: ffffffffffffffda RBX: 00007f47d2d24020 RCX: 00007f47d2c10b19
[ 2896.211977] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000006
[ 2896.212883] RBP: 00007f47d01651d0 R08: 0000000000000000 R09: 0000000000000000
[ 2896.213781] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000001
[ 2896.214714] R13: 00007ffd9481803f R14: 00007f47d0165300 R15: 0000000000022000
[ 2896.218108] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
14:03:25 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x0)

14:03:25 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 2896.297878] FAULT_INJECTION: forcing a failure.
[ 2896.297878] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2896.299522] CPU: 0 PID: 18894 Comm: syz-executor.4 Not tainted 5.10.194 #1
[ 2896.300404] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2896.301461] Call Trace:
[ 2896.301821]  dump_stack+0x107/0x167
[ 2896.302337]  should_fail.cold+0x5/0xa
[ 2896.302838]  __alloc_pages_nodemask+0x182/0x600
[ 2896.302977] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 2896.303412]  ? xa_load+0x12d/0x2c0
[ 2896.303428]  ? lock_downgrade+0x6d0/0x6d0
[ 2896.303442]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 2896.303471]  alloc_pages_current+0x187/0x280
[ 2896.306825]  __page_cache_alloc+0x2d2/0x360
[ 2896.307405]  page_cache_ra_unbounded+0x207/0x6f0
[ 2896.308028]  ? read_pages+0xbc0/0xbc0
[ 2896.308540]  ondemand_readahead+0xc6f/0x1150
[ 2896.309130]  page_cache_sync_ra+0x138/0x170
[ 2896.309699]  generic_file_buffered_read+0xc74/0x28f0
[ 2896.310395]  ? pagecache_get_page+0xc80/0xc80
[ 2896.310983]  ? lock_chain_count+0x20/0x20
[ 2896.311527]  ? mark_lock+0xf5/0x2df0
[ 2896.312021]  ? mark_lock+0xf5/0x2df0
[ 2896.312512]  generic_file_read_iter+0x33f/0x490
[ 2896.313116]  ? lock_chain_count+0x20/0x20
[ 2896.313669]  ext4_file_read_iter+0x184/0x4c0
[ 2896.314278]  generic_file_splice_read+0x455/0x6d0
[ 2896.314907]  ? pipe_to_user+0x170/0x170
[ 2896.315420]  ? _cond_resched+0x12/0x80
[ 2896.315941]  ? avc_policy_seqno+0x9/0x70
[ 2896.316478]  ? selinux_file_permission+0x92/0x520
[ 2896.317123]  ? pipe_to_user+0x170/0x170
[ 2896.317636]  do_splice_to+0x10e/0x160
[ 2896.318138]  splice_direct_to_actor+0x2fe/0x980
[ 2896.318803]  ? pipe_to_sendpage+0x380/0x380
[ 2896.319354]  ? do_splice_to+0x160/0x160
[ 2896.319869]  ? security_file_permission+0x24e/0x570
[ 2896.320519]  do_splice_direct+0x1c4/0x290
[ 2896.321033]  ? splice_direct_to_actor+0x980/0x980
[ 2896.321662]  ? selinux_file_permission+0x92/0x520
[ 2896.322332]  ? security_file_permission+0x24e/0x570
[ 2896.322993]  do_sendfile+0x553/0x1090
[ 2896.323508]  ? do_pwritev+0x270/0x270
[ 2896.324000]  ? wait_for_completion_io+0x270/0x270
[ 2896.324625]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2896.325240]  ? vfs_write+0x354/0xa70
[ 2896.325736]  __x64_sys_sendfile64+0x1d1/0x210
[ 2896.326368]  ? __ia32_sys_sendfile+0x220/0x220
[ 2896.326968]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2896.327642]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2896.328311]  do_syscall_64+0x33/0x40
[ 2896.328803]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2896.329473] RIP: 0033:0x7f7ecce43b19
[ 2896.329967] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2896.332440] RSP: 002b:00007f7eca3b9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2896.333430] RAX: ffffffffffffffda RBX: 00007f7eccf56f60 RCX: 00007f7ecce43b19
[ 2896.334465] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 2896.335385] RBP: 00007f7eca3b91d0 R08: 0000000000000000 R09: 0000000000000000
[ 2896.336300] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000001
[ 2896.337231] R13: 00007ffc4b59a2bf R14: 00007f7eca3b9300 R15: 0000000000022000
14:03:25 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f00000000c0)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff12a1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff9dcf57618093f87d5affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r0, &(0x7f0000000240)="01", 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r1, 0xffff)
socket$inet_udplite(0x2, 0x2, 0x88)

14:03:25 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x85)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:03:25 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f00000000c0)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x486005, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
getdents(r2, &(0x7f00000002c0)=""/164, 0xa4)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:03:25 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 6)

[ 2896.486534] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 2896.511465] EXT4-fs error (device loop2): ext4_fill_super:4962: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 2896.513582] EXT4-fs (loop2): get root inode failed
14:03:25 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f00000000c0)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff12a1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff9dcf57618093f87d5affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r0, &(0x7f0000000240)="01", 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r1, 0xffff)
socket$inet_udplite(0x2, 0x2, 0x88)

[ 2896.514234] EXT4-fs (loop2): mount failed
[ 2896.585860] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
14:03:25 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x0)

14:03:25 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:03:25 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="7472616e733d66642c7266646e6f3d763d650219b060028cd12e98fe7ee84a2b64478beb1c49e20b88e85f62cbc21199f3ad2abfda4ece560f1a0cbaf9bfed5221870959b92ca969a5b840e4075d5b486d9a15d328fa853b0dca7b57c5aa9c3d6ac7b8e56a6be3229e9626e7b04e5c4f17419ae31f1d83aa7e699e", @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',\x00'])
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:03:25 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 4)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 2896.697246] FAULT_INJECTION: forcing a failure.
[ 2896.697246] name failslab, interval 1, probability 0, space 0, times 0
[ 2896.698774] CPU: 0 PID: 18957 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 2896.699618] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2896.700599] Call Trace:
[ 2896.700928]  dump_stack+0x107/0x167
[ 2896.701384]  should_fail.cold+0x5/0xa
[ 2896.701869]  ? create_object.isra.0+0x3a/0xa20
[ 2896.702475]  should_failslab+0x5/0x20
[ 2896.702958]  kmem_cache_alloc+0x5b/0x310
[ 2896.703477]  create_object.isra.0+0x3a/0xa20
[ 2896.704027]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2896.704665]  __kmalloc+0x16e/0x390
[ 2896.705118]  alloc_pipe_info+0x1e5/0x590
[ 2896.705635]  splice_direct_to_actor+0x774/0x980
[ 2896.706222]  ? _cond_resched+0x12/0x80
[ 2896.706725]  ? inode_security+0x107/0x140
[ 2896.707239]  ? pipe_to_sendpage+0x380/0x380
[ 2896.707787]  ? selinux_file_permission+0x92/0x520
[ 2896.708392]  ? do_splice_to+0x160/0x160
[ 2896.708893]  ? security_file_permission+0x24e/0x570
[ 2896.709519]  do_splice_direct+0x1c4/0x290
[ 2896.710038]  ? splice_direct_to_actor+0x980/0x980
[ 2896.710664]  ? selinux_file_permission+0x92/0x520
[ 2896.711267]  ? security_file_permission+0x24e/0x570
[ 2896.711905]  do_sendfile+0x553/0x1090
[ 2896.712394]  ? do_pwritev+0x270/0x270
[ 2896.712882]  ? wait_for_completion_io+0x270/0x270
[ 2896.713487]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2896.714061]  ? vfs_write+0x354/0xa70
[ 2896.714574]  __x64_sys_sendfile64+0x1d1/0x210
[ 2896.715185]  ? __ia32_sys_sendfile+0x220/0x220
[ 2896.715801]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2896.716495]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2896.717175]  do_syscall_64+0x33/0x40
[ 2896.717676]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2896.718377] RIP: 0033:0x7f47d2c10b19
[ 2896.718870] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2896.721224] RSP: 002b:00007f47d0165188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2896.722213] RAX: ffffffffffffffda RBX: 00007f47d2d24020 RCX: 00007f47d2c10b19
[ 2896.723145] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[ 2896.724045] RBP: 00007f47d01651d0 R08: 0000000000000000 R09: 0000000000000000
[ 2896.724949] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000001
[ 2896.725857] R13: 00007ffd9481803f R14: 00007f47d0165300 R15: 0000000000022000
[ 2896.764538] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[ 2896.774421] EXT4-fs error (device loop2): ext4_fill_super:4962: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 2896.777325] EXT4-fs (loop2): get root inode failed
[ 2896.777994] EXT4-fs (loop2): mount failed
[ 2896.791041] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 2896.797822] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
14:03:26 executing program 7:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
openat(r0, &(0x7f00000000c0)='./file0\x00', 0x40, 0xc0)
chdir(&(0x7f0000000040)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r3, &(0x7f0000000240)="01", 0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r1, r2, 0x0, 0x20d315)

[ 2896.892241] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 2896.923152] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2896.969979] FAULT_INJECTION: forcing a failure.
[ 2896.969979] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2896.972301] CPU: 1 PID: 18974 Comm: syz-executor.4 Not tainted 5.10.194 #1
[ 2896.973198] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2896.974253] Call Trace:
[ 2896.974627]  dump_stack+0x107/0x167
[ 2896.975086]  should_fail.cold+0x5/0xa
[ 2896.975561]  __alloc_pages_nodemask+0x182/0x600
[ 2896.976129]  ? xa_load+0x12d/0x2c0
[ 2896.976580]  ? lock_downgrade+0x6d0/0x6d0
[ 2896.977108]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 2896.977892]  alloc_pages_current+0x187/0x280
[ 2896.978490]  __page_cache_alloc+0x2d2/0x360
[ 2896.979037]  page_cache_ra_unbounded+0x207/0x6f0
[ 2896.979635]  ? read_pages+0xbc0/0xbc0
[ 2896.980118]  ondemand_readahead+0xc6f/0x1150
[ 2896.980671]  page_cache_sync_ra+0x138/0x170
[ 2896.981221]  generic_file_buffered_read+0xc74/0x28f0
[ 2896.981890]  ? pagecache_get_page+0xc80/0xc80
[ 2896.982497]  ? lock_chain_count+0x20/0x20
[ 2896.983032]  ? mark_lock+0xf5/0x2df0
[ 2896.983530]  ? mark_lock+0xf5/0x2df0
[ 2896.984027]  generic_file_read_iter+0x33f/0x490
[ 2896.984640]  ? lock_chain_count+0x20/0x20
[ 2896.985193]  ext4_file_read_iter+0x184/0x4c0
[ 2896.985772]  generic_file_splice_read+0x455/0x6d0
[ 2896.986442]  ? pipe_to_user+0x170/0x170
[ 2896.986958]  ? _cond_resched+0x12/0x80
[ 2896.987466]  ? avc_policy_seqno+0x9/0x70
[ 2896.987991]  ? selinux_file_permission+0x92/0x520
[ 2896.988624]  ? pipe_to_user+0x170/0x170
[ 2896.989130]  do_splice_to+0x10e/0x160
[ 2896.989622]  splice_direct_to_actor+0x2fe/0x980
[ 2896.990236]  ? pipe_to_sendpage+0x380/0x380
[ 2896.990821]  ? do_splice_to+0x160/0x160
[ 2896.991332]  ? security_file_permission+0x24e/0x570
[ 2896.991965]  do_splice_direct+0x1c4/0x290
[ 2896.992495]  ? splice_direct_to_actor+0x980/0x980
[ 2896.993126]  ? selinux_file_permission+0x92/0x520
[ 2896.993743]  ? security_file_permission+0x24e/0x570
[ 2896.994408]  do_sendfile+0x553/0x1090
[ 2896.994898]  ? do_pwritev+0x270/0x270
[ 2896.995409]  ? wait_for_completion_io+0x270/0x270
[ 2896.996045]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2896.996656]  ? vfs_write+0x354/0xa70
[ 2896.997158]  __x64_sys_sendfile64+0x1d1/0x210
[ 2896.997753]  ? __ia32_sys_sendfile+0x220/0x220
[ 2896.998392]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2896.999040]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2896.999671]  do_syscall_64+0x33/0x40
[ 2897.000135]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2897.000770] RIP: 0033:0x7f7ecce43b19
[ 2897.001241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2897.003562] RSP: 002b:00007f7eca3b9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2897.004531] RAX: ffffffffffffffda RBX: 00007f7eccf56f60 RCX: 00007f7ecce43b19
[ 2897.005457] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 2897.006405] RBP: 00007f7eca3b91d0 R08: 0000000000000000 R09: 0000000000000000
[ 2897.007327] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000001
[ 2897.008263] R13: 00007ffc4b59a2bf R14: 00007f7eca3b9300 R15: 0000000000022000
14:03:42 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x104042, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
readlink(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)=""/42, 0x2a)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:03:42 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {0x0, 0x0, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:03:42 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 5)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:03:42 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 7)

14:03:42 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)
flistxattr(r2, &(0x7f00000002c0)=""/4096, 0x1000)

14:03:42 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x0, 0x0, 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:03:42 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x18d6, &(0x7f0000000340)={0x0, 0xb9b0, 0x0, 0x2, 0x280}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000180)=<r5=>0x0)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000440)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000240)=0x80, &(0x7f00000003c0)=@rc, 0x0, 0x800, 0x0, {0x0, r6}}, 0x5)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="aee2cc69bee1ed1c2c9166646e6f3d", @ANYRESHEX=r7, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',\x00'])
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_LINK_TIMEOUT, 0x5)
r8 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r9=>0x0, &(0x7f0000000140)=<r10=>0x0)
r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r8, 0x9, 0x0, 0x0)
syz_io_uring_submit(r9, r10, &(0x7f0000000000)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[0xffffffffffffffff], 0x1, 0x0, 0x0, {0x0, r11}}, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000480)=@IORING_OP_WRITE_FIXED={0x5, 0xe, 0x2007, @fd_index=0x7, 0xf2, 0xa0, 0x2, 0x0, 0x1, {0x3, r11}}, 0x1000)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:03:42 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f00000000c0)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff12a1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff9dcf57618093f87d5affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r0, &(0x7f0000000240)="01", 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r1, 0xffff)

[ 2912.810171] EXT4-fs (loop7): VFS: Can't find ext4 filesystem
[ 2912.814101] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 2912.825112] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2912.853745] FAULT_INJECTION: forcing a failure.
[ 2912.853745] name failslab, interval 1, probability 0, space 0, times 0
[ 2912.855253] CPU: 1 PID: 18994 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 2912.856097] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2912.857138] Call Trace:
[ 2912.857483]  dump_stack+0x107/0x167
[ 2912.857950]  should_fail.cold+0x5/0xa
[ 2912.858431]  ? create_object.isra.0+0x3a/0xa20
[ 2912.859038]  should_failslab+0x5/0x20
[ 2912.859515]  kmem_cache_alloc+0x5b/0x310
[ 2912.860037]  create_object.isra.0+0x3a/0xa20
[ 2912.860601]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2912.861254]  kmem_cache_alloc+0x159/0x310
[ 2912.861812]  xas_alloc+0x336/0x440
[ 2912.862288]  xas_create+0x60f/0x10d0
[ 2912.862792]  xas_store+0x8c/0x1c40
[ 2912.863255]  ? xas_find_conflict+0x4b5/0xa70
[ 2912.870669]  __add_to_page_cache_locked+0x708/0xc80
[ 2912.871330]  ? file_write_and_wait_range+0x130/0x130
[ 2912.871967]  ? lock_downgrade+0x6d0/0x6d0
[ 2912.872503]  ? memcg_drain_all_list_lrus+0x720/0x720
[ 2912.873175]  add_to_page_cache_lru+0xe6/0x2e0
[ 2912.873749]  ? add_to_page_cache_locked+0x40/0x40
[ 2912.874369]  ? __page_cache_alloc+0x10d/0x360
[ 2912.875005]  page_cache_ra_unbounded+0x419/0x6f0
[ 2912.875619]  ? read_pages+0xbc0/0xbc0
[ 2912.876152]  ondemand_readahead+0xc6f/0x1150
[ 2912.876735]  page_cache_sync_ra+0x138/0x170
[ 2912.877298]  generic_file_buffered_read+0xc74/0x28f0
[ 2912.877969]  ? pagecache_get_page+0xc80/0xc80
[ 2912.878605]  ? kasan_save_stack+0x32/0x40
[ 2912.879137]  ? do_splice_direct+0x1c4/0x290
[ 2912.879687]  ? do_sendfile+0x553/0x1090
[ 2912.880197]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 2912.880796]  ? do_syscall_64+0x33/0x40
[ 2912.881311]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2912.881999]  ? perf_trace_lock+0xac/0x490
[ 2912.882560]  ? lock_chain_count+0x20/0x20
[ 2912.883070]  generic_file_read_iter+0x33f/0x490
[ 2912.883654]  ext4_file_read_iter+0x184/0x4c0
[ 2912.884251]  generic_file_splice_read+0x455/0x6d0
[ 2912.884863]  ? pipe_to_user+0x170/0x170
[ 2912.885357]  ? _cond_resched+0x12/0x80
[ 2912.885840]  ? avc_policy_seqno+0x9/0x70
[ 2912.886346]  ? selinux_file_permission+0x92/0x520
[ 2912.887015]  ? lockdep_init_map_type+0x2c7/0x780
[ 2912.887616]  ? pipe_to_user+0x170/0x170
[ 2912.888113]  do_splice_to+0x10e/0x160
[ 2912.888603]  splice_direct_to_actor+0x2fe/0x980
[ 2912.889192]  ? pipe_to_sendpage+0x380/0x380
[ 2912.889742]  ? do_splice_to+0x160/0x160
[ 2912.890242]  ? security_file_permission+0x24e/0x570
[ 2912.890925]  do_splice_direct+0x1c4/0x290
[ 2912.891458]  ? splice_direct_to_actor+0x980/0x980
[ 2912.892069]  ? selinux_file_permission+0x92/0x520
[ 2912.892686]  ? security_file_permission+0x24e/0x570
[ 2912.893339]  do_sendfile+0x553/0x1090
[ 2912.893845]  ? do_pwritev+0x270/0x270
[ 2912.894354]  ? wait_for_completion_io+0x270/0x270
[ 2912.895026]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2912.895622]  ? vfs_write+0x354/0xa70
[ 2912.896111]  __x64_sys_sendfile64+0x1d1/0x210
[ 2912.896691]  ? __ia32_sys_sendfile+0x220/0x220
[ 2912.897279]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2912.897940]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2912.898624]  do_syscall_64+0x33/0x40
[ 2912.899087]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2912.899722] RIP: 0033:0x7f47d2c10b19
[ 2912.900192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2912.902600] RSP: 002b:00007f47d0186188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2912.903509] RAX: ffffffffffffffda RBX: 00007f47d2d23f60 RCX: 00007f47d2c10b19
[ 2912.904356] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 2912.905253] RBP: 00007f47d01861d0 R08: 0000000000000000 R09: 0000000000000000
[ 2912.906116] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000001
[ 2912.907016] R13: 00007ffd9481803f R14: 00007f47d0186300 R15: 0000000000022000
[ 2912.911198] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[ 2912.930930] EXT4-fs error (device loop2): ext4_fill_super:4962: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 2912.945475] EXT4-fs (loop2): get root inode failed
[ 2912.946164] EXT4-fs (loop2): mount failed
14:03:42 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 8)

[ 2912.978023] EXT4-fs (loop7): VFS: Can't find ext4 filesystem
[ 2913.087928] FAULT_INJECTION: forcing a failure.
[ 2913.087928] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2913.089539] CPU: 0 PID: 19031 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 2913.090437] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2913.091530] Call Trace:
[ 2913.091866]  dump_stack+0x107/0x167
[ 2913.092341]  should_fail.cold+0x5/0xa
[ 2913.092840]  __alloc_pages_nodemask+0x182/0x600
[ 2913.093441]  ? xa_load+0x12d/0x2c0
[ 2913.093904]  ? lock_downgrade+0x6d0/0x6d0
[ 2913.094439]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 2913.095244]  alloc_pages_current+0x187/0x280
[ 2913.095813]  __page_cache_alloc+0x2d2/0x360
[ 2913.096371]  page_cache_ra_unbounded+0x207/0x6f0
[ 2913.097000]  ? read_pages+0xbc0/0xbc0
[ 2913.097504]  ondemand_readahead+0xc6f/0x1150
[ 2913.098050]  page_cache_sync_ra+0x138/0x170
[ 2913.098637]  generic_file_buffered_read+0xc74/0x28f0
[ 2913.099281]  ? pagecache_get_page+0xc80/0xc80
[ 2913.099845]  ? kasan_save_stack+0x32/0x40
[ 2913.100365]  ? do_splice_direct+0x1c4/0x290
[ 2913.100907]  ? do_sendfile+0x553/0x1090
[ 2913.101415]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 2913.102007]  ? do_syscall_64+0x33/0x40
[ 2913.102558]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2913.103266]  ? perf_trace_lock+0xac/0x490
[ 2913.103816]  ? lock_chain_count+0x20/0x20
[ 2913.104370]  generic_file_read_iter+0x33f/0x490
[ 2913.105002]  ext4_file_read_iter+0x184/0x4c0
[ 2913.105598]  generic_file_splice_read+0x455/0x6d0
[ 2913.106241]  ? pipe_to_user+0x170/0x170
[ 2913.106798]  ? _cond_resched+0x12/0x80
[ 2913.107317]  ? avc_policy_seqno+0x9/0x70
[ 2913.107864]  ? selinux_file_permission+0x92/0x520
[ 2913.108484]  ? lockdep_init_map_type+0x2c7/0x780
[ 2913.109111]  ? pipe_to_user+0x170/0x170
[ 2913.109632]  do_splice_to+0x10e/0x160
[ 2913.110128]  splice_direct_to_actor+0x2fe/0x980
[ 2913.110787]  ? pipe_to_sendpage+0x380/0x380
[ 2913.111336]  ? do_splice_to+0x160/0x160
[ 2913.111866]  ? security_file_permission+0x24e/0x570
[ 2913.112533]  do_splice_direct+0x1c4/0x290
[ 2913.113102]  ? splice_direct_to_actor+0x980/0x980
[ 2913.113740]  ? selinux_file_permission+0x92/0x520
[ 2913.114379]  ? security_file_permission+0x24e/0x570
[ 2913.115078]  do_sendfile+0x553/0x1090
[ 2913.115592]  ? do_pwritev+0x270/0x270
[ 2913.116089]  ? wait_for_completion_io+0x270/0x270
[ 2913.116736]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2913.117348]  ? vfs_write+0x354/0xa70
[ 2913.117845]  __x64_sys_sendfile64+0x1d1/0x210
[ 2913.118439]  ? __ia32_sys_sendfile+0x220/0x220
[ 2913.119079]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2913.119764]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2913.120444]  do_syscall_64+0x33/0x40
[ 2913.120937]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2913.121622] RIP: 0033:0x7f47d2c10b19
[ 2913.122120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2913.124526] RSP: 002b:00007f47d0186188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2913.125522] RAX: ffffffffffffffda RBX: 00007f47d2d23f60 RCX: 00007f47d2c10b19
[ 2913.126506] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 2913.127428] RBP: 00007f47d01861d0 R08: 0000000000000000 R09: 0000000000000000
[ 2913.128363] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000001
[ 2913.129294] R13: 00007ffd9481803f R14: 00007f47d0186300 R15: 0000000000022000
14:03:57 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 9)

14:03:57 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f00000000c0)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff12a1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff9dcf57618093f87d5affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r0, &(0x7f0000000240)="01", 0x1)
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)

14:03:57 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}})
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)
syz_io_uring_setup(0x25, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000380)=<r6=>0x0, &(0x7f0000002a40)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_READ_FIXED={0x4, 0x5, 0x0, @fd_index}, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000100)=@IORING_OP_LINK_TIMEOUT, 0x5)
r8 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r9=>0x0, &(0x7f0000000140)=<r10=>0x0)
r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r8, 0x9, 0x0, 0x0)
syz_io_uring_submit(r9, r10, &(0x7f0000000000)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[0xffffffffffffffff], 0x1, 0x0, 0x0, {0x0, r11}}, 0x0)
syz_io_uring_submit(r6, r5, &(0x7f0000000080)=@IORING_OP_MADVISE={0x19, 0x3, 0x0, 0x0, 0x0, &(0x7f0000ffb000/0x4000)=nil, 0x4000, 0xa, 0x1, {0x0, r11}}, 0x1f)

14:03:57 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {0x0, 0x0, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:03:57 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x5}}, './file1\x00'})
unlinkat(r0, &(0x7f0000000140)='./file1\x00', 0x200)
chdir(&(0x7f0000000040)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r2, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
ioctl$BTRFS_IOC_LOGICAL_INO(r2, 0xc0389424, &(0x7f0000000180)={0x6, 0x48, '\x00', 0x1, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r4, &(0x7f0000000240)="01", 0x1)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r1, r3, 0x0, 0x20d315)

14:03:57 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:03:57 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:03:57 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}})
r3 = openat(r1, &(0x7f0000000140)='./file1\x00', 0x4102, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r4, &(0x7f0000000240)="01", 0x1)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r0, r3, 0x0, 0x20d315)
setsockopt$inet6_int(r4, 0x29, 0x0, &(0x7f00000000c0)=0x77454866, 0x4)

[ 2928.512588] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 2928.546433] EXT4-fs (loop1): bad geometry: block count 256 exceeds size of device (11 blocks)
[ 2928.563495] EXT4-fs error (device loop2): ext4_fill_super:4962: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 2928.565572] EXT4-fs (loop2): get root inode failed
[ 2928.566285] EXT4-fs (loop2): mount failed
[ 2928.580714] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2928.584398] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[ 2928.604381] FAULT_INJECTION: forcing a failure.
[ 2928.604381] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2928.605960] CPU: 0 PID: 19070 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 2928.606912] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2928.607720] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 2928.607972] Call Trace:
[ 2928.608001]  dump_stack+0x107/0x167
[ 2928.609534] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 2928.609898]  should_fail.cold+0x5/0xa
[ 2928.611516]  __alloc_pages_nodemask+0x182/0x600
[ 2928.612120]  ? xa_load+0x12d/0x2c0
[ 2928.612574]  ? lock_downgrade+0x6d0/0x6d0
[ 2928.613103]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 2928.613882]  alloc_pages_current+0x187/0x280
[ 2928.614444]  __page_cache_alloc+0x2d2/0x360
[ 2928.619100]  page_cache_ra_unbounded+0x207/0x6f0
[ 2928.619724]  ? read_pages+0xbc0/0xbc0
[ 2928.620230]  ondemand_readahead+0xc6f/0x1150
[ 2928.620792]  page_cache_sync_ra+0x138/0x170
[ 2928.621329]  generic_file_buffered_read+0xc74/0x28f0
[ 2928.621994]  ? pagecache_get_page+0xc80/0xc80
[ 2928.627186]  ? kasan_save_stack+0x32/0x40
[ 2928.627717]  ? do_splice_direct+0x1c4/0x290
[ 2928.628256]  ? do_sendfile+0x553/0x1090
[ 2928.628760]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 2928.629348]  ? do_syscall_64+0x33/0x40
[ 2928.629844]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2928.630527]  ? perf_trace_lock+0xac/0x490
[ 2928.635161]  ? lock_chain_count+0x20/0x20
[ 2928.635690]  generic_file_read_iter+0x33f/0x490
[ 2928.636286]  ext4_file_read_iter+0x184/0x4c0
[ 2928.636839]  generic_file_splice_read+0x455/0x6d0
[ 2928.637466]  ? pipe_to_user+0x170/0x170
[ 2928.637994]  ? _cond_resched+0x12/0x80
[ 2928.638506]  ? avc_policy_seqno+0x9/0x70
[ 2928.639073]  ? selinux_file_permission+0x92/0x520
[ 2928.639699]  ? lockdep_init_map_type+0x2c7/0x780
[ 2928.640335]  ? pipe_to_user+0x170/0x170
[ 2928.640847]  do_splice_to+0x10e/0x160
[ 2928.641357]  splice_direct_to_actor+0x2fe/0x980
[ 2928.641962]  ? pipe_to_sendpage+0x380/0x380
[ 2928.642497]  ? do_splice_to+0x160/0x160
[ 2928.643017]  ? security_file_permission+0x24e/0x570
[ 2928.643650]  do_splice_direct+0x1c4/0x290
[ 2928.644183]  ? splice_direct_to_actor+0x980/0x980
[ 2928.644806]  ? selinux_file_permission+0x92/0x520
[ 2928.645449]  ? security_file_permission+0x24e/0x570
[ 2928.646080]  do_sendfile+0x553/0x1090
[ 2928.646572]  ? do_pwritev+0x270/0x270
[ 2928.647109]  ? wait_for_completion_io+0x270/0x270
[ 2928.647723]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2928.648317]  ? vfs_write+0x354/0xa70
[ 2928.648794]  __x64_sys_sendfile64+0x1d1/0x210
[ 2928.649371]  ? __ia32_sys_sendfile+0x220/0x220
[ 2928.649942]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2928.650614]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2928.651393]  do_syscall_64+0x33/0x40
[ 2928.651877]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2928.652550] RIP: 0033:0x7f47d2c10b19
[ 2928.653048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2928.655491] RSP: 002b:00007f47d0165188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2928.656491] RAX: ffffffffffffffda RBX: 00007f47d2d24020 RCX: 00007f47d2c10b19
[ 2928.657433] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[ 2928.658377] RBP: 00007f47d01651d0 R08: 0000000000000000 R09: 0000000000000000
[ 2928.659377] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000001
[ 2928.660292] R13: 00007ffd9481803f R14: 00007f47d0165300 R15: 0000000000022000
14:03:58 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
rt_sigaction(0x26, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x8, &(0x7f00000002c0))
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x80042, 0x114)
chdir(&(0x7f0000000040)='./file0\x00')
openat(r0, &(0x7f0000000140)='./file0\x00', 0x200002, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r3, &(0x7f0000000240)="01", 0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r1, r2, 0x0, 0x20d315)

14:03:58 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f00000000c0)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff12a1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff9dcf57618093f87d5affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r0, &(0x7f0000000240)="01", 0x1)

14:03:58 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 10)

14:03:58 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 1)

[ 2928.865368] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
14:03:58 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {0x0, 0x0, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 2928.873735] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
14:03:58 executing program 5:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x7fe}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r1, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x7}}, '.\x00'})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r3, &(0x7f0000000240)="01", 0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r1, r2, 0x0, 0x20d315)

[ 2928.912878] FAULT_INJECTION: forcing a failure.
[ 2928.912878] name failslab, interval 1, probability 0, space 0, times 0
[ 2928.914422] CPU: 0 PID: 19077 Comm: syz-executor.1 Not tainted 5.10.194 #1
[ 2928.915361] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2928.916435] Call Trace:
[ 2928.916805]  dump_stack+0x107/0x167
[ 2928.917303]  should_fail.cold+0x5/0xa
[ 2928.917802]  ? alloc_pipe_info+0x10a/0x590
[ 2928.918359]  should_failslab+0x5/0x20
[ 2928.918868]  kmem_cache_alloc_trace+0x55/0x320
[ 2928.919477]  alloc_pipe_info+0x10a/0x590
[ 2928.920016]  splice_direct_to_actor+0x774/0x980
[ 2928.920638]  ? _cond_resched+0x12/0x80
[ 2928.921149]  ? inode_security+0x107/0x140
[ 2928.921711]  ? pipe_to_sendpage+0x380/0x380
[ 2928.922287]  ? selinux_file_permission+0x92/0x520
[ 2928.927064]  ? do_splice_to+0x160/0x160
[ 2928.927587]  ? security_file_permission+0x24e/0x570
[ 2928.928250]  do_splice_direct+0x1c4/0x290
[ 2928.928834]  ? splice_direct_to_actor+0x980/0x980
[ 2928.929467]  ? selinux_file_permission+0x92/0x520
[ 2928.930097]  ? security_file_permission+0x24e/0x570
[ 2928.930795]  do_sendfile+0x553/0x1090
[ 2928.931309]  ? do_pwritev+0x270/0x270
[ 2928.931819]  ? wait_for_completion_io+0x270/0x270
[ 2928.932458]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2928.933066]  ? vfs_write+0x354/0xa70
[ 2928.933565]  __x64_sys_sendfile64+0x1d1/0x210
[ 2928.934166]  ? __ia32_sys_sendfile+0x220/0x220
[ 2928.934810]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2928.935485]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2928.936186]  do_syscall_64+0x33/0x40
[ 2928.936683]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2928.937357] RIP: 0033:0x7fa9e384eb19
[ 2928.937839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2928.940256] RSP: 002b:00007fa9e0dc4188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2928.941261] RAX: ffffffffffffffda RBX: 00007fa9e3961f60 RCX: 00007fa9e384eb19
14:03:58 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d30b)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 2928.942176] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000006
[ 2928.943122] RBP: 00007fa9e0dc41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2928.944020] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000001
[ 2928.944916] R13: 00007fff40ec503f R14: 00007fa9e0dc4300 R15: 0000000000022000
14:03:58 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f00000000c0)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff12a1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff9dcf57618093f87d5affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)

[ 2928.996048] FAULT_INJECTION: forcing a failure.
[ 2928.996048] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2928.997653] CPU: 0 PID: 19093 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 2928.998566] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2928.999644] Call Trace:
[ 2928.999989]  dump_stack+0x107/0x167
[ 2929.000457]  should_fail.cold+0x5/0xa
[ 2929.000952]  __alloc_pages_nodemask+0x182/0x600
[ 2929.001528]  ? xa_load+0x12d/0x2c0
[ 2929.001977]  ? lock_downgrade+0x6d0/0x6d0
[ 2929.002494]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 2929.003301]  alloc_pages_current+0x187/0x280
[ 2929.003843]  __page_cache_alloc+0x2d2/0x360
[ 2929.004376]  page_cache_ra_unbounded+0x207/0x6f0
[ 2929.004963]  ? read_pages+0xbc0/0xbc0
[ 2929.005439]  ondemand_readahead+0xc6f/0x1150
[ 2929.005993]  page_cache_sync_ra+0x138/0x170
[ 2929.006533]  generic_file_buffered_read+0xc74/0x28f0
[ 2929.007255]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2929.007940]  ? pagecache_get_page+0xc80/0xc80
[ 2929.008527]  ? finish_task_switch+0x126/0x5d0
[ 2929.011295]  ? finish_task_switch+0xef/0x5d0
[ 2929.011886]  ? __switch_to+0x572/0xf70
[ 2929.012403]  ? __switch_to_asm+0x3a/0x60
[ 2929.012931]  ? __switch_to_asm+0x34/0x60
[ 2929.013462]  generic_file_read_iter+0x33f/0x490
[ 2929.014086]  ext4_file_read_iter+0x184/0x4c0
[ 2929.014675]  generic_file_splice_read+0x455/0x6d0
[ 2929.019427]  ? pipe_to_user+0x170/0x170
[ 2929.019960]  ? _cond_resched+0x5d/0x80
[ 2929.020485]  ? avc_policy_seqno+0x9/0x70
[ 2929.021032]  ? selinux_file_permission+0x92/0x520
[ 2929.021684]  ? pipe_to_user+0x170/0x170
[ 2929.022217]  do_splice_to+0x10e/0x160
[ 2929.022752]  splice_direct_to_actor+0x2fe/0x980
[ 2929.023329]  ? pipe_to_sendpage+0x380/0x380
[ 2929.023871]  ? do_splice_to+0x160/0x160
[ 2929.024377]  ? security_file_permission+0x24e/0x570
[ 2929.025022]  do_splice_direct+0x1c4/0x290
[ 2929.025537]  ? splice_direct_to_actor+0x980/0x980
[ 2929.026121]  ? selinux_file_permission+0x92/0x520
[ 2929.026783]  ? security_file_permission+0x24e/0x570
[ 2929.027411]  do_sendfile+0x553/0x1090
[ 2929.027915]  ? do_pwritev+0x270/0x270
[ 2929.028423]  ? wait_for_completion_io+0x270/0x270
[ 2929.029060]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2929.029682]  ? vfs_write+0x354/0xa70
[ 2929.030180]  __x64_sys_sendfile64+0x1d1/0x210
[ 2929.030798]  ? __ia32_sys_sendfile+0x220/0x220
[ 2929.031401]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2929.032092]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2929.032775]  do_syscall_64+0x33/0x40
[ 2929.033278]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2929.033958] RIP: 0033:0x7f47d2c10b19
[ 2929.034447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2929.036808] RSP: 002b:00007f47d0165188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2929.037779] RAX: ffffffffffffffda RBX: 00007f47d2d24020 RCX: 00007f47d2c10b19
[ 2929.038734] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[ 2929.039683] RBP: 00007f47d01651d0 R08: 0000000000000000 R09: 0000000000000000
[ 2929.040620] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 2929.041556] R13: 00007ffd9481803f R14: 00007f47d0165300 R15: 0000000000022000
[ 2929.073624] EXT4-fs: failed to create workqueue
[ 2929.074389] EXT4-fs (loop7): mount failed
14:03:58 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 2)

[ 2929.085810] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 2929.115798] EXT4-fs error (device loop2): ext4_fill_super:4962: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 2929.127200] EXT4-fs (loop2): get root inode failed
[ 2929.127948] EXT4-fs (loop2): mount failed
[ 2929.145068] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 262144)!
[ 2929.146464] EXT4-fs (loop5): group descriptors corrupted!
14:03:58 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mount(&(0x7f0000000300)=ANY=[@ANYBLOB="2f4465762f7367300078fc4f5dd232dcb8469f1249fc116f8449f43658a171eed2b13da2f89ac3f5cbc7202d0419155740d096eb9651e47a9cb90526741ea009cea9274bc2419644da0a9425ade6613d35c61e2cbb74110f30a199"], &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x8, &(0x7f00000002c0)='\\..@h@.\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

[ 2929.178397] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[ 2929.234510] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 2929.242999] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 not in group (block 262144)!
[ 2929.244432] EXT4-fs (loop5): group descriptors corrupted!
[ 2929.288556] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 2929.295799] FAULT_INJECTION: forcing a failure.
[ 2929.295799] name failslab, interval 1, probability 0, space 0, times 0
[ 2929.297334] CPU: 0 PID: 19111 Comm: syz-executor.1 Not tainted 5.10.194 #1
[ 2929.298243] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2929.299343] Call Trace:
[ 2929.299701]  dump_stack+0x107/0x167
[ 2929.300178]  should_fail.cold+0x5/0xa
[ 2929.300678]  ? create_object.isra.0+0x3a/0xa20
[ 2929.301281]  should_failslab+0x5/0x20
[ 2929.301785]  kmem_cache_alloc+0x5b/0x310
[ 2929.302329]  create_object.isra.0+0x3a/0xa20
[ 2929.302954]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2929.303619]  kmem_cache_alloc_trace+0x151/0x320
[ 2929.304241]  alloc_pipe_info+0x10a/0x590
[ 2929.304779]  splice_direct_to_actor+0x774/0x980
[ 2929.305395]  ? _cond_resched+0x12/0x80
[ 2929.305905]  ? inode_security+0x107/0x140
[ 2929.306450]  ? pipe_to_sendpage+0x380/0x380
[ 2929.307049]  ? selinux_file_permission+0x92/0x520
[ 2929.307688]  ? do_splice_to+0x160/0x160
[ 2929.308216]  ? security_file_permission+0x24e/0x570
[ 2929.308872]  do_splice_direct+0x1c4/0x290
[ 2929.309419]  ? splice_direct_to_actor+0x980/0x980
[ 2929.310047]  ? selinux_file_permission+0x92/0x520
[ 2929.310706]  ? security_file_permission+0x24e/0x570
[ 2929.311363]  do_sendfile+0x553/0x1090
[ 2929.311872]  ? do_pwritev+0x270/0x270
[ 2929.312400]  ? wait_for_completion_io+0x270/0x270
[ 2929.313065]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2929.313691]  ? vfs_write+0x354/0xa70
[ 2929.314202]  __x64_sys_sendfile64+0x1d1/0x210
[ 2929.314847]  ? __ia32_sys_sendfile+0x220/0x220
[ 2929.315469]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2929.316158]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2929.316863]  do_syscall_64+0x33/0x40
[ 2929.317372]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2929.318067] RIP: 0033:0x7fa9e384eb19
[ 2929.318565] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2929.321006] RSP: 002b:00007fa9e0dc4188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2929.322027] RAX: ffffffffffffffda RBX: 00007fa9e3961f60 RCX: 00007fa9e384eb19
[ 2929.323002] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000006
[ 2929.323923] RBP: 00007fa9e0dc41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2929.324859] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000001
[ 2929.325775] R13: 00007fff40ec503f R14: 00007fa9e0dc4300 R15: 0000000000022000
14:04:14 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d314)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:04:14 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 3)

14:04:14 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r5}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = signalfd(r4, &(0x7f0000000080)={[0x5]}, 0x8)
syz_io_uring_setup(0x2173, &(0x7f0000000340)={0x0, 0xecfc, 0xf, 0x2, 0x348, 0x0, r6}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000180), &(0x7f0000000240))
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:04:14 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 11)

14:04:14 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00), 0x0, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:04:14 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)
open(&(0x7f00000000c0)='./file0\x00', 0x1, 0x2)

14:04:14 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f00000000c0)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff12a1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff9dcf57618093f87d5affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)

14:04:14 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}})
openat(r4, &(0x7f00000000c0)='./file0\x00', 0x101840, 0x49)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

[ 2945.098046] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 2945.113979] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[ 2945.121185] FAULT_INJECTION: forcing a failure.
[ 2945.121185] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2945.122952] CPU: 0 PID: 19137 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 2945.123877] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2945.124967] Call Trace:
[ 2945.125322]  dump_stack+0x107/0x167
[ 2945.125813]  should_fail.cold+0x5/0xa
[ 2945.126337]  __alloc_pages_nodemask+0x182/0x600
[ 2945.126990]  ? xa_load+0x12d/0x2c0
[ 2945.127481]  ? lock_downgrade+0x6d0/0x6d0
[ 2945.128036]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 2945.128854]  alloc_pages_current+0x187/0x280
[ 2945.129446]  __page_cache_alloc+0x2d2/0x360
[ 2945.130037]  page_cache_ra_unbounded+0x207/0x6f0
[ 2945.130684]  ? read_pages+0xbc0/0xbc0
[ 2945.131281]  ondemand_readahead+0xc6f/0x1150
[ 2945.131878]  page_cache_sync_ra+0x138/0x170
[ 2945.132454]  generic_file_buffered_read+0xc74/0x28f0
[ 2945.133149]  ? pagecache_get_page+0xc80/0xc80
[ 2945.133740]  ? kasan_save_stack+0x32/0x40
[ 2945.134284]  ? do_splice_direct+0x1c4/0x290
[ 2945.134866]  ? do_sendfile+0x553/0x1090
[ 2945.135308] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2945.135450]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 2945.135472]  ? do_syscall_64+0x33/0x40
[ 2945.137669]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2945.138376]  ? perf_trace_lock+0xac/0x490
[ 2945.138973]  ? lock_chain_count+0x20/0x20
[ 2945.139560]  generic_file_read_iter+0x33f/0x490
[ 2945.139782] EXT4-fs error (device loop2): ext4_fill_super:4962: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 2945.140229]  ext4_file_read_iter+0x184/0x4c0
[ 2945.142212] EXT4-fs (loop2): get root inode failed
[ 2945.142307]  generic_file_splice_read+0x455/0x6d0
[ 2945.142332]  ? pipe_to_user+0x170/0x170
[ 2945.143079] EXT4-fs (loop2): mount failed
[ 2945.143679]  ? _cond_resched+0x12/0x80
[ 2945.143696]  ? avc_policy_seqno+0x9/0x70
[ 2945.143708]  ? selinux_file_permission+0x92/0x520
[ 2945.143728]  ? lockdep_init_map_type+0x2c7/0x780
[ 2945.147110]  ? pipe_to_user+0x170/0x170
[ 2945.147643]  do_splice_to+0x10e/0x160
[ 2945.148142]  splice_direct_to_actor+0x2fe/0x980
[ 2945.148763]  ? pipe_to_sendpage+0x380/0x380
[ 2945.149396]  ? do_splice_to+0x160/0x160
[ 2945.149936]  ? security_file_permission+0x24e/0x570
[ 2945.150624]  do_splice_direct+0x1c4/0x290
[ 2945.151224]  ? splice_direct_to_actor+0x980/0x980
[ 2945.151872]  ? selinux_file_permission+0x92/0x520
[ 2945.152522]  ? security_file_permission+0x24e/0x570
[ 2945.153195]  do_sendfile+0x553/0x1090
[ 2945.153712]  ? do_pwritev+0x270/0x270
[ 2945.154220]  ? wait_for_completion_io+0x270/0x270
[ 2945.154868]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2945.155685]  ? vfs_write+0x354/0xa70
[ 2945.156343]  __x64_sys_sendfile64+0x1d1/0x210
[ 2945.156940]  ? __ia32_sys_sendfile+0x220/0x220
[ 2945.157552]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2945.158273]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2945.158983]  do_syscall_64+0x33/0x40
[ 2945.159478]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2945.160122] RIP: 0033:0x7f47d2c10b19
[ 2945.160617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2945.163046] RSP: 002b:00007f47d0186188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2945.164031] RAX: ffffffffffffffda RBX: 00007f47d2d23f60 RCX: 00007f47d2c10b19
[ 2945.164951] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 2945.165863] RBP: 00007f47d01861d0 R08: 0000000000000000 R09: 0000000000000000
[ 2945.166783] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 2945.167748] R13: 00007ffd9481803f R14: 00007f47d0186300 R15: 0000000000022000
14:04:14 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 12)

[ 2945.252788] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 2945.254426] FAULT_INJECTION: forcing a failure.
[ 2945.254426] name failslab, interval 1, probability 0, space 0, times 0
[ 2945.259927] CPU: 1 PID: 19169 Comm: syz-executor.1 Not tainted 5.10.194 #1
[ 2945.260756] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2945.261731] Call Trace:
[ 2945.262056]  dump_stack+0x107/0x167
[ 2945.262498]  should_fail.cold+0x5/0xa
[ 2945.262976]  ? memcg_alloc_page_obj_cgroups+0x73/0x100
[ 2945.263630]  should_failslab+0x5/0x20
[ 2945.264088]  __kmalloc_node+0x76/0x420
[ 2945.264573]  memcg_alloc_page_obj_cgroups+0x73/0x100
[ 2945.265183]  memcg_slab_post_alloc_hook+0x1f0/0x430
[ 2945.265780]  ? trace_hardirqs_on+0x5b/0x180
[ 2945.266308]  kmem_cache_alloc_trace+0x169/0x320
[ 2945.266879]  alloc_pipe_info+0x10a/0x590
[ 2945.267404]  splice_direct_to_actor+0x774/0x980
[ 2945.267964]  ? _cond_resched+0x12/0x80
[ 2945.268436]  ? inode_security+0x107/0x140
[ 2945.268933]  ? pipe_to_sendpage+0x380/0x380
[ 2945.269465]  ? selinux_file_permission+0x92/0x520
[ 2945.270052]  ? do_splice_to+0x160/0x160
[ 2945.270538]  ? security_file_permission+0x24e/0x570
[ 2945.271189]  do_splice_direct+0x1c4/0x290
[ 2945.271696]  ? splice_direct_to_actor+0x980/0x980
[ 2945.272280]  ? selinux_file_permission+0x92/0x520
[ 2945.272866]  ? security_file_permission+0x24e/0x570
[ 2945.273490]  do_sendfile+0x553/0x1090
[ 2945.273961]  ? do_pwritev+0x270/0x270
[ 2945.274431]  ? wait_for_completion_io+0x270/0x270
[ 2945.275042]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2945.275609]  ? vfs_write+0x354/0xa70
[ 2945.276064]  __x64_sys_sendfile64+0x1d1/0x210
[ 2945.276605]  ? __ia32_sys_sendfile+0x220/0x220
[ 2945.277168]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2945.277805]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2945.278449]  do_syscall_64+0x33/0x40
[ 2945.282978]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2945.283657] RIP: 0033:0x7fa9e384eb19
[ 2945.284117] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2945.286328] RSP: 002b:00007fa9e0da3188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2945.287287] RAX: ffffffffffffffda RBX: 00007fa9e3962020 RCX: 00007fa9e384eb19
[ 2945.288136] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[ 2945.288984] RBP: 00007fa9e0da31d0 R08: 0000000000000000 R09: 0000000000000000
[ 2945.289844] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000001
[ 2945.290694] R13: 00007fff40ec503f R14: 00007fa9e0da3300 R15: 0000000000022000
[ 2945.313224] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 2945.361822] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
14:04:14 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f00000000c0)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff12a1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff9dcf57618093f87d5affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)

[ 2945.437236] FAULT_INJECTION: forcing a failure.
[ 2945.437236] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2945.439170] CPU: 0 PID: 19180 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 2945.443083] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2945.444195] Call Trace:
[ 2945.444550]  dump_stack+0x107/0x167
[ 2945.445028]  should_fail.cold+0x5/0xa
[ 2945.445559]  __alloc_pages_nodemask+0x182/0x600
[ 2945.446181]  ? xa_load+0x12d/0x2c0
[ 2945.446666]  ? lock_downgrade+0x6d0/0x6d0
[ 2945.451315]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 2945.452119]  alloc_pages_current+0x187/0x280
[ 2945.452735]  __page_cache_alloc+0x2d2/0x360
[ 2945.453318]  page_cache_ra_unbounded+0x207/0x6f0
[ 2945.453979]  ? read_pages+0xbc0/0xbc0
[ 2945.454518]  ondemand_readahead+0xc6f/0x1150
[ 2945.455147]  page_cache_sync_ra+0x138/0x170
[ 2945.455715]  generic_file_buffered_read+0xc74/0x28f0
[ 2945.456411]  ? pagecache_get_page+0xc80/0xc80
[ 2945.457009]  ? kasan_save_stack+0x32/0x40
[ 2945.457560]  ? do_splice_direct+0x1c4/0x290
[ 2945.458138]  ? do_sendfile+0x553/0x1090
[ 2945.458672]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 2945.459344]  ? do_syscall_64+0x33/0x40
[ 2945.459861]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2945.460563]  ? perf_trace_lock+0xac/0x490
[ 2945.461113]  ? lock_chain_count+0x20/0x20
[ 2945.461685]  generic_file_read_iter+0x33f/0x490
[ 2945.462323]  ext4_file_read_iter+0x184/0x4c0
[ 2945.462947]  generic_file_splice_read+0x455/0x6d0
[ 2945.463596]  ? pipe_to_user+0x170/0x170
[ 2945.464132]  ? _cond_resched+0x12/0x80
[ 2945.464648]  ? avc_policy_seqno+0x9/0x70
[ 2945.465193]  ? selinux_file_permission+0x92/0x520
[ 2945.465837]  ? lockdep_init_map_type+0x2c7/0x780
[ 2945.466473]  ? pipe_to_user+0x170/0x170
[ 2945.467049]  do_splice_to+0x10e/0x160
[ 2945.467569]  splice_direct_to_actor+0x2fe/0x980
[ 2945.468191]  ? pipe_to_sendpage+0x380/0x380
[ 2945.468781]  ? do_splice_to+0x160/0x160
[ 2945.469313]  ? security_file_permission+0x24e/0x570
[ 2945.469991]  do_splice_direct+0x1c4/0x290
[ 2945.470548]  ? splice_direct_to_actor+0x980/0x980
[ 2945.471259]  ? selinux_file_permission+0x92/0x520
[ 2945.471905]  ? security_file_permission+0x24e/0x570
[ 2945.472578]  do_sendfile+0x553/0x1090
[ 2945.473113]  ? do_pwritev+0x270/0x270
[ 2945.473631]  ? wait_for_completion_io+0x270/0x270
[ 2945.474280]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2945.474954]  ? vfs_write+0x354/0xa70
[ 2945.475476]  __x64_sys_sendfile64+0x1d1/0x210
[ 2945.476081]  ? __ia32_sys_sendfile+0x220/0x220
[ 2945.476699]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2945.477398]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2945.478092]  do_syscall_64+0x33/0x40
[ 2945.478598]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2945.479312] RIP: 0033:0x7f47d2c10b19
[ 2945.479813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2945.482223] RSP: 002b:00007f47d0186188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2945.483296] RAX: ffffffffffffffda RBX: 00007f47d2d23f60 RCX: 00007f47d2c10b19
[ 2945.484218] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 2945.485145] RBP: 00007f47d01861d0 R08: 0000000000000000 R09: 0000000000000000
[ 2945.486081] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 2945.487041] R13: 00007ffd9481803f R14: 00007f47d0186300 R15: 0000000000022000
[ 2945.494390] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
14:04:14 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000180), 0x80000, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}})
io_submit(0x0, 0x1, &(0x7f0000000340)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x6, 0x6, r3, &(0x7f00000002c0)="98ba5d94c6b0e3b33a403e900a2c62c6127da266d5a5937a720fb616e421bdadc428474e414bd2cfd75ee4314581d68c811f5c70c5", 0x35, 0x98, 0x0, 0x0, r5}])
r6 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
utimes(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)={{0x77359400}})
ftruncate(r6, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)
symlink(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='./file0\x00')

14:04:14 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 13)

14:04:14 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d316)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:04:14 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00), 0x0, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 2945.629655] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
14:04:14 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 4)

[ 2945.682987] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
14:04:14 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f00000000c0)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff12a1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff9dcf57618093f87d5affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')

[ 2945.724004] FAULT_INJECTION: forcing a failure.
[ 2945.724004] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2945.725768] CPU: 1 PID: 19195 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 2945.726916] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2945.755921] Call Trace:
[ 2945.756297]  dump_stack+0x107/0x167
[ 2945.756788]  should_fail.cold+0x5/0xa
[ 2945.757299]  __alloc_pages_nodemask+0x182/0x600
[ 2945.757921]  ? xa_load+0x12d/0x2c0
[ 2945.758412]  ? lock_downgrade+0x6d0/0x6d0
14:04:15 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0xb}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

[ 2945.767043]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 2945.771633]  alloc_pages_current+0x187/0x280
[ 2945.772236]  __page_cache_alloc+0x2d2/0x360
[ 2945.772828]  page_cache_ra_unbounded+0x207/0x6f0
[ 2945.773476]  ? read_pages+0xbc0/0xbc0
[ 2945.774005]  ondemand_readahead+0xc6f/0x1150
[ 2945.774610]  page_cache_sync_ra+0x138/0x170
[ 2945.775245]  generic_file_buffered_read+0xc74/0x28f0
[ 2945.775936]  ? pagecache_get_page+0xc80/0xc80
[ 2945.776542]  ? kasan_save_stack+0x32/0x40
[ 2945.777104]  ? do_splice_direct+0x1c4/0x290
[ 2945.777673]  ? do_sendfile+0x553/0x1090
[ 2945.783084]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 2945.783718]  ? do_syscall_64+0x33/0x40
[ 2945.791099]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2945.791855]  ? perf_trace_lock+0xac/0x490
[ 2945.792440]  ? lock_chain_count+0x20/0x20
[ 2945.792988]  generic_file_read_iter+0x33f/0x490
[ 2945.793604]  ext4_file_read_iter+0x184/0x4c0
[ 2945.794198]  generic_file_splice_read+0x455/0x6d0
[ 2945.794830]  ? pipe_to_user+0x170/0x170
[ 2945.795431]  ? _cond_resched+0x12/0x80
[ 2945.795959]  ? avc_policy_seqno+0x9/0x70
[ 2945.796498]  ? selinux_file_permission+0x92/0x520
[ 2945.797139]  ? lockdep_init_map_type+0x2c7/0x780
[ 2945.797768]  ? pipe_to_user+0x170/0x170
[ 2945.798309]  do_splice_to+0x10e/0x160
[ 2945.798829]  splice_direct_to_actor+0x2fe/0x980
[ 2945.807596]  ? pipe_to_sendpage+0x380/0x380
[ 2945.808181]  ? do_splice_to+0x160/0x160
[ 2945.808703]  ? security_file_permission+0x24e/0x570
[ 2945.809373]  do_splice_direct+0x1c4/0x290
[ 2945.809925]  ? splice_direct_to_actor+0x980/0x980
[ 2945.810550]  ? selinux_file_permission+0x92/0x520
[ 2945.815317]  ? security_file_permission+0x24e/0x570
[ 2945.816001]  do_sendfile+0x553/0x1090
[ 2945.816533]  ? do_pwritev+0x270/0x270
[ 2945.817045]  ? wait_for_completion_io+0x270/0x270
[ 2945.817698]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2945.818313]  ? vfs_write+0x354/0xa70
[ 2945.818816]  __x64_sys_sendfile64+0x1d1/0x210
[ 2945.823531]  ? __ia32_sys_sendfile+0x220/0x220
[ 2945.824148]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2945.824838]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2945.825530]  do_syscall_64+0x33/0x40
[ 2945.826034]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2945.826723] RIP: 0033:0x7f47d2c10b19
[ 2945.835330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2945.837773] RSP: 002b:00007f47d0186188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2945.838788] RAX: ffffffffffffffda RBX: 00007f47d2d23f60 RCX: 00007f47d2c10b19
[ 2945.847857] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 2945.848780] RBP: 00007f47d01861d0 R08: 0000000000000000 R09: 0000000000000000
[ 2945.849709] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 2945.850642] R13: 00007ffd9481803f R14: 00007f47d0186300 R15: 0000000000022000
[ 2945.911482] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
14:04:15 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x404800, 0x4)
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
open(&(0x7f00000000c0)='./file0\x00', 0x8000, 0x100)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

[ 2945.944018] EXT4-fs error (device loop2): ext4_fill_super:4962: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 2945.951929] EXT4-fs (loop2): get root inode failed
[ 2945.952974] EXT4-fs (loop2): mount failed
[ 2945.964214] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[ 2946.016539] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
14:04:15 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 14)

[ 2946.041409] FAULT_INJECTION: forcing a failure.
[ 2946.041409] name failslab, interval 1, probability 0, space 0, times 0
[ 2946.042943] CPU: 1 PID: 19221 Comm: syz-executor.1 Not tainted 5.10.194 #1
[ 2946.047877] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2946.048922] Call Trace:
[ 2946.049262]  dump_stack+0x107/0x167
[ 2946.049714]  should_fail.cold+0x5/0xa
[ 2946.050180]  ? create_object.isra.0+0x3a/0xa20
[ 2946.050773]  should_failslab+0x5/0x20
[ 2946.051281]  kmem_cache_alloc+0x5b/0x310
[ 2946.051802]  create_object.isra.0+0x3a/0xa20
[ 2946.052347]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2946.052991]  __kmalloc+0x16e/0x390
[ 2946.053450]  alloc_pipe_info+0x1e5/0x590
[ 2946.053965]  splice_direct_to_actor+0x774/0x980
[ 2946.054554]  ? _cond_resched+0x12/0x80
[ 2946.055078]  ? inode_security+0x107/0x140
[ 2946.055605]  ? pipe_to_sendpage+0x380/0x380
[ 2946.056147]  ? selinux_file_permission+0x92/0x520
[ 2946.056754]  ? do_splice_to+0x160/0x160
[ 2946.057268]  ? security_file_permission+0x24e/0x570
[ 2946.057897]  do_splice_direct+0x1c4/0x290
[ 2946.058426]  ? splice_direct_to_actor+0x980/0x980
[ 2946.059068]  ? selinux_file_permission+0x92/0x520
[ 2946.059725]  ? security_file_permission+0x24e/0x570
[ 2946.060387]  do_sendfile+0x553/0x1090
[ 2946.060899]  ? do_pwritev+0x270/0x270
[ 2946.061402]  ? wait_for_completion_io+0x270/0x270
[ 2946.062051]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2946.062678]  ? vfs_write+0x354/0xa70
[ 2946.063209]  __x64_sys_sendfile64+0x1d1/0x210
[ 2946.063766]  ? __ia32_sys_sendfile+0x220/0x220
[ 2946.064348]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2946.064988]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2946.065632]  do_syscall_64+0x33/0x40
[ 2946.066110]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2946.066768] RIP: 0033:0x7fa9e384eb19
[ 2946.067276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2946.069561] RSP: 002b:00007fa9e0da3188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2946.070521] RAX: ffffffffffffffda RBX: 00007fa9e3962020 RCX: 00007fa9e384eb19
[ 2946.075540] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000006
[ 2946.076481] RBP: 00007fa9e0da31d0 R08: 0000000000000000 R09: 0000000000000000
[ 2946.077421] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000001
[ 2946.078361] R13: 00007fff40ec503f R14: 00007fa9e0da3300 R15: 0000000000022000
14:04:15 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00), 0x0, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:04:15 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f00000000c0)='./file1/file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

[ 2946.181604] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 2946.280420] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 2946.356220] EXT4-fs error (device loop2): ext4_fill_super:4962: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 2946.360121] EXT4-fs (loop2): get root inode failed
[ 2946.360951] EXT4-fs (loop2): mount failed
[ 2946.386894] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 2946.422225] FAULT_INJECTION: forcing a failure.
[ 2946.422225] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2946.423886] CPU: 0 PID: 19236 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 2946.424786] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2946.425849] Call Trace:
[ 2946.426212]  dump_stack+0x107/0x167
[ 2946.426709]  should_fail.cold+0x5/0xa
[ 2946.427260]  __alloc_pages_nodemask+0x182/0x600
[ 2946.427829]  ? xa_load+0x12d/0x2c0
[ 2946.428305]  ? lock_downgrade+0x6d0/0x6d0
[ 2946.428853]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 2946.429663]  alloc_pages_current+0x187/0x280
[ 2946.430252]  __page_cache_alloc+0x2d2/0x360
[ 2946.430830]  page_cache_ra_unbounded+0x207/0x6f0
[ 2946.431497]  ? read_pages+0xbc0/0xbc0
[ 2946.432010]  ondemand_readahead+0xc6f/0x1150
[ 2946.432602]  page_cache_sync_ra+0x138/0x170
[ 2946.433174]  generic_file_buffered_read+0xc74/0x28f0
[ 2946.433851]  ? pagecache_get_page+0xc80/0xc80
[ 2946.434444]  ? kasan_save_stack+0x32/0x40
[ 2946.435077]  ? do_splice_direct+0x1c4/0x290
[ 2946.435601]  ? do_sendfile+0x553/0x1090
[ 2946.436089]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 2946.436691]  ? do_syscall_64+0x33/0x40
[ 2946.437192]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2946.437866]  ? perf_trace_lock+0xac/0x490
[ 2946.438395]  ? lock_chain_count+0x20/0x20
[ 2946.438958]  generic_file_read_iter+0x33f/0x490
[ 2946.439566]  ext4_file_read_iter+0x184/0x4c0
[ 2946.440130]  generic_file_splice_read+0x455/0x6d0
[ 2946.440745]  ? pipe_to_user+0x170/0x170
[ 2946.441246]  ? _cond_resched+0x12/0x80
[ 2946.441743]  ? avc_policy_seqno+0x9/0x70
[ 2946.442259]  ? selinux_file_permission+0x92/0x520
[ 2946.442877]  ? lockdep_init_map_type+0x2c7/0x780
[ 2946.443511]  ? pipe_to_user+0x170/0x170
[ 2946.444013]  do_splice_to+0x10e/0x160
[ 2946.444493]  splice_direct_to_actor+0x2fe/0x980
[ 2946.445109]  ? pipe_to_sendpage+0x380/0x380
[ 2946.445684]  ? do_splice_to+0x160/0x160
[ 2946.446197]  ? security_file_permission+0x24e/0x570
[ 2946.446869]  do_splice_direct+0x1c4/0x290
[ 2946.447462]  ? splice_direct_to_actor+0x980/0x980
[ 2946.448084]  ? selinux_file_permission+0x92/0x520
[ 2946.448720]  ? security_file_permission+0x24e/0x570
[ 2946.449377]  do_sendfile+0x553/0x1090
[ 2946.449884]  ? do_pwritev+0x270/0x270
[ 2946.450400]  ? wait_for_completion_io+0x270/0x270
[ 2946.451089]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2946.451686]  ? vfs_write+0x354/0xa70
[ 2946.452177]  __x64_sys_sendfile64+0x1d1/0x210
[ 2946.452813]  ? __ia32_sys_sendfile+0x220/0x220
[ 2946.453416]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2946.454086]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2946.454752]  do_syscall_64+0x33/0x40
[ 2946.455283]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2946.455921] RIP: 0033:0x7f47d2c10b19
[ 2946.456403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2946.458789] RSP: 002b:00007f47d0186188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2946.463903] RAX: ffffffffffffffda RBX: 00007f47d2d23f60 RCX: 00007f47d2c10b19
[ 2946.464803] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000006
[ 2946.465721] RBP: 00007f47d01861d0 R08: 0000000000000000 R09: 0000000000000000
[ 2946.466637] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 2946.467588] R13: 00007ffd9481803f R14: 00007f47d0186300 R15: 0000000000022000
14:04:31 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d341)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:04:31 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f465", 0xf, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:04:31 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 15)

14:04:31 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}})
pidfd_getfd(r4, r0, 0x0)
r6 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x681a, &(0x7f0000000240)={0x0, 0x7024, 0x20, 0x3, 0x265, 0x0, r6}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000800), &(0x7f0000000840))
pipe(&(0x7f00000001c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r7, @ANYBLOB="2c7766646e6f3d6ca26a47ea7658154480e6ec09013e97bb13304bae9026732b4904d9d76de6fff81fb8b15b751f3154586718dab86fd406806b910c95e124235a561ab73bfc5f28027a32f2ff74ee88cd7c7bcc15bffeb3a8e2070f767710543ddeb25a198044ae2771bc99b78600aaa4145ef732d3ac52db17ab5bf095df3eca3459a47ea2dab43fe1e1b5c4b9882ff8db013420c490ab7edcf43cff89b01e565efd16141d0f257a011aa453c8f079b674f7769791c7bbfa59f437d4104d901eff9e3207660eaa88", @ANYRESHEX, @ANYBLOB=',\x00'])
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
readv(r8, &(0x7f0000000680)=[{&(0x7f0000000340)=""/159, 0x9f}, {&(0x7f0000000080)=""/39, 0x27}, {&(0x7f0000000180)=""/46, 0x2e}, {&(0x7f0000000400)=""/92, 0x5c}, {&(0x7f0000000480)=""/124, 0x7c}, {&(0x7f0000000500)=""/182, 0xb6}, {&(0x7f00000005c0)=""/161, 0xa1}], 0x7)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:04:31 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
mount(&(0x7f00000000c0)=@sg0, &(0x7f0000000140)='\x00', &(0x7f0000000180)='devtmpfs\x00', 0x200800, &(0x7f00000002c0)='\x00')
sendfile(r0, r1, 0x0, 0x20d315)

14:04:31 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f00000000c0)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff12a1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff9dcf57618093f87d5affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])

14:04:31 executing program 5:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f00000002c0)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}, {&(0x7f0000000140)="4707013399acb9245d2b7db5de583a8c65833d3fd04a95c85fcbe7669b5b106191e730a6089086a45fbd2307094b8b424bfd748ba222e0ffc9cd0dccdf72e251184ecb9aad26a9fa29ddf3", 0x4b, 0x1000}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r3, &(0x7f0000000240)="01", 0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r1, r2, 0x0, 0x20d315)
write$binfmt_script(r0, &(0x7f00000000c0)={'#! ', './file0', [{0x20, 'ext4\x00'}, {0x20, '\xe2@^@'}, {}], 0xa, "f9c88410daa063bf60"}, 0x20)

14:04:31 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 5)

[ 2962.423525] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 2962.423804] EXT4-fs error (device loop2): ext4_fill_super:4962: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 2962.434530] EXT4-fs (loop2): get root inode failed
[ 2962.435219] EXT4-fs (loop2): mount failed
[ 2962.460486] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 2962.473655] FAULT_INJECTION: forcing a failure.
[ 2962.473655] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2962.475178] CPU: 1 PID: 19252 Comm: syz-executor.1 Not tainted 5.10.194 #1
[ 2962.476002] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2962.477010] Call Trace:
[ 2962.477339]  dump_stack+0x107/0x167
[ 2962.477784]  should_fail.cold+0x5/0xa
[ 2962.478243]  __alloc_pages_nodemask+0x182/0x600
[ 2962.478843]  ? xa_load+0x12d/0x2c0
[ 2962.483381]  ? lock_downgrade+0x6d0/0x6d0
[ 2962.483889]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 2962.484616]  alloc_pages_current+0x187/0x280
[ 2962.485146]  __page_cache_alloc+0x2d2/0x360
[ 2962.485661]  ? __xas_prev+0x360/0x650
[ 2962.486117]  page_cache_ra_unbounded+0x207/0x6f0
[ 2962.486695]  ? read_pages+0xbc0/0xbc0
[ 2962.487181]  ondemand_readahead+0xc6f/0x1150
[ 2962.491766]  page_cache_sync_ra+0x138/0x170
[ 2962.492291]  generic_file_buffered_read+0xc74/0x28f0
[ 2962.492917]  ? pagecache_get_page+0xc80/0xc80
[ 2962.493452]  ? kasan_save_stack+0x32/0x40
[ 2962.493957]  ? do_splice_direct+0x1c4/0x290
[ 2962.494477]  ? do_sendfile+0x553/0x1090
[ 2962.495018]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 2962.499734]  ? do_syscall_64+0x33/0x40
[ 2962.500256]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2962.500963]  ? perf_trace_lock+0xac/0x490
[ 2962.501516]  ? lock_chain_count+0x20/0x20
[ 2962.502057]  generic_file_read_iter+0x33f/0x490
[ 2962.502714]  ext4_file_read_iter+0x184/0x4c0
[ 2962.503385]  generic_file_splice_read+0x455/0x6d0
[ 2962.504036]  ? pipe_to_user+0x170/0x170
[ 2962.504569]  ? _cond_resched+0x12/0x80
[ 2962.505089]  ? avc_policy_seqno+0x9/0x70
[ 2962.505634]  ? selinux_file_permission+0x92/0x520
[ 2962.506274]  ? lockdep_init_map_type+0x2c7/0x780
[ 2962.506918]  ? pipe_to_user+0x170/0x170
[ 2962.511566]  do_splice_to+0x10e/0x160
[ 2962.512115]  splice_direct_to_actor+0x2fe/0x980
[ 2962.512723]  ? pipe_to_sendpage+0x380/0x380
[ 2962.513301]  ? do_splice_to+0x160/0x160
[ 2962.513870]  ? security_file_permission+0x24e/0x570
[ 2962.514532]  do_splice_direct+0x1c4/0x290
[ 2962.515084]  ? splice_direct_to_actor+0x980/0x980
[ 2962.523808]  ? selinux_file_permission+0x92/0x520
[ 2962.524458]  ? security_file_permission+0x24e/0x570
[ 2962.525122]  do_sendfile+0x553/0x1090
[ 2962.525647]  ? do_pwritev+0x270/0x270
[ 2962.526169]  ? wait_for_completion_io+0x270/0x270
[ 2962.526829]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2962.543566]  ? vfs_write+0x354/0xa70
[ 2962.544083]  __x64_sys_sendfile64+0x1d1/0x210
[ 2962.544711]  ? __ia32_sys_sendfile+0x220/0x220
[ 2962.545325]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2962.546045]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2962.546721]  do_syscall_64+0x33/0x40
[ 2962.547290]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2962.547943] RIP: 0033:0x7fa9e384eb19
[ 2962.548426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2962.550756] RSP: 002b:00007fa9e0dc4188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2962.551793] RAX: ffffffffffffffda RBX: 00007fa9e3961f60 RCX: 00007fa9e384eb19
[ 2962.552783] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 2962.553809] RBP: 00007fa9e0dc41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2962.554821] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000001
[ 2962.559826] R13: 00007fff40ec503f R14: 00007fa9e0dc4300 R15: 0000000000022000
[ 2962.578213] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 2962.578967] FAULT_INJECTION: forcing a failure.
[ 2962.578967] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2962.588806] CPU: 1 PID: 19288 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 2962.589698] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2962.590771] Call Trace:
[ 2962.591158]  dump_stack+0x107/0x167
[ 2962.591664]  should_fail.cold+0x5/0xa
[ 2962.592166]  __alloc_pages_nodemask+0x182/0x600
[ 2962.592775]  ? xa_load+0x12d/0x2c0
[ 2962.593246]  ? lock_downgrade+0x6d0/0x6d0
[ 2962.593792]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 2962.594598]  alloc_pages_current+0x187/0x280
[ 2962.595200]  __page_cache_alloc+0x2d2/0x360
[ 2962.599817]  page_cache_ra_unbounded+0x207/0x6f0
[ 2962.600448]  ? read_pages+0xbc0/0xbc0
[ 2962.600958]  ondemand_readahead+0xc6f/0x1150
[ 2962.611373]  page_cache_sync_ra+0x138/0x170
[ 2962.611987]  generic_file_buffered_read+0xc74/0x28f0
[ 2962.612674]  ? pagecache_get_page+0xc80/0xc80
[ 2962.613266]  ? kasan_save_stack+0x32/0x40
[ 2962.613812]  ? do_splice_direct+0x1c4/0x290
[ 2962.614389]  ? do_sendfile+0x553/0x1090
[ 2962.614910]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 2962.615572]  ? do_syscall_64+0x33/0x40
[ 2962.616082]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2962.616774]  ? perf_trace_lock+0xac/0x490
[ 2962.617317]  ? lock_chain_count+0x20/0x20
[ 2962.617871]  generic_file_read_iter+0x33f/0x490
[ 2962.618526]  ext4_file_read_iter+0x184/0x4c0
[ 2962.619178]  generic_file_splice_read+0x455/0x6d0
[ 2962.619821]  ? pipe_to_user+0x170/0x170
[ 2962.620341]  ? _cond_resched+0x12/0x80
[ 2962.620857]  ? avc_policy_seqno+0x9/0x70
[ 2962.621395]  ? selinux_file_permission+0x92/0x520
[ 2962.622033]  ? lockdep_init_map_type+0x2c7/0x780
[ 2962.622652]  ? pipe_to_user+0x170/0x170
[ 2962.623255]  do_splice_to+0x10e/0x160
[ 2962.627245]  splice_direct_to_actor+0x2fe/0x980
[ 2962.635836]  ? pipe_to_sendpage+0x380/0x380
[ 2962.636404]  ? do_splice_to+0x160/0x160
[ 2962.636931]  ? security_file_permission+0x24e/0x570
[ 2962.637597]  do_splice_direct+0x1c4/0x290
[ 2962.638149]  ? splice_direct_to_actor+0x980/0x980
[ 2962.638779]  ? selinux_file_permission+0x92/0x520
[ 2962.639226] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[ 2962.643872]  ? security_file_permission+0x24e/0x570
[ 2962.643905]  do_sendfile+0x553/0x1090
[ 2962.643937]  ? do_pwritev+0x270/0x270
[ 2962.643956]  ? wait_for_completion_io+0x270/0x270
[ 2962.643975]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2962.643999]  ? vfs_write+0x354/0xa70
[ 2962.648425]  __x64_sys_sendfile64+0x1d1/0x210
[ 2962.649004]  ? __ia32_sys_sendfile+0x220/0x220
[ 2962.649606]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2962.650288]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2962.650962]  do_syscall_64+0x33/0x40
[ 2962.651482]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2962.652130] RIP: 0033:0x7f47d2c10b19
[ 2962.652620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2962.655008] RSP: 002b:00007f47d0165188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2962.656113] RAX: ffffffffffffffda RBX: 00007f47d2d24020 RCX: 00007f47d2c10b19
[ 2962.657048] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000006
[ 2962.657977] RBP: 00007f47d01651d0 R08: 0000000000000000 R09: 0000000000000000
[ 2962.658914] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 2962.659885] R13: 00007ffd9481803f R14: 00007f47d0165300 R15: 0000000000022000
[ 2962.689855] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2962.697834] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
14:04:32 executing program 7:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000000380)="20000000000100000c000000d40000000f000000010000000000000000000000002000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002000028020000faecc94c0a03294c821228418eb0fcf2109d84ffc4251619a7e70f4c45b8f7b717278c3d7a59ba950423485d2bb8d47e903b16eba47d72be2f1ee2c9bf9355fd94f4e52627a50ec594b5de92ca7ff4b2cc41c20ef79d18a0835c298b1779bbabe5d0c6ab507cf4b7b1a7d7cbfa0c6bcb3943d6af20f9ffffffffffffffb2ccde948bd11d760000000000000000", 0xe4, 0x400}, {&(0x7f0000010400)="000f", 0x2, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r3, &(0x7f0000000240)="01", 0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r4, 0xc0189375, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r5=>r1}, './file0\x00'})
accept4(r5, &(0x7f00000002c0)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000340)=0x80, 0x80800)
fstatfs(r0, &(0x7f0000000140)=""/127)
ftruncate(r4, 0xffff)
sendfile(r1, r2, 0x0, 0x20d315)

14:04:32 executing program 6:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f00000000c0)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff12a1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff9dcf57618093f87d5affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])

14:04:32 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f465", 0xf, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:04:32 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d342)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:04:32 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r5}})
fsconfig$FSCONFIG_SET_BINARY(r4, 0x2, &(0x7f00000004c0)='*\x00', &(0x7f0000000500)="7b5ffe158a646299bae64eb36659bc2d329e2a250edc93909979a9d9a2eb03e490c0eba9cb0b9cfa73b69c4fee1f7923843359a2b01bdcd6ce2fb1dd86fb8359df030eade8f9b9eb15b1f5617b5d6e8dc74c84e1f92ee36a867d92b57c2d73ddc4ca5c5d17", 0x65)
syz_io_uring_setup(0x63f6, &(0x7f00000003c0)={0x0, 0x5bc4, 0x0, 0x2, 0x219, 0x0, r4}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000440), &(0x7f0000000480))
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_setup(0x476, &(0x7f0000000340)={0x0, 0x2727, 0x0, 0x3, 0x1aa}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000080), &(0x7f0000000180)=<r6=>0x0)
syz_io_uring_submit(r3, r6, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x4, 0x0, 0x0, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x1}, 0x1)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:04:32 executing program 5:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f00000002c0)="20000000000100000cf50000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002000028020000028463d3b3296ebf78a295df9cdc960c768fd863f0f6f74f5334636d57b3035693538dc34d0268d8c45fa516d91eee5bb036507c2411b30cd5baf4462d865bba5ec9abafc54646a2d56570c9b341f8f27bb1b2e3b461dcb2f7a5f58697bf2a779ac044cf4b941e4e532878e3ac1b93e37366e4", 0xd3, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x101600}], 0x0, &(0x7f00000000c0)=ANY=[@ANYRES64=0x0])
syz_io_uring_setup(0x22, &(0x7f00000003c0)={0x0, 0xb58e, 0x10, 0x3, 0x1d8}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000280), &(0x7f0000000440)=<r1=>0x0)
r2 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[0xffffffffffffffff], 0x1, 0x0, 0x0, {0x0, r5}}, 0x0)
syz_io_uring_submit(0x0, r1, &(0x7f00000004c0)=@IORING_OP_OPENAT={0x12, 0x2, 0x0, r0, 0x0, &(0x7f0000000480)='./file0\x00', 0x34, 0x0, 0x12345, {0x0, r5}}, 0x40)
chdir(&(0x7f0000000040)='./file0\x00')
r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r7 = syz_open_dev$mouse(&(0x7f0000000140), 0xfb4, 0x40)
write(r7, &(0x7f0000000180)="01", 0x1)
r8 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r8, 0xffff)
sendfile(r6, 0xffffffffffffffff, 0x0, 0x20d315)

[ 2962.969184] EXT4-fs error (device loop2): ext4_fill_super:4962: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 2962.971052] EXT4-fs (loop2): get root inode failed
[ 2962.971766] EXT4-fs (loop2): mount failed
[ 2963.000384] EXT4-fs (loop7): VFS: Can't find ext4 filesystem
[ 2963.047986] EXT4-fs (loop7): VFS: Can't find ext4 filesystem
[ 2963.059163] EXT4-fs (loop5): Couldn't mount because of unsupported optional features (d3600000)
[ 2963.080852] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2963.150604] EXT4-fs (loop5): Couldn't mount because of unsupported optional features (d3600000)
14:04:47 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 6)

14:04:47 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d343)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:04:47 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
mount(&(0x7f0000000140)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000180)='./file1/file0\x00', &(0x7f00000002c0)='adfs\x00', 0x2801, &(0x7f0000000300)='^+[\x00')
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}})
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r6, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r5, 0xc0189373, &(0x7f0000000480)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r6, @ANYBLOB="0000000000150000122febbd226b312f66696c653000f74e1800ad1fbcac36a476bfbb4141c990393fda2bbfe9f46fcd43204496efcb93a6390fb67abbaf00f36739bd5f732a1a2f1936b36e5e790f65221614924d6ffe03e743d00e90a4e00380dd9a08dcaae1ad01f06ff6c298e8c0dedcd7441fa43c81ad154d5c892b9cd75c57d3360ca3b41b62779dc5e272b0a864c0cf1f4c461d8f35f01170873e6704441121a4076ddbb01d35c4d072a1983188a9b1730ae17a60e0ca1fd3d8a26714c8df9950834b1f403813c788a0544d9f24e471623f095ac38905186c428f52ac7e136d7e5c6252e5759657519ce0deb29259c9317afd1d9ac9eb04cb925f45d6ac5b389811bd26db90d74361aa81333c73f8afca3a39c8685f"])
sendfile(r0, r1, 0x0, 0x20d315)
creat(&(0x7f00000000c0)='./file2\x00', 0x123)

14:04:47 executing program 6:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f00000000c0)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff12a1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff9dcf57618093f87d5affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])

14:04:47 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 16)

14:04:47 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r4, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
getsockopt$IP_SET_OP_GET_BYINDEX(r4, 0x1, 0x53, &(0x7f0000000080), &(0x7f0000000180)=0x28)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trXns=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB="2c0842bd590c8e2a73b4901cc3086142b7a61df34be4c856ba5e4cfee7148e1aff00d19cb5acbe51d6abc41f802d44659fdf71503657c475b20968e5c2b625907802bde7b4a8fe933ead2a46e7575ab00d7ff87bb4bd56ca940949ebd823edf4508fc083d5c62990e2fd6f87809c42c55b30e2a2a56210ac1075759abce59f66c0e6228147e14887bd07c7f7913d"])
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:04:47 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f465", 0xf, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:04:47 executing program 7:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file1\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f00000002c0)='./file1\x00', &(0x7f0000000340)='system.posix_acl_access\x00', &(0x7f0000000380)=ANY=[@ANYBLOB="02000000010000000000000002000400", @ANYRES32=0x0, @ANYBLOB="02000300", @ANYRES32=0x0, @ANYBLOB="02000100", @ANYRES32, @ANYBLOB="02000200", @ANYRES32=0xee01, @ANYBLOB="040002000000000008000600", @ANYRES32=0xee00, @ANYBLOB="08000200", @ANYRES32=0xee00, @ANYBLOB="08000500", @ANYRES32, @ANYBLOB="0800a0a8", @ANYRES32=0xee01, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08302c269f09f1f8c76a000300", @ANYRES32=0xee01, @ANYBLOB='\b\x00\x00\x00', @ANYRES32, @ANYBLOB="10000400000000002000010000000000"], 0x84, 0x2)
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000004d80), 0xa8801, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r4, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r5, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r6, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r7, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000004ec0)={&(0x7f0000000300)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f00000025c0)=[{&(0x7f0000000380)="439e255b0104590d55aa6dae50d907d41a4308c851a2de6fa2838d876e35d34443b527fc413fe937771601", 0x2b}, {&(0x7f00000003c0)="156b690de7bf617829b51864b0055550829fc942a8db8ea0c1a7fc7dcd4061437b68b7395ba79bf5577d6df1e1134e4b325109d4c2de6e50ff4772b64cf1e727e085a2e162c0fbed8ad2f27a19dfab", 0x4f}, {&(0x7f0000000440)="428dbc22b24f61ae7c2fe4e1763f23d34dafdcec0fbd077382fb97a4cd16d83350978e2f728ca743800e576e84085cad21670387431e532cc0aa62365e28901b9d75d58b9c440fd96dccf3085b16c136e68ac12c917a8d6e5236578b246e1fb4a36cd57b6b0be83c248c69061336143f2667d7ee83c7ffc0997bbed89729951ae7600bcfa5afd74793f6a6b190b29e56cce4a8c199333054414d7603816e846bf1a1e703b41aefe872ccd01099977662f540a8389ac63fae5d8d30a96fc09c5a2360c5fee6edb6a40fd2f9b5289daead589dc13917a44bf37f27bd3b8c95e4adf03087d4ab96965683d54fe039d5774c09450ab3b6ecd0ebecef", 0xfa}, {&(0x7f0000000540)="050aaa4535375f54efd2b0f99889de73615f53c4c1816eeff4126fa51a478564d368afebc66b87d2df84b2c3fff04e5575eda42e5c025a68b6d17ef2a186b8c53d9886f7d519cf65d8aa254937f9482e8fca2ed8cc7c28adc224b2e7cc59bac07e435ae8563fb602d8f7dbf1fd49b10eb0996dd6922b20b8cd1a60892b15f406c58b9ad837af29f957b56344c4e2825a3245c95edb7276702917cf38327920a8a0e119e0f35118d4a474ead3abc026c3f09d5ca5fdccb3a140f43d4b142fcf7444f6a06f64b91a82d7c820841eb694ec1e3f1300cc5f2bbfbfc5f8447459bde43bc8f24b7df9c33d70b2a09decd60e159469fff1f9f8d877890639d9115dbd150d19bb0231424cf39f244701ee77d95a367073b82df599d87da5ea14aa9ddf2ff50029966d9d100eb09b0eed735aa9c8e03b1fe9466e067d295df1a4a4133f9a88c7f778f13a70aa68fd44343e926de0a6c33b68599515bcefaa9d9f6217a4c9ee890cbb94ee2f780f70a1e1cbadd0f9e451900ac5434e740a4b7ad688a116c8e7e3e90465c19ead60109a6ee0999afc6372ac02dbbef2474d83760da6fa40aaea4de33e33660fba7f02859b2c3bd53669d7c8a4a21fe3936112c6202b36e495e2a441c97b7838bf897c19c9b41a420589831d0747523de18297619b43f64ebd813927730b9b04db970658efea26e970839195d6f43f92f66ec4f4ee14ef587c99ff5ba1d8fcadf367727905aa21f6558c6f0ffcab6adc13334d81d53197e69af69094d47e2cdc878e22b4bd0e60c67cdea258c757a7b4b559a31a36abafe63ead8e2b4f711a1a9d1380e1c7f3854c1411d5d03c83a4f05d7b53e9345c49b373eb500971a0b8ea048ea0a43529418a0529424ece3d03dd238b7e16bb285112a361943c57754c152df9bd0f79c6d7f68bb58b114507bf2a547ede023bf5985fd895e969811caa24caf172cdae06ef28d0751925afbb5c14d1df31e951f4e6fc537ac4c01fe35922bc8a3d04c36add44942e507bd3f59b3005daea0644dfa8210890245c55b7704c9497e6dc267dc55180034b9703e6820c2ef2663f8b680ace8a529d7288280c13376a58989fae3bb2491af6a5586d8c9dede8a4be8d3579963b4c2ddf73b5c5edb3dc53d29f8cc68305da09906134a9eb9b4d87672916cc450145d0eed6c01ae52468fa41060db9c47ba8ad7f24484a92a3a44d5af225b19b5a2ecdd7027fcf988f81c255d7ab36a3e9e45f093766399168aa79b44ed20870800652d8bc6c4e118ebe9a6c8916d11af3de817e83c67cca3f8bea61b48c05717e53ac030280776a9252c31241ce6279059cd151c317316713748e122fc5abb9175982d5ba9eead423418012b5ffc4dfe1a50bce856331cd2d0804138c6481a52b781854e095944891167458e6de79a5847a3c263814aab799180df38321be703ccee78aca69f53d8b3077026bc73d4138621b4115a80ca0754a3179c4d693d095ed5bc020d1a54c276a016e72a8787e20bf693427c6f2a76f4b3eef1596da84053e027d9cfd388583a2a676514f003cc893dba7e215531153e95ce855f666365e7a044e5821f53efa161d5204141c0628ca3dc9836c5ce3cbdd0398876f92d19a7a7833876342c0208b5e37c3ae98854e235f1a2f6320036b32d9d01738fd10c7810ad1ef9de01adebf6cb2553ad91a835323e987a770d5e5e63bf76f8a82d56456a542f27c0136f6b318c33b7050b1e359a85113bd7c0d60a2573c3b0711674175e26343d2785fc6ea177eda635b0d5ab6895d5b9fbfe9c76f18b04e7f3e513a6ee4be42e23875a90ce5bbfa72498ee655f49745267dc71cbd1ac9f751c391bcfd223a256ecbc82ab24ef4e3a11b28fee5682fb5bc02ab261170464d1aca800e441bbfec9712873e5527646ddbe75a8850d505631f096677e9e231df5c1e8b8e660664d0ef298a7cac82fc9791a9af5054205dbbe5bfe3269ed4ab887dab575255aab07f485910bf1fb0a2244ef397aba30bda67314fde0ea7f2884e90f39acb1f1135da4a49456b6674e0ded1fc78b974002f1a3a3083be2b195ed706d53448502b256957400057a83b13a2a62d6bb9c35fdca92b0d6ae06f68679643e1d0b7353264bd61cf0bccfa0ee1520c210546c3f46529c09cb7ebb14bcc0ae0d5da6007ba8cddd309513b8a82597fb0f843ee0bbfa7d6744a4cea381e1581a52c61e8682bae3630fba1099cd0d0c8bb31a537c7cba89e563bf8d02fc6da59644646a0163a48c44a0493c19b6a5725c7c04efb4b6b53d3964faca04c49ab852c4b232970daa06e585c9597efeb4ef91d9d57edaaa71b0cdc8f9ed4ad2546d22a613f9dac15412e6131e64e280d475300fbcb16bc8ad17771f0c95bfd0fc539fed2f8d6ae20a7d7a0b6d281b41e44d84fccbc2da6c7f44b2e5b9c2ec84fc9d645075af3bdc259500f782a9adc7d1d73f30dfdfe851aaf92c53a0bde5a40c3833477c7e632f7e740ecec2ef53fa72c162fc930f3175061c7de653b3da5cb25194f1de8865094e30309da7a775763a006e4fb582e84f141344ea9ee387781f2e401865d9a934eb223d8aa400003fb5986d1560fbb90ba3e6cb33e5b4360d90bd7da23721b1a2b0f7a16b602e2e8ada13eb572a1fd2a7496e78433cc03da4cb8d76318fabce00aae360c0bf9b98507431dcfba31791d0720c7ec207852b1b9e29fbdae5a5510e4cc89d8a5ba5023a209e8ed52602405dccbfd300d58f8bf6f5a621e810a10327b76698af92f1f83617ca120595b49acb384c7e0072ebc63e6fda0f7da5b22330a97e474b9d849b1c4e65b80f457af131a7e3e0ff39ec96f87069b1e4a6052a9369af8ebd6fa2b8efd651176cc236bf10c5e1890cafad6e7c7f5bc0ac9944f044d2aac1023d0a1b185a9f715c7d65d877fae1d348d99a690b63ba7db1843a95aa95b99744e0196748b2398116d3f20fa70f7dd31428ab0696a929d67a10e45edf4789f3bbe0a5651422b18f8df6a350f8054d017cea1b32eb4b882148fd2a9b8b6526af1d56e568634cb69d0a706067c88e0228159f531d79b88e94a30a29aa4cc3e50c38d29152281819ed162e62121b98323c5d076e916fdfc6d2e34f3765f4ea01502c4cff362179421226c7c567b864f0db937997b682fe7a9ec4483cb244c21dd23759e1da7b1df1b3e4fc805ca4f177474138e856ff79711bcbf9204c45449e070f642c6d6b6db0696e9611ddd7aae0ce8b532f73a543664e46ea2d18c99e3ffcf624caff42b9f4489c6f73a17f9985908ad5299f07b5ceffe70ba931fe0cfbe965e287524ad292fb5d917c9c4093c20d3802c5bd7370e5810d9537217e1b1e3ca5f37c9579581c166979525954fbc560477fcb021775b7b35e166bacaf3835daa9245f917cebb9c7d6cbe569bfaeba013df0ee6d87818ccef2d429a542eacb8ccc15af92d3121594059ec3355e338f28e1fd189ee2e585cc2437d004c31349adac7b35e97b73cb1e0d0321debf5362448cfc7a93f1beef83a1d295d602abd5c18b3f01f83ac4cb6631ebea0d344140efd9bc84fd78a519cca98a4d8ea97d8ef1a2e63b12878df85641ce397e090527aedc8ee01363118f987a1fa949853e4380517d4b659b7f557bd40b84f841060c406fd1eaf95f2cc971fe4e92b45aedd0d13e0f7035ed7d6dce4561fceae9e1fdfb2342897fc2a48477a162cc0ff5e0128f7cdabbb593c4984253345457f76fa41adc5351f914d528b8bfae79a72c0fbcd79d518ae36cb6e70430b3eee397911b8eb4438d6af537696b5c0161800f6935fef14768271fc102a392f4d3c0b4b0cddfb5771c363bfce88fb4e9fd927cd8374b0987522cc1a46513c2c798c80a1014b687b7be1134f395041b27aead43d5f27fab7254ddd0a84bea04123a6e5404c3eb50ee4c7ba0b9697e706b9636d1294d79c26b1ebd1582922feb0bac5926dbb9dc090187aaf24e60eba579343e681a5543ebcbb5118ca533a6604f7751ae8609e6f9e933de54060e29c410cdc9ca6ed833aa51bc661740d0ae6e7eab47a5c235120a26666faf6e8939b765ae423f87e8fd5f4fbfe4dd730df31db33093bad6ae9dd29c5e60f8fa02ef3c805d1de6376c9a3f9742a4b3192db528235fe930b1a047acc6f092a92ba6de1fd9f5ecf0938a71613b95c84d8822c70cc89da213c1767df1c704eb97f5520038da1651dbc2fd73d3220c859e581352090743429e42387ebad49969a27957c32a2e7448004ffacdeae7592b0ceecb7bdff0815e5bfde7307089efec5f6d773ebe2dc78d591f919ff0f0811f8dc65d6f1d3390e46a60423f66db09f192ab5eb667cb107f6c607956573efaf32ecd5c6dfec747e381ca6ee230666fb6c06c38e588f61579fd84479515fbd16e932f7c4005ae2df20b0b5ea1f02f5f250b310d7a38ac0d54c534b3d7f84548ededa7b4daf7f0e3b7475726c58c3f5313066d1b8812b70cb5d20e66f01b1df1e9e04e75e6eab1789e23f277dc6c2a9091c17c8b1c03cae7aad70192de472cfcde1016e9ec300cc4efceee8eadb3fabb586cd1ffc429c8d893923650e358bd7ca8a02047a5448d220dc17fedc9c7352b215ab700c30082ae7f524b19d5d045c7f610998d887709021be91bceaf0178424e62765a177d417090c791ece887d8b0ffad62010a2391ee8c4e16ff47070d36bd1c765612590ad61dbc91bb5bc6b907cb9607bf118e00931a8f7127011e05503ff6c3d167859d748bc9844a0a649544306f1c563d07c354798ec16fa88352778217fc9decbb9bd4ff2b5875110d0edc64b79d50f875d4f524308f00cce98fe03b2c4e835a442c2f4bc1acab12914150efc83a137bc79a18bb4bebe550e94eec45fffe683a07a87b330cfc36122e1880a7d2922ae98aaf128d6d0c239d04bd8cac3c9940a151ee5ef477b7ebeded73ef88db7ad50d875a6c937a30d4237fa72e7592b30f742591ab08352e0a2d6119d9de4a786c38f6506bef20f292c69cd0e87111c7679d627ce602af638d3fea97309fc6853d56e01af394523e0feebf9cc448f50f7249d449f3ca4f3b9ac2791392c5152fd85f29ac5d645ff51076305022aa34fdcad94ff258936a8a3f01f867205d2eb23fb16816fbd079b0b4ba944481a3add64b145acf40ad89105160a904720548756bab205c804f5f6d87ebec07007f100653c8b396546194b9d5580be4731f0888ac82218c1fb116208eeb7900f8115bf12f9c61ed04063f93810b5ccaad8f656c4e7dd825aa864e5bae26318d3d9bd8e01c53958803d7b220e42be24d9b6a43f17448923595a65b9e8d681d4086e5f5e6f2e7c484103e91d130ef4171911eb418a9fa359e3fcefabcfa764801bbab5ac5946ff3ee0b42e0b3d0e9e389bef8880ba3a79a275cb4e13e01412a95ffad61b649572fc8ae85caa31158ac3c3574793ca4b6c6f647b53a2d0561f79434fd7c15f2d8d1c81bafbf79caf0bbf8463333b27641e2520e31bf3939408a4aa592c378d9acf2d8a7b36266a94c9345343f05aee07ea6495b9ec47867587ddfc18e8b9e87b4b5f66a3ce11ab94e94e3c2a676cf27d1d946a0e3d2bbcaf36d5c2469d2e9f0321fa617d935503ae380cd41572da22e275fc65692c7af3c045dd45cc58bf348fa19bd14c5deb36cbb351df1e53939d892389abc3456c2edddabc288c7a8d75bb874c1816742f6b12ea96e205f200952ca71dd3f5c1a87321a3e3db7811d1c42a192b0d13ccb20df288ed8b98e3d75bf1f1f067b685f1450d5976035fb91d8bcf595f92bc", 0x1000}, {&(0x7f0000001540)="bfec50a2ecb2836c3d0a18c5c18c69ed6910fdaa1c82788b0ca48720e8ce3445a767bd1727f75d84ef9394da74ca2423057c1a479680aab4fe8bed854bd953c6913d7cada7c1800dfc9b7e67d09f1625558d9579e293e77e8c4b8aa039ada5f4ad06c1094d6be53fda151035aca21f180e99eb79e079431a877c421ea1b6e11cdb36a9db9432c029b58491b769199fa1acf280260ef3d78b688f69073dfb3291fd518dfe9954ae7ae79469a0c7423669f58b2358d01fb8d029c288cfc40fe3c2af9c21ee1814055597d4484729787d1e23a2fa18f7c404f95c4a785e37eef9b829ee4ebbd2ced5b8a2ad73d371f98695710b5cc74927e59c954a712ee2d993330331332ca79ed06214f3b2b9f77630a35393f4bf014b22b1e8854c1bafdf9f78e180290e955d0d182e66878310939edca9278277ccd450a3842e734809800832c13e1709cf173be52ea101b9d45eba68d93b9c7683c326157ff82667c47bd12caf1950ecc1765d33ebfcb005f4dc7dfb14274910e10fcb12cdf797cb30a43fcf24ce1e4fad1ba1a738ad9d2639944a76247fe10208ccbf5bf9e30f0ded8f83336be146c31768e1de76cc2423f38581a718db4ea6e6533d29c546fb0d6ed8eeca5343c84dc03c1236eebd2d960df0cb93f8845e688b46b308779135c6da7f7b2b562f760f8bd2e7e76e59afe28ab2e2bafe06331b13920365593d7ec0315d305148c2ea7b1addc56ebf1ef635744f08710dc059bfa735138be9600bc92d27e2428eea76f9b101e14e59065941dd5753c11bc55ca11f672238315a739b4fc3a1906497b31b5ba42f4295759529cdfac6158b384176c2eda20b3e8d33be00a130795429de8929062f632098bde8f32e683a3cadc36d6f3a016ad7721c98d329212563d13e71083e94bba661d20b9655c7454c3e15b4d057cf9f332633e8ff8d5bdbb3a02d88c388dabbf7784adfac03b5d9c0015b2957ffe66d29006d5ed0997a2eadd9e59c11cb92183fd67ba8b08df1fd643fbca8c7035799b231dcce4def0da7c9a160f39a4c70698d08489edf7921281ed7558403625d5077d860edddbd43e00c8b04cd6fc10ceaf9c3dd460368c725dd6c1bba9ad3aeee3048edba455812b70d2fae72d4ad8aab6032a83441aa4505e588036ebeb6fa3e99d2649130d70f7caf6a802f70f520c4e5a52de594d658129cc15efc424040c48d07a37803612ec947be65e9159350b7fef1462b353045830d49e9dfd54bb818e96cb46dc893a64abb66bb59cb7d522fd05ff62c2c7205cb4de5490b4558e218e919aadc8c9e8789846348e5cb0b3dfe4134df0747b9f534175017b04be99e5ab41edf0e5b7d3065f210ee1d9fb432d169da05613b4e958e55f7eac6acddde6010d6a2ac4cef5d15cc828f6ac468ab90475057156397653127aba368c05aa7694c9c15352e63ad8c0a659a6cede441d31c9bfb54735e645cbb5b31eb20acebd230f5d04b1ff1321a69a6b9dbf7ad099cac5ddffbab10eb0a3c6c983ab988b5023d95f882b4bcd69c355b988e40a69e699748b4ef4312920d83e38594c1745a7a0264665f42c428a1d4863c79d907ae00e3833c17c70bd23c8aa17e0d1e291f391809ba74531773d36e83439ae0b69a121f43ad91c41b54c20f1808dbc1edb5848944fa45f0cd026a630001a4af759b788d7f4278d652b413c2c6da0bd36e167b8b74f2e0a977334a5ef5da41b77b4dbef27206d23dc4b86d12b67e5d57a01e0a448672d98a5d73f8609468f205409984c1e2e238011435a954e1375fc19408deb67a3957a2be7319d2543366f19a159fe1977bc239e43c6d8d658ef26cd4526bd489facceded8c1136a1f743b7b3c52aa8ac9e80d911ef975a264f80df4e47bccd882b2deab8b8b5ac9c5f328729f1420b8534d7fcd5e5f5738be09bf19ef61541f73691ac87f29e9988b0f455ce5e543ddfab69c709ea050df041d74c87f5df49d03e826fd9c2df6c391352baa9d47f6bc03efb1f981c585c71f10251dbf533e483d5de69d498042c904778d0e1b19b29b7298e1c48df9f2bc1fd43e5f03a287f31f745d9051bfbd227aff09e2325156dd2a02711eefb409448d4af8d6f94372aa6dfce65e30e74d3cd0f49dba9d0ef693ab39f4b8f28c0dea99fad4be858839e6cbe6ed7899eb90d9cc7036afe9249139681801198f38b6aea047f508ff4c9bdc0a6d73f69492f7e7c832da69ea6bb45daeb351a827be2092068a3219613d5014b59eb703726bb19e99013e98adf8e0c259d8fc450eadf604f051f8c2e923ddf20bb633aaa62ef5a0ef8ce80327113b03d4ba9f010e3aefaca74d1a141a08f490d2bca5afa2453acc7cb38855524a23c28cce9935be4fe4b0474ccda6fab12156343f3b8f63552b4f5ff31a8ef448c7c997218f0fbe11ce8b12409ed2a5bb3ff8f176c5344e9b425683bd74b94f01dabbc49bf51ac41a69c5034ce19bd5d3d1f2747f33f84c269c3d7e2b5662782b37ad838a3eabaa51e8cdba9d136912d5a336380a36d4efa8bc1df4e4f23e660e602e0e495c08b9c607fe8a79a71817a1ebd05762af844e35280442bbbfa9e4ee63bc493e39bf8d65be5fcdadacec5a8ea42b8b375928e7bdc7671136de4ba1bd5b7e3835affa5e07a9d514852a8f1699508457d404e3869bd3393b6f7b9a2ce74d45be2f5477718f055e90064a2d29e469dab0939967d22194ff20d2b84676b493ce88e05db4a917f7afb48aa87cc12f22a6855b6a24b10909bab36fbf6ccb2b697493b40c89deba8dd9490f1cf9e048584b22a1ea0e39a7ba498a67ad74c7e9993abf9df763e4af7a46640875e417339edea3eb999138cade0b0a3ee77ee3cc8fd5d23668c5cdc1edbb5da34915c5b66364fb6a17782bfd2afd45479b2e82c57125df29ceb4ded264dbe23343f5d0ee017f926be9adc866f872fd845be9796e7f05e2d8719f485779a55f4b92b8fd5788d1a93f9c6aa6caa29f545b5849fb41124f557ff05bb4f5985161f5e563d3db94276515ae49d5eed166454b3513a3a7c2b8ac68fd841c3d3a837130786ae6c8c357b32225f90a6976cd817a702488ee32088e024bc125f2b3ab7952fc1983c6d9495d3fe3d0205ab680a0f3135665a1f18c7f71a078d2a70e0a1cbc32a890a91d753ad76ea2a8d46b7d563112441b1b5c3d05c1b2f83919445196948bb78dbc8a6bf7554d99a92f6be709fc5dd83e3b062bad4d1147d12d8b1547c7e5e2300512c4150db5cc1ae9013dbe78223d6e8d7ffa968a79c599ea784d3dd42a40e9b2ce72ac946e1d501138e88956ec8307aba9c61b8776bdc8223c0bcfdf1021bd4b50f37516c0bdb5e484f7d0b5be0ad425051c5be7db36cc8f986d2c67c46b1fae875a599c44e00471039d4654244b7233f9a260c11e580feded5bdffc634cb58f882a2b4bfd4bb944418d4f30ea5d495a850c85ecd1a36ec8b9346b2e56caa32d09bd4fe73b237eed69d4d257ae9dd6df45018f0d2a31d7da2fcb15db7239efc636495074552704a5d0496988566f8fddeedba49f4ee021ae22fb73905e3c2874e60cc09f298519de0865344eeaf27c218b035c5519e6b1a0cf2071a2691ef750d18b870761d240eae84e84f734a11da989b68811979486a8b25a4ccb621275c6d8a2ac8088a37d4433f2b4eb58e23a72fd7e0093f842bcca679cf10f4b03c6a68a5db1a518bf88a63d363aa74df3fe4d213329dddc8e8f939fe29b19db73b1479a008663500723e78cddb4b786473090c45684185113c2694cf5c08a5a053973b38c0e5a6ed6cf0860dae03bd5dcbb34957b02aceb359332f990d8d1f9d7b4d22c3e3c1247786e01580d9fb368521bc57c6f3d3032f019174edbdab7bb72696af6aa172d470020b93075165aef25e1b27ed2b24e0871644f295179e1f33d284325a1fdca885949986bb465f3b4e72a6a8d641f0c505f77dd8971c820687eb9457ae83330254a41683170238508dec0e8ed510d278044795ee4f4fac7afc54a3b1eb48df6c43078f216088b5f0f8d2dd1f3de645f78c1bcb195ca973092e6aeb4eef4d35e3da16228b161894ed7894edcc2279ad2ecf9ed03cb750e20998e0911114640efa9f77780d14e5acd573a013132209af038f9e1ac34bab1df087009ff1370fae235a134fb41d64cbd1d51a0e349df13851837090b0420a9f06d83280c280a81d35a911a282ada5686dcde0cb9ee881607591408067e7475642e87f0932fd5fb822037612cb485300f032db6630d676b358556fe0e15106179a7a4a579ecaa2eaf89c1c5a5dc7892543f3c87bd5fbb8ecf7de72202dcd6d2ccbe68143427cd5b5a3fdf4ce1b25bc966be3f5e0e46f9e56d720d146133474b95cee894f7323dd5525e84ea59a84e7d41273f933906c353dcd6e5ee9bed9998e99b380213deb46d9dd492afc516da1982330f0829c83b49fd34ff5231492313f26ddeda2058493f0ca53dd4c542507c32c1a72782c79957d884309029eb2e19bcdfccf0d9d3eeb123a3a63e259ee9961ab132e3077d2414f334e27bac9832d597c0e3f82b30fb743c3490ed36314ed7f7f45bd0594f41e86e61ea34ba0ac5f4220a9e1596ca64eb760e8d0b84e4233bfbab5f28c4f9a3fe5ca5e290be12851f8a043ca179ff1bc1da1c545f5ee8f54c475652d94ae4ef4709e52cf4cf46a54a8c3bf41ea3eb8bddd637ebf87a107c8a4b2eca3d80a354fd8e4a58f68bbd8d1384e927aa54a86e273c7d92b654e649a22acba0ab13c9f48bddd3b2d413bb2220607e5f72c8daf49ddc36108e5a40538d5dc0c5928f87fdc0cdfd5c702936ef0a71f0fc5483120b6b7f37766783a16cb81cc12ec7c7715570bf412e9cb9ba3d182bf81bd2464755901c18fd22b632668d2949fd9ee4b8483e29e55067d3f0362a38f15ff7c1fc507252a4970b3d0e1181bd110fb0ca52dbce612611a4a8bb4f6f6185fd7ce19f80219255d96b060855834b5c1bcf57c75565246ff029304fa602347ba55e4c35e49623fddaede2846f323ceba52ffb490290ea11255f537f92e5a9da8e6ef14576b2a19b0f452f999d3c176a38be0d2bf19326ea3fe266fe85d0a8d31f5d6d66aed72dc5bb75ab10fd8c16b29f8aa7cc13a3bc836ba0cb6547b349df711a87bde8a4159f9958a08c5d866fad060cc27469c40bb358236b2123204bc5d4f9ba4cd347f0ad3a3e22750045c8b14efa9b7d0768dd7c5be79acafd02770566260a0546b7cf443b883508377e4f5b9b54e9099b326701f789105fdb5018515c117da925e612cc95158eae09c85d480989b00d464db741f6d854602213ef9bfb20190381d8739efae6f6f937723118ad80348af758a5c2f5f35634121253085cf5a336787908daae15c829d5b0b3675ebccb605ad7db067987762569f70310e3d050e6bd3ed57afe5b9092578aea05aad7ae332dd5148bcfb94fe58dcf36b57fcf78621777a1b3e5c4c69a2a818c080be4470154fb7d006669982030779053541979c38dfdb010e2ba89b0b18f199ca8bc0f6704e289329458af55c6d9b253cba9e85e423ffbf7bbd233d7ab7e4f05f3659d1f4a61924993b5fbaf98853ee05b93a309a433d67032a0cdd46d27ce27a079f00e91248b82285f435738a7fcaece543fdd976778878041d973ed2910ede3db997b69e3d36f3cbe5c6db88bb9499c8c9bcb68c5852da97a79b1184ee51e63b2a16e844129a23bb4912411537a5ceae3c79a1b036192e5bc35bcb13b5c50a741adeb74a26e693272160e441ea2136f20a91bd2ad7c7211a6859", 0x1000}, {&(0x7f0000002540)="802d1ae333cb51e64f72fa716d001b910e7728c772e64c03aedf6d5c19578d92b5274c796cdd74bd791ed16046c9c6efd3156482a3ba778e957ee58fdf7626d6345835f528c54780ed560463a2ca66b59980b99f17629a68d9877b3f23c81ee33eb01c8d5e9e1791a3bda12c0b9b8545", 0x70}], 0x6, &(0x7f0000002640)=ANY=[@ANYBLOB="100000000000000001000000010000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=r6, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32=r0, @ANYRES32, @ANYBLOB="00f9ff001c000100000002000000", @ANYRESDEC=r1, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000034000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r2, @ANYRES32=r3, @ANYRES32=r4, @ANYRES32, @ANYRES32=r1, @ANYRES32, @ANYRES32=r1, @ANYRES32=r0, @ANYBLOB="000000002c000000000000000100000001000000", @ANYRES32=r5, @ANYRES32=r0, @ANYRES16, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r7, @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00'], 0xf8, 0x44884}, 0x4000000)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r8, &(0x7f0000000240)="01", 0x1)
r9 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r9, 0xffff)
sendfile(r1, r2, 0x0, 0x20d315)

[ 2978.553177] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2978.579926] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 2978.588497] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 2978.599005] FAULT_INJECTION: forcing a failure.
[ 2978.599005] name failslab, interval 1, probability 0, space 0, times 0
[ 2978.600487] CPU: 0 PID: 19360 Comm: syz-executor.1 Not tainted 5.10.194 #1
[ 2978.601308] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2978.602300] Call Trace:
[ 2978.602631]  dump_stack+0x107/0x167
[ 2978.603088]  should_fail.cold+0x5/0xa
[ 2978.603591]  ? xas_alloc+0x336/0x440
[ 2978.604049]  should_failslab+0x5/0x20
[ 2978.604513]  kmem_cache_alloc+0x5b/0x310
[ 2978.605056]  xas_alloc+0x336/0x440
[ 2978.605525]  xas_create+0x60f/0x10d0
[ 2978.606008]  xas_store+0x8c/0x1c40
[ 2978.606462]  ? xas_find_conflict+0x4b5/0xa70
[ 2978.607027]  __add_to_page_cache_locked+0x708/0xc80
[ 2978.607708]  ? file_write_and_wait_range+0x130/0x130
[ 2978.608355]  ? lock_downgrade+0x6d0/0x6d0
[ 2978.608872]  ? memcg_drain_all_list_lrus+0x720/0x720
[ 2978.609518]  add_to_page_cache_lru+0xe6/0x2e0
[ 2978.610115]  ? add_to_page_cache_locked+0x40/0x40
[ 2978.610727]  ? __page_cache_alloc+0x10d/0x360
[ 2978.611287]  page_cache_ra_unbounded+0x419/0x6f0
[ 2978.611918]  ? read_pages+0xbc0/0xbc0
[ 2978.612390]  ondemand_readahead+0xc6f/0x1150
[ 2978.612944]  page_cache_sync_ra+0x138/0x170
[ 2978.613531]  generic_file_buffered_read+0xc74/0x28f0
[ 2978.614204]  ? pagecache_get_page+0xc80/0xc80
[ 2978.614774]  ? kasan_save_stack+0x32/0x40
[ 2978.615310]  ? do_splice_direct+0x1c4/0x290
[ 2978.615887]  ? do_sendfile+0x553/0x1090
[ 2978.616387]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 2978.616969]  ? do_syscall_64+0x33/0x40
[ 2978.617454]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2978.618139]  ? perf_trace_lock+0xac/0x490
[ 2978.618670]  ? lock_chain_count+0x20/0x20
[ 2978.619195]  generic_file_read_iter+0x33f/0x490
[ 2978.619851]  ext4_file_read_iter+0x184/0x4c0
[ 2978.620411]  generic_file_splice_read+0x455/0x6d0
[ 2978.621032]  ? pipe_to_user+0x170/0x170
[ 2978.621526]  ? _cond_resched+0x12/0x80
[ 2978.622010]  ? avc_policy_seqno+0x9/0x70
[ 2978.622530]  ? selinux_file_permission+0x92/0x520
[ 2978.623166]  ? lockdep_init_map_type+0x2c7/0x780
[ 2978.623818]  ? pipe_to_user+0x170/0x170
[ 2978.624347]  do_splice_to+0x10e/0x160
[ 2978.624857]  splice_direct_to_actor+0x2fe/0x980
[ 2978.625508]  ? pipe_to_sendpage+0x380/0x380
[ 2978.626071]  ? do_splice_to+0x160/0x160
[ 2978.626565]  ? security_file_permission+0x24e/0x570
[ 2978.627226]  do_splice_direct+0x1c4/0x290
[ 2978.627814]  ? splice_direct_to_actor+0x980/0x980
[ 2978.628432]  ? selinux_file_permission+0x92/0x520
[ 2978.629044]  ? security_file_permission+0x24e/0x570
[ 2978.629705]  do_sendfile+0x553/0x1090
[ 2978.630222]  ? do_pwritev+0x270/0x270
[ 2978.630710]  ? wait_for_completion_io+0x270/0x270
[ 2978.631321]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2978.631951]  ? vfs_write+0x354/0xa70
[ 2978.632429]  __x64_sys_sendfile64+0x1d1/0x210
[ 2978.633005]  ? __ia32_sys_sendfile+0x220/0x220
[ 2978.633646]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2978.634328]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2978.634985]  do_syscall_64+0x33/0x40
[ 2978.635491]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2978.636141] RIP: 0033:0x7fa9e384eb19
[ 2978.636619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2978.638942] RSP: 002b:00007fa9e0da3188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2978.639936] RAX: ffffffffffffffda RBX: 00007fa9e3962020 RCX: 00007fa9e384eb19
[ 2978.640820] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000006
[ 2978.641706] RBP: 00007fa9e0da31d0 R08: 0000000000000000 R09: 0000000000000000
[ 2978.642615] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000001
[ 2978.643510] R13: 00007fff40ec503f R14: 00007fa9e0da3300 R15: 0000000000022000
[ 2978.680915] EXT4-fs error (device loop2): ext4_fill_super:4962: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 2978.699934] FAULT_INJECTION: forcing a failure.
[ 2978.699934] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2978.703377] CPU: 1 PID: 19339 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 2978.705626] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2978.708277] Call Trace:
[ 2978.709109]  dump_stack+0x107/0x167
[ 2978.710223]  should_fail.cold+0x5/0xa
[ 2978.711437]  __alloc_pages_nodemask+0x182/0x600
[ 2978.712848]  ? xa_load+0x12d/0x2c0
[ 2978.713975]  ? lock_downgrade+0x6d0/0x6d0
[ 2978.715227]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 2978.717158]  alloc_pages_current+0x187/0x280
[ 2978.718542]  __page_cache_alloc+0x2d2/0x360
[ 2978.719929]  page_cache_ra_unbounded+0x207/0x6f0
[ 2978.721391]  ? read_pages+0xbc0/0xbc0
[ 2978.722599]  ondemand_readahead+0xc6f/0x1150
[ 2978.723985]  page_cache_sync_ra+0x138/0x170
[ 2978.725326]  generic_file_buffered_read+0xc74/0x28f0
[ 2978.726884]  ? pagecache_get_page+0xc80/0xc80
[ 2978.728305]  ? kasan_save_stack+0x32/0x40
[ 2978.729601]  ? do_splice_direct+0x1c4/0x290
[ 2978.730913]  ? do_sendfile+0x553/0x1090
[ 2978.732151]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 2978.733631]  ? do_syscall_64+0x33/0x40
[ 2978.734823]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2978.736479]  ? perf_trace_lock+0xac/0x490
[ 2978.737755]  ? lock_chain_count+0x20/0x20
[ 2978.739047]  generic_file_read_iter+0x33f/0x490
[ 2978.740479]  ext4_file_read_iter+0x184/0x4c0
[ 2978.741859]  generic_file_splice_read+0x455/0x6d0
[ 2978.743444]  ? pipe_to_user+0x170/0x170
[ 2978.744698]  ? _cond_resched+0x12/0x80
[ 2978.745915]  ? avc_policy_seqno+0x9/0x70
[ 2978.747225]  ? selinux_file_permission+0x92/0x520
[ 2978.748807]  ? lockdep_init_map_type+0x2c7/0x780
[ 2978.750271]  ? pipe_to_user+0x170/0x170
[ 2978.751395]  do_splice_to+0x10e/0x160
[ 2978.752563]  splice_direct_to_actor+0x2fe/0x980
[ 2978.754064]  ? pipe_to_sendpage+0x380/0x380
[ 2978.755500]  ? do_splice_to+0x160/0x160
[ 2978.756544]  ? security_file_permission+0x24e/0x570
[ 2978.757782]  do_splice_direct+0x1c4/0x290
[ 2978.758807]  ? splice_direct_to_actor+0x980/0x980
[ 2978.760267]  ? selinux_file_permission+0x92/0x520
[ 2978.761853]  ? security_file_permission+0x24e/0x570
[ 2978.763501]  do_sendfile+0x553/0x1090
[ 2978.764719]  ? do_pwritev+0x270/0x270
[ 2978.765938]  ? wait_for_completion_io+0x270/0x270
[ 2978.767472]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2978.768974]  ? vfs_write+0x354/0xa70
[ 2978.770106]  __x64_sys_sendfile64+0x1d1/0x210
[ 2978.771387]  ? __ia32_sys_sendfile+0x220/0x220
[ 2978.772840]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2978.774525]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2978.776125]  do_syscall_64+0x33/0x40
[ 2978.777076]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
14:04:48 executing program 6:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f00000000c0)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff12a1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff9dcf57618093f87d5affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])

[ 2978.778412] RIP: 0033:0x7f47d2c10b19
[ 2978.779501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2978.782368] RSP: 002b:00007f47d0186188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2978.783537] RAX: ffffffffffffffda RBX: 00007f47d2d23f60 RCX: 00007f47d2c10b19
[ 2978.784657] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000006
[ 2978.785743] RBP: 00007f47d01861d0 R08: 0000000000000000 R09: 0000000000000000
[ 2978.786798] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 2978.787936] R13: 00007ffd9481803f R14: 00007f47d0186300 R15: 0000000000022000
[ 2978.792332] EXT4-fs (loop2): get root inode failed
[ 2978.793117] EXT4-fs (loop2): mount failed
[ 2978.803808] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 2978.823229] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
14:04:48 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}})
io_uring_enter(r5, 0x5d63, 0x321f, 0x3, &(0x7f0000000080)={[0x8]}, 0x8)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:04:48 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
pipe(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB="dd00"])
sendmsg$unix(r4, &(0x7f0000000680)={0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001840)="87387287afd33f834faaf6ed98e6c23b9bf1f9201fc75f2e6fbabef70d18049dc972e33e06f9978a654912463b5edefde4828870066558f68209f8701af0b203bfa9703c13a2c4c99e981ac50a122c6fdf2f5f4a1a2688e3ecd74de61b1fae74364f0d7b0049dff0b90309ce5db74614291eff7654560a2a8921ce0802be45cfece4ee824b7e1875177466afc4d8e64b7905ccc4425a", 0x96}, {&(0x7f00000000c0)="6e4ee689d25a09fac793a32544ed4c8821ff4f8ddbd18c338a34d3e126bf8dd1aac74e5b92069785d27f05de802543f2", 0x30}, {&(0x7f00000002c0)="b8887d8e262fa7c14946af5cd7fa59015dacb78e47dd52c7ff7555ae9e6ae1bfaae3ec89bdf5c32dd6734d418fc77158794ac82329868957b43c1bb7943ab5dd9dcdc1e759e6939cbb2b3885d9553aad27fa0592d3e420fc9dfcaaf71b10521dafe0dae0afe296bbfe70f6a0c0e1f125d660609bf0a225dbd3aee559312287169c383da9dab20b2766079123cace74b6fcde8b37af3bbad3635721dd6105f4a853037081d81d0d1df8534e2d4c63186f", 0xb0}, {&(0x7f0000000600)="386da48ad254740460bdd3c0b92149d0ba5701e1cd5f65b488605012bac3", 0x1e}, {&(0x7f00000003c0)="ac95ad758c0599e9568c4e4784a0973ba1f15ce6adcbb770abfa7a471018668de434d59d819cc639ea05688631c113f16eefd5e04976898ab3dbfe93cebb11bd75dd863b276e3c288bfff48cdc5c654c5e0ff43d6eac454dc9bc56e261df56c0e379af0a3a6c39db2ed50ff9a42b94faf4a6b577cbb0f4056dce8963a3a43b6db2664228510d37fa890ba9034588", 0x8e}, {&(0x7f0000000480)="5b17bc5b0db48e3eb015bf63ff051512fc5dbf869119d38bf2f22f509b248b2595e44c6375d65bdfdd5a7b0525bbea275b932ecc90941be434c92b198436d977ccf8d3d2a710c2343d7a6178380417e8077be05b38d929dab296d12f110d5e9120c706c2ce536d94089ae6c4e7fa4c0ede3a53550e39f40baffa08a75b6ecac94887a796acccf918c6460d3f91b89bd86a644024b4c44efa10448d8e4b77448bc8b65d0e88021f2f6d0f60f64cb2c6f52e99451d5c184e5452741959d8cd3e2c540de5852b3c6c97dae57d5f36665f13f2b319815bf9ce6fc80be4bd326c8a4b184c9130f9f90b85f5246b8cabc219cc74ac93f7f1f3e66f967e42eb2133", 0xffffffffffffff11}, {&(0x7f0000000580)="288b6f01690ff5e20d06b0fc16797151221631b0bb53f82070bea25089c30ad62a3333d3d2a89bfc4a6c7918be4e12afec5edf7f2d6b9595bbf748c60d15d1ba1ee1f0261e160000000000", 0x59}, {&(0x7f00000007c0)="9c3008a254f509817ca7c16d2a4dfdfddea83f23944ffaab29f50eea6ee96215487588668e91c377fd850f4f02d19ff9106d3cbae064a06caf017dabf6ef980e13b2f5c726b80ed3849b391ef85e9c8434bf7c13e34a5c90ff9f791a21277858b31566d65424a3840bdddce845be2a47682ab0573e490a6a26658cfdfc2808561bd293ab5a5e108b020861ea97235cd9edb8309247d231ef0216388cac7f7c1d0c0beaff57ee920f7bbe6b796ee7d115c7fb9934c6e4956d9cbcc349e5b0df1c0b1605af1b5cd925807dc78dd6eb18a41315e8022a5108e4c7f0289a6fb393102c30c35b806146b8172d593ff360fbd6924972b4b0fc15a988c7b50c769d6775684b18757dc456301562511f4f72a1de67915fa2e8725222cfd0f935868425cb3c0afd4d091a7b3618c0cff367ce1fc8745b673c7f10edbd456d4d1b34bf040b835b85884b105e997735f6a216839a5a27e026a15a1da902b9f331b860e47fcfe7d218a49f534bc69ff4818621d1248ed1256689ec85d45fd803fe4ca7e70eb30b7301da8b711ddd12c261d76a7641c6a52d81800939dd3ef6989d1ce1e0ea6aeebe7328e2a1d6475d7435197cd29d9228cba2b495286a313a4d44c6a3b03be9c8c17a5cae17376f06a7889cb6163f8c1b0ccd014ad00402aa0f99e5c4f4eda979122eeea385373ae88a718d9156e6272e33b4de467f19d0e61639c8d8030f0d684c2ffa11446ff7ba3bda36da864aeb5a5061b38050d740f008537851f939a8e72f685b9b9345379a6e37056d28e68d4610e4c7e7f43990c910a6f15d85c591d0c5cb3f9d634ab9620e565d3731e3c45c427c3b567907917d882372f74223378b30827b97649f26a97b615c055ee25d7827f6adf499fe75bcaddef07083e76d035a8bf51ab0fdd2e4e753001e47e01f20472de13f2bdeccde906d58c6028454789af4a738180c62d930b7967b7e651e296ad157723e31d5e7d78f5741f42a51a88ea1f6d838ad750f17368a84cef8a3147818b8a6b9825dd493a584c5be6d5a5eaeb727605a5c060a0cf9310921ceda62a9a576c0d4753a5120161d0c0d74f23219320cccd88e948e5290a8b0aa18d6090181f6dfa6b10cb47e84c0e6baa355015f007d0f5a7558bdb89629636a9e4dbdd03192aca3770c27c308a7b8013912bd096b65292eac50bd234f9a51585c57db427a7c3bb20cd280181bcdfa9ea64b1075b8fa00ada91df4cfa873e499218bc9ead26bede9866ff6a2b0e8e12b291e687574ffc76fcf17358ca146be904c5bc96a960b06076e433f310287bf2252647ba6d078f29dc55601d53284db615dab359f3c4ec5e21ac6560be8177afa4d4cf0420f71aabe05d1ca685eb0296583fb760f188e7cad9785790d63dd72938103161553a32ac396941f366a0ffa06841287e02ec1613d99529fa729db11f38bbc98d5d28817961cd3ae863a92efaaa09dbdd5cec8343709c9e2d3193458eb94e198835e2f0e1616b8b33c1a3ad62647be61cf614a4d145c2068579e5a1e50131760ecbed518e4de5f9698509afe9e28684572e7b1e442fe9367f7eb289e6166c5a30b3d8bc0abaac70d5b4ff653458a009b7128384ad8ed9a264747f96d1e4109ba31466dfe332021de2ea71e11c7b8702e4d3c5cf400ff9927dc7dfecc83211c2194a9346e50c0d151968e39b9a3e6afa7f7e226f2f92f42df25472ac6ff99e8dbb71ad3b36408c441b767ed765d58c573e6ef030aa933c17fa958cf3310d286560204323e7a807b6ccd0d812453b3a24a43f792ce099075258d8e31117e5bfdad7c8767d96ea07283563da4597711b5276a2c45c6496c03aa3dde7b8719fb492c5ecba700e1ad18e0185d9e02508fa85ab03c05e89074ea4b58c1e0f84481a66c18f7c1a4a91b662c6188a77cec2a76c106627ea98d1e2f80acb55da873915a82787fb48a73d78de6f79f9cd3b7386fc724011c3271b75e45921b36b0f69a8c609bee3893c030ab52bc71aa630b6bfed9ecc3f211763f47e4e7d5601f4ad975799ab2658aa151bdbc7776cf5629dbfd5e9c11e5e77b2341ea6d6389d860eef6245ff1e2d49c17231287982bc4e88a62d3ad2308bc3ad3fe66f29f4818a07bc03ae8e6b773dac0694d20ef175f806c9bf0ed0d0b3aadbdc0ad6e55cda477b72e481abce92f935f914a581169936e2a909ceaca4c49f434f67d6b6eb89ea7c302f737dbd603cb1b366b09ed07e00a15725844ec48549867272544f6d0318453a5bead5467c97f259420b668bce67d5709869bda58fe3dfcba0e553d9a9a08a9c34b948e7a15c661cdb6ba3ea40849104f2f5041b4ec933cba60ff2bf7876798d0f226540f33492a6b9b60ccf25cf8b4fb5bc2e63c4cefe09803f0168ffa7723cbea97c1dcd7efd6d5e03581d3ff47b31fe8614c97a88934b9b4a8a01530bcef7e089b28d1919142319c3963b6ce62618a684c983bbac2363d6a5981054905f14493191b213bdd5bb12d0e10b010d010aa0d7744dab87374e845ca1fbc9b819c8e309a217c5cfb7f0f563ca80e708a275f262a41afe35fd63fb79283d8682c570548b6bd7eb151b976ade559e415f66d37e9e73ae67f368c9adfc4d82118b2906b745c762bc2d514d3f432c61b23e5269ee9b53f237059f54a21aee77a3b427a05850d02b3c69fb07f104cf99711acbdd12e77d954c481c90b0b9535c5be03923cadfbf8429699ac1dd3be9d2e47160ff3812f2b3c9fa73375c35c40c536de9e211453838be567560cfa8c97937c25ede5d14d156a69f61f568296932a4690a235986815d60a80161bb0544473cc692cb6a309b85a4348f088c3b87014ad69efc12656842bfceb6e88f9db04e511b504ca30570c2c987a254099026f2ffbe9468944c0ddce7c0a30305fbc9a76e6767efb2a418008f77f3c697cbac6806e5f814bbe170d164bfa82e9c64fbd47c0f38e2bb36bbf7ab8845020684d2e728591b7a81fd09eaec0409fdabbcfdc37a2844d81598268b0d98095c2424aff6a93db136fb8a69e6fb7d0eb3fa333187be965d216ef505a4ba8fa952eeb7e05983ed5aeb4080a4edc20dfb73515f99c15cfd376ea809a444ddafdc0d161c98ecfb29bbccea0d596f4bcc43c542c2c1827428ee725bcefab82c9e22164613726319b26e939795fc82a30cac3d510c13b9b7356dfd186d91c016a473a771adc4cccda65391fdcf719eba46db48be990aacd0c61654b830c92d11adc837179106bfe5d3480ef61f233e31c6e5005761bd66e77ae092fea91578557b1c3e5d900d1cb33d5f586975213119a3ab1d9a2e07095e3cfe9e9975653c8d88237ed424855074db1382245cf8dfa5714367d2e79fd3e43953bc42063aa57213428e5a4db8b78b83e127e1c7afec4ac588fecfeea5870f5ba3a399afa5582ce8e0fa2d1260b81a7406b1bcdadce0b9c6171431444631b8eac0c989b43f0ce13ad7997faed1bb4c8603fea47f7c50622efd1b50427e4b1b4d939a683e0f9074db10f5e0314a65369bd936c33bfa27121796132b15acf38de58f817b152b48dacfad6ce6a4587f99f06938dcd7e1bb39b16640d35b80a94e3ea58ba4e0734b893d7e378e72955e1abab837a9e0798783871e87efd10a3e8244b19523d775d9dd93bc4d29c0a451cff19e4a297006762066dcc74391e739e345f8b99904fad575a8ac3749113f51dfed39110401c814fb3470b30c8462e66bc527b697951fc26757c54d07f9ea8f9288a1f8085fd322761516587a13e5172ee37393dbf9c83f644e8c10ca6c56bc7cf7605f851a810a17c5177d6f18f6dcc74356c1e878c288690ed81d99042b6e8ac46542c683af2b00eb2873566d625bd3916e1986cafa89f87b8b113ff0492788cc849f24d2250b0d738f1b2911b8f8fb83cd383bc8d0a4b6cb6a84cb0b6f20d0d8c0d0121ff2fd56c642febc8075b57cd15f0132711cbf6b05be7c5d7c487bd2fa0b8f990e4fcf17dcf2c10a40050987093d03f694989615a5ad649b524423e0e0e8493b206a28e689d11d494d7a5b973dfeb6b7cb402d1a940e5e65186ea4e036d7e6790a93b51c50e15ac043ce0017f641e151dd3ed9c2b37b8844034458b9b3d41dd5bad351894c682cbeb560c20a732b90a11dc8389d824373f8873098447e4bdd08fd3ad1d30f5c264ed175a4f97b9609d4fa470e923b33eba1f4696bb7dac57b1ee15877f9ac76ab0528e81f97de70a7490139213e536982c10f24edefb4c94fd136b7454f717a5affe58748732c702e4eca2a41e3ee7dbc3d89d9d36d02458a1308b99a7acddf9bc9114d181ba1a25a84411cd4283e6fb29d9e3bc24b70d00380aed18eee58110ecedbb753c9768463cd989eb4aa28d2d2f244a53ba5504ff04fe0cbbaadbbc8c87a4845c2096072535e567934e883f6c7c1a1bd145bf076cb8ea97679de80d4e1a9e5b1ace385b28cd6fc562cf29a986fdd55a1e8bad02debc1cb54b260e14b5b695e41c6ad6b48f7f55b84b0e5459991ed530720c398cd5510a783e89f7a499715dfb113ee4d27d4d203c2a08a8f46a5377e235592229c9a1b9d1f423302ee406014dad530df915d103ea3bfdfcef97ea4efb87aa839d679072c23af3654bbe396b61643d15358a549a9661b83cb8234b74691f44fe37c0538cfd44216fb6becc534669126b3c43df2e591129942eb78afe48fc7dc70e468de336c2dcf50a1b6200fea0f63a99a56de8b28c9fa6969510f080330204e05b935f293ac3839440bf4bb3d90cf72987bc910957276183093d3e97926aada3084735153cffb2b82b348476729f5ab01a94c9b68e18f8cfd225de2619496ef154b9b16cb6e09f55b92afd26f38e1e7e424706a616a680e45e6bdad7222b785b484185f746b4ab662d2df67beae6eb24f751050c4ae7cadc8beaf7484a14ac633a0ef75c8eef16bea06f9057e4b4bd403fe674a76e205be9b2253b47d848904ed6717f3802cfc37fbb82405b1b2edd3da7786cf64b12189c8a46ad75e6ac22d206192747b492aefe1d1163cfb9b7fd5ed50ff8fce667d5ad70dd13ea01e6bec3ee31f4b5d9acf0ffdf0a1880417a65d283d6a1754aa8128d372c554fdc9c43cf97b9d85c0784b74b469368650766c906c44736044879aa5e58195ce8eaa9314fcbb8472bb004055b3f9a510f194c84d24c4d590357bfe6aee10417419a29ac5ae82582e2a4739a09bcc0e15463b0b2b52e2e429db6596dcd85de7551e148921e824053c150f1620c6c03f037f8b9329e912da81846cff317e34848c8c1aaed58dce1e96daa32f518f7294611178370d430aad4592bb7989dbb75c9aee291b79bfd5b9cc0cd7c34109f480958b1affd20ce2b29ca4657285c9e90b3b36755bbb28eb1f1ab7f43b7b10de842bfb3ca7f9f20275652505c86195294f39828dbe0c7ff8ee1ec201796b9b4722ac03d0ee0d495f11b2fb2d59b88e92d069f2bc517cd62f699db69aff3d1c7a28db98cf1d2cd2431503915433cda97bbfd88aa069e895a50447b25b82f682aab5fc5fa56e6742ef91159544533bce53ee24d8de05bcb6030841cdf4dca0110e203b837d5c252c7d0d80f824b0a2f19ac40155768910d498e587d6139eead8cd0914f5ed87219db144aabe9b2746b4aaa9a82a1a65d3be5c643e518f8871e4c67beba681b5b08eca6977785a302c83ed6505f5b8575c58ee1168b39cb0d52c8b99cbc3c0110f9e30302b2664e60937b7a1f2c832a0b45625323707ef2bd5689940c9d9a5279b20394be3c934a1f429c04308cd45f2db9ae17", 0x1000}], 0x8, 0x0, 0x0, 0x4004800}, 0xc080)
write(r2, &(0x7f0000000240)="01", 0x1)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r0, 0xc0189371, &(0x7f00000006c0)={{0x1, 0x1, 0x18, <r5=>r2}, './file0\x00'})
openat(r5, &(0x7f0000000700)='./file0\x00', 0x181400, 0x2)
r6 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r6, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:04:48 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 7)

14:04:48 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d344)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:04:48 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f0000", 0x16, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 2979.034650] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 2979.084621] 9pnet: Insufficient options for proto=fd
[ 2979.091709] FAULT_INJECTION: forcing a failure.
[ 2979.091709] name failslab, interval 1, probability 0, space 0, times 0
[ 2979.093221] CPU: 0 PID: 19395 Comm: syz-executor.1 Not tainted 5.10.194 #1
14:04:48 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 17)

14:04:48 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mount$9p_unix(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='./file1\x00', &(0x7f00000002c0), 0x80, &(0x7f0000000300)={'trans=unix,', {[{@cache_fscache}, {@cache_loose}, {@debug={'debug', 0x3d, 0x3}}, {@cache_none}], [{@seclabel}, {@mask={'mask', 0x3d, 'MAY_WRITE'}}, {@subj_type={'subj_type', 0x3d, 'ext4\x00'}}]}})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
pipe(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})
mkdirat(r2, &(0x7f00000000c0)='./file1\x00', 0x4)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r4, &(0x7f0000000240)="01", 0x1)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:04:48 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', 0x0, 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f00000000c0)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff12a1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff9dcf57618093f87d5affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])

[ 2979.094247] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2979.095878] Call Trace:
[ 2979.096421]  dump_stack+0x107/0x167
[ 2979.097170]  should_fail.cold+0x5/0xa
[ 2979.097874]  ? create_object.isra.0+0x3a/0xa20
[ 2979.098801]  should_failslab+0x5/0x20
[ 2979.099564]  kmem_cache_alloc+0x5b/0x310
[ 2979.100285]  create_object.isra.0+0x3a/0xa20
[ 2979.101048]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2979.102611]  kmem_cache_alloc+0x159/0x310
[ 2979.103279]  xas_alloc+0x336/0x440
[ 2979.103786]  xas_create+0x60f/0x10d0
[ 2979.104374]  xas_store+0x8c/0x1c40
[ 2979.104847]  ? xas_find_conflict+0x4b5/0xa70
[ 2979.105441]  __add_to_page_cache_locked+0x708/0xc80
[ 2979.106203]  ? file_write_and_wait_range+0x130/0x130
[ 2979.106968]  ? lock_downgrade+0x6d0/0x6d0
[ 2979.107575]  ? memcg_drain_all_list_lrus+0x720/0x720
[ 2979.108392]  add_to_page_cache_lru+0xe6/0x2e0
[ 2979.109108]  ? add_to_page_cache_locked+0x40/0x40
[ 2979.109787]  ? __page_cache_alloc+0x10d/0x360
[ 2979.110469]  page_cache_ra_unbounded+0x419/0x6f0
[ 2979.111145]  ? read_pages+0xbc0/0xbc0
[ 2979.111736]  ondemand_readahead+0xc6f/0x1150
[ 2979.112402]  page_cache_sync_ra+0x138/0x170
[ 2979.113047]  generic_file_buffered_read+0xc74/0x28f0
[ 2979.113856]  ? pagecache_get_page+0xc80/0xc80
[ 2979.114536]  ? kasan_save_stack+0x32/0x40
[ 2979.115176]  ? do_splice_direct+0x1c4/0x290
[ 2979.115789]  ? do_sendfile+0x553/0x1090
[ 2979.116297]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 2979.116904]  ? do_syscall_64+0x33/0x40
[ 2979.117538]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2979.118473]  ? perf_trace_lock+0xac/0x490
[ 2979.119719]  ? lock_chain_count+0x20/0x20
[ 2979.121022]  generic_file_read_iter+0x33f/0x490
[ 2979.122367]  ext4_file_read_iter+0x184/0x4c0
[ 2979.123684]  generic_file_splice_read+0x455/0x6d0
[ 2979.124872]  ? pipe_to_user+0x170/0x170
[ 2979.125847]  ? _cond_resched+0x12/0x80
[ 2979.126845]  ? avc_policy_seqno+0x9/0x70
[ 2979.127678]  ? selinux_file_permission+0x92/0x520
[ 2979.128325]  ? lockdep_init_map_type+0x2c7/0x780
[ 2979.128954]  ? pipe_to_user+0x170/0x170
[ 2979.129477]  do_splice_to+0x10e/0x160
[ 2979.129986]  splice_direct_to_actor+0x2fe/0x980
[ 2979.130601]  ? pipe_to_sendpage+0x380/0x380
[ 2979.131158]  ? do_splice_to+0x160/0x160
[ 2979.132178]  ? security_file_permission+0x24e/0x570
[ 2979.133747]  do_splice_direct+0x1c4/0x290
[ 2979.134983]  ? splice_direct_to_actor+0x980/0x980
[ 2979.136313]  ? selinux_file_permission+0x92/0x520
[ 2979.137593]  ? security_file_permission+0x24e/0x570
[ 2979.138829]  do_sendfile+0x553/0x1090
[ 2979.139861]  ? do_pwritev+0x270/0x270
[ 2979.140803]  ? wait_for_completion_io+0x270/0x270
[ 2979.142020]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2979.143170]  ? vfs_write+0x354/0xa70
[ 2979.144257]  __x64_sys_sendfile64+0x1d1/0x210
[ 2979.145327]  ? __ia32_sys_sendfile+0x220/0x220
[ 2979.146437]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2979.147765]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2979.149102]  do_syscall_64+0x33/0x40
[ 2979.150052]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2979.151356] RIP: 0033:0x7fa9e384eb19
[ 2979.151946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2979.154794] RSP: 002b:00007fa9e0da3188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2979.155956] RAX: ffffffffffffffda RBX: 00007fa9e3962020 RCX: 00007fa9e384eb19
[ 2979.156885] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[ 2979.157922] RBP: 00007fa9e0da31d0 R08: 0000000000000000 R09: 0000000000000000
[ 2979.158956] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000001
[ 2979.159949] R13: 00007fff40ec503f R14: 00007fa9e0da3300 R15: 0000000000022000
14:04:48 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', 0x0, 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f00000000c0)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff12a1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff9dcf57618093f87d5affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])

[ 2979.289771] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 2979.295024] EXT4-fs error (device loop2): ext4_fill_super:4962: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 2979.297068] EXT4-fs (loop2): get root inode failed
[ 2979.297843] EXT4-fs (loop2): mount failed
[ 2979.328105] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 2979.344124] 9pnet: Insufficient options for proto=fd
14:04:48 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', 0x0, 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f00000000c0)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff12a1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff9dcf57618093f87d5affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])

[ 2979.370476] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
14:04:48 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f0000", 0x16, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 2979.405058] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
14:04:48 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 8)

14:04:48 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x40000, 0x7, &(0x7f00000003c0)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000000480)="ed2463c28d41000000040000d7f4655fd7f4654fd7f4655f00000000eefaa684e3ae051934a57631ee53be42f2ad62b6f08562c69156075d8cc5e9a39097fc2c63870c7150a1edbd4271cd850a", 0x4d, 0x1600}, {&(0x7f0000000140)="31df557aa4590ca02ddf93399750c28212487b206f55558092a0f60c9746c6e9b97cf98f283ed2233ffab0ee0db3069bbab4cf2579aa883fc99ba5fea7692363a859e41476442e6f893ceb20acbe881f2ab3100d3ba3f3d17fcce4a79892303e0a7e05ce1f", 0x65}, {&(0x7f00000000c0), 0x0, 0x5}, {&(0x7f00000002c0)="b6c89c730b6c693f720aa09fd25dcd4888aa5694ec01686e8863176ce216471044345d648270af9cda04d69c5291cf690481197b4a3404cb428ba091e8486ab306ee2ce36fdf707527d2f3e7bdddf07689ba9170377b6c27a63459665a34cb3fe54ee5ff3d9ec96252dd95eedf93b291206f65027a3f6d4279b41a1270ffd3708d8eaec5c15361c0a1cd2e40cd9deaeadfc016d53bdd107eb8c3a2a4bb1fbed12748c98b5cd94223d0142f0bc00abc4f19aac9a69afbb7592575c2f126afb4d2df035637e37c9440e3abf3f2e8e947942bf1d9da0d5ba8e86f00b74b261cdf2ea6673e1406", 0xe5, 0x800}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

[ 2979.459643] FAULT_INJECTION: forcing a failure.
[ 2979.459643] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2979.461246] CPU: 0 PID: 19414 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 2979.462100] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2979.463117] Call Trace:
[ 2979.463499]  dump_stack+0x107/0x167
[ 2979.464001]  should_fail.cold+0x5/0xa
[ 2979.464470]  __alloc_pages_nodemask+0x182/0x600
[ 2979.465051]  ? xa_load+0x12d/0x2c0
[ 2979.465514]  ? lock_downgrade+0x6d0/0x6d0
[ 2979.466093]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 2979.466967]  alloc_pages_current+0x187/0x280
[ 2979.467554]  __page_cache_alloc+0x2d2/0x360
[ 2979.468105]  page_cache_ra_unbounded+0x207/0x6f0
[ 2979.468743]  ? read_pages+0xbc0/0xbc0
[ 2979.469267]  ondemand_readahead+0xc6f/0x1150
[ 2979.469870]  page_cache_sync_ra+0x138/0x170
[ 2979.470449]  generic_file_buffered_read+0xc74/0x28f0
[ 2979.471114]  ? pagecache_get_page+0xc80/0xc80
[ 2979.471721]  ? kasan_save_stack+0x32/0x40
[ 2979.472246]  ? do_splice_direct+0x1c4/0x290
[ 2979.472789]  ? do_sendfile+0x553/0x1090
[ 2979.473290]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 2979.473872]  ? do_syscall_64+0x33/0x40
[ 2979.474352]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2979.475031]  ? perf_trace_lock+0xac/0x490
[ 2979.475587]  ? lock_chain_count+0x20/0x20
[ 2979.476123]  generic_file_read_iter+0x33f/0x490
[ 2979.476739]  ext4_file_read_iter+0x184/0x4c0
[ 2979.477307]  generic_file_splice_read+0x455/0x6d0
[ 2979.477932]  ? pipe_to_user+0x170/0x170
[ 2979.478436]  ? _cond_resched+0x12/0x80
[ 2979.478937]  ? avc_policy_seqno+0x9/0x70
[ 2979.479498]  ? selinux_file_permission+0x92/0x520
[ 2979.480128]  ? lockdep_init_map_type+0x2c7/0x780
14:04:48 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d345)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 2979.480739]  ? pipe_to_user+0x170/0x170
[ 2979.481587]  do_splice_to+0x10e/0x160
[ 2979.482153]  splice_direct_to_actor+0x2fe/0x980
[ 2979.482884]  ? pipe_to_sendpage+0x380/0x380
[ 2979.483579]  ? do_splice_to+0x160/0x160
[ 2979.484178]  ? security_file_permission+0x24e/0x570
[ 2979.484946]  do_splice_direct+0x1c4/0x290
[ 2979.485601]  ? splice_direct_to_actor+0x980/0x980
[ 2979.486332]  ? selinux_file_permission+0x92/0x520
[ 2979.487082]  ? security_file_permission+0x24e/0x570
[ 2979.487919]  do_sendfile+0x553/0x1090
[ 2979.488513]  ? do_pwritev+0x270/0x270
[ 2979.489211]  ? wait_for_completion_io+0x270/0x270
[ 2979.490022]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2979.490803]  ? vfs_write+0x354/0xa70
[ 2979.491479]  __x64_sys_sendfile64+0x1d1/0x210
[ 2979.492083]  ? __ia32_sys_sendfile+0x220/0x220
[ 2979.492698]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2979.493440]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2979.494196]  do_syscall_64+0x33/0x40
[ 2979.494751]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2979.495556] RIP: 0033:0x7f47d2c10b19
[ 2979.496138] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2979.498849] RSP: 002b:00007f47d0186188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2979.499848] RAX: ffffffffffffffda RBX: 00007f47d2d23f60 RCX: 00007f47d2c10b19
[ 2979.500742] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 2979.501718] RBP: 00007f47d01861d0 R08: 0000000000000000 R09: 0000000000000000
[ 2979.502783] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 2979.503930] R13: 00007ffd9481803f R14: 00007f47d0186300 R15: 0000000000022000
[ 2979.567999] 9pnet: p9_fd_create_unix (19419): problem connecting socket: ./file0: -2
14:04:48 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 18)

14:04:48 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f00000000c0)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff12a1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff9dcf57618093f87d5affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])

[ 2979.623436] EXT4-fs (loop7): ext4_check_descriptors: Block bitmap for group 0 not in group (block 1939654838)!
[ 2979.624797] EXT4-fs (loop7): group descriptors corrupted!
[ 2979.631253] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 2979.648318] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[ 2979.669820] FAULT_INJECTION: forcing a failure.
[ 2979.669820] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2979.671524] CPU: 0 PID: 19424 Comm: syz-executor.1 Not tainted 5.10.194 #1
[ 2979.672440] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2979.673449] Call Trace:
[ 2979.673772]  dump_stack+0x107/0x167
[ 2979.674229]  should_fail.cold+0x5/0xa
[ 2979.674701]  __alloc_pages_nodemask+0x182/0x600
[ 2979.675269]  ? xa_load+0x12d/0x2c0
[ 2979.675779]  ? lock_downgrade+0x6d0/0x6d0
[ 2979.676291]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 2979.677076]  alloc_pages_current+0x187/0x280
[ 2979.677636]  __page_cache_alloc+0x2d2/0x360
[ 2979.678186]  page_cache_ra_unbounded+0x207/0x6f0
[ 2979.678801]  ? read_pages+0xbc0/0xbc0
[ 2979.679294]  ondemand_readahead+0xc6f/0x1150
[ 2979.679905]  page_cache_sync_ra+0x138/0x170
[ 2979.680464]  generic_file_buffered_read+0xc74/0x28f0
[ 2979.681128]  ? pagecache_get_page+0xc80/0xc80
[ 2979.681692]  ? kasan_save_stack+0x32/0x40
[ 2979.682198]  ? do_splice_direct+0x1c4/0x290
[ 2979.682731]  ? do_sendfile+0x553/0x1090
[ 2979.683228]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 2979.683864]  ? do_syscall_64+0x33/0x40
[ 2979.684354]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2979.685031]  ? perf_trace_lock+0xac/0x490
[ 2979.685559]  ? lock_chain_count+0x20/0x20
[ 2979.686094]  generic_file_read_iter+0x33f/0x490
[ 2979.686669]  ext4_file_read_iter+0x184/0x4c0
[ 2979.687220]  generic_file_splice_read+0x455/0x6d0
[ 2979.687851]  ? pipe_to_user+0x170/0x170
[ 2979.688335]  ? _cond_resched+0x12/0x80
[ 2979.688813]  ? avc_policy_seqno+0x9/0x70
[ 2979.689311]  ? selinux_file_permission+0x92/0x520
[ 2979.689918]  ? lockdep_init_map_type+0x2c7/0x780
[ 2979.690528]  ? pipe_to_user+0x170/0x170
[ 2979.691030]  do_splice_to+0x10e/0x160
[ 2979.691556]  splice_direct_to_actor+0x2fe/0x980
[ 2979.692126]  ? pipe_to_sendpage+0x380/0x380
[ 2979.692653]  ? do_splice_to+0x160/0x160
[ 2979.693143]  ? security_file_permission+0x24e/0x570
[ 2979.693771]  do_splice_direct+0x1c4/0x290
[ 2979.694289]  ? splice_direct_to_actor+0x980/0x980
[ 2979.694881]  ? selinux_file_permission+0x92/0x520
[ 2979.695532]  ? security_file_permission+0x24e/0x570
[ 2979.696168]  do_sendfile+0x553/0x1090
[ 2979.696665]  ? do_pwritev+0x270/0x270
[ 2979.697154]  ? wait_for_completion_io+0x270/0x270
[ 2979.697773]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2979.698364]  ? vfs_write+0x354/0xa70
[ 2979.698849]  __x64_sys_sendfile64+0x1d1/0x210
[ 2979.699460]  ? __ia32_sys_sendfile+0x220/0x220
[ 2979.700052]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2979.700727]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2979.701389]  do_syscall_64+0x33/0x40
[ 2979.701869]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2979.702525] RIP: 0033:0x7fa9e384eb19
[ 2979.703000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2979.705363] RSP: 002b:00007fa9e0dc4188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2979.706327] RAX: ffffffffffffffda RBX: 00007fa9e3961f60 RCX: 00007fa9e384eb19
[ 2979.707247] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 2979.708186] RBP: 00007fa9e0dc41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2979.709075] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000001
[ 2979.709971] R13: 00007fff40ec503f R14: 00007fa9e0dc4300 R15: 0000000000022000
[ 2979.735004] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2979.749877] EXT4-fs (loop7): ext4_check_descriptors: Block bitmap for group 0 not in group (block 1939654838)!
[ 2979.751289] EXT4-fs (loop7): group descriptors corrupted!
[ 2979.780746] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 2979.794841] FAULT_INJECTION: forcing a failure.
[ 2979.794841] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2979.796388] CPU: 0 PID: 19442 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 2979.797252] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2979.798283] Call Trace:
[ 2979.798608]  dump_stack+0x107/0x167
[ 2979.799054]  should_fail.cold+0x5/0xa
[ 2979.799603]  __alloc_pages_nodemask+0x182/0x600
[ 2979.800188]  ? xa_load+0x12d/0x2c0
[ 2979.800650]  ? lock_downgrade+0x6d0/0x6d0
[ 2979.801177]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 2979.801956]  alloc_pages_current+0x187/0x280
[ 2979.802516]  __page_cache_alloc+0x2d2/0x360
[ 2979.803066]  page_cache_ra_unbounded+0x207/0x6f0
[ 2979.803720]  ? read_pages+0xbc0/0xbc0
[ 2979.804183]  ondemand_readahead+0xc6f/0x1150
[ 2979.804723]  page_cache_sync_ra+0x138/0x170
[ 2979.805255]  generic_file_buffered_read+0xc74/0x28f0
[ 2979.805889]  ? pagecache_get_page+0xc80/0xc80
[ 2979.806451]  ? kasan_save_stack+0x32/0x40
[ 2979.806973]  ? do_splice_direct+0x1c4/0x290
[ 2979.807566]  ? do_sendfile+0x553/0x1090
[ 2979.808080]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 2979.808668]  ? do_syscall_64+0x33/0x40
[ 2979.809161]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2979.809828]  ? perf_trace_lock+0xac/0x490
[ 2979.810352]  ? lock_chain_count+0x20/0x20
[ 2979.810881]  generic_file_read_iter+0x33f/0x490
[ 2979.811528]  ext4_file_read_iter+0x184/0x4c0
[ 2979.812083]  generic_file_splice_read+0x455/0x6d0
[ 2979.812682]  ? pipe_to_user+0x170/0x170
[ 2979.813172]  ? _cond_resched+0x12/0x80
[ 2979.813639]  ? avc_policy_seqno+0x9/0x70
[ 2979.814138]  ? selinux_file_permission+0x92/0x520
[ 2979.814743]  ? lockdep_init_map_type+0x2c7/0x780
[ 2979.815323]  ? pipe_to_user+0x170/0x170
[ 2979.815859]  do_splice_to+0x10e/0x160
[ 2979.816414]  splice_direct_to_actor+0x2fe/0x980
[ 2979.817097]  ? pipe_to_sendpage+0x380/0x380
[ 2979.817720]  ? do_splice_to+0x160/0x160
[ 2979.818292]  ? security_file_permission+0x24e/0x570
[ 2979.818998]  do_splice_direct+0x1c4/0x290
[ 2979.819622]  ? splice_direct_to_actor+0x980/0x980
[ 2979.820328]  ? selinux_file_permission+0x92/0x520
[ 2979.821049]  ? security_file_permission+0x24e/0x570
[ 2979.821810]  do_sendfile+0x553/0x1090
[ 2979.822397]  ? do_pwritev+0x270/0x270
[ 2979.822974]  ? wait_for_completion_io+0x270/0x270
[ 2979.823729]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2979.824421]  ? vfs_write+0x354/0xa70
[ 2979.824958]  __x64_sys_sendfile64+0x1d1/0x210
[ 2979.825604]  ? __ia32_sys_sendfile+0x220/0x220
[ 2979.826292]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2979.827072]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2979.827863]  do_syscall_64+0x33/0x40
[ 2979.828424]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2979.829188] RIP: 0033:0x7f47d2c10b19
[ 2979.829742] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2979.832413] RSP: 002b:00007f47d0186188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2979.833492] RAX: ffffffffffffffda RBX: 00007f47d2d23f60 RCX: 00007f47d2c10b19
[ 2979.834400] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 2979.835270] RBP: 00007f47d01861d0 R08: 0000000000000000 R09: 0000000000000000
[ 2979.836216] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 2979.837116] R13: 00007ffd9481803f R14: 00007f47d0186300 R15: 0000000000022000
14:05:04 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="00000000140000", @ANYRESHEX, @ANYBLOB=',\x00'])
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000008, 0x810, r5, 0x8000000)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r8, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
syz_io_uring_submit(r7, r6, &(0x7f0000000080)=@IORING_OP_CLOSE={0x13, 0x2, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:05:04 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 19)

14:05:04 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 9)

14:05:04 executing program 5:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x40, 0x5, &(0x7f0000000140)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020010020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x806}, {&(0x7f0000000e00)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7011684ab2b5f1b8ffffffffffffffffffffffffffffffffffb1dce5013e1c0f51a8d6e0eba62e564fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0900000000000000fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff35fa270feffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff11ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff9764482039d357df5b094730b918eb7106e3205087764caeda441333added1a0bb2b6052854a978f79494e00cc5ee819c1399bf1e58d1f3a3a1e0265e29749ff76a42fb073647859974d8895dc9a5c04b1a748bb802bc978ecd5f79a0fdc9068fbfb9e7766e766448c0c3fdabbdb2dbf973ae2e6a28049b86d837172d57df41a475c60246f74b4193e36778d25bd7b83a74149bff5e1282f3844b36468a918f98ffffbda8efe50e755853213e10d401c44046b71b874050237da3749b05fdce6e3a13d79e27a", 0x4ce, 0xc00}, {&(0x7f0000000700)="ed4100d7f4655f000024b5e792040000000d9d09bb6c6afd1d5efe2eb14104022adc3c04693979eabae0ddc9633f3ded53405a017813d7f87911548c31748f4fa5d74ca6647c1278c1f4e2f4c0b44c6b6899ad00b84f7294fad32b10af7222366cda437435d366c5b36cb81ace86dba6a09b0739317a1005709dc506a5a4d90e18bcd0172b6a46612d0ac8d1ebf2df9a4061da31138dee52ff2cd71d53583b224114e5a9df85d827a1dfc12bc09b6e071b9d", 0xb2, 0x15fc}, {&(0x7f00000008c0)="9ac5eba313819da8123afab61fe82fad5447b1073232d7a0de7ddf1ae63813312d919c8ef34428d44dc1dc11356cba7278434f94ac2333bb8e6f81ba5f4d1de15ad4baf56e8522aa985f6a55b09c622a9259cf35163e8ef715e54959d3b3898815a510564ac6ce4208e223974e35762d4508719b8ffa52029eef2ffe750b5e075cccfc2001c13aecae01162a11ad0ad59f01972b0610b942e5b309bdbc22dee2a2910498a5f4540deef74104b4ab19474b0226380b0700000000000000c20c50ef236996b0d9e256a63a043c984b1ac1d89fdd09ed759b82afa5a788a6e360b45087d59c2aed7b1fc763", 0xea, 0x4da}], 0x800, &(0x7f00000002c0)=ANY=[])
chdir(&(0x7f0000000040)='./file1\x00')
r1 = openat(r0, &(0x7f0000000080)='./file0\x00', 0x105103, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x181801, 0x30)
write(r3, &(0x7f0000000240)="01", 0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x80)
ftruncate(r4, 0xffff)
sendfile(r1, r2, 0x0, 0x20d315)

14:05:04 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d346)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:05:04 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f0000", 0x16, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:05:04 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000012900)=ANY=[])

14:05:04 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000000140)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r1, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
sendmsg(r1, &(0x7f00000018c0)={&(0x7f0000000300)=@l2tp={0x2, 0x0, @remote, 0x1}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000380)="8dd5ac114ef0848593383f994e6af5a8d7913a3fa64672757ab033204c7ee034a39e", 0x22}, {&(0x7f00000003c0)="1b15bb3e0f61e78114a0dfd8e822cfa721bc24ad30f13f55e80bba55e4b39296efb89476c41ac5832019ed9f6dfeae279d6187778bb06df4072bd6b4d073756511f9202817bfcab6a4b540b69000799163f1d88d471a06fec17fdd1a6117fc4ded08699cbe60ef34726b8b988f6981dc5df53ad2b34ae9d291b62f", 0x7b}, {&(0x7f0000000440)="5f82a035cc9b53900f41d1f5ca4c482e3e6f1b39e04c23e0b5da2fcd2b3a507860e6eda4bc12174fcb23007457baf4ef3128c03e1b057463664d7052e021e96bb260e999c9ad6ae8ad7f665a4a63854d9944cfd7fe5d7e7d8333ded84a9e1cf9ae729d64d0aaab12d5d6cb34cbc5e98fb0e528fb0bd8ef1f22c15414e8fb46186f0f6d68cfc9eb5745f510eadabf8efc9c7281f97a", 0x95}, {&(0x7f0000000500)="bd265e103d9c9a8df789285ddb680c14b744ead15a01d5d757c296cc92f5ba0d77b746067aefd6524b21", 0x2a}], 0x4, &(0x7f0000000580)=[{0xa0, 0x116, 0x4, "df921ee9ce9c54dba9564929115260f1ed46680afee953afaa174cff8b979c234d0ca57d5b730f1451aad172784a996f6cca33520f42849b98c5e520e0144f0c23239216fe71f2b23f7af3f739e3b6f78c7b2e09d3594f7a4cf37e072b1d0a4baa990c4bf64cd546b2a69456eb50d3a4765a0e313c97f492698c1c52df8a3382a04560b2239ccd48be4761005bb085"}, {0xf0, 0x10f, 0x1, "fd987e35fac9a200d83c7884de30e3554f60b9c7b37530c7b618a62b405b59d64c5796675fea8abeaadd7a2f2e666cd59d17d43cc5ca5d7a0a0387332589e670b860545f2a516c7a4d67d21f2d71c5673919db0c5e2fade72547471c5fca34545be1adefde0b2915f9929313b96949927aec1664025c5d175bae34a40dacb5c22a6bea08e93b83c19568252eac1a44eeffff58bae07b50b6e4fb5d12d1382adad5cbea6018b8971e936794da86cd35098dcc11f795e4c38288348b372789b27df51fa838ef73b6701edf1fe160a169804bb4fde5467e2148f78714b5"}, {0x38, 0x1, 0xe5, "52b8036b0f4a3f7c3c1ed381392bc8e123e6967ebfef5d58ff1957cba8f8b36b0bdbff62f9"}, {0x1010, 0xff, 0x8, "c6e03496f580ae7850d41182a76462ef7757c130b5bec023bca9768949563c1e937643dd994e195403711e9f4a18f6bed9da8690a30669a396399ffe474b1becebcca3c9d8849a3e054ea6d248be5ecd4e4352f44fea5715aff695eb2524982467fa63dca5c18e878ad6f0249158fa89dca7ae36b8d673e8897b28a483c97b4abdc60097b92efb33e9d1b2bbb652a7787bc7ef078c45a1911cd2644fee0be34031a64ef0f8fba33fbc2bce3325c456a17203288b023208c71f30fb99e160fdd829de0934104b81cd4a3f948269cc2ded75e387c5a65ce0075a914a7cf34d0758a5c746f0aae304615cfee7d1454feb733ae50771722ed74cf7523a819f852f9914af58b17366ca2ebf5882b4bbf5dc0f33bc2d0adda82643cf3b25e5261ebf7021b3eeb6c31f4bdd769c34aa0bea9b9dd0b712102657967b555f21a4cce6d8bc4086d17c8a7f040222cc3368a14723576570abd4ac2dd3fbf8cc011c030f7576747a83ad4e2536aeab16568075e3ce759e9728c9497a5ea55cc69cbb820b62fd100fcc381d288fd33de9a57911fd16e31ddcf3715c2168150ff630e1689e78efbf9726ba3ce0a0823e0bb07079040475d44560b8398b758f55212e2b913c1f04d51710d441c55d73b12719361ca2f566fd588b2378ff4b812604200fd21fb0294a87b4bfef8032acf2bbaa031312e16fed7f4e1425b470d1725394cb95c8d720ff710c9123ef24f6f53042ad3810a40eb9f510f91bf4b17f2ba59f01d603ec6424e84e384014903e43b2be05224b7078748cc339f5405c69b1f8d56072ec0d82334f76016d7f57afd220081a5738f1b4bca27fea543a373267cc3b7eaba42fe9389906a0545ba624cf094ea98065ffedce35aa396c0e49f358229fa0d6b20162ece174c21862cf62177b66e6d478ca3bd897a0703e86cc260cdce7edc42dea02afc1a5cbf5f75f6d63b6c878a0c66cc632128b75a493f65079d4f6d59411286b703722057ac81300664645bf838bc6fcab844ec8abb4ade7efdacc9dff97ecb32cfdef445273333453d8c0d7627a982bf03a8f410490124e7e560a980ef75212163c6f4710c8f32dfd4187b990eb6a4a2327fc0fc42cb64327f0c9230e36e8cdecc22920459dc2fcbec02708ce03f06247acadf594201cead08e2eb25229a4163fbb7c6d1cfaa2b86898ca1baf5e6047673bc0e93045cb4f020da2a7a087d205631454f3501e69f68aea80f67387b362a665a4e4497b9e765ff4ef75c840d520a0bdec6e58b8ecc08f8cccab8a7250d219fef29b19aede24c2381f33ccac350ac1a9142aef4388eef240458935e88450725a9552f9c9f3573a65d2cb88163de040b6c0d99bdb41a166cf546cb86387c70299016b80d86d6fc70201c7cbe588d70b78bc6bf13a88ebd09554de9b167b0a8f1f6f4c65ba89422b83ba2975db6958c317f4cb21a513515a2ec7839c126d275876f4a9d28558494f2c6c19f6b0f03f6233fb3ed522a0686b4027e6c6049de52677e5a220901fe801dfd0f9287f2d3beafc6c9c76c6cd0ea57a9242c4339892968ecfa1218dcc150cfc6460e4877f5fb873cce4d8543cc07f44bbdbb844968bfb730e70e8029d949c29ec56fa60ebd84af49de4f9dab9e2281efa11c139b84aad63f6e1aeb4229db864ec3f9898f4842190005f1a715db144ca53776bbe61f1ad419468652775f0bb2ebef02d64d2bce979fbeaada0edc361890f533187030c15ebf02de8e5ce99c406702b1fb9c573a8775b1ace4f3b84eb2ee9d6409621616eabe8fbf2bd6195c8b882180b85182bcb35eb6544c428edf8f3fb5befe1a19c6b4e8d985e17f58c2650035c95c57edd5f7a7c6e71e586be8f94ecf0a4bcac9cc3b1fca6f283098f4238dd277eb2b8cae316bc381653c572c1c1b73273c1aa1e75793d712c88154b65b012a0391746aece06d5df6a15bbca5694b6f44c4ed1a286b58391118e9863b14868ca11a012834d2494530daafe5c55c332ba5aebc23284f7e9320515c4897057d04c3b664ff80529d113dc506d8a3583809b9df8df5bc0e27930a5e6c060bfe772f4fe3dc3c5060134e586cf1e00db3c243278e1c678228d5d45654b164cb850fed79307a8a4c9015948e5d5a55d2690b2fa9d6f8cdf719b1274c8ac74febd0a61b68276a0e30b82d6d83e7bac53d50d41b80190d58a856188e52e371c6252cabf83712dc2e2532c282874a0b95c5c7abdbcbf1c8c817661e5fc47df544ec1915cb7d52d94b7147f1dede17b6ed9259616783ef9bc47e9536222f39f95f0f57cea2c0ddd1a6d3569445e163fda6f792c34afb3a63e9e25c3afa765c25e0af6c3adaca53c8d34d682f458b3b2f604a4d92e2fcfaf8639fb33c7b4e32c93003c25bc5b398826ac2ef09460f8d2236a0303999480d3f8e587d5cbf3a0a9657a879ae364231c5798cf8dc75185e2a63fa57ac22a3994c9be3914721ce72463ba2ac7931f9263b9116dbf72561f1f2d3f6ab261bf104c515507c0e308fd07725ec213cf4a9292f4ae7071fa2ce6265eb9c81182cc74e4674e249fea3cffb46c678294fe6e1dd44cbf04814b35851cfa7deb621df00b7539d8cd4359100d42397d63cca5dc76859035f8d17bb34c83643f7cab679c4ef78e0263fc7a0fab42103691a8af21fe5724887dd5b8a7e61b8c8ee3f1d7da0eaf7a85bcc202a2760bcc00bf7d88ca7532849d18a132218dec80ed9fe2b3516951d851e6d329e7dbbc42383c8200ade287796a4fb76cdd08a89e55c1f358301ce4a69c266b61c1e90d1d881b16a3d3abc682c7eb5cb435085c73bc0e3d8f2fb2f5bfde4e531ed9e01e4558880d44d4cb4b1716e3cd6780c7e680b87d5c82ee0a55963d0956f1776ce4a99e963bff9c255f45567fd9d3c0596b92a8e142af6d4272eeb490e9a2a012a6861da03b05810a38a96d4f5984710b1eb447a3a6c6764fe34c6f4d61c7b1819c69b2cdea39b1f7b31903d9278c3fe6b39f600e15c6434c026402d00a464460c081224add61ea12eeda99853ad5b98b5896e644d260b1b1d4e2aae905bae7de037edf58a3744907d091cdb2e4eb76423068287b7d3a48e701b3fafefe9e7900e13a427ffb9a897ffe09edd103c10a624a9567cf53fb3fa69fce63bdb1d95f7d9e9894d2ab20650e3752db056aca7700c37c97b54fc65779e965a88a9b041af867666a80bbea346c4029966043acd18bd622ea31b73d13835185124aab824bac5be6bddd3ab8bb763002c52e9eb6ea498f4fada130cf7f701e45cc2b4acd7469bfe51943c5a6d28a9a0bbe41583b2782b9e62b9762653e16d3f7e282c2766c966fd8de0f36c558da09f5b92ebfb8e6d0afdbd4652fa94afe490921c3bd308a4759116173de5f59d640b0d474cb372c6bbe7a4a33ccaad6ce7a3cff397076d56df7bf187a42407d85fe94e62c343a3f03d9806941769480be41a85f110bf5f9b97caecbf42159b0cd7737abcc79b2ebfd6521b6ede698e8800d006dea4c136c4d7380260f7e74fa96ca274c387559c07a0a2c7c85a9852e1588bd0e9e080d4183cdc43c153d193c8afd877d4abcbc91077955054d340c548645920f6a892a878dcd0f5e6c32641f9bfdbbd4cab6888bf34bb1a8b0366bd5a01ccc28318f5fa0f867186ac445037b46f3e53029e080d5d0dd7cf356d2f559c74a785a1160311b45c8126e39dc37318a2eeadbb0e9423d531728563b9124d0ae7047ff10203725cb7a4d720f64cbcfa9439f88fa977e8af5d901f2a4234ba1ccc5f541be166b49d3f2dc1a85394db50f78e88c58bee282f3223f63bf40b99061d26de247f3e6bcdb6c8c4e547b278b34d84582879d4bdbac58ddbce0bb64a5b2327907b612bd13ac7e876c944fd0abd75aa786a7bf069ec4e459c4f96f3026cf78741052f35c38c3f8e9851ffaf38dffa7566ff38a7f5072ecf53fb94f85003e3df8857ce836bd7341bbd401e8bd8b528f3263122b948dd12334deb168720abe6a607886a41606298ce08353d09b790cf2f8d293fb07606375fecdba8b9d7d65ab9b70cb2dfb783d3747fcaf41066199f0e1d99dbe31bcf268b2432676f0ba820f4135863334ef993ad40690f34c9b00b036759dc70b81b51a27efa2dfe43cedef0fcbd3c70ce74adbf245b84af5d63bd8833799f93eee03b91e737deb786389065b6a4ece2b78f2cb004e9a8599939a568b9ca200dab66bb741f27dfdc525d43ef90840b8289234bdba519a3f153be66306edd3ed3f29d226c9bb383f259f251459e1f61e94739684fcd4063aedb525635ea0458c32601244622bfbb37ab2cfa807687be98338cd20b7ea6013ff527875e9c5ff2fd4342295f7a9ba99d03d9953fc1cb02698e100524a435d266208d5e5b699eedf6490105608652dd9ffb102c90196dba03d8b2d28b2140bd4c7277bec29e52d88bf02f2923d9430bc958ca62b004b62c845bf8a01c71f768a968bb73ee40bec0fbe283a4be2843cfcc8edb7cdd86705fc6704e8cd85eb35a65a2b2fd22039ab549dddc4c6cf4917ada4bc20b4339597cb1584b615275850b41c039173e20c54910c7e8f1a213cdfbf554704e1569cbdd925a531b829505748cd6f6974c7f4a0be421e6b36b05e74e6e1e200dba4c5043e37121bae404ef486f435180ea1b29fd8a08796d5e8bc14bfca4e879346a6942b480ecc9e92b6a6233faf8a142b8e06c6c42f91aadd98a6c5b9b284f27da0d8bd4280b2a9018cf88b44a89841d9a4dcb7c45dc5591643b38d4d31814af5088c4b172889fadb285f2066fe585838f5205bf0b07722676c6390d505657372a6ce64453243ad663e7cee48e81cd98f1376f75517e3bee07888e89554f518b76aaf0215e8b41ace3654d875d4dfaf9f6c630c5ccb79e79b3f77d223c0d7ca43eb66a6cddb140cc37e8b1e0e3dad018dd153c98808ec69594ecf416f9f12d2a9683f8980a5b96320b2302c5a56f83a56f364c95adac058a8cc303c84ba5e793f9abcaca68cf95e7b68a969bd1dbb84123ebe422d3bcb3922be3a6dea7d3c7378f080ca51925296248342ae5365a5132fe8a76ee2b4c60e910fb46b4814ed831d6b472e58f9ed4bfb78d8bc019f158bdf508d17e614a67c653acb1e2b6abdf222cfc2702b5be2c22d1d7da1437295dfeb3b95bfab296cec25d6dcdad336a760c0b3dea493bed02f0dc87f63e34d7a4f3871d5a29867c73b5621d74d2ce23b19f540390fd8556a2d023e9feaf16b39acb1a54a1493263ebd80fc0f5389789ee1467b0ca09889f32bfba6143efa9ead00af707425a9bf6d51a1f43a21abb569ae4df09999891209b389cfd965cd27ddf7de9578feb2baf09be75daef8191223d1a15cefcccd43a84544dd728b67b48d7eb2ebef59896b53c8a893164d26ded1ee19aa09d4c7e450f391727257707cf11e7fcd818c49e0ad74d3034297f65746fbafedc2cd14136cf05fe85882dab288b478bd2a894cc4309eaa705fb99e017bb950e48fc52a01c2e7ca5ac0bf5343785ea4c2a863f8c130ca7f42dd48efca06db867f66dece78c8fea3cbf91c8a5d4ad2eec679a2d32568adc7b38e3815683ff7ef102e17234b11c8c74fad1bf6c42315bdd1f7fe6c9eaf8070b6cced1c72b52fb43ef1623c1d2019e6e01d7652e2d0d6d667d6fd500fac5b985f36e94360121fa67ed4b958ec6dd4901ee28209c78ef9c1c4e7eeb16cd0ea2c11b86fb9c24094628e988ee766d5bfd23c3524cdf9c2c33d04694b97472b4385bbaf964b3e7ed06a1992bc359e77174733b1258bd3df5ebf6d"}, {0xf8, 0x113, 0x1, "f6834f9a87bf5601320244cd2603309deeee929dee14b61da8d46b15bc8f24dd3d382bc84f346ad0164522ab0654d91cd65a868ef80f27bc00f63ae4a505c7aa3d8fb7f14e258cf9f64b58544dc1f131ad95dd36c42ded48929486590d5836423078e1673e36f5d29cc17164269f708fd82af41f477d28142bcac77602936dd886b3b746e5804222594f61dd9eed570f5fb252a16a4afd9c8ca80a46f0c2bbf0acfa42918ab40b6abb213eb92417c21a37beaf4a917c216c202028c4f5676b0f6545e18439fbd3c0441b99d328ccfcaadaf36ff13aaca22cb4262455bbe290bf9c6b"}, {0x38, 0x6, 0x3, "ea99faaa34f83f2e40de3e3b7ca2f0180b82555cdaf4812d4f5807fda4e667d7791bc58109d4"}], 0x1308}, 0x20000080)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
openat(0xffffffffffffffff, &(0x7f00000002c0)='./file0/file0\x00', 0x20000, 0x41)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r3, &(0x7f00000000c0)="01", 0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
syz_io_uring_setup(0x25, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000380)=<r5=>0x0, &(0x7f0000002a40)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_READ_FIXED={0x4, 0x5, 0x0, @fd_index}, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000100)=@IORING_OP_LINK_TIMEOUT, 0x5)
r7 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r8=>0x0, &(0x7f0000000140)=<r9=>0x0)
r10 = io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0)
syz_io_uring_submit(r8, r9, &(0x7f0000000000)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[0xffffffffffffffff], 0x1, 0x0, 0x0, {0x0, r10}}, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000001900)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x2, 0x2007, @fd=r1, 0x3, 0x0, 0x0, 0x8, 0x1, {0x0, r10}}, 0xffffff81)
sendfile(r0, r2, 0x0, 0x20d315)

[ 2995.708549] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
14:05:04 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000012900)=ANY=[])

[ 2995.737656] EXT4-fs error (device loop2): ext4_fill_super:4962: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 2995.739704] EXT4-fs (loop2): get root inode failed
[ 2995.740471] EXT4-fs (loop2): mount failed
[ 2995.742960] FAULT_INJECTION: forcing a failure.
[ 2995.742960] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2995.744636] CPU: 0 PID: 19457 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 2995.745544] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2995.746621] Call Trace:
[ 2995.746983]  dump_stack+0x107/0x167
[ 2995.747465]  should_fail.cold+0x5/0xa
[ 2995.748050]  __alloc_pages_nodemask+0x182/0x600
[ 2995.748667]  ? xa_load+0x12d/0x2c0
[ 2995.749149]  ? lock_downgrade+0x6d0/0x6d0
[ 2995.749709]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 2995.750514]  alloc_pages_current+0x187/0x280
[ 2995.751105]  __page_cache_alloc+0x2d2/0x360
[ 2995.751736]  page_cache_ra_unbounded+0x207/0x6f0
[ 2995.752379]  ? read_pages+0xbc0/0xbc0
[ 2995.752908]  ondemand_readahead+0xc6f/0x1150
[ 2995.753512]  page_cache_sync_ra+0x138/0x170
[ 2995.754090]  generic_file_buffered_read+0xc74/0x28f0
[ 2995.754780]  ? pagecache_get_page+0xc80/0xc80
[ 2995.755375]  ? kasan_save_stack+0x32/0x40
[ 2995.756013]  ? do_splice_direct+0x1c4/0x290
[ 2995.756590]  ? do_sendfile+0x553/0x1090
[ 2995.757113]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 2995.757727]  ? do_syscall_64+0x33/0x40
[ 2995.758250]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2995.758956]  ? perf_trace_lock+0xac/0x490
[ 2995.759505]  ? lock_chain_count+0x20/0x20
[ 2995.760120]  generic_file_read_iter+0x33f/0x490
[ 2995.760736]  ext4_file_read_iter+0x184/0x4c0
[ 2995.761312]  generic_file_splice_read+0x455/0x6d0
[ 2995.761946]  ? pipe_to_user+0x170/0x170
[ 2995.762464]  ? _cond_resched+0x12/0x80
[ 2995.762986]  ? avc_policy_seqno+0x9/0x70
[ 2995.763533]  ? selinux_file_permission+0x92/0x520
[ 2995.764236]  ? lockdep_init_map_type+0x2c7/0x780
[ 2995.764872]  ? pipe_to_user+0x170/0x170
[ 2995.765402]  do_splice_to+0x10e/0x160
[ 2995.765907]  splice_direct_to_actor+0x2fe/0x980
[ 2995.766524]  ? pipe_to_sendpage+0x380/0x380
[ 2995.767108]  ? do_splice_to+0x160/0x160
[ 2995.767694]  ? security_file_permission+0x24e/0x570
[ 2995.768369]  do_splice_direct+0x1c4/0x290
[ 2995.768922]  ? splice_direct_to_actor+0x980/0x980
[ 2995.769571]  ? selinux_file_permission+0x92/0x520
[ 2995.770233]  ? security_file_permission+0x24e/0x570
[ 2995.770910]  do_sendfile+0x553/0x1090
[ 2995.771431]  ? do_pwritev+0x270/0x270
[ 2995.771997]  ? wait_for_completion_io+0x270/0x270
[ 2995.772647]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2995.773263]  ? vfs_write+0x354/0xa70
[ 2995.773766]  __x64_sys_sendfile64+0x1d1/0x210
[ 2995.774323]  ? __ia32_sys_sendfile+0x220/0x220
[ 2995.774921]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2995.775659]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2995.776358]  do_syscall_64+0x33/0x40
[ 2995.776866]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2995.777554] RIP: 0033:0x7f47d2c10b19
[ 2995.778050] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2995.780537] RSP: 002b:00007f47d0186188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2995.781534] RAX: ffffffffffffffda RBX: 00007f47d2d23f60 RCX: 00007f47d2c10b19
[ 2995.782471] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 2995.783408] RBP: 00007f47d01861d0 R08: 0000000000000000 R09: 0000000000000000
[ 2995.784396] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 2995.785332] R13: 00007ffd9481803f R14: 00007f47d0186300 R15: 0000000000022000
[ 2995.794421] EXT4-fs (loop7): couldn't mount as ext3 due to feature incompatibilities
[ 2995.797188] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2995.799505] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 2995.806679] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[ 2995.808470] EXT4-fs (loop5): couldn't mount as ext3 due to feature incompatibilities
[ 2995.841321] FAULT_INJECTION: forcing a failure.
[ 2995.841321] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2995.843211] CPU: 0 PID: 19488 Comm: syz-executor.1 Not tainted 5.10.194 #1
[ 2995.848360] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2995.849648] Call Trace:
[ 2995.850068]  dump_stack+0x107/0x167
[ 2995.850645]  should_fail.cold+0x5/0xa
[ 2995.851232]  __alloc_pages_nodemask+0x182/0x600
[ 2995.856076]  ? xa_load+0x12d/0x2c0
[ 2995.856652]  ? lock_downgrade+0x6d0/0x6d0
[ 2995.857296]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 2995.858252]  alloc_pages_current+0x187/0x280
[ 2995.858991]  __page_cache_alloc+0x2d2/0x360
[ 2995.859697]  page_cache_ra_unbounded+0x207/0x6f0
[ 2995.860457]  ? read_pages+0xbc0/0xbc0
[ 2995.861093]  ondemand_readahead+0xc6f/0x1150
[ 2995.861777]  page_cache_sync_ra+0x138/0x170
[ 2995.862454]  generic_file_buffered_read+0xc74/0x28f0
[ 2995.863273]  ? pagecache_get_page+0xc80/0xc80
[ 2995.863984]  ? kasan_save_stack+0x32/0x40
[ 2995.864631]  ? do_splice_direct+0x1c4/0x290
[ 2995.865297]  ? do_sendfile+0x553/0x1090
[ 2995.865925]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 2995.866656]  ? do_syscall_64+0x33/0x40
[ 2995.867274]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2995.868130]  ? perf_trace_lock+0xac/0x490
[ 2995.868777]  ? lock_chain_count+0x20/0x20
[ 2995.869427]  generic_file_read_iter+0x33f/0x490
[ 2995.870166]  ext4_file_read_iter+0x184/0x4c0
[ 2995.870864]  generic_file_splice_read+0x455/0x6d0
[ 2995.871659]  ? pipe_to_user+0x170/0x170
[ 2995.872279]  ? _cond_resched+0x12/0x80
[ 2995.872898]  ? avc_policy_seqno+0x9/0x70
[ 2995.873541]  ? selinux_file_permission+0x92/0x520
[ 2995.874298]  ? lockdep_init_map_type+0x2c7/0x780
[ 2995.875040]  ? pipe_to_user+0x170/0x170
[ 2995.875724]  do_splice_to+0x10e/0x160
[ 2995.876321]  splice_direct_to_actor+0x2fe/0x980
[ 2995.877053]  ? pipe_to_sendpage+0x380/0x380
[ 2995.877735]  ? do_splice_to+0x160/0x160
[ 2995.878358]  ? security_file_permission+0x24e/0x570
[ 2995.879169]  do_splice_direct+0x1c4/0x290
[ 2995.879849]  ? splice_direct_to_actor+0x980/0x980
[ 2995.880605]  ? selinux_file_permission+0x92/0x520
[ 2995.881369]  ? security_file_permission+0x24e/0x570
[ 2995.882139]  do_sendfile+0x553/0x1090
[ 2995.882671]  ? do_pwritev+0x270/0x270
[ 2995.883196]  ? wait_for_completion_io+0x270/0x270
[ 2995.883890]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2995.884508]  ? vfs_write+0x354/0xa70
[ 2995.885005]  __x64_sys_sendfile64+0x1d1/0x210
[ 2995.885614]  ? __ia32_sys_sendfile+0x220/0x220
[ 2995.886230]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2995.886911]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2995.891754]  do_syscall_64+0x33/0x40
[ 2995.892277]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2995.892969] RIP: 0033:0x7fa9e384eb19
[ 2995.893474] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2995.895928] RSP: 002b:00007fa9e0da3188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2995.896941] RAX: ffffffffffffffda RBX: 00007fa9e3962020 RCX: 00007fa9e384eb19
[ 2995.897879] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[ 2995.898834] RBP: 00007fa9e0da31d0 R08: 0000000000000000 R09: 0000000000000000
[ 2995.899848] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000001
[ 2995.900804] R13: 00007fff40ec503f R14: 00007fa9e0da3300 R15: 0000000000022000
14:05:05 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000012900)=ANY=[])

14:05:05 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000", 0x1a, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 2996.002944] EXT4-fs (loop7): couldn't mount as ext3 due to feature incompatibilities
14:05:05 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f00000000c0)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff12a1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff9dcf57618093f87d5affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}], 0x0, &(0x7f0000012900)=ANY=[])

[ 2996.028215] EXT4-fs (loop5): couldn't mount as ext3 due to feature incompatibilities
[ 2996.049333] EXT4-fs error (device loop2): ext4_fill_super:4962: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 2996.051080] EXT4-fs (loop2): get root inode failed
[ 2996.051768] EXT4-fs (loop2): mount failed
[ 2996.089811] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
14:05:05 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d347)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:05:05 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 20)

14:05:05 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f00000002c0)="ed41000000040000d7f4655fd7f4655fd7f4655f00000000000004000283a2fe18fd62a41b602d65a1b8a9e8f290f1790d745b5163", 0x35, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
setxattr(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)=@random={'trusted.', '--!!\x00'}, &(0x7f0000000180)='ext4\x00', 0x5, 0x1)
mount$9p_unix(&(0x7f0000000300)='./file1\x00', &(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x4040, &(0x7f00000003c0)={'trans=unix,', {[{@afid={'afid', 0x3d, 0x80000000}}, {@cache_mmap}, {@cachetag={'cachetag', 0x3d, '--!!\x00'}}, {@debug={'debug', 0x3d, 0x1}}, {@version_u}, {@cachetag={'cachetag', 0x3d, '/[/\\.}]'}}, {@cachetag={'cachetag', 0x3d, '.()&}'}}], [{@smackfsroot={'smackfsroot', 0x3d, 'trusted.'}}]}})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

[ 2996.233543] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 2996.243219] FAULT_INJECTION: forcing a failure.
[ 2996.243219] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2996.244904] CPU: 0 PID: 19517 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 2996.245751] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2996.246737] Call Trace:
[ 2996.247062]  dump_stack+0x107/0x167
[ 2996.247503]  should_fail.cold+0x5/0xa
[ 2996.248016]  __alloc_pages_nodemask+0x182/0x600
[ 2996.248573]  ? xa_load+0x12d/0x2c0
[ 2996.249001]  ? lock_downgrade+0x6d0/0x6d0
[ 2996.249495]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 2996.250228]  alloc_pages_current+0x187/0x280
[ 2996.250763]  __page_cache_alloc+0x2d2/0x360
[ 2996.251291]  page_cache_ra_unbounded+0x207/0x6f0
[ 2996.251917]  ? read_pages+0xbc0/0xbc0
[ 2996.252385]  ondemand_readahead+0xc6f/0x1150
[ 2996.252921]  page_cache_sync_ra+0x138/0x170
[ 2996.253446]  generic_file_buffered_read+0xc74/0x28f0
[ 2996.254072]  ? pagecache_get_page+0xc80/0xc80
[ 2996.254659]  ? kasan_save_stack+0x32/0x40
[ 2996.255161]  ? do_splice_direct+0x1c4/0x290
[ 2996.255756]  ? do_sendfile+0x553/0x1090
[ 2996.256258]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 2996.256860]  ? do_syscall_64+0x33/0x40
[ 2996.257360]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2996.258028]  ? perf_trace_lock+0xac/0x490
[ 2996.258544]  ? lock_chain_count+0x20/0x20
[ 2996.259054]  generic_file_read_iter+0x33f/0x490
[ 2996.259680]  ext4_file_read_iter+0x184/0x4c0
[ 2996.260234]  generic_file_splice_read+0x455/0x6d0
[ 2996.260851]  ? pipe_to_user+0x170/0x170
[ 2996.261325]  ? _cond_resched+0x12/0x80
[ 2996.261795]  ? avc_policy_seqno+0x9/0x70
[ 2996.262280]  ? selinux_file_permission+0x92/0x520
[ 2996.262864]  ? lockdep_init_map_type+0x2c7/0x780
[ 2996.263432]  ? pipe_to_user+0x170/0x170
[ 2996.263997]  do_splice_to+0x10e/0x160
[ 2996.264481]  splice_direct_to_actor+0x2fe/0x980
[ 2996.265037]  ? pipe_to_sendpage+0x380/0x380
[ 2996.265556]  ? do_splice_to+0x160/0x160
[ 2996.266031]  ? security_file_permission+0x24e/0x570
[ 2996.266627]  do_splice_direct+0x1c4/0x290
[ 2996.267136]  ? splice_direct_to_actor+0x980/0x980
[ 2996.267761]  ? selinux_file_permission+0x92/0x520
[ 2996.268338]  ? security_file_permission+0x24e/0x570
[ 2996.268944]  do_sendfile+0x553/0x1090
[ 2996.269413]  ? do_pwritev+0x270/0x270
[ 2996.269869]  ? wait_for_completion_io+0x270/0x270
[ 2996.270442]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2996.270991]  ? vfs_write+0x354/0xa70
[ 2996.271447]  __x64_sys_sendfile64+0x1d1/0x210
[ 2996.272040]  ? __ia32_sys_sendfile+0x220/0x220
[ 2996.272595]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2996.273219]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2996.273836]  do_syscall_64+0x33/0x40
[ 2996.274283]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 2996.274900] RIP: 0033:0x7f47d2c10b19
[ 2996.275352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2996.277612] RSP: 002b:00007f47d0186188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2996.278505] RAX: ffffffffffffffda RBX: 00007f47d2d23f60 RCX: 00007f47d2c10b19
[ 2996.279340] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 2996.280231] RBP: 00007f47d01861d0 R08: 0000000000000000 R09: 0000000000000000
[ 2996.281101] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 2996.281930] R13: 00007ffd9481803f R14: 00007f47d0186300 R15: 0000000000022000
[ 2996.289955] EXT4-fs error (device loop7): __ext4_iget:4944: inode #2: block 3903436961: comm syz-executor.7: invalid block
[ 2996.292338] EXT4-fs (loop7): get root inode failed
[ 2996.292962] EXT4-fs (loop7): mount failed
[ 2996.341929] EXT4-fs error (device loop7): __ext4_iget:4944: inode #2: block 3903436961: comm syz-executor.7: invalid block
[ 2996.343618] EXT4-fs (loop7): get root inode failed
[ 2996.344218] EXT4-fs (loop7): mount failed
14:05:21 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}})
r7 = syz_open_dev$usbmon(&(0x7f0000000180), 0x10001, 0x410001)
openat$vcsa(0xffffffffffffff9c, &(0x7f0000000500), 0x8000, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000004c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000240)={&(0x7f0000000340)={0x164, 0x20, 0x20, 0x70bd2b, 0x25dfdbff, {0x1b}, [@typed={0x10, 0x29, 0x0, 0x0, @binary="8d8bb00a27a25c225ef5c350"}, @generic="83b9e309213b17948bbc9db7a75636fd40c11fc90aae63dc20d55687688e2df991608823355dab18301e34cf592878dc", @nested={0xcd, 0x10, 0x0, 0x1, [@generic="ae2e7868fde60a855cd3ac04897ffd890cb51b5eee0367fb2be873f0f94d058e843e3e3f97c251346cdc8ac666f88ae2854ede27d82283d9488ab7ed93102b651eca80846d11a72acef766115e5b7fa015450e6228ba508bdfd5f9bf41c4bd6fc9443bb6839777781da82554ca6e35968a3f50142f404b9fff8e3ca0ec12dcf68a314ecdeb5c9b43a36288a2662745584c02f19590d24fd1ff6faa387381ac2bab1286f79798d46010f17177ddda1a6c0fa077ce803bf7f519bd7d96d77d010d8beccfc660", @typed={0x4, 0x1}]}, @typed={0xd, 0x14, 0x0, 0x0, @str='trans=fd,'}, @nested={0x4, 0x75, 0x0, 0x1, [@generic]}, @nested={0x4, 0x10}, @typed={0x14, 0x21, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @empty}}, @nested={0x13, 0xd, 0x0, 0x1, [@generic="0a8ee57f98db14", @typed={0x8, 0x70, 0x0, 0x0, @fd=r7}]}]}, 0x164}, 0x1, 0x0, 0x0, 0x4}, 0x20000000)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:05:21 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 10)

14:05:21 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d348)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:05:21 executing program 7:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r3, &(0x7f0000000240)="01", 0x1)
fcntl$getown(r0, 0x9)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r1, r2, 0x0, 0x20d315)

14:05:21 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f00000000c0)="030000000400000005000000d4000f", 0xf, 0x800}], 0x0, &(0x7f0000012900)=ANY=[])

14:05:21 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000", 0x1a, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:05:21 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 21)

14:05:21 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
symlink(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='./file1\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

[ 3012.451426] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 3012.457329] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 3012.481034] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 3012.493488] FAULT_INJECTION: forcing a failure.
[ 3012.493488] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3012.495182] CPU: 0 PID: 19540 Comm: syz-executor.1 Not tainted 5.10.194 #1
[ 3012.496526] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3012.496771] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 3012.499348] Call Trace:
[ 3012.499376]  dump_stack+0x107/0x167
[ 3012.499394]  should_fail.cold+0x5/0xa
[ 3012.499415]  __alloc_pages_nodemask+0x182/0x600
[ 3012.499427]  ? xa_load+0x12d/0x2c0
[ 3012.499442]  ? lock_downgrade+0x6d0/0x6d0
[ 3012.499465]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 3012.506482]  alloc_pages_current+0x187/0x280
[ 3012.507119]  __page_cache_alloc+0x2d2/0x360
[ 3012.507705]  page_cache_ra_unbounded+0x207/0x6f0
[ 3012.508394]  ? read_pages+0xbc0/0xbc0
[ 3012.508936]  ondemand_readahead+0xc6f/0x1150
[ 3012.509556]  page_cache_sync_ra+0x138/0x170
[ 3012.510143]  generic_file_buffered_read+0xc74/0x28f0
[ 3012.510834]  ? pagecache_get_page+0xc80/0xc80
[ 3012.511441]  ? kasan_save_stack+0x32/0x40
[ 3012.512106]  ? do_splice_direct+0x1c4/0x290
[ 3012.512687]  ? do_sendfile+0x553/0x1090
[ 3012.513251]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3012.513879]  ? do_syscall_64+0x33/0x40
[ 3012.514407]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3012.515124]  ? perf_trace_lock+0xac/0x490
[ 3012.515682]  ? lock_chain_count+0x20/0x20
[ 3012.516275]  generic_file_read_iter+0x33f/0x490
[ 3012.516907]  ext4_file_read_iter+0x184/0x4c0
[ 3012.517513]  generic_file_splice_read+0x455/0x6d0
[ 3012.518167]  ? pipe_to_user+0x170/0x170
[ 3012.518705]  ? _cond_resched+0x12/0x80
[ 3012.519247]  ? avc_policy_seqno+0x9/0x70
[ 3012.519844]  ? selinux_file_permission+0x92/0x520
[ 3012.520527]  ? lockdep_init_map_type+0x2c7/0x780
[ 3012.521175]  ? pipe_to_user+0x170/0x170
[ 3012.521723]  do_splice_to+0x10e/0x160
[ 3012.522237]  splice_direct_to_actor+0x2fe/0x980
[ 3012.522863]  ? pipe_to_sendpage+0x380/0x380
[ 3012.523446]  ? do_splice_to+0x160/0x160
[ 3012.524015]  ? security_file_permission+0x24e/0x570
[ 3012.524683]  do_splice_direct+0x1c4/0x290
[ 3012.525236]  ? splice_direct_to_actor+0x980/0x980
[ 3012.525874]  ? selinux_file_permission+0x92/0x520
[ 3012.526573]  ? security_file_permission+0x24e/0x570
[ 3012.527291]  do_sendfile+0x553/0x1090
[ 3012.527868]  ? do_pwritev+0x270/0x270
[ 3012.528394]  ? wait_for_completion_io+0x270/0x270
[ 3012.529045]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3012.529674]  ? vfs_write+0x354/0xa70
[ 3012.530240]  __x64_sys_sendfile64+0x1d1/0x210
[ 3012.530851]  ? __ia32_sys_sendfile+0x220/0x220
[ 3012.531509]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3012.532243]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3012.532934]  do_syscall_64+0x33/0x40
[ 3012.533433]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3012.534166] RIP: 0033:0x7fa9e384eb19
[ 3012.534676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3012.537164] RSP: 002b:00007fa9e0dc4188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3012.538190] RAX: ffffffffffffffda RBX: 00007fa9e3961f60 RCX: 00007fa9e384eb19
[ 3012.539177] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 3012.540165] RBP: 00007fa9e0dc41d0 R08: 0000000000000000 R09: 0000000000000000
[ 3012.541098] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3012.541762] FAULT_INJECTION: forcing a failure.
[ 3012.541762] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3012.542023] R13: 00007fff40ec503f R14: 00007fa9e0dc4300 R15: 0000000000022000
[ 3012.545513] CPU: 1 PID: 19572 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 3012.546420] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3012.547487] Call Trace:
[ 3012.547883]  dump_stack+0x107/0x167
[ 3012.548377]  should_fail.cold+0x5/0xa
[ 3012.548877]  __alloc_pages_nodemask+0x182/0x600
[ 3012.549479]  ? xa_load+0x12d/0x2c0
[ 3012.549952]  ? lock_downgrade+0x6d0/0x6d0
[ 3012.550506]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 3012.551304]  alloc_pages_current+0x187/0x280
[ 3012.551961]  __page_cache_alloc+0x2d2/0x360
[ 3012.552595]  page_cache_ra_unbounded+0x207/0x6f0
[ 3012.553265]  ? read_pages+0xbc0/0xbc0
[ 3012.553786]  ondemand_readahead+0xc6f/0x1150
[ 3012.554382]  page_cache_sync_ra+0x138/0x170
[ 3012.554952]  generic_file_buffered_read+0xc74/0x28f0
[ 3012.555642]  ? pagecache_get_page+0xc80/0xc80
[ 3012.556322]  ? kasan_save_stack+0x32/0x40
[ 3012.556868]  ? do_splice_direct+0x1c4/0x290
[ 3012.557474]  ? do_sendfile+0x553/0x1090
[ 3012.557996]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3012.558614]  ? do_syscall_64+0x33/0x40
[ 3012.559147]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3012.559897]  ? perf_trace_lock+0xac/0x490
[ 3012.560441]  ? lock_chain_count+0x20/0x20
[ 3012.560995]  generic_file_read_iter+0x33f/0x490
[ 3012.561621]  ext4_file_read_iter+0x184/0x4c0
[ 3012.562213]  generic_file_splice_read+0x455/0x6d0
[ 3012.562848]  ? pipe_to_user+0x170/0x170
[ 3012.563366]  ? _cond_resched+0x12/0x80
[ 3012.563923]  ? avc_policy_seqno+0x9/0x70
[ 3012.564514]  ? selinux_file_permission+0x92/0x520
[ 3012.565196]  ? lockdep_init_map_type+0x2c7/0x780
[ 3012.565820]  ? pipe_to_user+0x170/0x170
[ 3012.566347]  do_splice_to+0x10e/0x160
[ 3012.566845]  splice_direct_to_actor+0x2fe/0x980
[ 3012.567466]  ? pipe_to_sendpage+0x380/0x380
[ 3012.568110]  ? do_splice_to+0x160/0x160
[ 3012.568637]  ? security_file_permission+0x24e/0x570
[ 3012.569299]  do_splice_direct+0x1c4/0x290
[ 3012.569840]  ? splice_direct_to_actor+0x980/0x980
[ 3012.570478]  ? selinux_file_permission+0x92/0x520
[ 3012.571132]  ? security_file_permission+0x24e/0x570
[ 3012.571829]  do_sendfile+0x553/0x1090
[ 3012.572397]  ? do_pwritev+0x270/0x270
[ 3012.572910]  ? wait_for_completion_io+0x270/0x270
[ 3012.573554]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3012.574164]  ? vfs_write+0x354/0xa70
[ 3012.574654]  __x64_sys_sendfile64+0x1d1/0x210
[ 3012.575249]  ? __ia32_sys_sendfile+0x220/0x220
[ 3012.575891]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3012.576607]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3012.577316]  do_syscall_64+0x33/0x40
[ 3012.577812]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3012.578544] RIP: 0033:0x7f47d2c10b19
[ 3012.579045] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3012.581503] RSP: 002b:00007f47d0165188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3012.582520] RAX: ffffffffffffffda RBX: 00007f47d2d24020 RCX: 00007f47d2c10b19
[ 3012.583490] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[ 3012.584479] RBP: 00007f47d01651d0 R08: 0000000000000000 R09: 0000000000000000
[ 3012.585434] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3012.586338] R13: 00007ffd9481803f R14: 00007f47d0165300 R15: 0000000000022000
[ 3012.601172] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[ 3012.602816] EXT4-fs error (device loop2): ext4_fill_super:4962: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 3012.620612] EXT4-fs (loop2): get root inode failed
[ 3012.621631] EXT4-fs (loop2): mount failed
[ 3012.677960] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
14:05:37 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 11)

14:05:37 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 22)

14:05:37 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x100000e, 0x30, r0, 0x0)
r4 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r5}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r4, 0x58ab, 0x0, 0x0, 0x0, 0x0)

14:05:37 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d349)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:05:37 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r0, 0xc0189377, &(0x7f0000000140)={{0x1, 0x1, 0x18, r3, {0x0, 0x8}}, './file0\x00'})
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
openat(r0, &(0x7f00000000c0)='./file0\x00', 0x10502, 0x164)
ftruncate(r4, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:05:37 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}], 0x0, &(0x7f0000012900)=ANY=[])

14:05:37 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext3\x00', &(0x7f0000000140)='./file1\x00', 0x200, 0x1, &(0x7f0000000180)=[{&(0x7f00000002c0)="53317d1ab87b7f1de2ad20fcd2779d3510f57dcd86d7916a8d98dcfbedf788c37d8814babacd91fd6634229940e8950ad566a83b5e2ee9e21f435c3a52b65badeff386d5b0f8ce271b8fa7c71b4a", 0x4e, 0x6}], 0x800000, &(0x7f0000000340)={[], [{@smackfsroot={'smackfsroot', 0x3d, 'ext4\x00'}}, {@pcr={'pcr', 0x3d, 0x31}}, {@obj_type={'obj_type', 0x3d, 'ext4\x00'}}, {@euid_gt={'euid>', 0xffffffffffffffff}}, {@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@fscontext={'fscontext', 0x3d, 'sysadm_u'}}, {@pcr={'pcr', 0x3d, 0x16}}]})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:05:37 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000", 0x1a, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 3027.986884] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 3028.011778] FAULT_INJECTION: forcing a failure.
[ 3028.011778] name failslab, interval 1, probability 0, space 0, times 0
[ 3028.015064] CPU: 1 PID: 19588 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 3028.015612] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[ 3028.016993] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3028.016998] Call Trace:
[ 3028.017023]  dump_stack+0x107/0x167
[ 3028.017041]  should_fail.cold+0x5/0xa
[ 3028.017062]  ? iter_file_splice_write+0x16d/0xc30
[ 3028.022062]  should_failslab+0x5/0x20
[ 3028.022558]  __kmalloc+0x72/0x390
[ 3028.023020]  iter_file_splice_write+0x16d/0xc30
[ 3028.023627]  ? atime_needs_update+0x600/0x600
[ 3028.024362]  ? generic_splice_sendpage+0x140/0x140
[ 3028.025000]  ? pipe_to_user+0x170/0x170
[ 3028.025521]  ? _cond_resched+0x12/0x80
[ 3028.026032]  ? avc_policy_seqno+0x9/0x70
[ 3028.026563]  ? selinux_file_permission+0x92/0x520
[ 3028.027199]  ? lockdep_init_map_type+0x2c7/0x780
[ 3028.027825]  ? generic_splice_sendpage+0x140/0x140
[ 3028.028561]  direct_splice_actor+0x10f/0x170
[ 3028.029130]  splice_direct_to_actor+0x387/0x980
[ 3028.029739]  ? pipe_to_sendpage+0x380/0x380
[ 3028.030307]  ? do_splice_to+0x160/0x160
[ 3028.030805]  ? security_file_permission+0x24e/0x570
[ 3028.031448]  do_splice_direct+0x1c4/0x290
[ 3028.032000]  ? splice_direct_to_actor+0x980/0x980
[ 3028.032713]  ? selinux_file_permission+0x92/0x520
[ 3028.033347]  ? security_file_permission+0x24e/0x570
[ 3028.033994]  do_sendfile+0x553/0x1090
[ 3028.034491]  ? do_pwritev+0x270/0x270
[ 3028.034963]  ? wait_for_completion_io+0x270/0x270
[ 3028.035584]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3028.036651]  ? vfs_write+0x354/0xa70
[ 3028.037563]  __x64_sys_sendfile64+0x1d1/0x210
[ 3028.038696]  ? __ia32_sys_sendfile+0x220/0x220
[ 3028.039816]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3028.041472]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3028.043000]  do_syscall_64+0x33/0x40
[ 3028.043930]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3028.045230] RIP: 0033:0x7f47d2c10b19
[ 3028.046159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3028.051334] RSP: 002b:00007f47d0186188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3028.053650] RAX: ffffffffffffffda RBX: 00007f47d2d23f60 RCX: 00007f47d2c10b19
[ 3028.055423] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 3028.057469] RBP: 00007f47d01861d0 R08: 0000000000000000 R09: 0000000000000000
[ 3028.059166] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3028.061183] R13: 00007ffd9481803f R14: 00007f47d0186300 R15: 0000000000022000
[ 3028.071730] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 3028.088822] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 3028.091165] FAULT_INJECTION: forcing a failure.
[ 3028.091165] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3028.094385] CPU: 1 PID: 19617 Comm: syz-executor.1 Not tainted 5.10.194 #1
[ 3028.096035] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3028.098516] Call Trace:
[ 3028.099272]  dump_stack+0x107/0x167
[ 3028.100183]  should_fail.cold+0x5/0xa
[ 3028.101080]  __alloc_pages_nodemask+0x182/0x600
[ 3028.102196]  ? xa_load+0x12d/0x2c0
[ 3028.103045]  ? lock_downgrade+0x6d0/0x6d0
[ 3028.104087]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 3028.105862]  alloc_pages_current+0x187/0x280
[ 3028.106936]  __page_cache_alloc+0x2d2/0x360
[ 3028.107996]  page_cache_ra_unbounded+0x207/0x6f0
[ 3028.109463]  ? read_pages+0xbc0/0xbc0
[ 3028.110364]  ondemand_readahead+0xc6f/0x1150
[ 3028.111405]  page_cache_sync_ra+0x138/0x170
[ 3028.112312]  generic_file_buffered_read+0xc74/0x28f0
[ 3028.112986]  ? pagecache_get_page+0xc80/0xc80
[ 3028.113567]  ? kasan_save_stack+0x32/0x40
[ 3028.114096]  ? do_splice_direct+0x1c4/0x290
[ 3028.114641]  ? do_sendfile+0x553/0x1090
[ 3028.115151]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3028.115745]  ? do_syscall_64+0x33/0x40
[ 3028.116810]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3028.118125]  ? perf_trace_lock+0xac/0x490
14:05:37 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0xa87d, 0x0, 0x0, 0x2c6}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000180)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x25, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000380)=<r4=>0x0, &(0x7f0000002a40)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_READ_FIXED={0x4, 0x5, 0x0, @fd_index}, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000100)=@IORING_OP_LINK_TIMEOUT, 0x5)
r6 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r7=>0x0, &(0x7f0000000140)=<r8=>0x0)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[0xffffffffffffffff], 0x1, 0x0, 0x0, {0x0, r9}}, 0x0)
syz_io_uring_submit(r3, r5, &(0x7f0000000080)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456, 0x0, 0x0, 0x1, {0x0, r9}}, 0xc31)
pipe(&(0x7f00000001c0)={<r10=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r10}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

[ 3028.119112]  ? lock_chain_count+0x20/0x20
[ 3028.120200]  generic_file_read_iter+0x33f/0x490
[ 3028.120801]  ext4_file_read_iter+0x184/0x4c0
[ 3028.121367]  generic_file_splice_read+0x455/0x6d0
[ 3028.121983]  ? pipe_to_user+0x170/0x170
[ 3028.122496]  ? _cond_resched+0x12/0x80
[ 3028.123279]  ? avc_policy_seqno+0x9/0x70
[ 3028.123811]  ? selinux_file_permission+0x92/0x520
[ 3028.124900]  ? lockdep_init_map_type+0x2c7/0x780
[ 3028.126088]  ? pipe_to_user+0x170/0x170
[ 3028.127066]  do_splice_to+0x10e/0x160
[ 3028.128032]  splice_direct_to_actor+0x2fe/0x980
[ 3028.129460]  ? pipe_to_sendpage+0x380/0x380
[ 3028.130753]  ? do_splice_to+0x160/0x160
[ 3028.131758]  ? security_file_permission+0x24e/0x570
[ 3028.132975]  do_splice_direct+0x1c4/0x290
[ 3028.133957]  ? splice_direct_to_actor+0x980/0x980
[ 3028.135111]  ? selinux_file_permission+0x92/0x520
[ 3028.136409]  ? security_file_permission+0x24e/0x570
[ 3028.137674]  do_sendfile+0x553/0x1090
[ 3028.138647]  ? do_pwritev+0x270/0x270
[ 3028.139566]  ? wait_for_completion_io+0x270/0x270
[ 3028.140913]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3028.142098]  ? vfs_write+0x354/0xa70
[ 3028.143020]  __x64_sys_sendfile64+0x1d1/0x210
[ 3028.144185]  ? __ia32_sys_sendfile+0x220/0x220
[ 3028.145332]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3028.146640]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3028.147904]  do_syscall_64+0x33/0x40
[ 3028.149032]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3028.150609] RIP: 0033:0x7fa9e384eb19
[ 3028.151549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3028.156176] RSP: 002b:00007fa9e0da3188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3028.158150] RAX: ffffffffffffffda RBX: 00007fa9e3962020 RCX: 00007fa9e384eb19
[ 3028.159894] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[ 3028.160909] RBP: 00007fa9e0da31d0 R08: 0000000000000000 R09: 0000000000000000
[ 3028.161827] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3028.162724] R13: 00007fff40ec503f R14: 00007fa9e0da3300 R15: 0000000000022000
[ 3028.172130] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 3028.174014] EXT4-fs error (device loop2): ext4_fill_super:4962: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 3028.177590] EXT4-fs (loop2): get root inode failed
[ 3028.178244] EXT4-fs (loop2): mount failed
[ 3028.191571] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
14:05:37 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000012900)=ANY=[])

14:05:37 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r3, 0xc0189375, &(0x7f0000000600)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r4=>r2, @ANYBLOB="e160001c000000002e2f66696c653100"])
tee(r1, r4, 0x10000, 0x0)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
setresuid(0xffffffffffffffff, r5, 0x0)
syz_mount_image$tmpfs(&(0x7f00000000c0), &(0x7f0000000140)='./file1\x00', 0x1f, 0x3, &(0x7f0000000440)=[{&(0x7f00000002c0)="c76fdb2706ed513f10e3177432e852ed4608f2089ad855048ecdadc99e4814582e4b70acd532e9b7c9f3a53067a6448c34b91737796a5a3b2dd7d1bbbf51e3b8aa21983ca40af49bb65361eac9c0f831a9fd4862fb378bd9bb9c37efb534d42a0a1a55c8f3", 0x65, 0x3ff}, {&(0x7f0000000180)="4369c4640603a16e09a204190670e7986fa28919e7da6084b0ecb0fa9c4dd7e7c06cded04ecc72b22c7c5e19", 0x2c, 0x5}, {&(0x7f0000000340)="3f22c79f8a11b6453badaeacfc4445b28c46cc4092017bfeee07cc19e8f08441b63d004a6075dd825b089e9d189cb9ab6c5e56ddb2b7d602027193c55b9a40ec26ad72c2af91d52b839cbafb94a3d5153b7c57e2270ae3bf70bc83b7e9a47ed49d0b3f6dc737a450ef5dfb2d0d37bcf0fbae9969136fab7d20526978c29a2a33a0fcf866bc7761fed23d18b39f080fd9d20ed42cc4383392defac3649dc1c01b6602018941ee97bc63c5fffae7b4ad725a45c3b3569c0f87d9d704e8e1be5be5c45d75c79cf035c2ad2c2968c3a8307c6d5353568fd687", 0xd7, 0x200}], 0x88010, &(0x7f00000004c0)={[{@nr_inodes={'nr_inodes', 0x3d, [0x2d, 0x78, 0x39, 0x30]}}, {@size={'size', 0x3d, [0x35, 0x32]}}, {@nr_blocks={'nr_blocks', 0x3d, [0x25, 0x39]}}, {@huge_never}, {@nr_blocks={'nr_blocks', 0x3d, [0x67, 0x36]}}, {@mode={'mode', 0x3d, 0x2c}}, {@huge_never}, {@gid}], [{@obj_type={'obj_type', 0x3d, '-\'`()]\x00C..-'}}, {@euid_gt={'euid>', 0xee00}}, {@obj_role={'obj_role', 0x3d, 'ext4\x00'}}, {@smackfshat={'smackfshat', 0x3d, 'ext4\x00'}}, {@fsuuid={'fsuuid', 0x3d, {[0x63, 0x34, 0x33, 0x62, 0xf5, 0x30, 0x61, 0x63], 0x2d, [0x33, 0x37, 0xd, 0x65], 0x2d, [0xb, 0x64, 0x65, 0x63], 0x2d, [0x34, 0x65, 0x61, 0x38], 0x2d, [0x30, 0x37, 0x62, 0x61, 0x36, 0x32, 0x64, 0x31]}}}, {@uid_eq={'uid', 0x3d, r5}}, {@euid_gt={'euid>', 0xee00}}, {@mask={'mask', 0x3d, '^MAY_WRITE'}}]})
sendfile(r0, r1, 0x0, 0x20d315)

14:05:37 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d34a)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 3028.358337] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
14:05:37 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x1, {0x800}}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="eb6f597324b48b6dde39f287579a991181806976a5e31dd7f50222ff0a993af662467d891f081c86f1a565f92c9445b1a4bdaad787348010fa3a6a6238c905f19c66e367112929005c9e7fc13dd19966e29fa177471e2141d7daee9d6170e4331f7a810d2f3ca3ba30b36d79f1305b6ee3b786f6f0e03ce4d439594356a77d8c7927645a6fc6a9c4125679f192ebf0e55c5b810fd036a62964b33649f285d66f", @ANYRESHEX, @ANYBLOB=',\x00'])
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r5, 0xc020f509, &(0x7f0000000180)={<r6=>r0, 0xff, 0x7, 0x5})
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_WRITE_FIXED={0x5, 0x1, 0x4007, @fd=r6, 0x6, 0xa0000000000, 0x4, 0x2, 0x1, {0x3}}, 0x5e)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:05:37 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f0000000000000400", 0x1c, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:05:37 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 12)

[ 3028.438420] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 3028.446587] EXT4-fs (loop2): corrupt root inode, run e2fsck
[ 3028.447699] EXT4-fs (loop2): mount failed
[ 3028.524760] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 3028.539488] FAULT_INJECTION: forcing a failure.
[ 3028.539488] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3028.540921] CPU: 0 PID: 19655 Comm: syz-executor.1 Not tainted 5.10.194 #1
[ 3028.541680] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3028.542584] Call Trace:
[ 3028.542888]  dump_stack+0x107/0x167
[ 3028.543319]  should_fail.cold+0x5/0xa
[ 3028.543767]  __alloc_pages_nodemask+0x182/0x600
[ 3028.544350]  ? xa_load+0x12d/0x2c0
[ 3028.544743]  ? lock_downgrade+0x6d0/0x6d0
[ 3028.545199]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 3028.545917]  alloc_pages_current+0x187/0x280
[ 3028.546438]  __page_cache_alloc+0x2d2/0x360
[ 3028.546917]  page_cache_ra_unbounded+0x207/0x6f0
[ 3028.547445]  ? read_pages+0xbc0/0xbc0
[ 3028.547877]  ondemand_readahead+0xc6f/0x1150
[ 3028.548421]  page_cache_sync_ra+0x138/0x170
[ 3028.548900]  generic_file_buffered_read+0xc74/0x28f0
[ 3028.549471]  ? pagecache_get_page+0xc80/0xc80
[ 3028.549969]  ? kasan_save_stack+0x32/0x40
[ 3028.550424]  ? do_splice_direct+0x1c4/0x290
[ 3028.550894]  ? do_sendfile+0x553/0x1090
[ 3028.551327]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3028.551834]  ? do_syscall_64+0x33/0x40
[ 3028.552330]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3028.552910]  ? perf_trace_lock+0xac/0x490
[ 3028.553372]  ? lock_chain_count+0x20/0x20
[ 3028.553840]  generic_file_read_iter+0x33f/0x490
[ 3028.554361]  ext4_file_read_iter+0x184/0x4c0
[ 3028.554844]  generic_file_splice_read+0x455/0x6d0
[ 3028.555374]  ? pipe_to_user+0x170/0x170
[ 3028.555809]  ? _cond_resched+0x12/0x80
[ 3028.556279]  ? avc_policy_seqno+0x9/0x70
[ 3028.556721]  ? selinux_file_permission+0x92/0x520
[ 3028.557256]  ? lockdep_init_map_type+0x2c7/0x780
[ 3028.557776]  ? pipe_to_user+0x170/0x170
[ 3028.558213]  do_splice_to+0x10e/0x160
[ 3028.558633]  splice_direct_to_actor+0x2fe/0x980
[ 3028.559154]  ? pipe_to_sendpage+0x380/0x380
[ 3028.559628]  ? do_splice_to+0x160/0x160
[ 3028.560099]  ? security_file_permission+0x24e/0x570
[ 3028.560671]  do_splice_direct+0x1c4/0x290
[ 3028.561127]  ? splice_direct_to_actor+0x980/0x980
[ 3028.561698]  ? selinux_file_permission+0x92/0x520
[ 3028.562233]  ? security_file_permission+0x24e/0x570
[ 3028.562811]  do_sendfile+0x553/0x1090
[ 3028.563241]  ? do_pwritev+0x270/0x270
[ 3028.563671]  ? wait_for_completion_io+0x270/0x270
[ 3028.564278]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3028.564787]  ? vfs_write+0x354/0xa70
[ 3028.565201]  __x64_sys_sendfile64+0x1d1/0x210
[ 3028.565699]  ? __ia32_sys_sendfile+0x220/0x220
[ 3028.566206]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3028.566779]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3028.567343]  do_syscall_64+0x33/0x40
[ 3028.567755]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3028.568378] RIP: 0033:0x7fa9e384eb19
[ 3028.568794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3028.570883] RSP: 002b:00007fa9e0dc4188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3028.571754] RAX: ffffffffffffffda RBX: 00007fa9e3961f60 RCX: 00007fa9e384eb19
[ 3028.572607] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 3028.573400] RBP: 00007fa9e0dc41d0 R08: 0000000000000000 R09: 0000000000000000
[ 3028.574178] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3028.574957] R13: 00007fff40ec503f R14: 00007fa9e0dc4300 R15: 0000000000022000
14:05:52 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000012900)=ANY=[])

14:05:52 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 13)

14:05:52 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d34b)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:05:52 executing program 5:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000340)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000000400)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000aee900280200000284275a4bea349a871e7bce43ca54984700fc354b37367d618d602ec3f775bd42abed2eac5143c0bc651fd68c5c42859c6d0da37d99a897a87525e1fa21858e5baa66eaa294e8aeb2741db1c011a245dc5b15c8ed", 0xb5, 0x400}, {&(0x7f0000000300)="030000004000000000000000d4000f", 0xffffff8e, 0x4000800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r2 = fcntl$dupfd(r0, 0x406, r0)
openat(r2, &(0x7f00000000c0)='./file2\x00', 0x80000, 0x78)
syz_open_dev$sg(&(0x7f0000000140), 0x9, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r2, 0xc0189378, &(0x7f00000002c0)=ANY=[@ANYBLOB="00200000010000001802000c", @ANYRES32=r0, @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00./file0\x00'])
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r3, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(r3, 0x4004662b, &(0x7f0000000180)=0x3)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r4, &(0x7f0000000240)="01", 0x1)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x1)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r6, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f00000003c0)='ext4\x00', 0x0, 0xffffffffffffffff)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r4, 0xc0189372, &(0x7f0000000100)={{0x1, 0x1, 0x18, r6, {0xe86}}, './file0\x00'})

14:05:52 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0x2000001, 0x110, r4, 0x8000000)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f00000005c0)=@IORING_OP_RECVMSG={0xa, 0x3, 0x0, r4, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=@ax25={{0x3, @netrom}, [@remote, @bcast, @default, @rose, @bcast, @remote, @netrom, @netrom]}, 0x80, &(0x7f0000000180)=[{&(0x7f00000003c0)=""/87, 0x57}, {&(0x7f0000000440)=""/139, 0x8b}, {&(0x7f0000000080)}], 0x3, &(0x7f0000000500)=""/146, 0x92}, 0x0, 0x0, 0x1, {0x3, r6}}, 0x3)
pipe(&(0x7f00000001c0)={<r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r7}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:05:52 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 23)

14:05:52 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
creat(&(0x7f00000000c0)='./file2\x00', 0x143)
sendfile(r0, r1, 0x0, 0x20d315)

14:05:52 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f0000000000000400", 0x1c, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 3043.618759] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 3043.635011] EXT4-fs (loop2): corrupt root inode, run e2fsck
[ 3043.635977] EXT4-fs (loop2): mount failed
[ 3043.637371] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 3043.641638] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
[ 3043.654854] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 3043.663141] FAULT_INJECTION: forcing a failure.
[ 3043.663141] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3043.664810] CPU: 1 PID: 19674 Comm: syz-executor.1 Not tainted 5.10.194 #1
[ 3043.665674] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3043.666699] Call Trace:
[ 3043.667052]  dump_stack+0x107/0x167
[ 3043.667523]  should_fail.cold+0x5/0xa
[ 3043.668014]  __alloc_pages_nodemask+0x182/0x600
[ 3043.668634]  ? xa_load+0x12d/0x2c0
[ 3043.669088]  ? lock_downgrade+0x6d0/0x6d0
[ 3043.669615]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 3043.670392]  alloc_pages_current+0x187/0x280
[ 3043.670966]  __page_cache_alloc+0x2d2/0x360
[ 3043.671518]  page_cache_ra_unbounded+0x207/0x6f0
[ 3043.672140]  ? read_pages+0xbc0/0xbc0
[ 3043.672707]  ondemand_readahead+0xc6f/0x1150
[ 3043.673281]  page_cache_sync_ra+0x138/0x170
[ 3043.673831]  generic_file_buffered_read+0xc74/0x28f0
[ 3043.674502]  ? pagecache_get_page+0xc80/0xc80
[ 3043.675080]  ? kasan_save_stack+0x32/0x40
[ 3043.675612]  ? do_splice_direct+0x1c4/0x290
[ 3043.676164]  ? do_sendfile+0x553/0x1090
[ 3043.676719]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3043.677325]  ? do_syscall_64+0x33/0x40
[ 3043.677819]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3043.678491]  ? perf_trace_lock+0xac/0x490
[ 3043.679022]  ? lock_chain_count+0x20/0x20
[ 3043.679547]  generic_file_read_iter+0x33f/0x490
[ 3043.680138]  ext4_file_read_iter+0x184/0x4c0
[ 3043.680773]  generic_file_splice_read+0x455/0x6d0
[ 3043.681382]  ? pipe_to_user+0x170/0x170
[ 3043.681878]  ? _cond_resched+0x12/0x80
[ 3043.682376]  ? avc_policy_seqno+0x9/0x70
[ 3043.682940]  ? selinux_file_permission+0x92/0x520
[ 3043.683560]  ? lockdep_init_map_type+0x2c7/0x780
[ 3043.684161]  ? pipe_to_user+0x170/0x170
[ 3043.684705]  do_splice_to+0x10e/0x160
[ 3043.685194]  splice_direct_to_actor+0x2fe/0x980
[ 3043.685785]  ? pipe_to_sendpage+0x380/0x380
[ 3043.686327]  ? do_splice_to+0x160/0x160
[ 3043.686829]  ? security_file_permission+0x24e/0x570
[ 3043.687465]  do_splice_direct+0x1c4/0x290
[ 3043.688031]  ? splice_direct_to_actor+0x980/0x980
[ 3043.688670]  ? selinux_file_permission+0x92/0x520
[ 3043.689311]  ? security_file_permission+0x24e/0x570
[ 3043.689946]  do_sendfile+0x553/0x1090
[ 3043.690442]  ? do_pwritev+0x270/0x270
[ 3043.690928]  ? wait_for_completion_io+0x270/0x270
[ 3043.691541]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3043.692130]  ? vfs_write+0x354/0xa70
[ 3043.692661]  __x64_sys_sendfile64+0x1d1/0x210
[ 3043.693224]  ? __ia32_sys_sendfile+0x220/0x220
[ 3043.693802]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3043.694455]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3043.695105]  do_syscall_64+0x33/0x40
[ 3043.695578]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3043.696237] RIP: 0033:0x7fa9e384eb19
[ 3043.696713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3043.698979] RSP: 002b:00007fa9e0dc4188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3043.699934] RAX: ffffffffffffffda RBX: 00007fa9e3961f60 RCX: 00007fa9e384eb19
[ 3043.700854] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 3043.701739] RBP: 00007fa9e0dc41d0 R08: 0000000000000000 R09: 0000000000000000
[ 3043.702623] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3043.703509] R13: 00007fff40ec503f R14: 00007fa9e0dc4300 R15: 0000000000022000
[ 3043.730648] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 3043.740245] FAULT_INJECTION: forcing a failure.
[ 3043.740245] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3043.742025] CPU: 1 PID: 19667 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 3043.742894] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3043.743930] Call Trace:
[ 3043.744302]  dump_stack+0x107/0x167
[ 3043.744780]  should_fail.cold+0x5/0xa
[ 3043.745272]  __alloc_pages_nodemask+0x182/0x600
[ 3043.745860]  ? xa_load+0x12d/0x2c0
[ 3043.746315]  ? lock_downgrade+0x6d0/0x6d0
[ 3043.746842]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 3043.747615]  alloc_pages_current+0x187/0x280
[ 3043.748239]  __page_cache_alloc+0x2d2/0x360
[ 3043.748798]  page_cache_ra_unbounded+0x207/0x6f0
[ 3043.749413]  ? read_pages+0xbc0/0xbc0
[ 3043.749909]  ondemand_readahead+0xc6f/0x1150
[ 3043.750478]  page_cache_sync_ra+0x138/0x170
[ 3043.751027]  generic_file_buffered_read+0xc74/0x28f0
[ 3043.751685]  ? pagecache_get_page+0xc80/0xc80
[ 3043.752278]  ? kasan_save_stack+0x32/0x40
[ 3043.752818]  ? do_splice_direct+0x1c4/0x290
[ 3043.753360]  ? do_sendfile+0x553/0x1090
[ 3043.753863]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3043.754447]  ? do_syscall_64+0x33/0x40
[ 3043.754948]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3043.755613]  ? perf_trace_lock+0xac/0x490
[ 3043.756136]  ? lock_chain_count+0x20/0x20
[ 3043.756701]  generic_file_read_iter+0x33f/0x490
[ 3043.757286]  ext4_file_read_iter+0x184/0x4c0
[ 3043.757859]  generic_file_splice_read+0x455/0x6d0
[ 3043.758462]  ? pipe_to_user+0x170/0x170
[ 3043.758966]  ? _cond_resched+0x12/0x80
[ 3043.759455]  ? avc_policy_seqno+0x9/0x70
[ 3043.759975]  ? selinux_file_permission+0x92/0x520
[ 3043.760642]  ? lockdep_init_map_type+0x2c7/0x780
[ 3043.761247]  ? pipe_to_user+0x170/0x170
[ 3043.761741]  do_splice_to+0x10e/0x160
[ 3043.762283]  splice_direct_to_actor+0x2fe/0x980
[ 3043.762876]  ? pipe_to_sendpage+0x380/0x380
[ 3043.763437]  ? do_splice_to+0x160/0x160
[ 3043.763943]  ? security_file_permission+0x24e/0x570
[ 3043.764626]  do_splice_direct+0x1c4/0x290
[ 3043.765147]  ? splice_direct_to_actor+0x980/0x980
[ 3043.765754]  ? selinux_file_permission+0x92/0x520
[ 3043.766369]  ? security_file_permission+0x24e/0x570
[ 3043.767012]  do_sendfile+0x553/0x1090
[ 3043.767505]  ? do_pwritev+0x270/0x270
[ 3043.768004]  ? wait_for_completion_io+0x270/0x270
[ 3043.768649]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3043.769238]  ? vfs_write+0x354/0xa70
[ 3043.769714]  __x64_sys_sendfile64+0x1d1/0x210
[ 3043.770282]  ? __ia32_sys_sendfile+0x220/0x220
[ 3043.770858]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3043.771509]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3043.772233]  do_syscall_64+0x33/0x40
[ 3043.772717]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3043.773354] RIP: 0033:0x7f47d2c10b19
[ 3043.773820] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3043.776063] RSP: 002b:00007f47d0186188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3043.777028] RAX: ffffffffffffffda RBX: 00007f47d2d23f60 RCX: 00007f47d2c10b19
[ 3043.777905] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005
[ 3043.778784] RBP: 00007f47d01861d0 R08: 0000000000000000 R09: 0000000000000000
[ 3043.779655] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3043.780571] R13: 00007ffd9481803f R14: 00007f47d0186300 R15: 0000000000022000
14:05:53 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f0000000000000400", 0x1c, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:05:53 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000012900)=ANY=[])

14:05:53 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d34c)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:05:53 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 14)

14:05:53 executing program 7:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r3, &(0x7f0000000240)="01", 0x1)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r4, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x32, &(0x7f00000002c0)=[@ip_ttl={{0x14}}, @ip_retopts={{0x0, 0x0, 0x7, {[@end, @lsrr={0x83, 0x0, 0x77, [@dev={0xac, 0x14, 0x14, 0x14}, @loopback, @private=0xa010102, @rand_addr=0x64010100, @dev={0xac, 0x14, 0x14, 0xe}]}, @rr={0x7, 0x0, 0xcb, [@multicast1, @empty, @local, @dev={0xac, 0x14, 0x14, 0x26}, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote]}, @end, @lsrr={0x83, 0x0, 0x16, [@local, @multicast1]}, @timestamp_prespec={0x44, 0x0, 0x40, 0x3, 0x0, [{@private=0xa010102, 0x10000}, {@multicast2, 0x3}, {@dev={0xac, 0x14, 0x14, 0x2e}, 0x4ce6}, {@local, 0x400}, {@empty, 0xfffffffd}, {@local, 0x1000}, {@initdev={0xac, 0x1e, 0x81, 0x0}, 0x1ffe000}]}, @cipso={0x86, 0x0, 0xffffffffffffffff, [{0x2, 0x0, "8766d07780185a49bf8709cbd4722d"}, {0x6, 0x0, "dc8cfb506b12044a09d0c0"}]}, @end]}}}, @ip_tos_int={{0x0, 0x0, 0x1, 0xfffffffd}}], 0x18}}], 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r1, 0xc018937a, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r5=>r0, {0x2}}, './file1\x00'})
sendfile(r5, r4, &(0x7f00000000c0)=0x4, 0x8001)
r6 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r6, 0xffff)
sendfile(r1, r2, 0x0, 0x20d315)

[ 3043.960490] EXT4-fs (loop2): corrupt root inode, run e2fsck
[ 3043.961379] EXT4-fs (loop2): mount failed
14:05:53 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 24)

[ 3043.978248] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
14:05:53 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x400}], 0x0, &(0x7f0000012900)=ANY=[])

[ 3044.077020] FAULT_INJECTION: forcing a failure.
[ 3044.077020] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3044.078517] CPU: 1 PID: 19720 Comm: syz-executor.1 Not tainted 5.10.194 #1
[ 3044.078835] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 3044.079336] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3044.079342] Call Trace:
[ 3044.079364]  dump_stack+0x107/0x167
[ 3044.079383]  should_fail.cold+0x5/0xa
[ 3044.082650]  __alloc_pages_nodemask+0x182/0x600
[ 3044.083302]  ? xa_load+0x12d/0x2c0
[ 3044.083835]  ? lock_downgrade+0x6d0/0x6d0
[ 3044.084482]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 3044.085373]  alloc_pages_current+0x187/0x280
[ 3044.086018]  __page_cache_alloc+0x2d2/0x360
[ 3044.086629]  page_cache_ra_unbounded+0x207/0x6f0
[ 3044.087322]  ? read_pages+0xbc0/0xbc0
[ 3044.087924]  ondemand_readahead+0xc6f/0x1150
[ 3044.088804]  page_cache_sync_ra+0x138/0x170
[ 3044.089670]  generic_file_buffered_read+0xc74/0x28f0
[ 3044.090412]  ? pagecache_get_page+0xc80/0xc80
[ 3044.091038]  ? kasan_save_stack+0x32/0x40
[ 3044.091608]  ? do_splice_direct+0x1c4/0x290
[ 3044.092227]  ? do_sendfile+0x553/0x1090
[ 3044.092771]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3044.093408]  ? do_syscall_64+0x33/0x40
[ 3044.093950]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3044.094693]  ? perf_trace_lock+0xac/0x490
[ 3044.095276]  ? lock_chain_count+0x20/0x20
[ 3044.095865]  generic_file_read_iter+0x33f/0x490
[ 3044.096530]  ext4_file_read_iter+0x184/0x4c0
[ 3044.097147]  generic_file_splice_read+0x455/0x6d0
[ 3044.097804]  ? pipe_to_user+0x170/0x170
[ 3044.098344]  ? _cond_resched+0x12/0x80
[ 3044.098881]  ? avc_policy_seqno+0x9/0x70
[ 3044.099435]  ? selinux_file_permission+0x92/0x520
[ 3044.100110]  ? lockdep_init_map_type+0x2c7/0x780
[ 3044.100761]  ? pipe_to_user+0x170/0x170
[ 3044.101269]  do_splice_to+0x10e/0x160
[ 3044.101744]  splice_direct_to_actor+0x2fe/0x980
[ 3044.102331]  ? pipe_to_sendpage+0x380/0x380
[ 3044.102894]  ? do_splice_to+0x160/0x160
[ 3044.103408]  ? security_file_permission+0x24e/0x570
[ 3044.104097]  do_splice_direct+0x1c4/0x290
[ 3044.104720]  ? splice_direct_to_actor+0x980/0x980
[ 3044.105363]  ? selinux_file_permission+0x92/0x520
[ 3044.106033]  ? security_file_permission+0x24e/0x570
[ 3044.106762]  do_sendfile+0x553/0x1090
[ 3044.107290]  ? do_pwritev+0x270/0x270
[ 3044.107837]  ? wait_for_completion_io+0x270/0x270
[ 3044.108544]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3044.109124]  ? vfs_write+0x354/0xa70
[ 3044.109587]  __x64_sys_sendfile64+0x1d1/0x210
[ 3044.110137]  ? __ia32_sys_sendfile+0x220/0x220
[ 3044.110719]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3044.111392]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3044.112099]  do_syscall_64+0x33/0x40
[ 3044.112666]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3044.113358] RIP: 0033:0x7fa9e384eb19
[ 3044.113881] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3044.116427] RSP: 002b:00007fa9e0dc4188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3044.117459] RAX: ffffffffffffffda RBX: 00007fa9e3961f60 RCX: 00007fa9e384eb19
[ 3044.118438] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 3044.119464] RBP: 00007fa9e0dc41d0 R08: 0000000000000000 R09: 0000000000000000
[ 3044.120503] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3044.121473] R13: 00007fff40ec503f R14: 00007fa9e0dc4300 R15: 0000000000022000
14:05:53 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ff8000/0x1000)=nil, 0x1000, 0xe, 0x2010, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
lsetxattr(&(0x7f00000018c0)='./file1\x00', &(0x7f0000001900)=@random={'security.', 'rfdno'}, &(0x7f0000001940)='#*\x00', 0x3, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
r5 = openat(r4, &(0x7f0000000080)='./file1\x00', 0x111200, 0xb8)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r9=>0x0})
ioctl$INCFS_IOC_CREATE_FILE(0xffffffffffffffff, 0xc058671e, &(0x7f0000001e00)={{'\x00', 0x3}, {0x1}, 0x15, 0x0, 0x0, &(0x7f0000001980)='./file1\x00', &(0x7f00000019c0)='./file1\x00', &(0x7f0000001a00)="34425a8ee5d9809bd864679caeb0c0dbfc857e8fe7dbccbac3d547f383e131d9be5c5fd20e7b98be7d79ff3cbfe1578bcef5c4e1f612bd0d242a18c1b90f2b09e6d88ba12b0ab988cc10bd76f1df042a4bfff00911e344554556feca26332ef8b1554a52f5fa3a258d73c5883f1a98f7155afc1b8b205595af2f87c8c43075e582dbb86df6d1df86e676eaa788252e8ed9a2621d20a24cda36b28631afda5c3bf3d8aa33ab42e1e92f84dab2d2dcfe95faadefad571d27703a6280b00d882ad956a6b823b11c6e5d2be3df7cff341dcb7f2525e5e5083b5c1ef2e09ef787cd9ad88569d325a7f484a72a1b4ad542bce5e403c885f463f2823e25f999d12eca63f559d8b4944c880b06341b911caa75e940b06607017e0623f636dfbcd0364a4eb954bc0f8dd6208717703db54772862be63a00ea56f97dcfa19724affc1f1d20950e635b84f4150f448eda01c1480a04dd25d68aa5b1866cf0cf0b7f6c2e387e33b10ed731079e319d9537c089ef913c4757b87e49ddf12dc22d666eb9072c6f30aa9780aea2947d7df0bfc69b4592e209cc50d6cb8842e412255c1a8f901acaea8b31802831384a8e3d2b", 0x1ab, 0x0, &(0x7f0000001bc0)={0x2, 0xa5, {0x1, 0xc, 0x1, "fa", 0x97, "054f70f80d3e78365b9a1f9130e50fa748cd695ff07600eb692c1c55dfe52cea7f1719bb4947c34bd11a46de6cf851c597af6ccdc59caef5c41e5da8f4dd78cb1db9ee84ed30f0e4ccb464203ded59a3e13354bbd01856cf852cf858b821417f8217e9a15727dc7c6d452a95268cf33405db0d6cb4ebefe17cdb7cff92e8989a2f45de6584769303314bbe8d3f375ce83aa6f7975d6a02"}, 0xef, "a40ceb9962ea03e1b10e008a9e5090a7e23e4637b3bc63264c5ed0586cb92f2d093504b241f5b2fdc26206e589bba1bac84f99a629c7fae19c6fa7c16a26501192fb64f48c8e936bafb8a796b179d6c64e79ba956e7be185110ff5d09b4efa93ba66cadb9542646c867da18c0852f81da8d8a46654f0e0d22adde3be957e92cf52b0798e4b7030fcde7c99e6b93a30614faef70e4cdbfdc906fd8fa6f0d0e87960f3e9408a18f31171e61f54f64c8952ff1136532788baad07e9735ea003cce361af1110eb4477ca516eb73b8125dff95f829f11dbd25eede043cd80d427119a38c550bb0c72fb7062f9004c53e276"}, 0x1a0})
sendmsg$NL80211_CMD_SET_CQM(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000780)={0x34, r7, 0xc0b, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0x9, 0x1, [0x0, 0x0]}]}]}, 0x34}}, 0x0)
sendmsg$NL80211_CMD_PROBE_MESH_LINK(r5, &(0x7f0000001880)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000018}, 0xc, &(0x7f0000000240)={&(0x7f0000000340)={0x150c, 0x0, 0x8, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r9}, @val={0xc, 0x99, {0x88, 0xe}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_FRAME={0x1498, 0x33, @data_frame={@qos_no_ht={{@type10={{0x0, 0x2, 0xc, 0x1, 0x0, 0x1}, {0x40}, @random="4daa02836a81", @device_a, @device_a, {0x2}}, {0x7, 0x0, 0x3, 0x0, 0x8}}, {@type01={{0x0, 0x2, 0xf, 0x0, 0x1, 0x0, 0x1, 0x1}, {0x1}, @device_b, @from_mac=@device_b, @from_mac=@broadcast, {0x7, 0x5}}, {0x8, 0x1, 0x1, 0x1, 0x4}}}, @a_msdu=[{@broadcast, @device_a, 0x5d, "8d6ed4c6b7a72e9d593138ca5242c7f4cebf8b3dbc771d4a0a441fa278329c58340f77785b707054b9e3f1e143a0d423d44e26db02c7672d3666ed0505387b9cb656797ef187a26c8c28616a19d9e74bd1d87dd352f5f551a6abd2da99"}, {@device_a, @device_b, 0xfa, "a33e7eed5c188759d37ad129b85cf5a3c283642d3ad3b5580b48ab48c7385351fe3a42a05b53b69d7edd88887eff08c683b5d113ae40a5ba5ed5548c2d6affe5dd278862cd9463954876f528d2f0451b4a241f8a70af75df1cf4f9c95a2418390712cccdecc57742d39bb93b182d29632dc0d9951de94d0e4dd5eb48c802a0b33f75defbab1167fabe99540596162385f7426b33fd530343dae21d45f49bb1c26a52b2ed6a55c6785b9781eca5af79e87d18f7b24714b9f12288196c31cb7a1b1b02bd29be1b200eff5c5a9140c3202adf4903efc13cd0df7bbef1a60acc28372975a71523243d05bc8092fb457a3d11b38f16dfd9dd2214fa4f"}, {@broadcast, @device_b, 0x7e, "37e0256204bfb988ed61ba379da7b607c6e687505017ebde2421c2146e057ac7ad75a6f7f6a3e10ff13120b9f57e9e78af13ba42a496b93f310c5d4c943267cc290a7be10fe34fef767253212eefd490c2466746cc3b5b302dcf8ad8f9628b3add2d169b24956e91237a57e6763bb6bfc90e0730298541196d220c4d48e9"}, {@device_a, @device_a, 0xfb, "c767270e66ab5d1cfa094c3ab7504ab5c3e05f74f0d2c42235f56aea04313f74a111ce2d065fde2316532fb61e02901a505c8f8921179f6608761fb49de4262679deb284c0f27a42dbe5c7460cd4258a29b1bc2a74e0f5ed12bfa7a2cfbfa3647e7172a1695b660daab991183f5b9b38845541efd56678fe6ee1339da208abe57a47be0d7736544cc4a126790ce23dc31ee1da220ac3cd0c0333693a00eb173e5ee3c1c16ba5c2150306b442294e15d351a8be5ed01876de3625f1711a54cf2992acc947034668927677267c7e39a4a7ddced70434f69a484ced291e54cf3400c455a3e5c3b503a8a1b39055572efc609144d5f84ac69d6b25a0ad"}, {@device_b, @device_a, 0xbe, "0450a78c7d3bde984bab95cb47f175590dcddb1667b3200a33708637b63a9c2e713e25aef4d7861a3a175ec85a2f207b64932c817ea3e57bd31cdfad54ce580aa3e61d49550063ea3b20438f4ddd0011e7000efc9cd2cf3f4f2d24adcae6bf139b69245dce916f9f8e421856bdc655b7e5d0b16ec6a4ad36492af0ae2cc901c6eeea71c096b54dc1107f5b86e3168b85c3dc2d8ed2c76859dc6531d2f1f428fe4081489ff64218c32a6794732d5b2aca60414ea5fe914b218006a910806b"}, {@device_a, @device_b, 0x1000, "66cce39bd6d4f770326b6cae2b085f3f7285a76a1740b776288f3bfab51ac909e18e908d22575480ea94e0251ab5bc51156d8fc3e7d7c5bc10b90a1c04a3a35887e7b6083bf7bd241b1e4b273e1b7946f43e46bc6debf6973fc733131b7fd4eedcbf66572a935d559f760c47fce396b80b600a240556a51210c053940d4d91ffb8c1f00fc65fd2b9921b6413986611d310a28b6e6e86f788682c3e2335fbd94e271d624830eb3a597a5e651b3175d67bc8994ea05691d483ac025bee05ca59f79edf742583d04c9c5aa6cc2f5a1c164b79fae1ad55b4c9869f0f23c73cb1fea28fb14fc441aa35c22d77dec519b327f23d7214d63706d6ea0e3743ecfe8f49d1b4f00e5af859cc3a98c150dc0698fce0bc56a24914d443d8a4cf0d745a1183a6fd7ffcdebe6405589da19b1d387938abe30398545a2f5b88ea2594cb3c59149f12d7d83486fcdacb7052e25932d8f44c16e5b8ce7e1a2ee3158c39a0f768ae25103b428c25ff626dbebc456db8c25da3c6e0f45cf173df4b7ebdcadb7bfca8eb5bf024bf27adf758a3651882916dded5d5b00bb6ac3185726641aa6cd29cb6b95f8dde6907b9328c54b01eb47c43c9b5658fd18252635cc09031980149a2b3fc2abc70d4bb90a8324c06327b6a6a5d85791c825aa056ed2c4aaf752539fd033394cefa459890d40c16eced24d924b10d9f2c831e0491d85970f85e9ed9b51c4c4f0c038375c548ee40cbfd98a4e45ffb407a94bc904184bce8c48b52a2f4826da0520cf00a24549e5e88e699f91eedb035cf4764379aca362b8f96c41c78fa804bd945b0188496effb1780bf969d9a634411692456070383dcf1be42d1bd535b19f9818ea3758a614e813b65a856a720abb7a55acddc768afcf9b7fb8782cc3e31566d16b446f3cadf5fe2e591374dbe58eab40b96ed690712ae821c2635c565bd8bb947ae6a55a091b268e9874be2abf8a54a4b55fd51725388c439345032a574cbe6fb15b0b9fb369d7895e5df5abf5d34e1762b60a3b9f3a09b3fc8fc691646692c48b972108047aec20d8b4bd114d61f3d68cc8f183d39550f221fb372d82a0175b4093eea53b8d5138f14b031e4e59eac59154a49f4f19bba0362fddbfddab4a0178cdddedf63b5f4e66eb83ffc6782ff61a5d4abf3ae8250234af8c17d618494890f6d5df7ae0a55b077446a38f260b07db6ee6fa5273e047e4fdf6f4f53526c617d22419b452dcec4dbcd9d0fb2bb429563e64e2f315cf695762cfda5a0a79564bed235142c9817ef74c02eaf41c9abc8450fcedeef742a1f3ea5d66095311f3a0870b9da5af407b4f51b81dc4b765a3761dd4d6b2dca525f513670f3e73a32704bb76a0f2e99f67cfb91f4f8866828d86ff5fb37b90078f3918ecbb5af81f3082323b9461f0b222caca6d23ec75220d9793fe577c1f21a94aa420431a2b5894422fe1b6ded57098b65e868d868fb84c71766fe7b8451d75c32c7ad5ba1567367eabe7d96fb2316246dc082541a5c0f406e7a09288ed8da2ee472ecd4ca62c797f27ae0c1df9ba62947fc0560aae5a3981ae7c7ceef0da82e659390ba44f6e32643ffddb07125d6a862aedaafc9e80ffda302df2a60d17f70b95e3b3e61beac4dbab885adb717f5f0b364dc3274e80ccdff880961a3c25d33686e407989877ac34ddcffcaf56f34c1bcd8091a72fe5675420bf495cc1937d97248769ad6cd04fdadeb3e9ced6830fbb6f9561cab8d95ff4cc2426709e5947efec7d0264ef37edc1e62c0db979be60a2bdf4c249f648c8af68c2bcbf4a2274861720c8fca8099cf43cfe076292adba2e08cedfdd7ec01df4173706ff5b1903edc978edca44ef79a77d1613518fde6bd3b8c870a8f82cc9ec88e7770369762df21d7d6c9be46a5c9b37ffa51d651e66679b586c3f408cb93260ab71916efbec6dcbad52f621f99add6053a7fa3029cbcdf97787658f150f9708df4ce4b2b2839a53dacb56469009cda81e142e055b8ee29f85aa2c06120512165ab342f073a40e874e23eb708711b3b5c80b86bf872d478d3a633d93a0531b1bc812708faee84a02b285d6dde60d39884a73ac39add12a70f582956196368e4fb1b70f8e3fda727b39ef7c441f153d282d66e0020d5083e2d7712f0f9bcc4eced41b04fc2bb24b0013fe155bf9f95fbaf6786bffc561d63e34f580624b8faac913a0d417b8a2dd85180d437095d4c96ac839f08eb2e8bd0d0901445cd27669072081a3691f1784b0742368c838bf0c181d4977b58c30f85f3169e1cdf1f1e0898f6bc43f0e690a87ee728787e4ced924278a570207a24af45923d2be7e7b113d581bfd07b5fce848cf21acdcb593bb7ed23f0f1625096f92892c61273aa6e16e4a96f1bba839c6016cd250587f912cb02268bcfd531813cedd58d235aa18b03022a6fc51427d868098deb2abd6048318f6cf24cdfa350327bdbf1457ddb03d577ae080c420b9670e24dbae702661d206aa9d287eed3b10b03e612dfd00ef0dcdce379305d543d767fa6019a6abd09a0ebb73620848378fdb91cb1e0ab34e1a0ef44349ff6d5c966da7e25260b2265e6eb2e2775717640262e6d2b62cc08aa0fd8148c849c692d53a0f7df08c3a945c8514da0b61c9b1c57972be19b190d817dec4cc939a3a125829283e01eb5ae63eee80f1fe71f92c61d957bbe157a5d8e6102b16d56015e57bc3d21378c22825f82750b9abdb7389b5b0b97829d9a6a21c92f5d59875441716ed0f2510db73c5ded11357fc00121fd52e7d9c12dd01b201d831c3c7a8e9c0d3c111d37adbd0777913d81ce7262d1066fe180e6dc7bb6d1d5255db81d7519488edf303f5b4519b584b7ba8f5dc431348fcb850d1b08548883cc9ed8d9c22ebb26ee419e1b50ec494d5c944f71a332cd111db2803b9f9c6ec52113c0310e0923a425168a8f407fcd65482a07ce7c097cd8be03d43e89730661015b260a73199ef4c425316c5320db2ce54714ad5aa4a85acab3e7d9c488963209019d6272404b1e967981a13aae0830e4720bc590c00509d1ea8905d6b05bf528f5509b714d6a179d6ab3c772c6f43ae4a1ba59858d2f274c526604b38812d18b8f412bae2f83a29d422306298a2ba29ec6d9b24b63c764846e0e302dd644f6e4cd786fa791c97b390f523f79bead6295288c5df5b24b53ce4e491e946f1b4d12fd5249d230559362fb4db236b66ebef8154f1b6d0c137120a542b206b42f992d27d54ae061924a5cf08a95141b1f8aa9576dae0a436aa9fb7b65f8bcdcf04c77cc5963997b9ad69e08dd3d9ce8cdfe32135fa0d45e3b9f7f175b076b4355441450364ad9137a5e2678ebd7a5a793700ad4e315de2524a1dbd705027b43fcb7105f787202981b2701cb4d5296cd2882ea402122e5ea3d053b48592cd51c4ff8751812029b5926e087f61094273c9647234f6bc211b2739984c8cc80d01cd6cd4e702656c2b2e0d01e2b5a2aaef951631f2c465dc7cb861bcd7fde3d14aa0718ef67ff7c5470e55ae7648dc3de90c42d0503b498026dae5ff7f725cc9d071fb014037f8ebb4c6e897406db6ba0f4f29058acba09826d8c612ae499e81c577f9d1c529ca45ddf7ae36372b3faef63a240ceade8d66bdeb479241e1d5bb03438a2a6e6d2fc4a18807bc732282300346d2dcd463fbc349fea7c5685e558f46dbdf35cea31d5b91dec1bcfbe73a12020c80cffa3adfb7c0ea345e43494f42b2e2a5f0fe3ada5439a4b13e379f255eec590594c5fd11ba4cfa939da8107ecee05934a95aa722f2b098e621cc5d899aca38197227de78e0c1731e5e45b359a072d9e98a34a5adfdbb0a738bfb63520a0ab49bb14631d81fb6a0dab8306041fb3442c5b65bd8eb99e13ea1d944e2018eb1ddbec8bfb2d8f3c597ab745716963733a86ec23569e26e56c844ccaabbf979392420352ce5c041beb74bbdbdb0a8ef4b3c67d2099d86939050f29a44eebc27248fa1d63f504e7082444fe5271a2e0d0335a860e471d8f68355aed89765e971a5e97cecb3343c8ae956b4eca1051bd921b81802b209011ec8a334c78a4371b0e622cb608ab069fe1cc8f0dc11271795550baf633d4ed8e5c0e58ff366ec9a80f4bb9d4b77d91b8e9ad43468e4972af31df110825a6c26a973fa54842b7bfa3d5bc03c65df44a478e67a80e7a77cd43dd02e795e759c8c0a28676585dd033db419b9ea96c865f39050052820fc4b8b1639d63591b8dd6201916910e77d0589aeddcc6169c86e074a3dc192565ed7bf6353a1551049dfdc8e8633a01ae560590a00a81a93c8f19b0d959060915972b8fb4695f917478241eb7fbbb93e63606b8874517e5aa66f7a035bf20dda8838bff6d7961e98562715858ee7f2c63df3581709561608ac3e01ffc179451e5ae42fb9f390eacd14ac2ff151d1ee054a57cf2b185abda2de52a127e79ec5d31118c53738eff4809a450637e5baff27f740c60ddf79189a31bab586c11877c1d54ca7add48ee60ba8a79dbd169290a79b76d72e39f0ddf4f6462f70a82bcfccd270fb31093af5fb18fc904647b8378cced19ee64a50fe739955444ce45cc5a8cf2c45e0a6bfbae8c1a2ca2d3501336fc0219a776f4f6afb8eca87befc3506c8f7ebd469f80265bc10eb60b7e323f35eb3d872899b6d238ceec2c09e01a491e5de3f00dbe3ea225f3976ef4608091c5bf4ab7cc3bfd2574f592fa2089c4a73e99eb55b9fcb3a17ca3382095b41fdcb42bc89b771c4866ece4b2f2aeb2d2a5c49dcc43a8bbf68284b628eac58c81635ffda546d68de23d607a2e4fddea89d8fabc5f3370a57703cb74064f63178ea291ac1dd4fe9c6dab633d0d8c5888c25902642254dc94377e9fd1c0ab148ec7ff10f37cebe4d87516b994fe5227713db8f31bcb75008d652038ffdf764f813dcf34a004431e163c49b70bb72eabd0f389448a3e666e3e1e9b43bc2724b152274502c9559ad4aac340b32b1dd3164f1797a27f6eb14b8688fd1c557b5640bb950b92234e229203a247844f0c5644732641b9adb880652a814cba9296accf905772a7ef90bf32a85de70fac52d173f5b203a08977fb1b699e574001cbb213361bd21e0ef1864295c2ca3d0383acc371cd4442a2a7bfd0b232996b8ae27ada12ecd4531aa25de3b33da0be13cfd9c31e928a78f62834fa3fed73b2d99f4d06d9a51dbf30c317bbb6bd5dad326ba68422386b4a14381d4178fd5731c5af66e54607efbde199a3c571f5970863b1dfa72b2218e4bf36778b1ee721e80456fe67458f1e0d9997bd278539404d1e29f1f5c86e9b00462c58b7ac1585525c5b1aac0680e608b8969e4366d0a83f5e678090c3daa4635693d0781c9923fb3da4f9a4807922115aece095eb93674c80b87260c27791d9ba32023326b202f8131910babff69f0da6c6a6e50a3968864fe7da7b155cb1ff99b3efc99ea40b742ad8f4a4c409e8ffa2a21e720f604e0f2caa46a1d78787619dcc3826c3bc1e8b4cb98f2af6b102307f29d05887846b6857b6ec5bf55b0b31370bb01c225662935682c43944af574ac3adf46ff865626844d3bfd6ca80e4b7ab857c146e573900e552015aa3ffed9713b0af3989dee93ce3b75e18b7ebcb8c8924415fbcf37a4e314d776c288e821589050c056d5c489b165333e9f11d8ada6ccd07639e8805b4536d8c09836aff471e1a2af4245878c360e9b4a36f60824a2b0c73327be46f79ff0a7c0e57c2eb97df4278a8ed3352b8f990cc6ae2386c3ddccfec6efb0bcb662bf707f49d91ac31ddfd51"}, {@device_b, @device_a, 0x6a, "0db041c4e0ae483a2a4c0c34e503a67c24ad73992da35a5e7b553488998dde573691fdef44bb5cac686d54eea4fa0d7ca48b83ea0236e219aab0bf5f3cc90a406e97a2fd0251376aafe8008efad9d43efefe04867cb26803fac1f63d587a09650ee627f6baec4850e0c2"}]}}, @NL80211_ATTR_FRAME={0x34, 0x33, @mgmt_frame=@reassoc_req={@with_ht={{{0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1}, {0x4}, @device_b, @broadcast, @random="234a741e5e92", {0x2, 0x7}}, @ver_80211n={0x0, 0x0, 0x2, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1}}, 0x10, 0x7f, @device_b, {0x0, 0x8, @random="5e1d64e3ced2e528"}, @void, @void}}]}, 0x150c}, 0x1, 0x0, 0x0, 0x20000000}, 0x810)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:05:53 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 15)

[ 3044.160363] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
14:05:53 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 3044.193041] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 3044.210965] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 3044.218290] FAULT_INJECTION: forcing a failure.
[ 3044.218290] name failslab, interval 1, probability 0, space 0, times 0
[ 3044.222081] CPU: 1 PID: 19732 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 3044.223927] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3044.225815] Call Trace:
[ 3044.226419]  dump_stack+0x107/0x167
[ 3044.227286]  should_fail.cold+0x5/0xa
[ 3044.228201]  ? create_object.isra.0+0x3a/0xa20
[ 3044.231608]  should_failslab+0x5/0x20
[ 3044.232673]  kmem_cache_alloc+0x5b/0x310
[ 3044.233599]  create_object.isra.0+0x3a/0xa20
[ 3044.234591]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3044.235723]  kmem_cache_alloc+0x159/0x310
[ 3044.236792]  alloc_buffer_head+0x20/0x110
[ 3044.237746]  alloc_page_buffers+0x14d/0x700
[ 3044.238767]  create_empty_buffers+0x2c/0x640
[ 3044.239825]  ? ext4_mark_iloc_dirty+0x1c24/0x3630
[ 3044.241101]  create_page_buffers+0x1bb/0x230
[ 3044.242096]  __block_write_begin_int+0x1d1/0x19c0
[ 3044.243192]  ? __brelse+0x84/0xa0
[ 3044.244003]  ? ext4_destroy_inline_data_nolock+0xfb/0x530
[ 3044.245509]  ? _ext4_get_block+0x570/0x570
[ 3044.246483]  ? ext4_add_dirent_to_inline+0x530/0x530
[ 3044.247716]  ? remove_inode_buffers+0x300/0x300
[ 3044.249003]  ? wait_for_stable_page+0x92/0xe0
[ 3044.250260]  ext4_try_to_write_inline_data+0x729/0x14c0
[ 3044.251098]  ? ext4_readpage_inline+0x3d0/0x3d0
[ 3044.251670]  ? ext4_mark_iloc_dirty+0x18e6/0x3630
[ 3044.252345]  ? mark_buffer_dirty+0x11e/0x3d0
[ 3044.252907]  ? ext4_ind_trans_blocks+0xd/0x80
[ 3044.253472]  ? ext4_meta_trans_blocks+0x25c/0x310
[ 3044.254088]  ? ext4_inode_journal_mode+0x27c/0x4f0
[ 3044.254706]  ext4_write_begin+0xbe0/0x10f0
[ 3044.255269]  ? ext4_truncate+0x1160/0x1160
[ 3044.255806]  ? ext4_expand_extra_isize+0x5a0/0x5a0
[ 3044.256730]  ? current_time+0x72/0x2c0
[ 3044.257625]  ext4_da_write_begin+0x623/0xd40
[ 3044.258623]  ? ext4_journal_check_start+0x1b3/0x2a0
[ 3044.259745]  ? iov_iter_fault_in_readable+0x9a/0x410
[ 3044.260640]  ? __ext4_journal_stop+0x107/0x1f0
[ 3044.261210]  ? ext4_write_begin+0x10f0/0x10f0
[ 3044.261772]  ? copyout_mc+0x140/0x140
[ 3044.262255]  ? ext4_dirty_inode+0x107/0x130
[ 3044.262798]  ? __mark_inode_dirty+0x12e/0xd40
[ 3044.263372]  generic_perform_write+0x20a/0x4f0
[ 3044.263956]  ? page_cache_next_miss+0x310/0x310
[ 3044.264647]  ? down_write_killable+0x180/0x180
[ 3044.265239]  ext4_buffered_write_iter+0x232/0x4a0
[ 3044.265854]  ext4_file_write_iter+0x4fb/0x18d0
[ 3044.266445]  ? ext4_file_read_iter+0x4c0/0x4c0
[ 3044.267016]  ? kasan_save_stack+0x32/0x40
[ 3044.267525]  ? kasan_save_stack+0x1b/0x40
[ 3044.268032]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3044.269221]  ? iter_file_splice_write+0x16d/0xc30
[ 3044.270383]  ? direct_splice_actor+0x10f/0x170
[ 3044.271315]  ? splice_direct_to_actor+0x387/0x980
[ 3044.272306]  ? do_splice_direct+0x1c4/0x290
[ 3044.273163]  ? do_sendfile+0x553/0x1090
[ 3044.273962]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3044.274905]  do_iter_readv_writev+0x476/0x750
[ 3044.275805]  ? new_sync_write+0x660/0x660
[ 3044.276757]  ? selinux_file_permission+0x92/0x520
[ 3044.277758]  do_iter_write+0x191/0x670
[ 3044.278582]  ? trace_hardirqs_on+0x5b/0x180
[ 3044.279471]  vfs_iter_write+0x70/0xa0
[ 3044.280437]  iter_file_splice_write+0x762/0xc30
[ 3044.281393]  ? generic_splice_sendpage+0x140/0x140
[ 3044.282368]  ? avc_policy_seqno+0x9/0x70
[ 3044.283169]  ? selinux_file_permission+0x92/0x520
[ 3044.284149]  ? lockdep_init_map_type+0x2c7/0x780
[ 3044.285317]  ? generic_splice_sendpage+0x140/0x140
[ 3044.286293]  direct_splice_actor+0x10f/0x170
[ 3044.287166]  splice_direct_to_actor+0x387/0x980
[ 3044.288098]  ? pipe_to_sendpage+0x380/0x380
[ 3044.289142]  ? do_splice_to+0x160/0x160
[ 3044.289923]  ? security_file_permission+0x24e/0x570
[ 3044.290911]  do_splice_direct+0x1c4/0x290
[ 3044.291722]  ? splice_direct_to_actor+0x980/0x980
[ 3044.292868]  ? selinux_file_permission+0x92/0x520
[ 3044.293856]  ? security_file_permission+0x24e/0x570
[ 3044.294859]  do_sendfile+0x553/0x1090
[ 3044.295626]  ? do_pwritev+0x270/0x270
[ 3044.296351]  ? wait_for_completion_io+0x270/0x270
[ 3044.296911]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3044.297443]  ? vfs_write+0x354/0xa70
[ 3044.297878]  __x64_sys_sendfile64+0x1d1/0x210
[ 3044.298395]  ? __ia32_sys_sendfile+0x220/0x220
[ 3044.298928]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3044.299526]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3044.300119]  do_syscall_64+0x33/0x40
[ 3044.300978]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3044.302018] RIP: 0033:0x7f47d2c10b19
[ 3044.302764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3044.305510] RSP: 002b:00007f47d0186188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3044.306382] RAX: ffffffffffffffda RBX: 00007f47d2d23f60 RCX: 00007f47d2c10b19
[ 3044.307190] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 3044.308000] RBP: 00007f47d01861d0 R08: 0000000000000000 R09: 0000000000000000
[ 3044.308876] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3044.309688] R13: 00007ffd9481803f R14: 00007f47d0186300 R15: 0000000000022000
14:05:53 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 25)

[ 3044.409926] FAULT_INJECTION: forcing a failure.
[ 3044.409926] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3044.411428] CPU: 1 PID: 19748 Comm: syz-executor.1 Not tainted 5.10.194 #1
[ 3044.412301] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3044.413319] Call Trace:
[ 3044.413658]  dump_stack+0x107/0x167
[ 3044.414100]  should_fail.cold+0x5/0xa
[ 3044.414582]  __alloc_pages_nodemask+0x182/0x600
[ 3044.415170]  ? xa_load+0x12d/0x2c0
[ 3044.415618]  ? lock_downgrade+0x6d0/0x6d0
[ 3044.416132]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 3044.416946]  alloc_pages_current+0x187/0x280
[ 3044.417504]  __page_cache_alloc+0x2d2/0x360
[ 3044.418051]  page_cache_ra_unbounded+0x207/0x6f0
[ 3044.418604]  ? read_pages+0xbc0/0xbc0
[ 3044.419071]  ondemand_readahead+0xc6f/0x1150
[ 3044.419634]  page_cache_sync_ra+0x138/0x170
[ 3044.420223]  generic_file_buffered_read+0xc74/0x28f0
[ 3044.420902]  ? pagecache_get_page+0xc80/0xc80
[ 3044.421505]  ? kasan_save_stack+0x32/0x40
[ 3044.422027]  ? do_splice_direct+0x1c4/0x290
[ 3044.422619]  ? do_sendfile+0x553/0x1090
[ 3044.423124]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3044.423718]  ? do_syscall_64+0x33/0x40
[ 3044.424231]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3044.424916]  ? perf_trace_lock+0xac/0x490
[ 3044.425432]  ? lock_chain_count+0x20/0x20
[ 3044.425976]  generic_file_read_iter+0x33f/0x490
[ 3044.426557]  ext4_file_read_iter+0x184/0x4c0
[ 3044.427118]  generic_file_splice_read+0x455/0x6d0
[ 3044.427755]  ? pipe_to_user+0x170/0x170
[ 3044.428321]  ? _cond_resched+0x12/0x80
[ 3044.428777]  ? avc_policy_seqno+0x9/0x70
[ 3044.429179]  ? selinux_file_permission+0x92/0x520
[ 3044.429693]  ? lockdep_init_map_type+0x2c7/0x780
[ 3044.430162]  ? pipe_to_user+0x170/0x170
[ 3044.430597]  do_splice_to+0x10e/0x160
[ 3044.431079]  splice_direct_to_actor+0x2fe/0x980
[ 3044.431666]  ? pipe_to_sendpage+0x380/0x380
[ 3044.432224]  ? do_splice_to+0x160/0x160
[ 3044.432734]  ? security_file_permission+0x24e/0x570
[ 3044.433369]  do_splice_direct+0x1c4/0x290
[ 3044.433887]  ? splice_direct_to_actor+0x980/0x980
[ 3044.434481]  ? selinux_file_permission+0x92/0x520
[ 3044.435077]  ? security_file_permission+0x24e/0x570
[ 3044.435704]  do_sendfile+0x553/0x1090
[ 3044.436209]  ? do_pwritev+0x270/0x270
[ 3044.436702]  ? wait_for_completion_io+0x270/0x270
[ 3044.437303]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3044.437873]  ? vfs_write+0x354/0xa70
[ 3044.438385]  __x64_sys_sendfile64+0x1d1/0x210
[ 3044.438949]  ? __ia32_sys_sendfile+0x220/0x220
[ 3044.439555]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3044.440214]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3044.440869]  do_syscall_64+0x33/0x40
[ 3044.441400]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3044.442077] RIP: 0033:0x7fa9e384eb19
[ 3044.442567] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3044.444984] RSP: 002b:00007fa9e0da3188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3044.446052] RAX: ffffffffffffffda RBX: 00007fa9e3962020 RCX: 00007fa9e384eb19
[ 3044.447066] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[ 3044.448062] RBP: 00007fa9e0da31d0 R08: 0000000000000000 R09: 0000000000000000
[ 3044.449086] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3044.450073] R13: 00007fff40ec503f R14: 00007fa9e0da3300 R15: 0000000000022000
[ 3044.525194] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 3044.533991] FAULT_INJECTION: forcing a failure.
[ 3044.533991] name failslab, interval 1, probability 0, space 0, times 0
[ 3044.535617] CPU: 1 PID: 19750 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 3044.536529] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3044.537562] Call Trace:
[ 3044.537906]  dump_stack+0x107/0x167
[ 3044.538373]  should_fail.cold+0x5/0xa
[ 3044.538869]  ? create_object.isra.0+0x3a/0xa20
[ 3044.539454]  should_failslab+0x5/0x20
[ 3044.539939]  kmem_cache_alloc+0x5b/0x310
[ 3044.540504]  create_object.isra.0+0x3a/0xa20
[ 3044.541051]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3044.541696]  kmem_cache_alloc+0x159/0x310
[ 3044.542226]  alloc_buffer_head+0x20/0x110
[ 3044.542753]  alloc_page_buffers+0x14d/0x700
[ 3044.543301]  create_empty_buffers+0x2c/0x640
[ 3044.543870]  ? ext4_mark_iloc_dirty+0x1c24/0x3630
[ 3044.544528]  create_page_buffers+0x1bb/0x230
[ 3044.545085]  __block_write_begin_int+0x1d1/0x19c0
[ 3044.545688]  ? __brelse+0x84/0xa0
[ 3044.546133]  ? ext4_destroy_inline_data_nolock+0xfb/0x530
[ 3044.546814]  ? _ext4_get_block+0x570/0x570
[ 3044.547342]  ? ext4_add_dirent_to_inline+0x530/0x530
[ 3044.547976]  ? remove_inode_buffers+0x300/0x300
[ 3044.548638]  ? wait_for_stable_page+0x92/0xe0
[ 3044.549196]  ext4_try_to_write_inline_data+0x729/0x14c0
[ 3044.549872]  ? ext4_readpage_inline+0x3d0/0x3d0
[ 3044.550459]  ? ext4_mark_iloc_dirty+0x18e6/0x3630
[ 3044.551072]  ? mark_buffer_dirty+0x11e/0x3d0
[ 3044.551672]  ? ext4_ind_trans_blocks+0xd/0x80
[ 3044.552268]  ? ext4_meta_trans_blocks+0x25c/0x310
[ 3044.552906]  ? ext4_inode_journal_mode+0x27c/0x4f0
[ 3044.553531]  ext4_write_begin+0xbe0/0x10f0
[ 3044.554076]  ? ext4_truncate+0x1160/0x1160
[ 3044.554610]  ? ext4_expand_extra_isize+0x5a0/0x5a0
[ 3044.555222]  ? current_time+0x72/0x2c0
[ 3044.555731]  ext4_da_write_begin+0x623/0xd40
[ 3044.556309]  ? ext4_journal_check_start+0x1b3/0x2a0
[ 3044.556974]  ? iov_iter_fault_in_readable+0x9a/0x410
[ 3044.557604]  ? __ext4_journal_stop+0x107/0x1f0
[ 3044.558176]  ? ext4_write_begin+0x10f0/0x10f0
[ 3044.558735]  ? copyout_mc+0x140/0x140
[ 3044.559219]  ? ext4_dirty_inode+0x107/0x130
[ 3044.559762]  ? __mark_inode_dirty+0x12e/0xd40
[ 3044.560397]  generic_perform_write+0x20a/0x4f0
[ 3044.561019]  ? page_cache_next_miss+0x310/0x310
[ 3044.561618]  ? down_write_killable+0x180/0x180
[ 3044.562203]  ext4_buffered_write_iter+0x232/0x4a0
[ 3044.562811]  ext4_file_write_iter+0x4fb/0x18d0
[ 3044.563396]  ? ext4_file_read_iter+0x4c0/0x4c0
[ 3044.563974]  ? kasan_save_stack+0x32/0x40
[ 3044.564565]  ? kasan_save_stack+0x1b/0x40
[ 3044.565148]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3044.565890]  ? iter_file_splice_write+0x16d/0xc30
[ 3044.566502]  ? direct_splice_actor+0x10f/0x170
[ 3044.567143]  ? splice_direct_to_actor+0x387/0x980
[ 3044.567827]  ? do_splice_direct+0x1c4/0x290
[ 3044.568468]  ? do_sendfile+0x553/0x1090
[ 3044.569028]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3044.569686]  do_iter_readv_writev+0x476/0x750
[ 3044.570307]  ? new_sync_write+0x660/0x660
[ 3044.570890]  ? selinux_file_permission+0x92/0x520
[ 3044.571592]  do_iter_write+0x191/0x670
[ 3044.572152]  ? trace_hardirqs_on+0x5b/0x180
[ 3044.572790]  vfs_iter_write+0x70/0xa0
[ 3044.573332]  iter_file_splice_write+0x762/0xc30
[ 3044.574000]  ? generic_splice_sendpage+0x140/0x140
[ 3044.574704]  ? avc_policy_seqno+0x9/0x70
[ 3044.575280]  ? selinux_file_permission+0x92/0x520
[ 3044.575980]  ? lockdep_init_map_type+0x2c7/0x780
[ 3044.576712]  ? generic_splice_sendpage+0x140/0x140
[ 3044.577412]  direct_splice_actor+0x10f/0x170
[ 3044.578048]  splice_direct_to_actor+0x387/0x980
[ 3044.578708]  ? pipe_to_sendpage+0x380/0x380
[ 3044.579328]  ? do_splice_to+0x160/0x160
[ 3044.579904]  ? security_file_permission+0x24e/0x570
[ 3044.580631]  do_splice_direct+0x1c4/0x290
[ 3044.581169]  ? splice_direct_to_actor+0x980/0x980
[ 3044.581840]  ? selinux_file_permission+0x92/0x520
[ 3044.582543]  ? security_file_permission+0x24e/0x570
[ 3044.583248]  do_sendfile+0x553/0x1090
[ 3044.583824]  ? do_pwritev+0x270/0x270
[ 3044.584414]  ? wait_for_completion_io+0x270/0x270
[ 3044.585043]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3044.585655]  ? vfs_write+0x354/0xa70
[ 3044.586139]  __x64_sys_sendfile64+0x1d1/0x210
[ 3044.586778]  ? __ia32_sys_sendfile+0x220/0x220
[ 3044.587431]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3044.588233]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3044.588938]  do_syscall_64+0x33/0x40
[ 3044.589410]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3044.590079] RIP: 0033:0x7f47d2c10b19
[ 3044.590552] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3044.593252] RSP: 002b:00007f47d0186188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3044.594373] RAX: ffffffffffffffda RBX: 00007f47d2d23f60 RCX: 00007f47d2c10b19
[ 3044.595472] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 3044.596563] RBP: 00007f47d01861d0 R08: 0000000000000000 R09: 0000000000000000
[ 3044.597621] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3044.598652] R13: 00007ffd9481803f R14: 00007f47d0186300 R15: 0000000000022000
14:06:08 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d34d)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:06:08 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 26)

14:06:08 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 16)

14:06:08 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x400}], 0x0, &(0x7f0000012900)=ANY=[])

14:06:08 executing program 7:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f00000003c0)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000000400)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x10, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r3, &(0x7f0000000240)="01", 0x1)
r4 = syz_open_procfs(0x0, &(0x7f0000000140)='net/netfilter\x00')
r5 = signalfd4(r2, &(0x7f0000000180)={[0x800]}, 0x8, 0x80000)
r6 = fcntl$dupfd(r4, 0x0, r5)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r6, 0xc0189375, &(0x7f0000000340)={{0x1, 0x1, 0x18, r2}, './file0\x00'})
r7 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r8 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
sendfile(r2, r8, &(0x7f0000000300)=0x9, 0x2)
ftruncate(r7, 0xffff)
sendfile(r1, r2, 0x0, 0x20d315)
r9 = dup2(r0, r5)
open_tree(r9, &(0x7f0000000380)='./file1\x00', 0x1)
openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x482f80, 0x1)

14:06:09 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000240)={0x0, 0x40000, 0x0, 0x2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080), 0x420182, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f0000000180), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[], [{@euid_lt}, {@fscontext={'fscontext', 0x3d, 'staff_u'}}, {@fscontext={'fscontext', 0x3d, 'user_u'}}, {@appraise_type}, {@obj_user={'obj_user', 0x3d, '{+:}%-#+,*'}}, {@hash}, {@subj_type={'subj_type', 0x3d, '*}'}}, {@hash}, {@smackfstransmute={'smackfstransmute', 0x3d, '/dev/vcs\x00'}}]}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
io_uring_enter(r5, 0x600b, 0x4ca6, 0x3, &(0x7f00000000c0)={[0x5bc7]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x1, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
pipe(&(0x7f00000001c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r8}})
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x5c8b1217947cc432, r8, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:06:09 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:06:09 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffcdfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffdffffffffffffffffffffffffdfffffffffffff7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0xfffffffffffffffc}], 0x0, &(0x7f0000000380)=ANY=[@ANYRESHEX=r0])
chdir(&(0x7f0000000040)='./file0\x00')
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}})
pipe2(&(0x7f0000000400)={<r6=>0xffffffffffffffff}, 0x0)
linkat(r5, &(0x7f00000003c0)='./file0\x00', r6, &(0x7f0000000440)='./file0\x00', 0x891f921ac5420a86)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r7, &(0x7f0000000240)="01", 0x1)
r8 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r8, 0xffff)
ioctl$F2FS_IOC_MOVE_RANGE(r8, 0xc020f509, &(0x7f00000000c0)={<r9=>r1, 0x4, 0x100, 0x5})
sendmsg$TIPC_NL_SOCK_GET(r9, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB='t\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000f2abd7000fedbdf25060000000c0009b844000200ff03000054000280140003800800010040000000080001002e0000003c0003800800010006000000080001003f00000008000200080000000800010004000000080001000200000008000100008000000800020001800000"], 0x74}, 0x1, 0x0, 0x0, 0x4040000}, 0x20000041)
sendfile(r2, r3, 0x0, 0x20d315)

[ 3059.799068] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 3059.809282] EXT4-fs (loop5): Unrecognized mount option "0x0000000000000003" or missing value
[ 3059.819705] FAULT_INJECTION: forcing a failure.
[ 3059.819705] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3059.821340] CPU: 0 PID: 19772 Comm: syz-executor.1 Not tainted 5.10.194 #1
[ 3059.822189] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3059.823232] Call Trace:
[ 3059.823574]  dump_stack+0x107/0x167
[ 3059.824045]  should_fail.cold+0x5/0xa
[ 3059.824620]  __alloc_pages_nodemask+0x182/0x600
[ 3059.825202]  ? xa_load+0x12d/0x2c0
[ 3059.825655]  ? lock_downgrade+0x6d0/0x6d0
[ 3059.826176]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 3059.826956]  alloc_pages_current+0x187/0x280
[ 3059.827518]  __page_cache_alloc+0x2d2/0x360
[ 3059.827608] EXT4-fs (loop7): couldn't mount as ext2 due to feature incompatibilities
[ 3059.828070]  page_cache_ra_unbounded+0x207/0x6f0
[ 3059.828098]  ? read_pages+0xbc0/0xbc0
[ 3059.830136]  ondemand_readahead+0xc6f/0x1150
[ 3059.830716]  page_cache_sync_ra+0x138/0x170
[ 3059.831277]  generic_file_buffered_read+0xc74/0x28f0
[ 3059.831927]  ? pagecache_get_page+0xc80/0xc80
[ 3059.832522]  ? kasan_save_stack+0x32/0x40
[ 3059.833107]  ? do_splice_direct+0x1c4/0x290
[ 3059.833651]  ? do_sendfile+0x553/0x1090
[ 3059.834153]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3059.834772]  ? do_syscall_64+0x33/0x40
[ 3059.835276]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3059.835952]  ? perf_trace_lock+0xac/0x490
[ 3059.836510]  ? lock_chain_count+0x20/0x20
[ 3059.837756]  generic_file_read_iter+0x33f/0x490
[ 3059.839101]  ext4_file_read_iter+0x184/0x4c0
[ 3059.840450]  generic_file_splice_read+0x455/0x6d0
[ 3059.841823]  ? pipe_to_user+0x170/0x170
[ 3059.842318]  ? _cond_resched+0x12/0x80
[ 3059.842814]  ? avc_policy_seqno+0x9/0x70
[ 3059.843325]  ? selinux_file_permission+0x92/0x520
[ 3059.843943]  ? lockdep_init_map_type+0x2c7/0x780
[ 3059.844660]  ? pipe_to_user+0x170/0x170
[ 3059.845165]  do_splice_to+0x10e/0x160
[ 3059.845684]  splice_direct_to_actor+0x2fe/0x980
[ 3059.846269]  ? pipe_to_sendpage+0x380/0x380
[ 3059.846819]  ? do_splice_to+0x160/0x160
[ 3059.847320]  ? security_file_permission+0x24e/0x570
[ 3059.847961]  do_splice_direct+0x1c4/0x290
[ 3059.848635]  ? splice_direct_to_actor+0x980/0x980
[ 3059.849256]  ? selinux_file_permission+0x92/0x520
[ 3059.849883]  ? security_file_permission+0x24e/0x570
[ 3059.850530]  do_sendfile+0x553/0x1090
[ 3059.851019]  ? do_pwritev+0x270/0x270
[ 3059.851516]  ? wait_for_completion_io+0x270/0x270
[ 3059.852124]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3059.852833]  ? vfs_write+0x354/0xa70
[ 3059.853316]  __x64_sys_sendfile64+0x1d1/0x210
[ 3059.853884]  ? __ia32_sys_sendfile+0x220/0x220
[ 3059.854476]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3059.855134]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3059.855780]  do_syscall_64+0x33/0x40
[ 3059.856260]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3059.857035] RIP: 0033:0x7fa9e384eb19
[ 3059.857540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3059.859797] RSP: 002b:00007fa9e0dc4188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3059.861258] RAX: ffffffffffffffda RBX: 00007fa9e3961f60 RCX: 00007fa9e384eb19
[ 3059.863392] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 3059.865464] RBP: 00007fa9e0dc41d0 R08: 0000000000000000 R09: 0000000000000000
[ 3059.867542] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3059.869545] R13: 00007fff40ec503f R14: 00007fa9e0dc4300 R15: 0000000000022000
[ 3059.871919] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
[ 3059.896544] FAULT_INJECTION: forcing a failure.
[ 3059.896544] name failslab, interval 1, probability 0, space 0, times 0
[ 3059.899783] CPU: 0 PID: 19790 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 3059.901766] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3059.904271] Call Trace:
[ 3059.905066]  dump_stack+0x107/0x167
[ 3059.906098]  should_fail.cold+0x5/0xa
[ 3059.907190]  ? iter_file_splice_write+0x16d/0xc30
[ 3059.908741]  should_failslab+0x5/0x20
[ 3059.909833]  __kmalloc+0x72/0x390
[ 3059.910827]  iter_file_splice_write+0x16d/0xc30
[ 3059.912256]  ? atime_needs_update+0x600/0x600
[ 3059.913608]  ? generic_splice_sendpage+0x140/0x140
[ 3059.915078]  ? pipe_to_user+0x170/0x170
[ 3059.916154]  ? _cond_resched+0x12/0x80
[ 3059.917341]  ? avc_policy_seqno+0x9/0x70
[ 3059.918507]  ? selinux_file_permission+0x92/0x520
[ 3059.919866]  ? lockdep_init_map_type+0x2c7/0x780
[ 3059.921232]  ? generic_splice_sendpage+0x140/0x140
[ 3059.922660]  direct_splice_actor+0x10f/0x170
[ 3059.923933]  splice_direct_to_actor+0x387/0x980
[ 3059.925284]  ? pipe_to_sendpage+0x380/0x380
[ 3059.926534]  ? do_splice_to+0x160/0x160
[ 3059.927689]  ? security_file_permission+0x24e/0x570
[ 3059.929152]  do_splice_direct+0x1c4/0x290
[ 3059.930329]  ? splice_direct_to_actor+0x980/0x980
[ 3059.931631]  ? selinux_file_permission+0x92/0x520
[ 3059.933059]  ? security_file_permission+0x24e/0x570
[ 3059.934574]  do_sendfile+0x553/0x1090
[ 3059.935655]  ? do_pwritev+0x270/0x270
[ 3059.936730]  ? wait_for_completion_io+0x270/0x270
[ 3059.938055]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3059.939350]  ? vfs_write+0x354/0xa70
[ 3059.940411]  __x64_sys_sendfile64+0x1d1/0x210
[ 3059.941712]  ? __ia32_sys_sendfile+0x220/0x220
[ 3059.943041]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3059.944584]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3059.946070]  do_syscall_64+0x33/0x40
[ 3059.947204]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3059.948748] RIP: 0033:0x7f47d2c10b19
[ 3059.949889] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3059.955078] RSP: 002b:00007f47d0165188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3059.957169] RAX: ffffffffffffffda RBX: 00007f47d2d24020 RCX: 00007f47d2c10b19
[ 3059.959127] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[ 3059.961122] RBP: 00007f47d01651d0 R08: 0000000000000000 R09: 0000000000000000
[ 3059.963060] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3059.965055] R13: 00007ffd9481803f R14: 00007f47d0165300 R15: 0000000000022000
14:06:09 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 17)

[ 3060.002341] EXT4-fs error (device loop2): ext4_fill_super:4962: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 3060.008807] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
14:06:09 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x400}], 0x0, &(0x7f0000012900)=ANY=[])

[ 3060.020095] EXT4-fs (loop2): get root inode failed
[ 3060.021353] EXT4-fs (loop2): mount failed
[ 3060.033127] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
14:06:09 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 27)

[ 3060.089333] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
14:06:09 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x5, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000480)="57e3933b4a755f377860fa339fda1262450278498287ad5f586efbd2c695e9eb0bcdd7f962282a6fde96a9eeebd06c60113f58d79f5c446f1dcb3f65f8fbfed4e86754d7dc3c66aef4f42cf06c718246f174333211a140e4c9b623f3a0e93245d7cd414c1d2e2c0161bf51710564495992c102acd9d53082d6ab082eef600630e73959d159f939a0e095bf0355f7cac093df50f900f74495775dde0cb9bf96c3e1babf4341e06f9d34d744633daed4ba12", 0xb1, 0x0, 0x1}, 0x0)
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x1)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x5, 0x0, @fd_index=0x6, 0x40, {}, 0x1, 0xa, 0x0, {0x0, 0x0, r3}}, 0x800)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r5 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="497766646eb5cdc69d652a1a6bc557f1e5eba79303c9f398f890ae0b9bff0a3d0924bddc58f8670f648f639b5b16babaf24178ac61e3d5a02e4045bfe9fe398ec6d08f51a3d7eb19029b2660370156aeb79252c39ea4a6142bc4a8c88f5e172ae109c22ca308e32bb3caa00ebaa7c94bd175bc2e499310f34c8798ae9b8aee7c9a6922973231d1b12cd58265ca8adff31e2515c6e28408430e00d82b3f150cfe20c4c8be650178abe50fc42b25062b2bba0c32eb4537823886ee1f03801670942671dbbb49e5b4ca9133a065a6e069a23281ff1a7ab8240430102e49ed0775be8b06e458653fad", @ANYRESHEX, @ANYBLOB=',smackfstransmute=\\,\x00'])
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000008, 0x20010, r7, 0x8000000)
r9 = mmap$IORING_OFF_SQES(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x1000000, 0x10, r5, 0x10000000)
syz_io_uring_submit(r8, r9, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x738d70ff)
r10 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r10, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
ioctl$FICLONE(r0, 0x40049409, r10)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

[ 3060.173641] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 3060.192886] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 3060.193892] EXT4-fs (loop7): couldn't mount as ext2 due to feature incompatibilities
14:06:09 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d34e)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:06:09 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:06:09 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}], 0x0, &(0x7f0000012900)=ANY=[])

[ 3060.224168] FAULT_INJECTION: forcing a failure.
[ 3060.224168] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3060.225714] CPU: 1 PID: 19803 Comm: syz-executor.1 Not tainted 5.10.194 #1
[ 3060.227204] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3060.228632] Call Trace:
[ 3060.229384]  dump_stack+0x107/0x167
[ 3060.230488]  should_fail.cold+0x5/0xa
[ 3060.231441]  __alloc_pages_nodemask+0x182/0x600
[ 3060.232864]  ? xa_load+0x12d/0x2c0
[ 3060.233790]  ? lock_downgrade+0x6d0/0x6d0
[ 3060.234840]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 3060.236549]  alloc_pages_current+0x187/0x280
[ 3060.237183]  __page_cache_alloc+0x2d2/0x360
[ 3060.237745]  page_cache_ra_unbounded+0x207/0x6f0
[ 3060.238420]  ? read_pages+0xbc0/0xbc0
[ 3060.238922]  ondemand_readahead+0xc6f/0x1150
[ 3060.239549]  page_cache_sync_ra+0x138/0x170
[ 3060.240221]  generic_file_buffered_read+0xc74/0x28f0
[ 3060.240945]  ? pagecache_get_page+0xc80/0xc80
[ 3060.241591]  ? kasan_save_stack+0x32/0x40
[ 3060.242173]  ? do_splice_direct+0x1c4/0x290
[ 3060.242312] FAULT_INJECTION: forcing a failure.
[ 3060.242312] name failslab, interval 1, probability 0, space 0, times 0
[ 3060.242725]  ? do_sendfile+0x553/0x1090
[ 3060.242744]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3060.245383]  ? do_syscall_64+0x33/0x40
[ 3060.245872]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3060.246667]  ? perf_trace_lock+0xac/0x490
[ 3060.247279]  ? lock_chain_count+0x20/0x20
[ 3060.247813]  generic_file_read_iter+0x33f/0x490
[ 3060.248550]  ext4_file_read_iter+0x184/0x4c0
[ 3060.249164]  generic_file_splice_read+0x455/0x6d0
[ 3060.249776]  ? pipe_to_user+0x170/0x170
[ 3060.250330]  ? _cond_resched+0x12/0x80
[ 3060.250832]  ? avc_policy_seqno+0x9/0x70
[ 3060.251445]  ? selinux_file_permission+0x92/0x520
[ 3060.252194]  ? lockdep_init_map_type+0x2c7/0x780
[ 3060.252814]  ? pipe_to_user+0x170/0x170
[ 3060.253418]  do_splice_to+0x10e/0x160
[ 3060.253896]  splice_direct_to_actor+0x2fe/0x980
[ 3060.254943]  ? pipe_to_sendpage+0x380/0x380
[ 3060.255575]  ? do_splice_to+0x160/0x160
[ 3060.256159]  ? security_file_permission+0x24e/0x570
[ 3060.256823]  do_splice_direct+0x1c4/0x290
[ 3060.257443]  ? splice_direct_to_actor+0x980/0x980
[ 3060.258054]  ? selinux_file_permission+0x92/0x520
[ 3060.258713]  ? security_file_permission+0x24e/0x570
[ 3060.259414]  do_sendfile+0x553/0x1090
[ 3060.259905]  ? do_pwritev+0x270/0x270
[ 3060.260497]  ? wait_for_completion_io+0x270/0x270
[ 3060.261200]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3060.261790]  ? vfs_write+0x354/0xa70
[ 3060.262365]  __x64_sys_sendfile64+0x1d1/0x210
[ 3060.262936]  ? __ia32_sys_sendfile+0x220/0x220
[ 3060.263570]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3060.264320]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3060.265022]  do_syscall_64+0x33/0x40
[ 3060.265593]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3060.266297] RIP: 0033:0x7fa9e384eb19
[ 3060.266762] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3060.269370] RSP: 002b:00007fa9e0dc4188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3060.270384] RAX: ffffffffffffffda RBX: 00007fa9e3961f60 RCX: 00007fa9e384eb19
[ 3060.271323] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 3060.272275] RBP: 00007fa9e0dc41d0 R08: 0000000000000000 R09: 0000000000000000
[ 3060.273299] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3060.274369] R13: 00007fff40ec503f R14: 00007fa9e0dc4300 R15: 0000000000022000
[ 3060.275485] CPU: 0 PID: 19811 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 3060.276599] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3060.277661] Call Trace:
[ 3060.278021]  dump_stack+0x107/0x167
[ 3060.278482]  should_fail.cold+0x5/0xa
[ 3060.278949]  ? create_object.isra.0+0x3a/0xa20
[ 3060.279518]  should_failslab+0x5/0x20
[ 3060.279989]  kmem_cache_alloc+0x5b/0x310
[ 3060.280572]  create_object.isra.0+0x3a/0xa20
[ 3060.281101]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3060.281723]  kmem_cache_alloc+0x159/0x310
[ 3060.282215]  alloc_buffer_head+0x20/0x110
[ 3060.282694]  alloc_page_buffers+0x14d/0x700
[ 3060.283208]  create_empty_buffers+0x2c/0x640
[ 3060.283701]  ? ext4_mark_iloc_dirty+0x1c24/0x3630
[ 3060.284255]  create_page_buffers+0x1bb/0x230
[ 3060.284867]  __block_write_begin_int+0x1d1/0x19c0
[ 3060.285560]  ? __brelse+0x84/0xa0
[ 3060.286061]  ? ext4_destroy_inline_data_nolock+0xfb/0x530
[ 3060.286832]  ? _ext4_get_block+0x570/0x570
[ 3060.287433]  ? ext4_add_dirent_to_inline+0x530/0x530
[ 3060.288162]  ? remove_inode_buffers+0x300/0x300
[ 3060.288844]  ? wait_for_stable_page+0x92/0xe0
[ 3060.289468]  ext4_try_to_write_inline_data+0x729/0x14c0
[ 3060.290220]  ? ext4_readpage_inline+0x3d0/0x3d0
[ 3060.290886]  ? __lock_acquire+0x1657/0x5b00
[ 3060.291502]  ? ext4_ind_trans_blocks+0xd/0x80
[ 3060.292185]  ? ext4_meta_trans_blocks+0x25c/0x310
[ 3060.292888]  ? ext4_inode_journal_mode+0x27c/0x4f0
[ 3060.293555]  ext4_write_begin+0xbe0/0x10f0
[ 3060.294103]  ? __lockdep_reset_lock+0x180/0x180
[ 3060.294777]  ? ext4_truncate+0x1160/0x1160
[ 3060.295401]  ? current_time+0x72/0x2c0
[ 3060.295972]  ext4_da_write_begin+0x623/0xd40
[ 3060.296692]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3060.297405]  ? ktime_get_coarse_real_ts64+0x15a/0x190
[ 3060.298062]  ? iov_iter_fault_in_readable+0x9a/0x410
[ 3060.298716]  ? ktime_get_coarse_real_ts64+0xfd/0x190
[ 3060.299376]  ? ext4_write_begin+0x10f0/0x10f0
[ 3060.299958]  ? copyout_mc+0x140/0x140
[ 3060.300523]  ? current_time+0x1e6/0x2c0
[ 3060.301055]  generic_perform_write+0x20a/0x4f0
[ 3060.301638]  ? page_cache_next_miss+0x310/0x310
[ 3060.302209]  ? down_write_killable+0x180/0x180
[ 3060.302790]  ext4_buffered_write_iter+0x232/0x4a0
[ 3060.303382]  ext4_file_write_iter+0x4fb/0x18d0
[ 3060.303953]  ? ext4_file_read_iter+0x4c0/0x4c0
[ 3060.304611]  ? kasan_save_stack+0x32/0x40
[ 3060.305120]  ? kasan_save_stack+0x1b/0x40
[ 3060.305654]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3060.306306]  ? iter_file_splice_write+0x16d/0xc30
[ 3060.306919]  ? direct_splice_actor+0x10f/0x170
[ 3060.307497]  ? splice_direct_to_actor+0x387/0x980
[ 3060.308105]  ? do_splice_direct+0x1c4/0x290
[ 3060.308865]  ? do_sendfile+0x553/0x1090
[ 3060.309772]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3060.310792]  do_iter_readv_writev+0x476/0x750
[ 3060.311829]  ? new_sync_write+0x660/0x660
[ 3060.312680]  ? selinux_file_permission+0x92/0x520
[ 3060.313299]  do_iter_write+0x191/0x670
[ 3060.313789]  ? trace_hardirqs_on+0x5b/0x180
[ 3060.314559]  vfs_iter_write+0x70/0xa0
[ 3060.315409]  iter_file_splice_write+0x762/0xc30
[ 3060.316485]  ? generic_splice_sendpage+0x140/0x140
[ 3060.317725]  ? avc_policy_seqno+0x9/0x70
[ 3060.318877]  ? selinux_file_permission+0x92/0x520
[ 3060.320281]  ? lockdep_init_map_type+0x2c7/0x780
[ 3060.321648]  ? generic_splice_sendpage+0x140/0x140
[ 3060.322780]  direct_splice_actor+0x10f/0x170
[ 3060.323811]  splice_direct_to_actor+0x387/0x980
[ 3060.325033]  ? pipe_to_sendpage+0x380/0x380
[ 3060.326046]  ? do_splice_to+0x160/0x160
[ 3060.326552]  ? security_file_permission+0x24e/0x570
[ 3060.327200]  do_splice_direct+0x1c4/0x290
[ 3060.327721]  ? splice_direct_to_actor+0x980/0x980
[ 3060.328379]  ? selinux_file_permission+0x92/0x520
[ 3060.329030]  ? security_file_permission+0x24e/0x570
[ 3060.329702]  do_sendfile+0x553/0x1090
[ 3060.330201]  ? do_pwritev+0x270/0x270
[ 3060.330680]  ? wait_for_completion_io+0x270/0x270
[ 3060.331268]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3060.331834]  ? vfs_write+0x354/0xa70
[ 3060.332377]  __x64_sys_sendfile64+0x1d1/0x210
[ 3060.333000]  ? __ia32_sys_sendfile+0x220/0x220
[ 3060.333639]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3060.334320]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3060.334953]  do_syscall_64+0x33/0x40
[ 3060.335483]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3060.336156] RIP: 0033:0x7f47d2c10b19
[ 3060.336674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3060.338917] RSP: 002b:00007f47d0186188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3060.339918] RAX: ffffffffffffffda RBX: 00007f47d2d23f60 RCX: 00007f47d2c10b19
[ 3060.340903] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 3060.341828] RBP: 00007f47d01861d0 R08: 0000000000000000 R09: 0000000000000000
[ 3060.342786] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3060.343779] R13: 00007ffd9481803f R14: 00007f47d0186300 R15: 0000000000022000
[ 3060.393658] EXT4-fs (loop5): Unrecognized mount option "0x0000000000000003" or missing value
14:06:09 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 28)

14:06:09 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 18)

[ 3060.471454] EXT4-fs error (device loop2): ext4_fill_super:4962: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 3060.474607] EXT4-fs (loop2): get root inode failed
[ 3060.475292] EXT4-fs (loop2): mount failed
[ 3060.482676] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
14:06:09 executing program 7:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r1, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r2, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000900000000000000000b00000000020000280200000284", 0x62, 0x403}, {&(0x7f0000000140)="03008800c50f55ea490bb70e55a9da0000040000000500e200d4000f", 0x1c, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f00000000c0)="ed4100e7f9190000040000d7f4655fd7f4655fd7f4655f000000004000", 0x1d, 0x1600}], 0x0, &(0x7f0000000340)=ANY=[@ANYRESOCT=r2, @ANYRES64=r1, @ANYBLOB="8547ade1e61c60639452c6995737593d496d21da8e9833009129d0869e328dc6a78f79eb547541f82183ee77ec8478f143efab0367e1edd35daf131aa90d368b7e", @ANYRES32=r0, @ANYRES64=r0])
chdir(&(0x7f0000000040)='./file0\x00')
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x6, 0xde, 0x60, 0x69, 0x0, 0x80000000, 0x20000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x9b, 0x0, @perf_config_ext={0x5, 0x7d6}, 0x4100, 0x1, 0x8, 0x8, 0x5, 0x4, 0x2, 0x0, 0x7, 0x0, 0x2}, 0xffffffffffffffff, 0xc, r3, 0x8)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r5, &(0x7f0000000240)="01", 0x1)
r6 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r6, 0xffff)
sendfile(r3, r4, 0x0, 0x20d315)

[ 3060.518954] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 3060.648707] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 3060.651097] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 3060.659442] FAULT_INJECTION: forcing a failure.
[ 3060.659442] name failslab, interval 1, probability 0, space 0, times 0
[ 3060.662053] CPU: 0 PID: 19846 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 3060.663027] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3060.664136] Call Trace:
[ 3060.664534]  dump_stack+0x107/0x167
[ 3060.664960]  should_fail.cold+0x5/0xa
[ 3060.665421]  ? jbd2__journal_start+0x190/0x7e0
[ 3060.665984]  should_failslab+0x5/0x20
[ 3060.666446]  kmem_cache_alloc+0x5b/0x310
[ 3060.666948]  jbd2__journal_start+0x190/0x7e0
[ 3060.667493]  __ext4_journal_start_sb+0x214/0x390
[ 3060.668069]  ext4_dirty_inode+0xbc/0x130
[ 3060.668657]  ? ext4_setattr+0x2160/0x2160
[ 3060.669169]  __mark_inode_dirty+0x492/0xd40
[ 3060.669706]  generic_update_time+0x21c/0x370
[ 3060.670240]  file_update_time+0x43a/0x520
[ 3060.670739]  ? evict_inodes+0x420/0x420
[ 3060.671236]  ? down_write_killable+0x180/0x180
[ 3060.671800]  file_modified+0x7d/0xa0
[ 3060.672243]  ext4_file_write_iter+0x906/0x18d0
[ 3060.672857]  ? ext4_file_read_iter+0x4c0/0x4c0
[ 3060.673415]  ? kasan_save_stack+0x32/0x40
[ 3060.673934]  ? kasan_save_stack+0x1b/0x40
[ 3060.674461]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3060.675111]  ? iter_file_splice_write+0x16d/0xc30
[ 3060.675800]  ? direct_splice_actor+0x10f/0x170
[ 3060.676429]  ? splice_direct_to_actor+0x387/0x980
[ 3060.677123]  ? do_splice_direct+0x1c4/0x290
[ 3060.677695]  ? do_sendfile+0x553/0x1090
[ 3060.678285]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3060.678944]  do_iter_readv_writev+0x476/0x750
[ 3060.679565]  ? new_sync_write+0x660/0x660
[ 3060.680141]  ? selinux_file_permission+0x92/0x520
[ 3060.680788]  do_iter_write+0x191/0x670
[ 3060.681314]  ? trace_hardirqs_on+0x5b/0x180
[ 3060.681868]  vfs_iter_write+0x70/0xa0
[ 3060.682346]  iter_file_splice_write+0x762/0xc30
[ 3060.682949]  ? generic_splice_sendpage+0x140/0x140
[ 3060.683558]  ? avc_policy_seqno+0x9/0x70
[ 3060.684083]  ? selinux_file_permission+0x92/0x520
[ 3060.684718]  ? lockdep_init_map_type+0x2c7/0x780
[ 3060.685336]  ? generic_splice_sendpage+0x140/0x140
[ 3060.685941]  direct_splice_actor+0x10f/0x170
[ 3060.687250]  splice_direct_to_actor+0x387/0x980
[ 3060.688683]  ? pipe_to_sendpage+0x380/0x380
[ 3060.689997]  ? do_splice_to+0x160/0x160
[ 3060.690513]  ? security_file_permission+0x24e/0x570
[ 3060.691117]  do_splice_direct+0x1c4/0x290
[ 3060.692383]  ? splice_direct_to_actor+0x980/0x980
[ 3060.693007]  ? selinux_file_permission+0x92/0x520
[ 3060.693661]  ? security_file_permission+0x24e/0x570
[ 3060.694801]  do_sendfile+0x553/0x1090
[ 3060.695939]  ? do_pwritev+0x270/0x270
[ 3060.697247]  ? wait_for_completion_io+0x270/0x270
[ 3060.698968]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3060.700691]  ? vfs_write+0x354/0xa70
[ 3060.701232]  __x64_sys_sendfile64+0x1d1/0x210
[ 3060.701934]  ? __ia32_sys_sendfile+0x220/0x220
[ 3060.702666]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3060.703575]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3060.704470]  do_syscall_64+0x33/0x40
[ 3060.704969]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3060.705648] RIP: 0033:0x7f47d2c10b19
[ 3060.706190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3060.709053] RSP: 002b:00007f47d0165188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3060.710204] RAX: ffffffffffffffda RBX: 00007f47d2d24020 RCX: 00007f47d2c10b19
[ 3060.711300] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[ 3060.712430] RBP: 00007f47d01651d0 R08: 0000000000000000 R09: 0000000000000000
[ 3060.713545] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3060.714521] R13: 00007ffd9481803f R14: 00007f47d0165300 R15: 0000000000022000
[ 3060.729664] FAULT_INJECTION: forcing a failure.
[ 3060.729664] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3060.731756] CPU: 0 PID: 19848 Comm: syz-executor.1 Not tainted 5.10.194 #1
[ 3060.736975] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3060.738059] Call Trace:
[ 3060.738419]  dump_stack+0x107/0x167
[ 3060.738902]  should_fail.cold+0x5/0xa
[ 3060.739417]  __alloc_pages_nodemask+0x182/0x600
[ 3060.740013]  ? xa_load+0x12d/0x2c0
[ 3060.740522]  ? lock_downgrade+0x6d0/0x6d0
[ 3060.741069]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 3060.741861]  alloc_pages_current+0x187/0x280
[ 3060.742442]  __page_cache_alloc+0x2d2/0x360
[ 3060.743021]  page_cache_ra_unbounded+0x207/0x6f0
[ 3060.743646]  ? read_pages+0xbc0/0xbc0
[ 3060.744166]  ondemand_readahead+0xc6f/0x1150
[ 3060.746725]  page_cache_sync_ra+0x138/0x170
[ 3060.747274]  generic_file_buffered_read+0xc74/0x28f0
[ 3060.748078]  ? pagecache_get_page+0xc80/0xc80
[ 3060.749629]  ? kasan_save_stack+0x32/0x40
[ 3060.750151]  ? do_splice_direct+0x1c4/0x290
[ 3060.750819]  ? do_sendfile+0x553/0x1090
[ 3060.751487]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3060.752064]  ? do_syscall_64+0x33/0x40
[ 3060.777118]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3060.777835]  ? perf_trace_lock+0xac/0x490
[ 3060.778422]  ? lock_chain_count+0x20/0x20
[ 3060.778976]  generic_file_read_iter+0x33f/0x490
[ 3060.779598]  ext4_file_read_iter+0x184/0x4c0
[ 3060.780176]  generic_file_splice_read+0x455/0x6d0
[ 3060.780836]  ? pipe_to_user+0x170/0x170
[ 3060.781331]  ? _cond_resched+0x12/0x80
[ 3060.781824]  ? avc_policy_seqno+0x9/0x70
[ 3060.782382]  ? selinux_file_permission+0x92/0x520
[ 3060.782985]  ? lockdep_init_map_type+0x2c7/0x780
[ 3060.783597]  ? pipe_to_user+0x170/0x170
[ 3060.784110]  do_splice_to+0x10e/0x160
[ 3060.787119]  splice_direct_to_actor+0x2fe/0x980
[ 3060.787870]  ? pipe_to_sendpage+0x380/0x380
[ 3060.789265]  ? do_splice_to+0x160/0x160
[ 3060.789908]  ? security_file_permission+0x24e/0x570
[ 3060.790825]  do_splice_direct+0x1c4/0x290
[ 3060.791547]  ? splice_direct_to_actor+0x980/0x980
[ 3060.792156]  ? selinux_file_permission+0x92/0x520
[ 3060.796970]  ? security_file_permission+0x24e/0x570
[ 3060.797553]  do_sendfile+0x553/0x1090
[ 3060.797996]  ? do_pwritev+0x270/0x270
[ 3060.798432]  ? wait_for_completion_io+0x270/0x270
[ 3060.798978]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3060.799502]  ? vfs_write+0x354/0xa70
[ 3060.799947]  __x64_sys_sendfile64+0x1d1/0x210
[ 3060.800544]  ? __ia32_sys_sendfile+0x220/0x220
[ 3060.801059]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3060.801661]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3060.802319]  do_syscall_64+0x33/0x40
[ 3060.802811]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3060.803487] RIP: 0033:0x7fa9e384eb19
[ 3060.803959] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3060.807670] RSP: 002b:00007fa9e0da3188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3060.808666] RAX: ffffffffffffffda RBX: 00007fa9e3962020 RCX: 00007fa9e384eb19
[ 3060.809378] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000006
[ 3060.810076] RBP: 00007fa9e0da31d0 R08: 0000000000000000 R09: 0000000000000000
[ 3060.810786] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3060.811542] R13: 00007fff40ec503f R14: 00007fa9e0da3300 R15: 0000000000022000
[ 3060.814951] EXT4-fs (loop7): VFS: Can't find ext4 filesystem
[ 3060.857432] EXT4-fs (loop7): VFS: Can't find ext4 filesystem
14:06:25 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f00000000c0)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:06:25 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='no=\x00'/15, @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',\x00'])
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:06:25 executing program 7:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="2000b98f000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f7000ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000680)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[@ANYRES64=r0, @ANYBLOB="41163777b440fc721d60fcd91a56b42f60a4592d6a9d0ada75e08ec40cdb8af1fc0d6f0bbdf26fe14d541bec94fed9b03d2fde3bd1d7a6b064ea1b9ec85a521cc54d94fe9eb60f481406e2c0d481fff7a4b569b58b79a90eea09a4cb92ce04e786ea77d1c25af527202117beeb64af832d2ff2e1774946985bfa40d2657fcdd7d129e050c4031028473d085c06a5ece6f6c8fa542d13983ea7fc3a91b47302f81fa1a988b8f7d30d5ef19d8576b5f6aeda80649988c089c8f39af70b77385c54044167e287ed664756d189e68c0def2566"])
chdir(&(0x7f0000000040)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r3, &(0x7f0000000240)="01", 0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r1, r2, 0x0, 0x20d315)

14:06:25 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 19)

14:06:25 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:06:25 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d34f)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:06:25 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 29)

14:06:25 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}], 0x0, &(0x7f0000012900)=ANY=[])

[ 3076.547407] EXT4-fs (loop7): Unrecognized mount option "" or missing value
[ 3076.550253] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
[ 3076.553474] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 3076.560661] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 3076.566988] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 3076.571967] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 3076.579017] FAULT_INJECTION: forcing a failure.
[ 3076.579017] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3076.580717] CPU: 0 PID: 19862 Comm: syz-executor.1 Not tainted 5.10.194 #1
[ 3076.581580] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3076.582321] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 3076.582563] Call Trace:
[ 3076.582589]  dump_stack+0x107/0x167
[ 3076.584456]  should_fail.cold+0x5/0xa
[ 3076.585016]  __alloc_pages_nodemask+0x182/0x600
[ 3076.585609]  ? xa_load+0x12d/0x2c0
[ 3076.586088]  ? lock_downgrade+0x6d0/0x6d0
[ 3076.586614]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 3076.587377]  alloc_pages_current+0x187/0x280
[ 3076.587928]  __page_cache_alloc+0x2d2/0x360
[ 3076.588468]  page_cache_ra_unbounded+0x207/0x6f0
[ 3076.589143]  ? read_pages+0xbc0/0xbc0
[ 3076.589658]  ondemand_readahead+0xc6f/0x1150
[ 3076.590243]  page_cache_sync_ra+0x138/0x170
[ 3076.590805]  generic_file_buffered_read+0xc74/0x28f0
[ 3076.591475]  ? pagecache_get_page+0xc80/0xc80
[ 3076.592018]  ? kasan_save_stack+0x32/0x40
[ 3076.592528]  ? do_splice_direct+0x1c4/0x290
[ 3076.593109]  ? do_sendfile+0x553/0x1090
[ 3076.593603]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3076.594220]  ? do_syscall_64+0x33/0x40
[ 3076.594718]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3076.595418]  ? perf_trace_lock+0xac/0x490
[ 3076.595933]  ? lock_chain_count+0x20/0x20
[ 3076.596451]  generic_file_read_iter+0x33f/0x490
[ 3076.597073]  ext4_file_read_iter+0x184/0x4c0
[ 3076.597639]  generic_file_splice_read+0x455/0x6d0
[ 3076.598231]  ? pipe_to_user+0x170/0x170
[ 3076.598724]  ? _cond_resched+0x12/0x80
[ 3076.599228]  ? avc_policy_seqno+0x9/0x70
[ 3076.599728]  ? selinux_file_permission+0x92/0x520
[ 3076.600337]  ? lockdep_init_map_type+0x2c7/0x780
[ 3076.600971]  ? pipe_to_user+0x170/0x170
[ 3076.601458]  do_splice_to+0x10e/0x160
[ 3076.601948]  splice_direct_to_actor+0x2fe/0x980
[ 3076.602561]  ? pipe_to_sendpage+0x380/0x380
[ 3076.603130]  ? do_splice_to+0x160/0x160
[ 3076.603621]  ? security_file_permission+0x24e/0x570
[ 3076.608881]  do_splice_direct+0x1c4/0x290
[ 3076.609399]  ? splice_direct_to_actor+0x980/0x980
[ 3076.610006]  ? selinux_file_permission+0x92/0x520
[ 3076.610642]  ? security_file_permission+0x24e/0x570
[ 3076.611328]  do_sendfile+0x553/0x1090
[ 3076.611835]  ? do_pwritev+0x270/0x270
[ 3076.612326]  ? wait_for_completion_io+0x270/0x270
[ 3076.612968]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3076.613553]  ? vfs_write+0x354/0xa70
[ 3076.614037]  __x64_sys_sendfile64+0x1d1/0x210
[ 3076.614603]  ? __ia32_sys_sendfile+0x220/0x220
[ 3076.615172]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3076.615815]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3076.616449]  do_syscall_64+0x33/0x40
[ 3076.616965]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3076.617617] RIP: 0033:0x7fa9e384eb19
[ 3076.618120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3076.620439] RSP: 002b:00007fa9e0dc4188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3076.621446] RAX: ffffffffffffffda RBX: 00007fa9e3961f60 RCX: 00007fa9e384eb19
[ 3076.622360] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 3076.623228] RBP: 00007fa9e0dc41d0 R08: 0000000000000000 R09: 0000000000000000
[ 3076.624163] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3076.625110] R13: 00007fff40ec503f R14: 00007fa9e0dc4300 R15: 0000000000022000
[ 3076.628633] EXT4-fs error (device loop2): __ext4_new_inode:1068: comm syz-executor.2: reserved inode found cleared - inode=1
[ 3076.634813] FAULT_INJECTION: forcing a failure.
[ 3076.634813] name failslab, interval 1, probability 0, space 0, times 0
[ 3076.636291] CPU: 0 PID: 19888 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 3076.637165] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3076.638168] Call Trace:
[ 3076.638496]  dump_stack+0x107/0x167
[ 3076.638948]  should_fail.cold+0x5/0xa
[ 3076.639469]  ? create_object.isra.0+0x3a/0xa20
[ 3076.640080]  should_failslab+0x5/0x20
[ 3076.640581]  kmem_cache_alloc+0x5b/0x310
[ 3076.641185]  create_object.isra.0+0x3a/0xa20
[ 3076.641748]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3076.642394]  kmem_cache_alloc+0x159/0x310
[ 3076.642920]  alloc_buffer_head+0x20/0x110
[ 3076.643440]  alloc_page_buffers+0x14d/0x700
[ 3076.643987]  create_empty_buffers+0x2c/0x640
[ 3076.644559]  ? ext4_mark_iloc_dirty+0x1c24/0x3630
[ 3076.645204]  create_page_buffers+0x1bb/0x230
[ 3076.645770]  __block_write_begin_int+0x1d1/0x19c0
[ 3076.646351]  ? __brelse+0x84/0xa0
[ 3076.646791]  ? ext4_destroy_inline_data_nolock+0xfb/0x530
[ 3076.647484]  ? _ext4_get_block+0x570/0x570
[ 3076.648021]  ? ext4_add_dirent_to_inline+0x530/0x530
[ 3076.648688]  ? remove_inode_buffers+0x300/0x300
[ 3076.649288]  ? wait_for_stable_page+0x92/0xe0
[ 3076.649842]  ext4_try_to_write_inline_data+0x729/0x14c0
[ 3076.650516]  ? ext4_readpage_inline+0x3d0/0x3d0
[ 3076.651132]  ? __lock_acquire+0x1657/0x5b00
[ 3076.651684]  ? ext4_ind_trans_blocks+0xd/0x80
[ 3076.652242]  ? ext4_meta_trans_blocks+0x25c/0x310
[ 3076.652898]  ? ext4_inode_journal_mode+0x27c/0x4f0
[ 3076.653515]  ext4_write_begin+0xbe0/0x10f0
[ 3076.654032]  ? __lockdep_reset_lock+0x180/0x180
[ 3076.654608]  ? ext4_truncate+0x1160/0x1160
[ 3076.655139]  ? current_time+0x72/0x2c0
[ 3076.655626]  ext4_da_write_begin+0x623/0xd40
[ 3076.656191]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3076.656901]  ? ktime_get_coarse_real_ts64+0x15a/0x190
[ 3076.657565]  ? iov_iter_fault_in_readable+0x9a/0x410
[ 3076.658202]  ? ktime_get_coarse_real_ts64+0xfd/0x190
[ 3076.658857]  ? ext4_write_begin+0x10f0/0x10f0
[ 3076.659471]  ? copyout_mc+0x140/0x140
[ 3076.659969]  ? current_time+0x1e6/0x2c0
[ 3076.660508]  generic_perform_write+0x20a/0x4f0
[ 3076.661143]  ? page_cache_next_miss+0x310/0x310
[ 3076.661725]  ? down_write_killable+0x180/0x180
[ 3076.662293]  ext4_buffered_write_iter+0x232/0x4a0
[ 3076.662893]  ext4_file_write_iter+0x4fb/0x18d0
[ 3076.663479]  ? ext4_file_read_iter+0x4c0/0x4c0
[ 3076.664061]  ? kasan_save_stack+0x32/0x40
[ 3076.664619]  ? kasan_save_stack+0x1b/0x40
[ 3076.665169]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3076.665794]  ? iter_file_splice_write+0x16d/0xc30
[ 3076.666402]  ? direct_splice_actor+0x10f/0x170
[ 3076.666965]  ? splice_direct_to_actor+0x387/0x980
[ 3076.667619]  ? do_splice_direct+0x1c4/0x290
[ 3076.668193]  ? do_sendfile+0x553/0x1090
[ 3076.668734]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3076.669321]  do_iter_readv_writev+0x476/0x750
[ 3076.669874]  ? new_sync_write+0x660/0x660
[ 3076.670380]  ? selinux_file_permission+0x92/0x520
[ 3076.671014]  do_iter_write+0x191/0x670
[ 3076.671529]  ? trace_hardirqs_on+0x5b/0x180
[ 3076.672087]  vfs_iter_write+0x70/0xa0
[ 3076.672586]  iter_file_splice_write+0x762/0xc30
[ 3076.673248]  ? generic_splice_sendpage+0x140/0x140
[ 3076.673886]  ? avc_policy_seqno+0x9/0x70
[ 3076.674410]  ? selinux_file_permission+0x92/0x520
[ 3076.675029]  ? lockdep_init_map_type+0x2c7/0x780
[ 3076.675640]  ? generic_splice_sendpage+0x140/0x140
[ 3076.676273]  direct_splice_actor+0x10f/0x170
[ 3076.676869]  splice_direct_to_actor+0x387/0x980
[ 3076.677518]  ? pipe_to_sendpage+0x380/0x380
[ 3076.678104]  ? do_splice_to+0x160/0x160
[ 3076.678616]  ? security_file_permission+0x24e/0x570
[ 3076.679259]  do_splice_direct+0x1c4/0x290
[ 3076.679804]  ? splice_direct_to_actor+0x980/0x980
[ 3076.680421]  ? selinux_file_permission+0x92/0x520
[ 3076.681075]  ? security_file_permission+0x24e/0x570
[ 3076.681701]  do_sendfile+0x553/0x1090
[ 3076.682191]  ? do_pwritev+0x270/0x270
[ 3076.682672]  ? wait_for_completion_io+0x270/0x270
[ 3076.683288]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3076.683877]  ? vfs_write+0x354/0xa70
[ 3076.684405]  __x64_sys_sendfile64+0x1d1/0x210
[ 3076.685028]  ? __ia32_sys_sendfile+0x220/0x220
[ 3076.685663]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3076.686358]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3076.686998]  do_syscall_64+0x33/0x40
[ 3076.687477]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3076.688128] RIP: 0033:0x7f47d2c10b19
[ 3076.688584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3076.690865] RSP: 002b:00007f47d0165188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3076.691806] RAX: ffffffffffffffda RBX: 00007f47d2d24020 RCX: 00007f47d2c10b19
[ 3076.692740] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000006
[ 3076.693687] RBP: 00007f47d01651d0 R08: 0000000000000000 R09: 0000000000000000
[ 3076.694584] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3076.695483] R13: 00007ffd9481803f R14: 00007f47d0165300 R15: 0000000000022000
14:06:25 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 3076.719822] EXT4-fs (loop7): Unrecognized mount option "" or missing value
14:06:26 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}], 0x0, &(0x7f0000012900)=ANY=[])

14:06:26 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)
r4 = openat$incfs(r0, &(0x7f00000000c0)='.log\x00', 0x2, 0xb0)
mkdirat(r4, &(0x7f0000000140)='./file1\x00', 0xc)

14:06:26 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 20)

[ 3076.845481] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
14:06:26 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 30)

14:06:26 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
umount2(&(0x7f00000000c0)='./file1\x00', 0x0)
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r3, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
fadvise64(r3, 0x5, 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

[ 3076.886422] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
[ 3076.887358] EXT4-fs error (device loop2): __ext4_new_inode:1068: comm syz-executor.2: reserved inode found cleared - inode=1
[ 3076.948172] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 3077.032432] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 3077.036928] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 3077.042704] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 3077.058385] FAULT_INJECTION: forcing a failure.
[ 3077.058385] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3077.062043] CPU: 1 PID: 19911 Comm: syz-executor.1 Not tainted 5.10.194 #1
[ 3077.063821] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3077.065347] Call Trace:
[ 3077.065708]  dump_stack+0x107/0x167
[ 3077.066191]  should_fail.cold+0x5/0xa
[ 3077.066683]  __alloc_pages_nodemask+0x182/0x600
[ 3077.067293]  ? xa_load+0x12d/0x2c0
[ 3077.067766]  ? lock_downgrade+0x6d0/0x6d0
[ 3077.068310]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 3077.069896]  alloc_pages_current+0x187/0x280
[ 3077.070982]  __page_cache_alloc+0x2d2/0x360
[ 3077.072053]  page_cache_ra_unbounded+0x207/0x6f0
[ 3077.072994]  ? read_pages+0xbc0/0xbc0
[ 3077.073494]  ondemand_readahead+0xc6f/0x1150
[ 3077.074059]  page_cache_sync_ra+0x138/0x170
[ 3077.074616]  generic_file_buffered_read+0xc74/0x28f0
[ 3077.075288]  ? pagecache_get_page+0xc80/0xc80
[ 3077.075886]  ? kasan_save_stack+0x32/0x40
[ 3077.076453]  ? do_splice_direct+0x1c4/0x290
[ 3077.077131]  ? do_sendfile+0x553/0x1090
[ 3077.077648]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3077.078247]  ? do_syscall_64+0x33/0x40
[ 3077.078761]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3077.079451]  ? perf_trace_lock+0xac/0x490
[ 3077.079986]  ? lock_chain_count+0x20/0x20
[ 3077.080532]  generic_file_read_iter+0x33f/0x490
[ 3077.081954]  ext4_file_read_iter+0x184/0x4c0
[ 3077.083073]  generic_file_splice_read+0x455/0x6d0
[ 3077.084313]  ? pipe_to_user+0x170/0x170
[ 3077.085053]  ? _cond_resched+0x12/0x80
[ 3077.085562]  ? avc_policy_seqno+0x9/0x70
[ 3077.086082]  ? selinux_file_permission+0x92/0x520
[ 3077.086700]  ? lockdep_init_map_type+0x2c7/0x780
[ 3077.087328]  ? pipe_to_user+0x170/0x170
[ 3077.087839]  do_splice_to+0x10e/0x160
[ 3077.088344]  splice_direct_to_actor+0x2fe/0x980
[ 3077.089516]  ? pipe_to_sendpage+0x380/0x380
[ 3077.090571]  ? do_splice_to+0x160/0x160
[ 3077.091613]  ? security_file_permission+0x24e/0x570
[ 3077.093073]  do_splice_direct+0x1c4/0x290
[ 3077.094163]  ? splice_direct_to_actor+0x980/0x980
[ 3077.095367]  ? selinux_file_permission+0x92/0x520
[ 3077.096588]  ? security_file_permission+0x24e/0x570
[ 3077.098183]  do_sendfile+0x553/0x1090
[ 3077.099251]  ? do_pwritev+0x270/0x270
[ 3077.100336]  ? wait_for_completion_io+0x270/0x270
[ 3077.101794]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3077.103045]  ? vfs_write+0x354/0xa70
[ 3077.103919]  __x64_sys_sendfile64+0x1d1/0x210
[ 3077.105116]  ? __ia32_sys_sendfile+0x220/0x220
[ 3077.106320]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3077.107623]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3077.109098]  do_syscall_64+0x33/0x40
[ 3077.109676]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3077.111357] RIP: 0033:0x7fa9e384eb19
[ 3077.111930] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3077.117713] RSP: 002b:00007fa9e0dc4188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3077.120045] RAX: ffffffffffffffda RBX: 00007fa9e3961f60 RCX: 00007fa9e384eb19
[ 3077.122132] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 3077.124228] RBP: 00007fa9e0dc41d0 R08: 0000000000000000 R09: 0000000000000000
[ 3077.126509] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3077.128665] R13: 00007fff40ec503f R14: 00007fa9e0dc4300 R15: 0000000000022000
[ 3077.146527] FAULT_INJECTION: forcing a failure.
[ 3077.146527] name failslab, interval 1, probability 0, space 0, times 0
[ 3077.150467] CPU: 1 PID: 19912 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 3077.152532] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3077.155143] Call Trace:
[ 3077.155957]  dump_stack+0x107/0x167
[ 3077.156848]  should_fail.cold+0x5/0xa
[ 3077.157808]  ? ext4_mb_new_blocks+0x64d/0x45b0
[ 3077.158937]  should_failslab+0x5/0x20
[ 3077.159817]  kmem_cache_alloc+0x5b/0x310
[ 3077.160868]  ext4_mb_new_blocks+0x64d/0x45b0
[ 3077.161974]  ? register_lock_class+0xbb/0x17b0
[ 3077.163171]  ? kernel_text_address+0xf2/0x120
[ 3077.164284]  ? mark_lock+0xf5/0x2df0
[ 3077.165362]  ? is_dynamic_key+0x1e0/0x1e0
[ 3077.166371]  ? ext4_discard_preallocations+0xd80/0xd80
[ 3077.167660]  ? mark_lock+0xf5/0x2df0
[ 3077.168563]  ? ext4_get_branch+0x541/0x6d0
[ 3077.169232]  ext4_ind_map_blocks+0x17de/0x2150
[ 3077.169841]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3077.170570]  ? ext4_free_branches+0x680/0x680
[ 3077.171157]  ? lock_acquire+0x197/0x470
[ 3077.171679]  ? lock_release+0x680/0x680
[ 3077.172201]  ? find_held_lock+0x2c/0x110
[ 3077.172928]  ? down_write+0xe0/0x160
[ 3077.173881]  ? down_write_killable+0x180/0x180
[ 3077.175027]  ext4_map_blocks+0x9ed/0x1940
[ 3077.176082]  ? create_empty_buffers+0xbc/0x640
[ 3077.177433]  ? ext4_issue_zeroout+0x1c0/0x1c0
[ 3077.178818]  ? lock_release+0x680/0x680
[ 3077.180038]  ? create_page_buffers+0x1bb/0x230
[ 3077.181482]  _ext4_get_block+0x21e/0x570
[ 3077.182784]  ? ext4_map_blocks+0x1940/0x1940
[ 3077.184186]  ? create_empty_buffers+0x4a3/0x640
[ 3077.185634]  ? do_raw_spin_unlock+0x4f/0x220
[ 3077.187001]  ? create_page_buffers+0x139/0x230
[ 3077.188437]  __block_write_begin_int+0x3d1/0x19c0
[ 3077.189868]  ? _ext4_get_block+0x570/0x570
[ 3077.191191]  ? remove_inode_buffers+0x300/0x300
[ 3077.192684]  ? wait_for_stable_page+0x92/0xe0
[ 3077.194097]  ext4_try_to_write_inline_data+0x729/0x14c0
[ 3077.195672]  ? ext4_readpage_inline+0x3d0/0x3d0
[ 3077.196991]  ? ext4_mark_iloc_dirty+0x18e6/0x3630
[ 3077.213131]  ? mark_buffer_dirty+0x11e/0x3d0
[ 3077.213666]  ? ext4_ind_trans_blocks+0xd/0x80
[ 3077.214204]  ? ext4_meta_trans_blocks+0x25c/0x310
[ 3077.214812]  ? ext4_inode_journal_mode+0x27c/0x4f0
[ 3077.215489]  ext4_write_begin+0xbe0/0x10f0
[ 3077.216025]  ? ext4_truncate+0x1160/0x1160
[ 3077.216539]  ? ext4_expand_extra_isize+0x5a0/0x5a0
[ 3077.221280]  ? current_time+0x72/0x2c0
[ 3077.221774]  ext4_da_write_begin+0x623/0xd40
[ 3077.222318]  ? ext4_journal_check_start+0x1b3/0x2a0
[ 3077.222937]  ? iov_iter_fault_in_readable+0x9a/0x410
[ 3077.223595]  ? __ext4_journal_stop+0x107/0x1f0
[ 3077.224131]  ? ext4_write_begin+0x10f0/0x10f0
[ 3077.224704]  ? copyout_mc+0x140/0x140
[ 3077.225200]  ? ext4_dirty_inode+0x107/0x130
[ 3077.225750]  ? __mark_inode_dirty+0x12e/0xd40
[ 3077.226293]  generic_perform_write+0x20a/0x4f0
[ 3077.226856]  ? page_cache_next_miss+0x310/0x310
[ 3077.227451]  ? down_write_killable+0x180/0x180
[ 3077.228044]  ext4_buffered_write_iter+0x232/0x4a0
[ 3077.228658]  ext4_file_write_iter+0x4fb/0x18d0
[ 3077.229237]  ? __switch_to_asm+0x34/0x60
[ 3077.229764]  ? ext4_file_read_iter+0x4c0/0x4c0
[ 3077.230335]  ? io_schedule_timeout+0x140/0x140
[ 3077.230890]  ? direct_splice_actor+0x10f/0x170
[ 3077.231481]  ? splice_direct_to_actor+0x387/0x980
[ 3077.232102]  ? do_sendfile+0x553/0x1090
[ 3077.232579]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3077.233197]  do_iter_readv_writev+0x476/0x750
[ 3077.233750]  ? new_sync_write+0x660/0x660
[ 3077.234259]  ? selinux_file_permission+0x92/0x520
[ 3077.234895]  do_iter_write+0x191/0x670
[ 3077.235398]  ? trace_hardirqs_on+0x5b/0x180
[ 3077.235921]  vfs_iter_write+0x70/0xa0
[ 3077.236398]  iter_file_splice_write+0x762/0xc30
[ 3077.237043]  ? generic_splice_sendpage+0x140/0x140
[ 3077.237661]  ? avc_policy_seqno+0x9/0x70
[ 3077.238139]  ? selinux_file_permission+0x92/0x520
[ 3077.238712]  ? lockdep_init_map_type+0x2c7/0x780
[ 3077.239274]  ? generic_splice_sendpage+0x140/0x140
[ 3077.239852]  direct_splice_actor+0x10f/0x170
[ 3077.240375]  splice_direct_to_actor+0x387/0x980
[ 3077.240984]  ? pipe_to_sendpage+0x380/0x380
[ 3077.241504]  ? do_splice_to+0x160/0x160
[ 3077.241977]  ? security_file_permission+0x24e/0x570
[ 3077.242575]  do_splice_direct+0x1c4/0x290
[ 3077.243065]  ? splice_direct_to_actor+0x980/0x980
[ 3077.243635]  ? selinux_file_permission+0x92/0x520
[ 3077.244256]  ? security_file_permission+0x24e/0x570
[ 3077.244932]  do_sendfile+0x553/0x1090
[ 3077.245390]  ? do_pwritev+0x270/0x270
[ 3077.245849]  ? wait_for_completion_io+0x270/0x270
[ 3077.246463]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3077.247058]  ? vfs_write+0x354/0xa70
[ 3077.247517]  __x64_sys_sendfile64+0x1d1/0x210
[ 3077.248072]  ? __ia32_sys_sendfile+0x220/0x220
[ 3077.248693]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3077.249350]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3077.249964]  do_syscall_64+0x33/0x40
[ 3077.250434]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3077.251082] RIP: 0033:0x7f47d2c10b19
[ 3077.251550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3077.253907] RSP: 002b:00007f47d0186188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3077.254865] RAX: ffffffffffffffda RBX: 00007f47d2d23f60 RCX: 00007f47d2c10b19
[ 3077.255717] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 3077.260663] RBP: 00007f47d01861d0 R08: 0000000000000000 R09: 0000000000000000
[ 3077.261649] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3077.262517] R13: 00007ffd9481803f R14: 00007f47d0186300 R15: 0000000000022000
[ 3092.734340] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
14:06:41 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d350)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:06:41 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 31)

14:06:41 executing program 7:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r3, &(0x7f0000000240)="01", 0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0x8042, 0x0)
dup2(r0, r5)
creat(&(0x7f0000000140)='./file1\x00', 0x100)
ftruncate(r4, 0xffff)
sendfile(r1, r2, 0x0, 0x20d315)

14:06:41 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7", 0x31, 0x400}], 0x0, &(0x7f0000012900)=ANY=[])

14:06:41 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:06:41 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 21)

14:06:41 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000000140)="0300000004000000050008d4000f038e4f268f1ef22c6f0900000000000000441ff8a1d5a202000000000000009cd915f5abd3075b0e2ddc1b705d14dfdc7cf287a85de27eb6007ac0bc", 0x4a, 0x9}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0x4}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000086cf30a1", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:06:42 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
setresuid(0xffffffffffffffff, r5, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {}, 0x2c, {[{@cachetag={'cachetag', 0x3d, ',\\!\\'}}, {@msize={'msize', 0x3d, 0x400}}, {@cache_loose}, {@mmap}], [{@obj_role={'obj_role', 0x3d, 'trans=fd,'}}, {@fscontext={'fscontext', 0x3d, 'staff_u'}}, {@defcontext={'defcontext', 0x3d, 'root'}}, {@fscontext={'fscontext', 0x3d, 'sysadm_u'}}, {@pcr={'pcr', 0x3d, 0x22}}, {@uid_lt={'uid<', 0xee00}}, {@smackfstransmute}, {@euid_lt={'euid<', 0xffffffffffffffff}}, {@euid_lt={'euid<', r5}}, {@smackfsfloor={'smackfsfloor', 0x3d, '-@\xd4,+'}}]}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

[ 3092.762682] EXT4-fs (loop5): bad geometry: block count 65535 exceeds size of device (256 blocks)
[ 3092.835890] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 3092.837548] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 3092.844199] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 3092.851076] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 3092.853988] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 3092.860349] FAULT_INJECTION: forcing a failure.
[ 3092.860349] name failslab, interval 1, probability 0, space 0, times 0
[ 3092.862196] CPU: 0 PID: 19969 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 3092.863061] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3092.864075] Call Trace:
[ 3092.864427]  dump_stack+0x107/0x167
[ 3092.864938]  should_fail.cold+0x5/0xa
[ 3092.865437]  ? create_object.isra.0+0x3a/0xa20
[ 3092.866018]  should_failslab+0x5/0x20
[ 3092.866491]  kmem_cache_alloc+0x5b/0x310
[ 3092.867008]  ? _raw_spin_unlock_irq+0x1f/0x30
[ 3092.867578]  create_object.isra.0+0x3a/0xa20
[ 3092.868128]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3092.868766]  kmem_cache_alloc+0x159/0x310
[ 3092.869436]  ext4_init_io_end+0x23/0x180
[ 3092.869960]  ext4_writepages+0x8ec/0x3350
[ 3092.870510]  ? unwind_next_frame+0x13ef/0x1a90
[ 3092.871113]  ? find_held_lock+0x2c/0x110
[ 3092.871665]  ? __ext4_mark_inode_dirty+0x770/0x770
[ 3092.872289]  ? __is_insn_slot_addr+0x14c/0x290
[ 3092.872924]  ? __kernel_text_address+0x9/0x40
[ 3092.873507]  ? unwind_get_return_address+0x55/0xa0
[ 3092.874138]  ? create_prof_cpu_mask+0x20/0x20
[ 3092.874747]  ? stack_trace_save+0x8c/0xc0
[ 3092.875328]  ? stack_trace_consume_entry+0x160/0x160
[ 3092.876011]  ? kasan_save_stack+0x32/0x40
[ 3092.876562]  ? kasan_save_stack+0x1b/0x40
[ 3092.877132]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3092.877768]  ? __ext4_mark_inode_dirty+0x770/0x770
[ 3092.878376]  do_writepages+0xee/0x2a0
[ 3092.878858]  ? page_writeback_cpu_online+0x20/0x20
[ 3092.879462]  ? lock_acquire+0x197/0x470
[ 3092.879961]  ? create_object.isra.0+0x3ad/0xa20
[ 3092.880564]  ? lock_release+0x680/0x680
[ 3092.881127]  ? find_held_lock+0x2c/0x110
[ 3092.881654]  __filemap_fdatawrite_range+0x24b/0x2f0
[ 3092.882275]  ? delete_from_page_cache_batch+0xa30/0xa30
[ 3092.882940]  ? mark_held_locks+0x9e/0xe0
[ 3092.883450]  ? trace_hardirqs_on+0x5b/0x180
[ 3092.883991]  filemap_write_and_wait_range+0x65/0x100
[ 3092.884618]  __iomap_dio_rw+0x552/0x1110
[ 3092.885187]  ? iomap_dio_bio_actor+0xef0/0xef0
[ 3092.885768]  ? generic_update_time+0x21c/0x370
[ 3092.886328]  ? inode_dio_wait+0xbf/0x270
[ 3092.886819]  ? __wait_on_freeing_inode+0x140/0x140
[ 3092.887422]  ? evict_inodes+0x420/0x420
[ 3092.887922]  ? down_write_killable+0x180/0x180
[ 3092.888489]  iomap_dio_rw+0x31/0x90
[ 3092.888958]  ext4_file_write_iter+0xb26/0x18d0
[ 3092.889549]  ? ext4_file_read_iter+0x4c0/0x4c0
[ 3092.890113]  ? kasan_save_stack+0x32/0x40
[ 3092.890626]  ? kasan_save_stack+0x1b/0x40
[ 3092.891134]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3092.891741]  ? iter_file_splice_write+0x16d/0xc30
[ 3092.892322]  ? direct_splice_actor+0x10f/0x170
[ 3092.892935]  ? splice_direct_to_actor+0x387/0x980
[ 3092.893537]  ? do_splice_direct+0x1c4/0x290
[ 3092.894072]  ? do_sendfile+0x553/0x1090
[ 3092.894567]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3092.895140]  do_iter_readv_writev+0x476/0x750
[ 3092.895713]  ? new_sync_write+0x660/0x660
[ 3092.896224]  ? selinux_file_permission+0x92/0x520
[ 3092.896855]  do_iter_write+0x191/0x670
[ 3092.897344]  ? trace_hardirqs_on+0x5b/0x180
[ 3092.897890]  vfs_iter_write+0x70/0xa0
[ 3092.898366]  iter_file_splice_write+0x762/0xc30
[ 3092.898967]  ? generic_splice_sendpage+0x140/0x140
[ 3092.899585]  ? avc_policy_seqno+0x9/0x70
[ 3092.900106]  ? selinux_file_permission+0x92/0x520
[ 3092.900728]  ? lockdep_init_map_type+0x2c7/0x780
[ 3092.901377]  ? generic_splice_sendpage+0x140/0x140
[ 3092.901997]  direct_splice_actor+0x10f/0x170
[ 3092.902553]  splice_direct_to_actor+0x387/0x980
[ 3092.903133]  ? pipe_to_sendpage+0x380/0x380
[ 3092.903680]  ? do_splice_to+0x160/0x160
[ 3092.904169]  ? security_file_permission+0x24e/0x570
[ 3092.904806]  do_splice_direct+0x1c4/0x290
[ 3092.905363]  ? splice_direct_to_actor+0x980/0x980
[ 3092.905962]  ? selinux_file_permission+0x92/0x520
[ 3092.906567]  ? security_file_permission+0x24e/0x570
[ 3092.907183]  do_sendfile+0x553/0x1090
[ 3092.907666]  ? do_pwritev+0x270/0x270
[ 3092.908149]  ? wait_for_completion_io+0x270/0x270
[ 3092.908754]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3092.909432]  ? vfs_write+0x354/0xa70
[ 3092.909954]  __x64_sys_sendfile64+0x1d1/0x210
[ 3092.910564]  ? __ia32_sys_sendfile+0x220/0x220
[ 3092.911180]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3092.911883]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3092.912555]  do_syscall_64+0x33/0x40
[ 3092.913097]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3092.913750] RIP: 0033:0x7f47d2c10b19
[ 3092.914233] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3092.916638] RSP: 002b:00007f47d0165188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3092.917618] RAX: ffffffffffffffda RBX: 00007f47d2d24020 RCX: 00007f47d2c10b19
[ 3092.918484] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[ 3092.919377] RBP: 00007f47d01651d0 R08: 0000000000000000 R09: 0000000000000000
[ 3092.920270] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3092.921223] R13: 00007ffd9481803f R14: 00007f47d0165300 R15: 0000000000022000
14:06:42 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7", 0x31, 0x400}], 0x0, &(0x7f0000012900)=ANY=[])

[ 3092.933824] EXT4-fs error (device loop2): __ext4_new_inode:1068: comm syz-executor.2: reserved inode found cleared - inode=1
[ 3092.971562] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
14:06:42 executing program 7:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f00000000c0)={0x7, 0x10000, 0xf957, 0x80000000, 0x1})
write(r3, &(0x7f0000000240)="01", 0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r1, r2, 0x0, 0x20d315)

14:06:57 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000000140)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)
creat(&(0x7f00000000c0)='./file1\x00', 0xf)

14:06:57 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000010201080000095f64000000000000000600074000000000"], 0x1c}}, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r5}})
pipe(&(0x7f0000000180))
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
r7 = getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
syz_io_uring_submit(r3, r6, &(0x7f0000000080), 0x5)
pread64(r4, &(0x7f0000000340)=""/192, 0xc0, 0x6)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)
r8 = fork()
r9 = getpgid(r7)
tgkill(r8, r9, 0x7)

14:06:57 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x110)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:06:57 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:06:57 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {0x0, 0x0, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:06:57 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d351)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:06:57 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 32)

14:06:57 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7", 0x31, 0x400}], 0x0, &(0x7f0000012900)=ANY=[])

[ 3108.329439] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
[ 3108.366076] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 3108.388806] FAULT_INJECTION: forcing a failure.
[ 3108.388806] name failslab, interval 1, probability 0, space 0, times 0
[ 3108.394527] CPU: 1 PID: 20025 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 3108.397660] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3108.398719] Call Trace:
[ 3108.399073]  dump_stack+0x107/0x167
[ 3108.399550]  should_fail.cold+0x5/0xa
[ 3108.400039]  ? ext4_init_io_end+0x23/0x180
[ 3108.400574]  should_failslab+0x5/0x20
[ 3108.405148]  kmem_cache_alloc+0x5b/0x310
[ 3108.405698]  ext4_init_io_end+0x23/0x180
[ 3108.406219]  ext4_writepages+0xee9/0x3350
[ 3108.406752]  ? unwind_next_frame+0x13ef/0x1a90
[ 3108.407359]  ? find_held_lock+0x2c/0x110
[ 3108.407923]  ? __ext4_mark_inode_dirty+0x770/0x770
[ 3108.408573]  ? __is_insn_slot_addr+0x14c/0x290
[ 3108.413290]  ? __kernel_text_address+0x9/0x40
[ 3108.413883]  ? unwind_get_return_address+0x55/0xa0
[ 3108.414520]  ? create_prof_cpu_mask+0x20/0x20
[ 3108.415116]  ? stack_trace_save+0x8c/0xc0
[ 3108.415658]  ? stack_trace_consume_entry+0x160/0x160
[ 3108.416313]  ? kasan_save_stack+0x32/0x40
[ 3108.416837]  ? kasan_save_stack+0x1b/0x40
[ 3108.429499]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3108.430149]  ? __ext4_mark_inode_dirty+0x770/0x770
[ 3108.430757]  do_writepages+0xee/0x2a0
[ 3108.431260]  ? page_writeback_cpu_online+0x20/0x20
[ 3108.431893]  ? lock_acquire+0x197/0x470
[ 3108.432409]  ? create_object.isra.0+0x3ad/0xa20
[ 3108.432979]  ? lock_release+0x680/0x680
[ 3108.441592]  ? find_held_lock+0x2c/0x110
[ 3108.442122]  __filemap_fdatawrite_range+0x24b/0x2f0
[ 3108.442752]  ? delete_from_page_cache_batch+0xa30/0xa30
[ 3108.443438]  ? mark_held_locks+0x9e/0xe0
[ 3108.443966]  ? trace_hardirqs_on+0x5b/0x180
[ 3108.444521]  filemap_write_and_wait_range+0x65/0x100
[ 3108.449285]  __iomap_dio_rw+0x552/0x1110
[ 3108.449837]  ? iomap_dio_bio_actor+0xef0/0xef0
[ 3108.450409]  ? generic_update_time+0x21c/0x370
[ 3108.450989]  ? inode_dio_wait+0xbf/0x270
[ 3108.451499]  ? __wait_on_freeing_inode+0x140/0x140
[ 3108.452120]  ? evict_inodes+0x420/0x420
[ 3108.452643]  ? down_write_killable+0x180/0x180
[ 3108.453319]  iomap_dio_rw+0x31/0x90
[ 3108.453807]  ext4_file_write_iter+0xb26/0x18d0
[ 3108.454416]  ? ext4_file_read_iter+0x4c0/0x4c0
[ 3108.455006]  ? kasan_save_stack+0x32/0x40
[ 3108.455539]  ? kasan_save_stack+0x1b/0x40
[ 3108.456075]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3108.456730]  ? iter_file_splice_write+0x16d/0xc30
[ 3108.457155] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 3108.457390]  ? direct_splice_actor+0x10f/0x170
[ 3108.458945] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 3108.459083]  ? splice_direct_to_actor+0x387/0x980
[ 3108.459103]  ? do_splice_direct+0x1c4/0x290
[ 3108.461391]  ? do_sendfile+0x553/0x1090
[ 3108.461890]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3108.461935] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 3108.462485]  do_iter_readv_writev+0x476/0x750
[ 3108.462508]  ? new_sync_write+0x660/0x660
[ 3108.462530]  ? selinux_file_permission+0x92/0x520
[ 3108.469409]  do_iter_write+0x191/0x670
[ 3108.469955]  ? trace_hardirqs_on+0x5b/0x180
[ 3108.470514]  vfs_iter_write+0x70/0xa0
[ 3108.471006]  iter_file_splice_write+0x762/0xc30
[ 3108.471617]  ? generic_splice_sendpage+0x140/0x140
[ 3108.472303]  ? avc_policy_seqno+0x9/0x70
[ 3108.472837]  ? selinux_file_permission+0x92/0x520
[ 3108.477644]  ? lockdep_init_map_type+0x2c7/0x780
[ 3108.478277]  ? generic_splice_sendpage+0x140/0x140
[ 3108.478936]  direct_splice_actor+0x10f/0x170
[ 3108.479526]  splice_direct_to_actor+0x387/0x980
[ 3108.480146]  ? pipe_to_sendpage+0x380/0x380
[ 3108.480717]  ? do_splice_to+0x160/0x160
[ 3108.485404]  ? security_file_permission+0x24e/0x570
[ 3108.486087]  do_splice_direct+0x1c4/0x290
[ 3108.486651]  ? splice_direct_to_actor+0x980/0x980
[ 3108.487297]  ? selinux_file_permission+0x92/0x520
[ 3108.487953]  ? security_file_permission+0x24e/0x570
[ 3108.488603]  do_sendfile+0x553/0x1090
[ 3108.493270]  ? do_pwritev+0x270/0x270
[ 3108.493796]  ? wait_for_completion_io+0x270/0x270
[ 3108.494440]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3108.495100]  ? vfs_write+0x354/0xa70
[ 3108.495609]  __x64_sys_sendfile64+0x1d1/0x210
[ 3108.496205]  ? __ia32_sys_sendfile+0x220/0x220
[ 3108.496816]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3108.501620]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3108.502307]  do_syscall_64+0x33/0x40
[ 3108.502809]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3108.503490] RIP: 0033:0x7f47d2c10b19
[ 3108.503998] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3108.510544] RSP: 002b:00007f47d0165188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3108.511539] RAX: ffffffffffffffda RBX: 00007f47d2d24020 RCX: 00007f47d2c10b19
[ 3108.512484] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[ 3108.517530] RBP: 00007f47d01651d0 R08: 0000000000000000 R09: 0000000000000000
[ 3108.518440] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3108.519352] R13: 00007ffd9481803f R14: 00007f47d0165300 R15: 0000000000022000
[ 3108.524961] EXT4-fs error (device loop2): __ext4_new_inode:1068: comm syz-executor.2: reserved inode found cleared - inode=1
14:06:57 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000", 0x4a, 0x400}], 0x0, &(0x7f0000012900)=ANY=[])

[ 3108.535295] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 3108.593060] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
14:06:57 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0xffffffff000)

[ 3108.629865] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
14:06:57 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0xa00, 0xe9)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r3, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
fdatasync(r3)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:06:57 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d352)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:06:58 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000", 0x4a, 0x400}], 0x0, &(0x7f0000012900)=ANY=[])

14:06:58 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 33)

[ 3108.800973] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 3108.813721] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
14:06:58 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
close(r0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:06:58 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {0x0, 0x0, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 3108.930633] FAULT_INJECTION: forcing a failure.
[ 3108.930633] name failslab, interval 1, probability 0, space 0, times 0
[ 3108.932232] CPU: 0 PID: 20059 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 3108.937223] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3108.938299] Call Trace:
[ 3108.938669]  dump_stack+0x107/0x167
[ 3108.939162]  should_fail.cold+0x5/0xa
[ 3108.939678]  ? create_object.isra.0+0x3a/0xa20
[ 3108.940294]  should_failslab+0x5/0x20
[ 3108.940814]  kmem_cache_alloc+0x5b/0x310
[ 3108.941406]  create_object.isra.0+0x3a/0xa20
[ 3108.941990]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3108.942668]  kmem_cache_alloc+0x159/0x310
[ 3108.943229]  ext4_init_io_end+0x23/0x180
[ 3108.943761]  ext4_writepages+0xee9/0x3350
[ 3108.944326]  ? unwind_next_frame+0x13ef/0x1a90
[ 3108.944945]  ? find_held_lock+0x2c/0x110
[ 3108.945543]  ? __ext4_mark_inode_dirty+0x770/0x770
[ 3108.946197]  ? __is_insn_slot_addr+0x14c/0x290
[ 3108.946814]  ? __kernel_text_address+0x9/0x40
[ 3108.947420]  ? unwind_get_return_address+0x55/0xa0
[ 3108.948077]  ? create_prof_cpu_mask+0x20/0x20
[ 3108.948695]  ? stack_trace_save+0x8c/0xc0
[ 3108.949322]  ? stack_trace_consume_entry+0x160/0x160
[ 3108.950016]  ? kasan_save_stack+0x32/0x40
[ 3108.950570]  ? kasan_save_stack+0x1b/0x40
[ 3108.951121]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3108.951802]  ? __ext4_mark_inode_dirty+0x770/0x770
[ 3108.952463]  do_writepages+0xee/0x2a0
[ 3108.952987]  ? page_writeback_cpu_online+0x20/0x20
[ 3108.953669]  ? lock_acquire+0x197/0x470
[ 3108.954191]  ? create_object.isra.0+0x3ad/0xa20
[ 3108.954795]  ? lock_release+0x680/0x680
[ 3108.955324]  ? find_held_lock+0x2c/0x110
[ 3108.955872]  __filemap_fdatawrite_range+0x24b/0x2f0
[ 3108.956536]  ? delete_from_page_cache_batch+0xa30/0xa30
[ 3108.957270]  ? mark_held_locks+0x9e/0xe0
[ 3108.957819]  ? trace_hardirqs_on+0x5b/0x180
[ 3108.958409]  filemap_write_and_wait_range+0x65/0x100
[ 3108.959087]  __iomap_dio_rw+0x552/0x1110
[ 3108.959645]  ? iomap_dio_bio_actor+0xef0/0xef0
[ 3108.960243]  ? generic_update_time+0x21c/0x370
[ 3108.960848]  ? inode_dio_wait+0xbf/0x270
[ 3108.961444]  ? __wait_on_freeing_inode+0x140/0x140
[ 3108.962090]  ? evict_inodes+0x420/0x420
[ 3108.962627]  ? down_write_killable+0x180/0x180
[ 3108.963257]  iomap_dio_rw+0x31/0x90
[ 3108.963756]  ext4_file_write_iter+0xb26/0x18d0
[ 3108.964389]  ? ext4_file_read_iter+0x4c0/0x4c0
[ 3108.964985]  ? kasan_save_stack+0x32/0x40
[ 3108.965570]  ? kasan_save_stack+0x1b/0x40
[ 3108.966134]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3108.966804]  ? iter_file_splice_write+0x16d/0xc30
[ 3108.967445]  ? direct_splice_actor+0x10f/0x170
[ 3108.968058]  ? splice_direct_to_actor+0x387/0x980
[ 3108.968696]  ? do_splice_direct+0x1c4/0x290
[ 3108.969308]  ? do_sendfile+0x553/0x1090
[ 3108.969835]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3108.970466]  do_iter_readv_writev+0x476/0x750
[ 3108.971076]  ? new_sync_write+0x660/0x660
[ 3108.971634]  ? selinux_file_permission+0x92/0x520
[ 3108.972301]  do_iter_write+0x191/0x670
[ 3108.972834]  ? trace_hardirqs_on+0x5b/0x180
[ 3108.973459]  vfs_iter_write+0x70/0xa0
[ 3108.973949]  iter_file_splice_write+0x762/0xc30
[ 3108.974559]  ? generic_splice_sendpage+0x140/0x140
[ 3108.975196]  ? avc_policy_seqno+0x9/0x70
[ 3108.975709]  ? selinux_file_permission+0x92/0x520
[ 3108.976354]  ? lockdep_init_map_type+0x2c7/0x780
[ 3108.976987]  ? generic_splice_sendpage+0x140/0x140
[ 3108.977660]  direct_splice_actor+0x10f/0x170
[ 3108.978248]  splice_direct_to_actor+0x387/0x980
[ 3108.978872]  ? pipe_to_sendpage+0x380/0x380
[ 3108.979449]  ? do_splice_to+0x160/0x160
[ 3108.979992]  ? security_file_permission+0x24e/0x570
[ 3108.980655]  do_splice_direct+0x1c4/0x290
[ 3108.981270]  ? splice_direct_to_actor+0x980/0x980
[ 3108.981895]  ? selinux_file_permission+0x92/0x520
[ 3108.982503]  ? security_file_permission+0x24e/0x570
[ 3108.983135]  do_sendfile+0x553/0x1090
[ 3108.983628]  ? do_pwritev+0x270/0x270
[ 3108.984124]  ? wait_for_completion_io+0x270/0x270
[ 3108.984748]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3108.985372]  ? vfs_write+0x354/0xa70
[ 3108.985866]  __x64_sys_sendfile64+0x1d1/0x210
[ 3108.986457]  ? __ia32_sys_sendfile+0x220/0x220
[ 3108.987069]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3108.987768]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3108.988514]  do_syscall_64+0x33/0x40
[ 3108.989080]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3108.989759] RIP: 0033:0x7f47d2c10b19
[ 3108.990255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3108.992695] RSP: 002b:00007f47d0165188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3108.993733] RAX: ffffffffffffffda RBX: 00007f47d2d24020 RCX: 00007f47d2c10b19
[ 3108.994644] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[ 3108.995601] RBP: 00007f47d01651d0 R08: 0000000000000000 R09: 0000000000000000
[ 3108.996599] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3108.997557] R13: 00007ffd9481803f R14: 00007f47d0165300 R15: 0000000000022000
[ 3109.067076] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
14:06:58 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000", 0x4a, 0x400}], 0x0, &(0x7f0000012900)=ANY=[])

[ 3109.131973] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 3109.184228] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[ 3109.199461] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
14:07:14 executing program 1:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r3, &(0x7f0000000240)="01", 0x1)
faccessat2(r0, &(0x7f00000000c0)='./file0\x00', 0x10, 0x100)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r1, r2, 0x0, 0x20d315)

14:07:14 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {0x0, 0x0, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:07:14 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00", 0x56, 0x400}], 0x0, &(0x7f0000012900)=ANY=[])

14:07:14 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x40000, 0x4, &(0x7f0000000140)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = memfd_create(&(0x7f00000000c0)='ext4\x00', 0xa)
epoll_ctl$EPOLL_CTL_DEL(r2, 0x2, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
fcntl$getflags(0xffffffffffffffff, 0xb)
sendfile(r0, r1, 0x0, 0x20d315)

[ 3125.502694] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
14:07:14 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d353)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:07:14 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x842a82, 0x40)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:07:14 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000000340)={0x0, 0x80, 0x8, 0x4, 0x10, 0x8, 0x0, 0x115, 0x4400, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x9a8, 0x0, @perf_config_ext={0x4, 0x7}, 0x40020, 0xc720177, 0x7fff, 0x4, 0x3, 0x6, 0x6, 0x0, 0x100, 0x0, 0x7fff}, 0x0, 0xf, r5, 0xb)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

[ 3125.511123] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 3125.512801] EXT4-fs error (device loop2): __ext4_new_inode:1068: comm syz-executor.2: reserved inode found cleared - inode=1
[ 3125.518645] EXT4-fs (loop6): unsupported inode size: 0
[ 3125.519553] EXT4-fs (loop6): blocksize: 1024
14:07:14 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 34)

[ 3125.559934] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 3125.570931] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 3125.573977] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
14:07:14 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500), 0x0, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:07:14 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00", 0x56, 0x400}], 0x0, &(0x7f0000012900)=ANY=[])

[ 3125.651743] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 3125.672799] FAULT_INJECTION: forcing a failure.
[ 3125.672799] name failslab, interval 1, probability 0, space 0, times 0
[ 3125.674300] CPU: 0 PID: 20108 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 3125.675155] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3125.676195] Call Trace:
[ 3125.676526]  dump_stack+0x107/0x167
[ 3125.676980]  should_fail.cold+0x5/0xa
[ 3125.677571]  ? create_object.isra.0+0x3a/0xa20
[ 3125.678152]  should_failslab+0x5/0x20
[ 3125.678634]  kmem_cache_alloc+0x5b/0x310
[ 3125.679154]  create_object.isra.0+0x3a/0xa20
[ 3125.679693]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3125.680332]  kmem_cache_alloc+0x159/0x310
[ 3125.680871]  ext4_mb_new_blocks+0x209f/0x45b0
[ 3125.681503]  ? register_lock_class+0xbb/0x17b0
[ 3125.682070]  ? kernel_text_address+0xf2/0x120
[ 3125.682639]  ? mark_lock+0xf5/0x2df0
[ 3125.683097]  ? is_dynamic_key+0x1e0/0x1e0
[ 3125.683616]  ? ext4_discard_preallocations+0xd80/0xd80
[ 3125.684269]  ? mark_lock+0xf5/0x2df0
[ 3125.684745]  ? ext4_get_branch+0x541/0x6d0
[ 3125.685347]  ext4_ind_map_blocks+0x17de/0x2150
[ 3125.685946]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3125.686624]  ? ext4_free_branches+0x680/0x680
[ 3125.687227]  ? lock_release+0x680/0x680
[ 3125.687725]  ? find_held_lock+0x2c/0x110
[ 3125.688241]  ? down_write+0xe0/0x160
[ 3125.688706]  ? down_write_killable+0x180/0x180
[ 3125.689335]  ext4_map_blocks+0x9ed/0x1940
[ 3125.689876]  ? create_empty_buffers+0xbc/0x640
[ 3125.690451]  ? ext4_issue_zeroout+0x1c0/0x1c0
[ 3125.691000]  ? lock_release+0x680/0x680
[ 3125.691498]  ? create_page_buffers+0x1bb/0x230
[ 3125.692080]  _ext4_get_block+0x21e/0x570
[ 3125.692592]  ? ext4_map_blocks+0x1940/0x1940
[ 3125.693144]  ? create_empty_buffers+0x4a3/0x640
[ 3125.693744]  ? do_raw_spin_unlock+0x4f/0x220
[ 3125.694297]  ? create_page_buffers+0x139/0x230
[ 3125.694865]  __block_write_begin_int+0x3d1/0x19c0
[ 3125.695473]  ? _ext4_get_block+0x570/0x570
[ 3125.696009]  ? remove_inode_buffers+0x300/0x300
[ 3125.696595]  ? wait_for_stable_page+0x92/0xe0
[ 3125.697173]  ext4_try_to_write_inline_data+0x729/0x14c0
[ 3125.697931]  ? ext4_readpage_inline+0x3d0/0x3d0
[ 3125.698544]  ? ext4_mark_iloc_dirty+0x18e6/0x3630
[ 3125.699139]  ? mark_buffer_dirty+0x11e/0x3d0
[ 3125.699723]  ? ext4_ind_trans_blocks+0xd/0x80
[ 3125.700274]  ? ext4_meta_trans_blocks+0x25c/0x310
[ 3125.700886]  ? ext4_inode_journal_mode+0x27c/0x4f0
[ 3125.701588]  ext4_write_begin+0xbe0/0x10f0
[ 3125.702119]  ? ext4_truncate+0x1160/0x1160
[ 3125.702662]  ? ext4_expand_extra_isize+0x5a0/0x5a0
[ 3125.703288]  ? current_time+0x72/0x2c0
[ 3125.703792]  ext4_da_write_begin+0x623/0xd40
[ 3125.704364]  ? ext4_journal_check_start+0x1b3/0x2a0
[ 3125.704993]  ? iov_iter_fault_in_readable+0x9a/0x410
[ 3125.705668]  ? __ext4_journal_stop+0x107/0x1f0
[ 3125.706255]  ? ext4_write_begin+0x10f0/0x10f0
[ 3125.706821]  ? copyout_mc+0x140/0x140
[ 3125.707304]  ? ext4_dirty_inode+0x107/0x130
[ 3125.707841]  ? __mark_inode_dirty+0x12e/0xd40
[ 3125.708415]  generic_perform_write+0x20a/0x4f0
[ 3125.708981]  ? page_cache_next_miss+0x310/0x310
[ 3125.709587]  ? down_write_killable+0x180/0x180
[ 3125.710177]  ext4_buffered_write_iter+0x232/0x4a0
[ 3125.710785]  ext4_file_write_iter+0x4fb/0x18d0
[ 3125.711383]  ? ext4_file_read_iter+0x4c0/0x4c0
[ 3125.712007]  ? kasan_save_stack+0x32/0x40
[ 3125.712521]  ? kasan_save_stack+0x1b/0x40
[ 3125.713044]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3125.713711]  ? iter_file_splice_write+0x16d/0xc30
[ 3125.714310]  ? direct_splice_actor+0x10f/0x170
[ 3125.714868]  ? splice_direct_to_actor+0x387/0x980
[ 3125.715478]  ? do_splice_direct+0x1c4/0x290
[ 3125.716038]  ? do_sendfile+0x553/0x1090
[ 3125.716550]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3125.717160]  do_iter_readv_writev+0x476/0x750
[ 3125.717785]  ? new_sync_write+0x660/0x660
[ 3125.718314]  ? selinux_file_permission+0x92/0x520
[ 3125.718939]  do_iter_write+0x191/0x670
[ 3125.719444]  ? trace_hardirqs_on+0x5b/0x180
[ 3125.719998]  vfs_iter_write+0x70/0xa0
[ 3125.720482]  iter_file_splice_write+0x762/0xc30
[ 3125.721076]  ? generic_splice_sendpage+0x140/0x140
[ 3125.721726]  ? avc_policy_seqno+0x9/0x70
[ 3125.722237]  ? selinux_file_permission+0x92/0x520
[ 3125.722839]  ? lockdep_init_map_type+0x2c7/0x780
[ 3125.723438]  ? generic_splice_sendpage+0x140/0x140
[ 3125.724057]  direct_splice_actor+0x10f/0x170
[ 3125.724636]  splice_direct_to_actor+0x387/0x980
[ 3125.725218]  ? pipe_to_sendpage+0x380/0x380
[ 3125.725836]  ? do_splice_to+0x160/0x160
[ 3125.726348]  ? security_file_permission+0x24e/0x570
[ 3125.727023]  do_splice_direct+0x1c4/0x290
[ 3125.727548]  ? splice_direct_to_actor+0x980/0x980
[ 3125.728147]  ? selinux_file_permission+0x92/0x520
[ 3125.728805]  ? security_file_permission+0x24e/0x570
[ 3125.729488]  do_sendfile+0x553/0x1090
[ 3125.729965]  ? do_pwritev+0x270/0x270
[ 3125.730461]  ? wait_for_completion_io+0x270/0x270
[ 3125.731065]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3125.731642]  ? vfs_write+0x354/0xa70
[ 3125.732112]  __x64_sys_sendfile64+0x1d1/0x210
[ 3125.732681]  ? __ia32_sys_sendfile+0x220/0x220
[ 3125.733275]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3125.733933]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3125.734614]  do_syscall_64+0x33/0x40
[ 3125.735078]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3125.735712] RIP: 0033:0x7f47d2c10b19
[ 3125.736173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3125.738542] RSP: 002b:00007f47d0186188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3125.739498] RAX: ffffffffffffffda RBX: 00007f47d2d23f60 RCX: 00007f47d2c10b19
[ 3125.740407] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 3125.741322] RBP: 00007f47d01861d0 R08: 0000000000000000 R09: 0000000000000000
[ 3125.742207] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3125.743072] R13: 00007ffd9481803f R14: 00007f47d0186300 R15: 0000000000022000
14:07:15 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d354)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:07:15 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r5, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
sendmmsg$inet(r5, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @empty}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$EXT4_IOC_MOVE_EXT(r4, 0xc028660f, &(0x7f00000000c0)={0x0, r6, 0x7ff, 0x800, 0x9, 0x4})
sendfile(r0, r1, 0x0, 0x20d315)

14:07:15 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r3, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @rand_addr=0x64010100}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, &(0x7f00000000c0)={0x200, 0x0, 0x2, 0x8, 0xfffffc00})
write(r2, &(0x7f0000000240)="01", 0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x8000, 0x7, &(0x7f0000000800)=[{&(0x7f00000002c0)="c6833566721d5da8e0eeb99394eaf60c82bbc518f833c8cea925288b2445966695d0f822de824b6622a212db2c17100208a96b0c3ac61957cae891ad6490b68131b4da7e2836f0e90afbf6dc3f7016f38800e193f1feaa33f270eecda93e5114", 0x60, 0xfffffffffffffffe}, {&(0x7f0000000340)="ada8b745549f9227e970a3adefe5b416e88d3322f918747b97b53e606769a178dbbe5ca39e042dc4e50b0f1369d56dc36d09c5cfdac3799659b1b761cf9f0446c5b42007", 0x44, 0x3}, {&(0x7f00000003c0)="6021331a4c62f808abbe0d1874526bb00883540b97859bfab3f5aa19371c05557e2c3b04e0c9a371c32c51ffb018c833e0701e1159d03937670d1c7e72c32affd663a11f4cbd58d0fe2518b1774062ccff80aa5df770eb0253fa5d1844d28b2d9bc27992e55ef2368417dc7b37e6e90eb6fbcc6e4a342411b8691fe531235eca42ea26470197f0bf49c985597737f4c64375c186ba2ab0a49987a37c9d4594c8c02b0469f6996c8cbe69bb678da55a2ae977b2dc6a6f11a941c3182fc35672e44a", 0xc1, 0x3}, {&(0x7f00000004c0)="c7f989365bbf7429cc49b1f59afd10ffaea42d39d99376b518c9df6cb01b6fef9e2438794eb2e4cae3469cc3632294b20ca401406e97ddb2733bcf8c0b410fb58840837bdc245d7f8c580df314a491b1e1a4ce1a667eddbfb5e79d6056ce821701c376aecb0fc01e35fde80ad29800155e0dfb114a306f778a7e5dec2654db", 0x7f, 0x8}, {&(0x7f0000000540)="773949eb0242449855a09ec2718258c4e87e8fc60ca40d6148f73a3d018c67f3bedc010477c9c91219e69b655be48b5aec5ecd474c63f91afb730350b51f76cbeb0c3127ab0d9cfad09a7bef6eadc3284367abc4408be33f329ed732e00342207bfa3bde89ad49e553ff20a960c8ea496b72221d4081858f989dce865a7fc4944f95c2cc3e1a48e81943acde0a8c3e052b8063926308c0838ebd633f5aaf6a8d6ef5de4fb9c877ab114c2f0f3b2c024e9378bce1f1cfb6d311625c4af615bd07e19ffce703133ab4f9550a28d2aa654dc70b6f720c23dba2d8b3abf91849b21bbd3e", 0xe2, 0x66f0}, {&(0x7f0000000680)="3a94d71fd3870a6bab78dc5ecff02187916afbe7d1462983a3b2db75e27a8b54969203a4d75a7d054fa43ca0005fabdbe6d5c374f001e3d2a42aa85cfbede45638a86c483c093c0957926c83dd13ed640bfd538ecdceeb59a6333251628020ce28e2a1cbc16fd247f8cbf5cbcebf94a1e5ee25f442e8562237fbcf418598344a25d6ce4e17bdb4706f0b3c1cd717fc2497aed357226def8b8ab6a9a15106ed6c8ba3235e927fe9133fb138a8630c313781c433cc6ef625181d327027274506bbf8f4fe562e20e2b8b062e437d0b5ea76c9d15c797df06ebd5c3fc77d5226757aba6c30eb2c91b00c491aa334c04e945e2e", 0xf1, 0x8}, {&(0x7f0000000780)="a720eba18658d933f2dc28d1d607068b3931ab03ca4aef8040ed79a2021a24cecece0d8e6b74f261f52848ad5b0d15b68ee5c290fe22fd0730baf082302f68701af435ee82a42dc64165b2832ad79e432873acc05ebf63932247688a7e39f147dcf09281e1ea0e", 0x67}], 0x40, &(0x7f00000008c0)={[{@uni_xlate}, {@numtail}, {@uni_xlate}, {@numtail}, {@utf8no}], [{@fsmagic={'fsmagic', 0x3d, 0xfffffffffffffff9}}, {@mask={'mask', 0x3d, '^MAY_READ'}}]})
sendfile(r0, r1, 0x0, 0x20d315)

[ 3125.822430] EXT4-fs (loop6): unsupported inode size: 0
[ 3125.823183] EXT4-fs (loop6): blocksize: 1024
14:07:15 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 35)

14:07:15 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/sockstat6\x00')
openat(r2, &(0x7f0000000180)='\x00', 0xa000, 0x44)
mknod$loop(&(0x7f00000000c0)='./file1\x00', 0x8, 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r3, &(0x7f0000000240)="01", 0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

[ 3125.938231] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 3125.963342] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
14:07:15 executing program 0:
r0 = syz_io_uring_setup(0x4b35, &(0x7f00000002c0)={0x0, 0x3f18}, &(0x7f0000d3c000/0x2000)=nil, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7766646e6f3d052936dcc16f3e87d242dfad7578665906cbd8b7481145d76754aa5ff3171922e52a6fc8cbe0660600ea362ad4fd151c2d249ce73b2315ce8002000000ab4db96a084c7b1c90d765d301f28f4ff14fe9cffaf8cb32e44d24ed7ec4702eb64f90d8dd1ec0d4cabdfe0ef8b659dd3750f31e36aab4a024d7c8895cb691dc8a9d2595a3cb21c6d0", @ANYRESHEX, @ANYBLOB="000006d6ca5aa80032b0e5454ba753ab55d21a1ee6390f91b73004f7840c0fd84803230772c3bfc29447db0e0dc0d40f161bfbac"])
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r5, 0xc018937c, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r6=>r5, {0x2}}, './file1\x00'})
io_uring_enter(r6, 0x42ca, 0xe5ff, 0x2, &(0x7f0000000180)={[0x6]}, 0x8)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:07:15 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500), 0x0, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:07:15 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00", 0x56, 0x400}], 0x0, &(0x7f0000012900)=ANY=[])

[ 3126.035518] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 3126.056964] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 3126.063502] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 3126.068078] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 3126.103219] EXT4-fs (loop6): unsupported inode size: 0
[ 3126.104103] EXT4-fs (loop6): blocksize: 1024
[ 3126.107461] FAULT_INJECTION: forcing a failure.
[ 3126.107461] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3126.109074] CPU: 0 PID: 20142 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 3126.110001] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3126.111035] Call Trace:
[ 3126.111378]  dump_stack+0x107/0x167
[ 3126.111840]  should_fail.cold+0x5/0xa
[ 3126.112330]  __alloc_pages_nodemask+0x182/0x600
[ 3126.112918]  ? __brelse+0x84/0xa0
[ 3126.113390]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 3126.114156]  alloc_pages_current+0x187/0x280
[ 3126.114712]  allocate_slab+0x26f/0x380
[ 3126.115208]  ___slab_alloc+0x470/0x700
[ 3126.115703]  ? ext4_mb_new_blocks+0x64d/0x45b0
[ 3126.116280]  ? ext4_journal_check_start+0x1b3/0x2a0
[ 3126.116913]  ? ext4_mb_new_blocks+0x64d/0x45b0
[ 3126.117507]  ? kmem_cache_alloc+0x301/0x310
[ 3126.118049]  ? ext4_mb_new_blocks+0x64d/0x45b0
[ 3126.118622]  kmem_cache_alloc+0x301/0x310
[ 3126.119163]  ext4_mb_new_blocks+0x64d/0x45b0
[ 3126.119746]  ? register_lock_class+0xbb/0x17b0
[ 3126.120326]  ? kernel_text_address+0xf2/0x120
[ 3126.120904]  ? mark_lock+0xf5/0x2df0
[ 3126.121432]  ? is_dynamic_key+0x1e0/0x1e0
[ 3126.121944]  ? ext4_discard_preallocations+0xd80/0xd80
[ 3126.122598]  ? mark_lock+0xf5/0x2df0
[ 3126.123068]  ? ext4_get_branch+0x541/0x6d0
[ 3126.123610]  ext4_ind_map_blocks+0x17de/0x2150
[ 3126.124217]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3126.124911]  ? ext4_free_branches+0x680/0x680
[ 3126.125514]  ? lock_acquire+0x197/0x470
[ 3126.126023]  ? lock_release+0x680/0x680
[ 3126.126530]  ? find_held_lock+0x2c/0x110
[ 3126.127054]  ? down_write+0xe0/0x160
[ 3126.127527]  ? down_write_killable+0x180/0x180
[ 3126.128113]  ext4_map_blocks+0x9ed/0x1940
[ 3126.128658]  ? create_empty_buffers+0xbc/0x640
[ 3126.129236]  ? ext4_issue_zeroout+0x1c0/0x1c0
[ 3126.129829]  ? lock_release+0x680/0x680
[ 3126.130348]  ? create_page_buffers+0x1bb/0x230
[ 3126.130933]  _ext4_get_block+0x21e/0x570
[ 3126.131454]  ? ext4_map_blocks+0x1940/0x1940
[ 3126.132004]  ? create_empty_buffers+0x4a3/0x640
[ 3126.132593]  ? do_raw_spin_unlock+0x4f/0x220
[ 3126.133158]  ? create_page_buffers+0x139/0x230
[ 3126.133798]  __block_write_begin_int+0x3d1/0x19c0
[ 3126.134452]  ? _ext4_get_block+0x570/0x570
[ 3126.135002]  ? remove_inode_buffers+0x300/0x300
[ 3126.135600]  ? wait_for_stable_page+0x92/0xe0
[ 3126.136192]  ext4_try_to_write_inline_data+0x729/0x14c0
[ 3126.136926]  ? ext4_readpage_inline+0x3d0/0x3d0
[ 3126.137545]  ? ext4_mark_iloc_dirty+0x18e6/0x3630
[ 3126.138152]  ? mark_buffer_dirty+0x11e/0x3d0
[ 3126.138710]  ? ext4_ind_trans_blocks+0xd/0x80
[ 3126.139276]  ? ext4_meta_trans_blocks+0x25c/0x310
[ 3126.139893]  ? ext4_inode_journal_mode+0x27c/0x4f0
[ 3126.140512]  ext4_write_begin+0xbe0/0x10f0
[ 3126.141062]  ? ext4_truncate+0x1160/0x1160
[ 3126.141639]  ? ext4_expand_extra_isize+0x5a0/0x5a0
[ 3126.142255]  ? current_time+0x72/0x2c0
[ 3126.142768]  ext4_da_write_begin+0x623/0xd40
[ 3126.143340]  ? ext4_journal_check_start+0x1b3/0x2a0
[ 3126.143970]  ? iov_iter_fault_in_readable+0x9a/0x410
[ 3126.144631]  ? __ext4_journal_stop+0x107/0x1f0
[ 3126.145227]  ? ext4_write_begin+0x10f0/0x10f0
[ 3126.145845]  ? copyout_mc+0x140/0x140
[ 3126.146331]  ? ext4_dirty_inode+0x107/0x130
[ 3126.146878]  ? __mark_inode_dirty+0x12e/0xd40
[ 3126.147459]  generic_perform_write+0x20a/0x4f0
[ 3126.148056]  ? page_cache_next_miss+0x310/0x310
[ 3126.148655]  ? down_write_killable+0x180/0x180
[ 3126.149296]  ext4_buffered_write_iter+0x232/0x4a0
[ 3126.149921]  ext4_file_write_iter+0x4fb/0x18d0
[ 3126.150512]  ? ext4_file_read_iter+0x4c0/0x4c0
[ 3126.151088]  ? kasan_save_stack+0x32/0x40
[ 3126.151619]  ? kasan_save_stack+0x1b/0x40
[ 3126.152146]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3126.152786]  ? iter_file_splice_write+0x16d/0xc30
[ 3126.153414]  ? direct_splice_actor+0x10f/0x170
[ 3126.153986]  ? splice_direct_to_actor+0x387/0x980
[ 3126.154579]  ? do_splice_direct+0x1c4/0x290
[ 3126.155109]  ? do_sendfile+0x553/0x1090
[ 3126.155599]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3126.156175]  do_iter_readv_writev+0x476/0x750
[ 3126.156728]  ? new_sync_write+0x660/0x660
[ 3126.157232]  ? selinux_file_permission+0x92/0x520
[ 3126.157913]  do_iter_write+0x191/0x670
[ 3126.158442]  ? trace_hardirqs_on+0x5b/0x180
[ 3126.158999]  vfs_iter_write+0x70/0xa0
[ 3126.159485]  iter_file_splice_write+0x762/0xc30
[ 3126.160081]  ? generic_splice_sendpage+0x140/0x140
[ 3126.160717]  ? avc_policy_seqno+0x9/0x70
[ 3126.161222]  ? selinux_file_permission+0x92/0x520
[ 3126.161851]  ? lockdep_init_map_type+0x2c7/0x780
[ 3126.162441]  ? generic_splice_sendpage+0x140/0x140
[ 3126.163066]  direct_splice_actor+0x10f/0x170
[ 3126.163635]  splice_direct_to_actor+0x387/0x980
[ 3126.164238]  ? pipe_to_sendpage+0x380/0x380
[ 3126.164803]  ? do_splice_to+0x160/0x160
[ 3126.165367]  ? security_file_permission+0x24e/0x570
[ 3126.166042]  do_splice_direct+0x1c4/0x290
[ 3126.166604]  ? splice_direct_to_actor+0x980/0x980
[ 3126.167220]  ? selinux_file_permission+0x92/0x520
[ 3126.167516] EXT4-fs error (device loop2): __ext4_new_inode:1068: comm syz-executor.2: reserved inode found cleared - inode=1
[ 3126.167854]  ? security_file_permission+0x24e/0x570
[ 3126.169987]  do_sendfile+0x553/0x1090
[ 3126.170508]  ? do_pwritev+0x270/0x270
[ 3126.171011]  ? wait_for_completion_io+0x270/0x270
[ 3126.171633]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3126.172294]  ? vfs_write+0x354/0xa70
[ 3126.172778]  __x64_sys_sendfile64+0x1d1/0x210
[ 3126.173387]  ? __ia32_sys_sendfile+0x220/0x220
[ 3126.173986]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3126.174661]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3126.175330]  do_syscall_64+0x33/0x40
[ 3126.175821]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3126.176478] RIP: 0033:0x7f47d2c10b19
[ 3126.176957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3126.179395] RSP: 002b:00007f47d0186188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3126.180375] RAX: ffffffffffffffda RBX: 00007f47d2d23f60 RCX: 00007f47d2c10b19
[ 3126.181310] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 3126.182245] RBP: 00007f47d01861d0 R08: 0000000000000000 R09: 0000000000000000
[ 3126.183131] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3126.184022] R13: 00007ffd9481803f R14: 00007f47d0186300 R15: 0000000000022000
14:07:15 executing program 0:
r0 = syz_io_uring_setup(0x4d50, &(0x7f00000002c0)={0x0, 0x0, 0x2, 0x2, 0x229}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}})
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x100000b, 0x1010, r4, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff})
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/dns_resolver', 0x40800, 0x77)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000002, 0x30, r7, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r6}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r8, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000140)={0x0, r8, 0x6, 0x4, 0x7, 0x2})
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:07:31 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d355)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:07:31 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
mknod$loop(&(0x7f0000000140)='./file0/file0\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x3e4ae54bffd908a1, 0x2a7)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:07:31 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 36)

14:07:31 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
chdir(&(0x7f0000000440)='./file0\x00')
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
setresuid(0xffffffffffffffff, r5, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000002c0)={{{@in6=@private0, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in=@local}, 0x0, @in=@multicast1}}, &(0x7f0000000180)=0xe8)
lsetxattr$system_posix_acl(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f00000003c0)={{}, {0x1, 0x4}, [{0x2, 0x4}, {0x2, 0x1, r4}, {0x2, 0x0, r5}, {0x2, 0x5, r6}], {0x4, 0x2}, [{0x8, 0x5, 0xffffffffffffffff}], {0x10, 0x4}, {0x20, 0xb}}, 0x4c, 0x5)
sendfile(r0, r1, 0x0, 0x20d315)

14:07:31 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500), 0x0, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:07:31 executing program 5:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r3, &(0x7f0000000240)="01", 0x1)
r4 = socket$inet_icmp(0x2, 0x2, 0x1)
sendfile(r4, r0, 0x0, 0x5)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r1, r2, 0x0, 0x20d315)
creat(&(0x7f00000000c0)='./file1\x00', 0x0)

14:07:31 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000", 0x5c, 0x400}], 0x0, &(0x7f0000012900)=ANY=[])

14:07:31 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PTP_PEROUT_REQUEST(r4, 0x40383d03, &(0x7f0000000080)={{0x3, 0x9}, {0x6, 0x100}, 0xb4})
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB="2c776664097c3ae1ecb91c1560378a9b4182b96e6f3d", @ANYRESHEX, @ANYBLOB=',\x00'])
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

[ 3142.254745] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 3142.270719] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 3142.273035] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[ 3142.304010] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 3142.304987] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 3142.305766] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 3142.309030] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 3142.344899] EXT4-fs error (device loop2): __ext4_new_inode:1068: comm syz-executor.2: reserved inode found cleared - inode=1
14:07:31 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000", 0x5c, 0x400}], 0x0, &(0x7f0000012900)=ANY=[])

[ 3142.374852] FAULT_INJECTION: forcing a failure.
[ 3142.374852] name failslab, interval 1, probability 0, space 0, times 0
[ 3142.378163] CPU: 1 PID: 20193 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 3142.379075] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3142.380120] Call Trace:
[ 3142.380481]  dump_stack+0x107/0x167
[ 3142.380953]  should_fail.cold+0x5/0xa
[ 3142.381435]  ? ext4_mb_new_blocks+0x64d/0x45b0
[ 3142.382053]  should_failslab+0x5/0x20
[ 3142.382541]  kmem_cache_alloc+0x5b/0x310
[ 3142.383106]  ext4_mb_new_blocks+0x64d/0x45b0
[ 3142.383683]  ? __lock_acquire+0x1657/0x5b00
[ 3142.384253]  ? ext4_discard_preallocations+0xd80/0xd80
[ 3142.384925]  ? ext4_get_branch+0x541/0x6d0
[ 3142.385514]  ext4_ind_map_blocks+0x17de/0x2150
[ 3142.386133]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3142.386813]  ? ext4_free_branches+0x680/0x680
[ 3142.387383]  ? lock_acquire+0x197/0x470
[ 3142.387937]  ? lock_release+0x680/0x680
[ 3142.388480]  ? find_held_lock+0x2c/0x110
[ 3142.389053]  ? down_write+0xe0/0x160
[ 3142.389587]  ? down_write_killable+0x180/0x180
[ 3142.390191]  ext4_map_blocks+0x9ed/0x1940
[ 3142.390741]  ? ext4_issue_zeroout+0x1c0/0x1c0
[ 3142.391330]  ? lock_acquire+0x197/0x470
[ 3142.391855]  ? lock_page_memcg+0x30/0x270
[ 3142.392431]  ? find_held_lock+0x2c/0x110
[ 3142.392988]  _ext4_get_block+0x21e/0x570
[ 3142.393532]  ? ext4_map_blocks+0x1940/0x1940
[ 3142.394884]  ? lock_page_memcg+0xcd/0x270
[ 3142.396125]  __block_write_begin_int+0x3d1/0x19c0
[ 3142.397585]  ? _ext4_get_block+0x570/0x570
[ 3142.398145]  ? remove_inode_buffers+0x300/0x300
[ 3142.398739]  ? ext4_journal_check_start+0x1b3/0x2a0
[ 3142.399374]  ext4_write_begin+0x68e/0x10f0
[ 3142.399934]  ? ext4_truncate+0x1160/0x1160
[ 3142.400476]  ? ext4_expand_extra_isize+0x5a0/0x5a0
[ 3142.401145]  ? current_time+0x72/0x2c0
[ 3142.402004]  ext4_da_write_begin+0x623/0xd40
[ 3142.403306]  ? ext4_journal_check_start+0x1b3/0x2a0
[ 3142.404825]  ? iov_iter_fault_in_readable+0x9a/0x410
[ 3142.406381]  ? __ext4_journal_stop+0x107/0x1f0
[ 3142.407781]  ? ext4_write_begin+0x10f0/0x10f0
[ 3142.409096]  ? copyout_mc+0x140/0x140
[ 3142.410244]  ? ext4_dirty_inode+0x107/0x130
[ 3142.411498]  ? __mark_inode_dirty+0x12e/0xd40
[ 3142.412876]  generic_perform_write+0x20a/0x4f0
[ 3142.414239]  ? page_cache_next_miss+0x310/0x310
[ 3142.415564]  ? down_write_killable+0x180/0x180
[ 3142.416896]  ext4_buffered_write_iter+0x232/0x4a0
[ 3142.418352]  ext4_file_write_iter+0x4fb/0x18d0
[ 3142.419701]  ? ext4_file_read_iter+0x4c0/0x4c0
[ 3142.421036]  ? kasan_save_stack+0x32/0x40
[ 3142.422320]  ? kasan_save_stack+0x1b/0x40
[ 3142.423527]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3142.425094]  ? iter_file_splice_write+0x16d/0xc30
[ 3142.425971]  ? direct_splice_actor+0x10f/0x170
[ 3142.426562]  ? splice_direct_to_actor+0x387/0x980
[ 3142.427174]  ? do_splice_direct+0x1c4/0x290
[ 3142.427730]  ? do_sendfile+0x553/0x1090
[ 3142.428244]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3142.428855]  do_iter_readv_writev+0x476/0x750
[ 3142.429424]  ? new_sync_write+0x660/0x660
[ 3142.430653]  ? selinux_file_permission+0x92/0x520
[ 3142.431812]  do_iter_write+0x191/0x670
[ 3142.432821]  ? trace_hardirqs_on+0x5b/0x180
[ 3142.433989]  vfs_iter_write+0x70/0xa0
[ 3142.434892]  iter_file_splice_write+0x762/0xc30
[ 3142.436051]  ? generic_splice_sendpage+0x140/0x140
[ 3142.437237]  ? avc_policy_seqno+0x9/0x70
[ 3142.437930]  ? selinux_file_permission+0x92/0x520
[ 3142.438561]  ? lockdep_init_map_type+0x2c7/0x780
[ 3142.439178]  ? generic_splice_sendpage+0x140/0x140
[ 3142.439812]  direct_splice_actor+0x10f/0x170
[ 3142.440376]  splice_direct_to_actor+0x387/0x980
[ 3142.440990]  ? pipe_to_sendpage+0x380/0x380
[ 3142.441722]  ? do_splice_to+0x160/0x160
[ 3142.442706]  ? security_file_permission+0x24e/0x570
[ 3142.443887]  do_splice_direct+0x1c4/0x290
[ 3142.444839]  ? splice_direct_to_actor+0x980/0x980
[ 3142.445791]  ? selinux_file_permission+0x92/0x520
[ 3142.446403]  ? security_file_permission+0x24e/0x570
[ 3142.447092]  do_sendfile+0x553/0x1090
[ 3142.447591]  ? do_pwritev+0x270/0x270
[ 3142.448142]  ? wait_for_completion_io+0x270/0x270
[ 3142.448766]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3142.449393]  ? vfs_write+0x354/0xa70
[ 3142.450411]  __x64_sys_sendfile64+0x1d1/0x210
[ 3142.451507]  ? __ia32_sys_sendfile+0x220/0x220
[ 3142.452634]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3142.454059]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3142.455550]  do_syscall_64+0x33/0x40
[ 3142.456449]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3142.457746] RIP: 0033:0x7f47d2c10b19
[ 3142.458637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3142.463314] RSP: 002b:00007f47d0186188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3142.465618] RAX: ffffffffffffffda RBX: 00007f47d2d23f60 RCX: 00007f47d2c10b19
[ 3142.467321] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 3142.469061] RBP: 00007f47d01861d0 R08: 0000000000000000 R09: 0000000000000000
[ 3142.471056] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3142.472849] R13: 00007ffd9481803f R14: 00007f47d0186300 R15: 0000000000022000
14:07:31 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = accept4$bt_l2cap(r1, &(0x7f00000000c0), &(0x7f0000000140)=0xe, 0x800)
preadv(r2, &(0x7f0000000880)=[{&(0x7f00000002c0)=""/228, 0xe4}, {&(0x7f00000003c0)=""/123, 0x7b}, {&(0x7f0000000440)=""/163, 0xa3}, {&(0x7f0000000500)=""/112, 0x70}, {&(0x7f0000000680)=""/213, 0xd5}, {&(0x7f0000000780)=""/233, 0xe9}, {&(0x7f0000000580)=""/80, 0x50}], 0x7, 0x7570, 0x10001)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r3, &(0x7f0000000240)="01", 0x1)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r4, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r5, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
sendfile(r4, r5, 0x0, 0x6)
r6 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r6, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

[ 3142.531376] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
14:07:31 executing program 5:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r2, 0xffff)
sendfile(r1, r0, 0x0, 0x20d315)

14:07:31 executing program 1:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x8, 0x4, &(0x7f0000000140)=[{&(0x7f00000002c0)="20000000000100000c000000d40000000f000000010900000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0e187f1a438c25c3ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000017000200", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}})
openat(r1, &(0x7f0000000000)='./file0\x00', 0x80000, 0x100)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x181bc2, 0x20)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r4, &(0x7f0000000240)="01", 0x1)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000340), 0x100000, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@mmap}, {@privport}, {@aname}, {@version_L}], [{@permit_directio}, {@context={'context', 0x3d, 'user_u'}}, {@obj_role={'obj_role', 0x3d, '[@'}}]}})
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r0, r3, 0x0, 0x20d315)

14:07:31 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x201, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:07:31 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000", 0x5c, 0x400}], 0x0, &(0x7f0000012900)=ANY=[])

[ 3142.692723] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[ 3142.729880] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 3142.734399] EXT4-fs error (device loop2): __ext4_new_inode:1068: comm syz-executor.2: reserved inode found cleared - inode=1
[ 3142.747640] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
14:07:45 executing program 7:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PTP_PEROUT_REQUEST(r4, 0x40383d03, &(0x7f0000000080)={{0x3, 0x9}, {0x6, 0x100}, 0xb4})
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB="2c776664097c3ae1ecb91c1560378a9b4182b96e6f3d", @ANYRESHEX, @ANYBLOB=',\x00'])
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:07:45 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x200000, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000140)={r3, 0x3, 0x8, 0x6})
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:07:45 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x201, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:07:45 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x10000, 0x3)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000240)="01", 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r2, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:07:45 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200", 0x5f, 0x400}], 0x0, &(0x7f0000012900)=ANY=[])

14:07:45 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 37)

14:07:45 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x8, 0x0, 0x0, 0x5e, 0x803, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext, 0x0, 0xac3, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0xd49, 0x0, 0x6}, 0x0, 0x10000, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:07:45 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d356)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 3156.691568] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
14:07:45 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200", 0x5f, 0x400}], 0x0, &(0x7f0000012900)=ANY=[])

[ 3156.726804] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 3156.730173] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 3156.731854] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 3156.734204] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 3156.736379] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 3156.745783] EXT4-fs error (device loop2): __ext4_new_inode:1068: comm syz-executor.2: reserved inode found cleared - inode=1
[ 3156.751081] FAULT_INJECTION: forcing a failure.
[ 3156.751081] name failslab, interval 1, probability 0, space 0, times 0
[ 3156.752283] CPU: 0 PID: 20257 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 3156.752964] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3156.753796] Call Trace:
[ 3156.754066]  dump_stack+0x107/0x167
[ 3156.754429]  should_fail.cold+0x5/0xa
[ 3156.754808]  ? create_object.isra.0+0x3a/0xa20
[ 3156.755260]  should_failslab+0x5/0x20
[ 3156.755635]  kmem_cache_alloc+0x5b/0x310
[ 3156.756036]  ? ext4_journal_check_start+0x1b3/0x2a0
[ 3156.756528]  create_object.isra.0+0x3a/0xa20
[ 3156.756966]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3156.757466]  kmem_cache_alloc+0x159/0x310
[ 3156.757885]  ext4_mb_new_blocks+0x64d/0x45b0
[ 3156.758327]  ? mark_lock+0xfa/0x2df0
[ 3156.758694]  ? mark_held_locks+0x9e/0xe0
[ 3156.759093]  ? lock_chain_count+0x20/0x20
[ 3156.759501]  ? lock_chain_count+0x20/0x20
[ 3156.759912]  ? free_unref_page_list+0x4d1/0x680
[ 3156.760365]  ? trace_hardirqs_on+0x5b/0x180
[ 3156.760789]  ? ext4_discard_preallocations+0xd80/0xd80
[ 3156.761337]  ? ext4_get_branch+0x541/0x6d0
[ 3156.761800]  ext4_ind_map_blocks+0x17de/0x2150
[ 3156.762310]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3156.762884]  ? ext4_free_branches+0x680/0x680
[ 3156.763369]  ? lock_acquire+0x197/0x470
[ 3156.763804]  ? lock_release+0x680/0x680
[ 3156.764241]  ? find_held_lock+0x2c/0x110
[ 3156.764694]  ? down_write+0xe0/0x160
[ 3156.765086]  ? down_write_killable+0x180/0x180
[ 3156.765566]  ext4_map_blocks+0x9ed/0x1940
[ 3156.766036]  ? ext4_issue_zeroout+0x1c0/0x1c0
[ 3156.766534]  ? lock_acquire+0x197/0x470
[ 3156.766965]  ? find_held_lock+0x2c/0x110
[ 3156.767397]  _ext4_get_block+0x21e/0x570
[ 3156.767839]  ? ext4_map_blocks+0x1940/0x1940
[ 3156.768275]  ? xas_load+0x63/0x2f0
[ 3156.768671]  ? create_page_buffers+0x139/0x230
[ 3156.769174]  __block_write_begin_int+0x3d1/0x19c0
[ 3156.769662]  ? _ext4_get_block+0x570/0x570
[ 3156.770144]  ? remove_inode_buffers+0x300/0x300
[ 3156.770611]  ? ext4_journal_check_start+0x1b3/0x2a0
[ 3156.771162]  ext4_write_begin+0x68e/0x10f0
[ 3156.771598]  ? ext4_truncate+0x1160/0x1160
[ 3156.772067]  ? ext4_expand_extra_isize+0x5a0/0x5a0
[ 3156.772552]  ? current_time+0x72/0x2c0
[ 3156.772981]  ext4_da_write_begin+0x623/0xd40
[ 3156.773421]  ? ext4_journal_check_start+0x1b3/0x2a0
[ 3156.773968]  ? iov_iter_fault_in_readable+0x9a/0x410
[ 3156.774470]  ? __ext4_journal_stop+0x107/0x1f0
[ 3156.774968]  ? ext4_write_begin+0x10f0/0x10f0
[ 3156.775413]  ? copyout_mc+0x140/0x140
[ 3156.775835]  ? ext4_dirty_inode+0x107/0x130
[ 3156.776314]  ? __mark_inode_dirty+0x12e/0xd40
[ 3156.776825]  generic_perform_write+0x20a/0x4f0
[ 3156.777317]  ? page_cache_next_miss+0x310/0x310
[ 3156.777818]  ? down_write_killable+0x180/0x180
[ 3156.778313]  ext4_buffered_write_iter+0x232/0x4a0
[ 3156.778830]  ext4_file_write_iter+0x4fb/0x18d0
[ 3156.779330]  ? ext4_file_read_iter+0x4c0/0x4c0
[ 3156.779818]  ? kasan_save_stack+0x32/0x40
[ 3156.780275]  ? kasan_save_stack+0x1b/0x40
[ 3156.780724]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3156.781269]  ? iter_file_splice_write+0x16d/0xc30
[ 3156.781797]  ? direct_splice_actor+0x10f/0x170
[ 3156.782285]  ? splice_direct_to_actor+0x387/0x980
[ 3156.782806]  ? do_splice_direct+0x1c4/0x290
[ 3156.783273]  ? do_sendfile+0x553/0x1090
[ 3156.783694]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3156.784198]  do_iter_readv_writev+0x476/0x750
[ 3156.784679]  ? new_sync_write+0x660/0x660
[ 3156.785121]  ? selinux_file_permission+0x92/0x520
[ 3156.785652]  do_iter_write+0x191/0x670
[ 3156.786076]  ? trace_hardirqs_on+0x5b/0x180
[ 3156.786544]  vfs_iter_write+0x70/0xa0
[ 3156.786955]  iter_file_splice_write+0x762/0xc30
[ 3156.787460]  ? generic_splice_sendpage+0x140/0x140
[ 3156.787987]  ? avc_policy_seqno+0x9/0x70
[ 3156.788419]  ? selinux_file_permission+0x92/0x520
[ 3156.788939]  ? lockdep_init_map_type+0x2c7/0x780
[ 3156.789448]  ? generic_splice_sendpage+0x140/0x140
[ 3156.789988]  direct_splice_actor+0x10f/0x170
[ 3156.790463]  splice_direct_to_actor+0x387/0x980
[ 3156.790964]  ? pipe_to_sendpage+0x380/0x380
[ 3156.791422]  ? do_splice_to+0x160/0x160
[ 3156.791849]  ? security_file_permission+0x24e/0x570
[ 3156.792388]  do_splice_direct+0x1c4/0x290
[ 3156.792837]  ? splice_direct_to_actor+0x980/0x980
[ 3156.793351]  ? selinux_file_permission+0x92/0x520
[ 3156.793889]  ? security_file_permission+0x24e/0x570
[ 3156.794421]  do_sendfile+0x553/0x1090
[ 3156.794837]  ? do_pwritev+0x270/0x270
[ 3156.795249]  ? wait_for_completion_io+0x270/0x270
[ 3156.795771]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3156.796260]  ? vfs_write+0x354/0xa70
[ 3156.796664]  __x64_sys_sendfile64+0x1d1/0x210
[ 3156.797144]  ? __ia32_sys_sendfile+0x220/0x220
[ 3156.797634]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3156.798213]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3156.798767]  do_syscall_64+0x33/0x40
[ 3156.799164]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3156.799714] RIP: 0033:0x7f47d2c10b19
[ 3156.800109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3156.802059] RSP: 002b:00007f47d0186188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3156.802866] RAX: ffffffffffffffda RBX: 00007f47d2d23f60 RCX: 00007f47d2c10b19
[ 3156.803651] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 3156.804439] RBP: 00007f47d01861d0 R08: 0000000000000000 R09: 0000000000000000
[ 3156.805226] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3156.806010] R13: 00007ffd9481803f R14: 00007f47d0186300 R15: 0000000000022000
14:07:46 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200", 0x5f, 0x400}], 0x0, &(0x7f0000012900)=ANY=[])

14:07:46 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x201, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:07:46 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d357)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:07:46 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x3fffc, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x24, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mount$cgroup2(0x0, &(0x7f00000002c0)='./file1\x00', &(0x7f0000000300), 0x1028400, &(0x7f0000000340)=ANY=[@ANYBLOB='nsdelegate,memory_localevents,net,perf_event,io,func=PATH_CHECK,fowner<', @ANYRESDEC=0x0, @ANYBLOB='(\x00'])
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
pipe(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}})
r5 = openat(r3, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x43)
ftruncate(r5, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)
getsockname$unix(r1, &(0x7f0000000140), &(0x7f00000000c0)=0x6e)

[ 3156.962570] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
14:07:46 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 38)

14:07:46 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r3, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
readv(r3, &(0x7f00000005c0)=[{&(0x7f0000000340)=""/30, 0x1e}, {&(0x7f0000000380)=""/230, 0xe6}, {&(0x7f0000000480)=""/41, 0x29}, {&(0x7f00000004c0)=""/49, 0x31}, {&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000000500)=""/176, 0xb0}, {&(0x7f0000001680)=""/158, 0x9e}], 0x7)
write(r2, &(0x7f0000000240)="01", 0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000180)={0x6, 0x4, 0x2, 0x1000, 0x8b7a})
pipe2(&(0x7f0000000300), 0x100800)
ftruncate(r4, 0xffff)
openat$sr(0xffffffffffffff9c, &(0x7f0000001740), 0x70180, 0x0)
signalfd4(0xffffffffffffffff, &(0x7f00000002c0)={[0x1]}, 0x8, 0x80800)
sendfile(r0, r1, 0x0, 0x20d315)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r5, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
fsetxattr$trusted_overlay_redirect(r2, &(0x7f00000000c0), &(0x7f0000000140)='./file2\x00', 0x8, 0x2)

14:07:46 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b000000000200002802000002", 0x61, 0x400}], 0x0, &(0x7f0000012900)=ANY=[])

[ 3157.016637] EXT4-fs (loop1): VFS: Can't find ext4 filesystem
[ 3157.016815] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 3157.043738] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 3157.049436] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[ 3157.058094] EXT4-fs error (device loop2): __ext4_new_inode:1068: comm syz-executor.2: reserved inode found cleared - inode=1
[ 3157.088717] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 3157.134344] EXT4-fs (loop1): VFS: Can't find ext4 filesystem
[ 3157.164000] FAULT_INJECTION: forcing a failure.
[ 3157.164000] name failslab, interval 1, probability 0, space 0, times 0
[ 3157.165202] CPU: 0 PID: 20313 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 3157.166006] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3157.166897] Call Trace:
[ 3157.167170]  dump_stack+0x107/0x167
[ 3157.167565]  should_fail.cold+0x5/0xa
[ 3157.167957]  ? create_object.isra.0+0x3a/0xa20
[ 3157.168456]  should_failslab+0x5/0x20
[ 3157.168839]  kmem_cache_alloc+0x5b/0x310
[ 3157.169281]  ? ext4_journal_check_start+0x1b3/0x2a0
[ 3157.169793]  create_object.isra.0+0x3a/0xa20
[ 3157.170268]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3157.170778]  kmem_cache_alloc+0x159/0x310
[ 3157.171226]  ext4_mb_new_blocks+0x64d/0x45b0
[ 3157.171673]  ? __lock_acquire+0x1657/0x5b00
[ 3157.172156]  ? ext4_discard_preallocations+0xd80/0xd80
[ 3157.172676]  ? ext4_get_branch+0x541/0x6d0
[ 3157.173138]  ext4_ind_map_blocks+0x17de/0x2150
[ 3157.173640]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3157.174207]  ? ext4_free_branches+0x680/0x680
[ 3157.174689]  ? lock_acquire+0x197/0x470
[ 3157.175108]  ? lock_release+0x680/0x680
[ 3157.175539]  ? find_held_lock+0x2c/0x110
[ 3157.175971]  ? down_write+0xe0/0x160
[ 3157.176377]  ? down_write_killable+0x180/0x180
[ 3157.176858]  ext4_map_blocks+0x9ed/0x1940
[ 3157.177314]  ? ext4_issue_zeroout+0x1c0/0x1c0
[ 3157.177779]  ? lock_acquire+0x197/0x470
[ 3157.178198]  ? lock_page_memcg+0x30/0x270
[ 3157.178622]  ? find_held_lock+0x2c/0x110
[ 3157.179072]  _ext4_get_block+0x21e/0x570
[ 3157.179496]  ? ext4_map_blocks+0x1940/0x1940
[ 3157.179973]  ? lock_page_memcg+0xcd/0x270
[ 3157.180407]  __block_write_begin_int+0x3d1/0x19c0
[ 3157.180917]  ? _ext4_get_block+0x570/0x570
[ 3157.181365]  ? remove_inode_buffers+0x300/0x300
[ 3157.181853]  ? ext4_journal_check_start+0x1b3/0x2a0
[ 3157.182389]  ext4_write_begin+0x68e/0x10f0
[ 3157.182840]  ? ext4_truncate+0x1160/0x1160
[ 3157.183288]  ? ext4_expand_extra_isize+0x5a0/0x5a0
[ 3157.183791]  ? current_time+0x72/0x2c0
[ 3157.184212]  ext4_da_write_begin+0x623/0xd40
[ 3157.184666]  ? ext4_journal_check_start+0x1b3/0x2a0
[ 3157.185197]  ? iov_iter_fault_in_readable+0x9a/0x410
[ 3157.185730]  ? __ext4_journal_stop+0x107/0x1f0
[ 3157.186214]  ? ext4_write_begin+0x10f0/0x10f0
[ 3157.186669]  ? copyout_mc+0x140/0x140
[ 3157.187083]  ? ext4_dirty_inode+0x107/0x130
[ 3157.187533]  ? __mark_inode_dirty+0x12e/0xd40
[ 3157.188011]  generic_perform_write+0x20a/0x4f0
[ 3157.188491]  ? page_cache_next_miss+0x310/0x310
[ 3157.188977]  ? down_write_killable+0x180/0x180
[ 3157.189447]  ext4_buffered_write_iter+0x232/0x4a0
[ 3157.189954]  ext4_file_write_iter+0x4fb/0x18d0
[ 3157.190441]  ? ext4_file_read_iter+0x4c0/0x4c0
[ 3157.190913]  ? kasan_save_stack+0x32/0x40
[ 3157.191321]  ? kasan_save_stack+0x1b/0x40
[ 3157.191754]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3157.192283]  ? iter_file_splice_write+0x16d/0xc30
[ 3157.192784]  ? direct_splice_actor+0x10f/0x170
[ 3157.193238]  ? splice_direct_to_actor+0x387/0x980
[ 3157.193753]  ? do_splice_direct+0x1c4/0x290
[ 3157.194206]  ? do_sendfile+0x553/0x1090
[ 3157.194627]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3157.195118]  do_iter_readv_writev+0x476/0x750
[ 3157.195600]  ? new_sync_write+0x660/0x660
[ 3157.196039]  ? selinux_file_permission+0x92/0x520
[ 3157.196563]  do_iter_write+0x191/0x670
[ 3157.196969]  ? trace_hardirqs_on+0x5b/0x180
[ 3157.197420]  vfs_iter_write+0x70/0xa0
[ 3157.197818]  iter_file_splice_write+0x762/0xc30
[ 3157.198292]  ? generic_splice_sendpage+0x140/0x140
[ 3157.198808]  ? avc_policy_seqno+0x9/0x70
[ 3157.199240]  ? selinux_file_permission+0x92/0x520
[ 3157.199746]  ? lockdep_init_map_type+0x2c7/0x780
[ 3157.200252]  ? generic_splice_sendpage+0x140/0x140
[ 3157.200779]  direct_splice_actor+0x10f/0x170
[ 3157.201253]  splice_direct_to_actor+0x387/0x980
[ 3157.201752]  ? pipe_to_sendpage+0x380/0x380
[ 3157.202203]  ? do_splice_to+0x160/0x160
[ 3157.202614]  ? security_file_permission+0x24e/0x570
[ 3157.203112]  do_splice_direct+0x1c4/0x290
[ 3157.203549]  ? splice_direct_to_actor+0x980/0x980
[ 3157.204047]  ? selinux_file_permission+0x92/0x520
[ 3157.204550]  ? security_file_permission+0x24e/0x570
[ 3157.205055]  do_sendfile+0x553/0x1090
[ 3157.205464]  ? do_pwritev+0x270/0x270
[ 3157.205873]  ? wait_for_completion_io+0x270/0x270
[ 3157.206380]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3157.206864]  ? vfs_write+0x354/0xa70
[ 3157.207258]  __x64_sys_sendfile64+0x1d1/0x210
[ 3157.207728]  ? __ia32_sys_sendfile+0x220/0x220
[ 3157.208214]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3157.208760]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3157.209317]  do_syscall_64+0x33/0x40
[ 3157.209696]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3157.210245] RIP: 0033:0x7f47d2c10b19
[ 3157.210645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3157.212543] RSP: 002b:00007f47d0186188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3157.213352] RAX: ffffffffffffffda RBX: 00007f47d2d23f60 RCX: 00007f47d2c10b19
[ 3157.214122] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 3157.214869] RBP: 00007f47d01861d0 R08: 0000000000000000 R09: 0000000000000000
[ 3157.215603] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3157.216320] R13: 00007ffd9481803f R14: 00007f47d0186300 R15: 0000000000022000
14:08:01 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x302, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:08:01 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b000000000200002802000002", 0x61, 0x400}], 0x0, &(0x7f0000012900)=ANY=[])

14:08:01 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r6=>0x0})
sendmmsg$inet(r4, &(0x7f0000002040)=[{{&(0x7f0000000380)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f00000003c0)="db9c", 0xffe7}], 0x1, &(0x7f0000001640)=ANY=[@ANYBLOB="1400000000000000000000000700000000000000000000001c000000000000000000000008000000", @ANYRES32=r6], 0x38}}], 0x1, 0x0)
pipe(&(0x7f00000001c0)={<r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r7}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:08:01 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x201, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:08:01 executing program 1:
ioctl$RNDADDENTROPY(0xffffffffffffffff, 0x40085203, &(0x7f00000002c0)={0x80, 0xd7, "af5b9aa40199fdf7bf859e0e9d2f838e908f1147f0cdf2156561a57fcc6f16b5913cf4fc9f9edcd43ce1aea654b0977e82588f945b6239f408be2ad8d48ee276e56732c071f0e7f364fbab101924f32d9bcfda311218b284552cf7ca9a725d27251ed4bc3d01322a98d917cdc489cad29d386150d24137fa77d67b91a10077150ba4b980a24f21bce4d3bcf4bcc146eb2d420c3b9e79cbc6dd81538dd227dce79635dbe5b969478c9a6d06c92c4a25040b3fc4bb486a3d594ac02e42ca2c4608d6bb68324a578cd7e5923036a158c4a7f0be87d2d120fe"})
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x50940, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:08:01 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 39)

14:08:01 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
quotactl(0xbc9, &(0x7f00000000c0)='./file2\x00', 0xffffffffffffffff, &(0x7f0000000140)="6e3b9f50d9296081cc3f82bc24c69e3ac00ef8d7b45c973a3fe9a97afc40496185b880e680ee23d12ba81a98517236145b411bad51cf59e99e471d341c56a5b6864fc1aff9ded0a2b987d62e00ad3a689f82c4bc9451f703f711c7c63722741cc5")
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r1, &(0x7f0000000240)="01", 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r2, 0xffff)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r3, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
fsetxattr$trusted_overlay_redirect(r3, &(0x7f00000002c0), &(0x7f0000000300)='./file2\x00', 0x8, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x20d315)

14:08:01 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d358)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 3172.075169] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 3172.090143] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[ 3172.099318] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 3172.122382] FAULT_INJECTION: forcing a failure.
[ 3172.122382] name failslab, interval 1, probability 0, space 0, times 0
[ 3172.124917] CPU: 0 PID: 20359 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 3172.126387] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3172.128129] Call Trace:
[ 3172.128701]  dump_stack+0x107/0x167
[ 3172.129479]  should_fail.cold+0x5/0xa
[ 3172.130314]  ? create_object.isra.0+0x3a/0xa20
[ 3172.131282]  should_failslab+0x5/0x20
[ 3172.132088]  kmem_cache_alloc+0x5b/0x310
[ 3172.132951]  ? ext4_journal_check_start+0x1b3/0x2a0
[ 3172.134024]  create_object.isra.0+0x3a/0xa20
[ 3172.135174]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3172.136248]  kmem_cache_alloc+0x159/0x310
[ 3172.137130]  ext4_mb_new_blocks+0x64d/0x45b0
[ 3172.138098]  ? mark_lock+0xf5/0x2df0
[ 3172.138892]  ? ext4_discard_preallocations+0xd80/0xd80
[ 3172.139994]  ? ext4_get_branch+0x541/0x6d0
[ 3172.140896]  ext4_ind_map_blocks+0x17de/0x2150
[ 3172.141890]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3172.143002]  ? ext4_free_branches+0x680/0x680
[ 3172.143946]  ? lock_acquire+0x197/0x470
[ 3172.144787]  ? lock_release+0x680/0x680
[ 3172.145628]  ? find_held_lock+0x2c/0x110
[ 3172.146514]  ? down_write+0xe0/0x160
[ 3172.147309]  ? down_write_killable+0x180/0x180
[ 3172.148281]  ext4_map_blocks+0x9ed/0x1940
[ 3172.149166]  ? ext4_issue_zeroout+0x1c0/0x1c0
[ 3172.150132]  ? lock_acquire+0x197/0x470
[ 3172.150970]  ? lock_page_memcg+0x30/0x270
[ 3172.151845]  ? find_held_lock+0x2c/0x110
[ 3172.152709]  _ext4_get_block+0x21e/0x570
[ 3172.153563]  ? ext4_map_blocks+0x1940/0x1940
[ 3172.154495]  ? lock_page_memcg+0xcd/0x270
[ 3172.155376]  __block_write_begin_int+0x3d1/0x19c0
[ 3172.156389]  ? _ext4_get_block+0x570/0x570
[ 3172.157292]  ? remove_inode_buffers+0x300/0x300
[ 3172.158289]  ? ext4_journal_check_start+0x1b3/0x2a0
[ 3172.159347]  ext4_write_begin+0x68e/0x10f0
[ 3172.160257]  ? ext4_truncate+0x1160/0x1160
[ 3172.161145]  ? ext4_expand_extra_isize+0x5a0/0x5a0
[ 3172.162185]  ? current_time+0x72/0x2c0
[ 3172.163007]  ext4_da_write_begin+0x623/0xd40
[ 3172.163823]  ? ext4_journal_check_start+0x1b3/0x2a0
[ 3172.164745]  ? iov_iter_fault_in_readable+0x9a/0x410
[ 3172.165677]  ? __ext4_journal_stop+0x107/0x1f0
[ 3172.166539]  ? ext4_write_begin+0x10f0/0x10f0
[ 3172.167363]  ? copyout_mc+0x140/0x140
[ 3172.168066]  ? ext4_dirty_inode+0x107/0x130
[ 3172.168862]  ? __mark_inode_dirty+0x12e/0xd40
[ 3172.169693]  generic_perform_write+0x20a/0x4f0
[ 3172.170558]  ? page_cache_next_miss+0x310/0x310
[ 3172.171419]  ? down_write_killable+0x180/0x180
[ 3172.172273]  ext4_buffered_write_iter+0x232/0x4a0
[ 3172.173167]  ext4_file_write_iter+0x4fb/0x18d0
[ 3172.174046]  ? ext4_file_read_iter+0x4c0/0x4c0
[ 3172.174889]  ? kasan_save_stack+0x32/0x40
[ 3172.175656]  ? kasan_save_stack+0x1b/0x40
[ 3172.176423]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3172.177352]  ? iter_file_splice_write+0x16d/0xc30
[ 3172.178244]  ? direct_splice_actor+0x10f/0x170
[ 3172.179082]  ? splice_direct_to_actor+0x387/0x980
[ 3172.179966]  ? do_splice_direct+0x1c4/0x290
[ 3172.180760]  ? do_sendfile+0x553/0x1090
[ 3172.181493]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3172.182382]  do_iter_readv_writev+0x476/0x750
[ 3172.183218]  ? new_sync_write+0x660/0x660
[ 3172.183981]  ? selinux_file_permission+0x92/0x520
[ 3172.184891]  do_iter_write+0x191/0x670
[ 3172.185614]  ? trace_hardirqs_on+0x5b/0x180
[ 3172.186432]  vfs_iter_write+0x70/0xa0
[ 3172.187140]  iter_file_splice_write+0x762/0xc30
[ 3172.188015]  ? generic_splice_sendpage+0x140/0x140
[ 3172.188930]  ? avc_policy_seqno+0x9/0x70
[ 3172.189864]  ? selinux_file_permission+0x92/0x520
[ 3172.190765]  ? lockdep_init_map_type+0x2c7/0x780
[ 3172.191643]  ? generic_splice_sendpage+0x140/0x140
[ 3172.192549]  direct_splice_actor+0x10f/0x170
[ 3172.193368]  splice_direct_to_actor+0x387/0x980
[ 3172.194239]  ? pipe_to_sendpage+0x380/0x380
[ 3172.195041]  ? do_splice_to+0x160/0x160
[ 3172.195776]  ? security_file_permission+0x24e/0x570
[ 3172.196705]  do_splice_direct+0x1c4/0x290
[ 3172.197477]  ? splice_direct_to_actor+0x980/0x980
[ 3172.198384]  ? selinux_file_permission+0x92/0x520
[ 3172.199279]  ? security_file_permission+0x24e/0x570
[ 3172.200216]  do_sendfile+0x553/0x1090
[ 3172.200934]  ? do_pwritev+0x270/0x270
[ 3172.201642]  ? wait_for_completion_io+0x270/0x270
[ 3172.202540]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3172.203396]  ? vfs_write+0x354/0xa70
[ 3172.204092]  __x64_sys_sendfile64+0x1d1/0x210
[ 3172.204923]  ? __ia32_sys_sendfile+0x220/0x220
[ 3172.205773]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3172.206741]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3172.207697]  do_syscall_64+0x33/0x40
[ 3172.208390]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3172.209471] RIP: 0033:0x7f47d2c10b19
[ 3172.210210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3172.213677] RSP: 002b:00007f47d0165188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3172.215129] RAX: ffffffffffffffda RBX: 00007f47d2d24020 RCX: 00007f47d2c10b19
[ 3172.216483] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000006
[ 3172.217857] RBP: 00007f47d01651d0 R08: 0000000000000000 R09: 0000000000000000
[ 3172.219213] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3172.220567] R13: 00007ffd9481803f R14: 00007f47d0165300 R15: 0000000000022000
[ 3172.251110] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 3172.279744] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 3172.313620] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
14:08:01 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b000000000200002802000002", 0x61, 0x400}], 0x0, &(0x7f0000012900)=ANY=[])

[ 3172.339443] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 3172.419373] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
14:08:01 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(r0, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:08:01 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d359)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:08:01 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 40)

14:08:01 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setresuid(0xffffffffffffffff, r0, 0x0)
syz_mount_image$tmpfs(&(0x7f00000000c0), &(0x7f0000000140)='./file1\x00', 0x1, 0x5, &(0x7f0000000580)=[{&(0x7f00000002c0)="ffbdc2c51770f47ca797987bb45e8e02bfc287e53b4246981262e144286d9ca888ef85fbc5e4e31f6043d91f8ff92856a742c7a72b257246ad191f46933cb43d73b9e8c721d1b39865a183b6faf5718b397252b9bce5aad58151a8748c4fe1225ccac3673ffac16bca3111699d368ad2322646b09fc44f033044", 0x7a, 0xffffffff}, {&(0x7f0000000340)="5df7e5ac893b5c2c6795c5e04c375d8316db3deebccea441ce6ef24d5fbc5d3b7d102f824ee99dde1f85f3b22c138b5cd4f556327ac5d25931a348d0ec4bf06f53098acc99f220fd3dd2c7b410f7303e0025483f834892ea465bcd318703e1c74aa84a4a0c12990b39c864b40f8cf1687b725fb4c788dc5df303854f049f1099cf9b76f00455bd6291b4ffdcb6d51780fddd", 0x92, 0x80000000}, {&(0x7f0000000400)="4b5c790edb8322ef5ba8500139937a2f41f5e1b7a05e9662590d4c0a2e90e4ea36590d4a607a0d9ed3a97090fb111e3781eaa189cfb50c9003bdd5cb7b5f179fbf52aff08dbb892b575ea6fd0b862a5d82a272a76ca93c7f339bb14bbeeb2cea614e08cfd4fcc6d5a48363abc8e387c2c52bac8a0a0c92ca30a0c108c4df1cb7d636476206546411bbeedce85e0726f4316f589040014a8bd72644dab8da181c803eb3b740174da867fa46926929023ff11f4af7e6fb6fead6b4091af7c05eaad5f849b23f1f016e608a9946254198bcd47155", 0xd3, 0x7fffffff}, {&(0x7f0000000180)="ae31a803fb1961e3ca187a0a2eddfe259be4b7d88e894a1a5556e6c32911b14e09", 0x21, 0x3}, {&(0x7f0000000500)="2ec95f04fba7fd015d0c81e47ea3a637e45693fdf7b0c35fcd98633c441204c86652204b0dee5fc7b64e6b8c8c6acaa6bd17d96adb53eac342d9ae2bb181a8644fe625000cab556e4630bda6a27f1436d6c8fed0c369c1884234f3c6060a92f7a2318d1f9e", 0x65, 0x80000000}], 0x901080, &(0x7f0000000600)={[{@huge_always}, {@nr_blocks={'nr_blocks', 0x3d, [0x35, 0x31, 0x38, 0x35, 0x67]}}, {@mpol={'mpol', 0x3d, {'default', '=relative', @void}}}, {@uid={'uid', 0x3d, 0xffffffffffffffff}}, {@nr_blocks={'nr_blocks', 0x3d, [0x39]}}], [{@smackfsroot={'smackfsroot', 0x3d, '}[\x00'}}, {@subj_user={'subj_user', 0x3d, 'ext4\x00'}}, {@appraise}, {@euid_gt={'euid>', 0xee01}}, {@hash}, {@smackfsdef={'smackfsdef', 0x3d, 'ext4\x00'}}, {@fsuuid={'fsuuid', 0x3d, {[0x35, 0x63, 0x37, 0x35, 0x31, 0x66, 0x38, 0x35], 0x2d, [0xf0c28f5854a07742, 0x35, 0x64, 0x64], 0x2d, [0x63, 0x34, 0x34, 0x34], 0x2d, [0x39, 0xc, 0x34, 0x6c], 0x2d, [0x35, 0x66, 0x34, 0x31, 0x31, 0xf, 0x38, 0x62]}}}, {@fowner_lt={'fowner<', r0}}]})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r3, &(0x7f0000000240)="01", 0x1)
getresuid(&(0x7f0000000700)=<r4=>0x0, &(0x7f0000000740), &(0x7f0000000780))
setresuid(r0, r0, r4)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r1, r2, 0x0, 0x20d315)

14:08:01 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d356)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:08:01 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x302, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:08:01 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62}], 0x0, &(0x7f0000012900)=ANY=[])

[ 3172.603546] FAULT_INJECTION: forcing a failure.
[ 3172.603546] name failslab, interval 1, probability 0, space 0, times 0
[ 3172.605836] CPU: 0 PID: 20387 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 3172.606961] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3172.608286] Call Trace:
[ 3172.608723]  dump_stack+0x107/0x167
[ 3172.609319]  should_fail.cold+0x5/0xa
[ 3172.609963]  ? ext4_find_extent+0xa3d/0xd30
[ 3172.610660]  should_failslab+0x5/0x20
[ 3172.611271]  __kmalloc+0x72/0x390
[ 3172.611840]  ext4_find_extent+0xa3d/0xd30
[ 3172.612525]  ext4_ext_map_blocks+0x1c8/0x5850
[ 3172.613262]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3172.614136]  ? perf_trace_lock+0xac/0x490
[ 3172.614824]  ? __lockdep_reset_lock+0x180/0x180
[ 3172.615593]  ? ext4_ext_release+0x10/0x10
[ 3172.616281]  ? ext4_map_blocks+0x5e0/0x1940
[ 3172.616999]  ? lock_release+0x680/0x680
[ 3172.617656]  ? ext4_es_lookup_extent+0x48d/0xaa0
[ 3172.618449]  ? lock_downgrade+0x6d0/0x6d0
[ 3172.619137]  ? __unwind_start+0x523/0x7e0
[ 3172.619841]  ? down_write+0xe0/0x160
[ 3172.620459]  ? down_write_killable+0x180/0x180
[ 3172.621233]  ext4_map_blocks+0x652/0x1940
[ 3172.621936]  ? ext4_issue_zeroout+0x1c0/0x1c0
[ 3172.622681]  ? trace_hardirqs_on+0x5b/0x180
[ 3172.623392]  ? kmem_cache_alloc+0x2a6/0x310
[ 3172.624116]  ext4_writepages+0x19bf/0x3350
[ 3172.624816]  ? unwind_next_frame+0x13ef/0x1a90
[ 3172.625573]  ? find_held_lock+0x2c/0x110
[ 3172.626285]  ? __ext4_mark_inode_dirty+0x770/0x770
[ 3172.627100]  ? __is_insn_slot_addr+0x14c/0x290
[ 3172.627862]  ? __kernel_text_address+0x9/0x40
[ 3172.628608]  ? unwind_get_return_address+0x55/0xa0
[ 3172.629419]  ? create_prof_cpu_mask+0x20/0x20
[ 3172.630182]  ? stack_trace_save+0x8c/0xc0
[ 3172.630870]  ? stack_trace_consume_entry+0x160/0x160
[ 3172.631727]  ? kasan_save_stack+0x32/0x40
[ 3172.632409]  ? kasan_save_stack+0x1b/0x40
[ 3172.633096]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3172.633953]  ? __ext4_mark_inode_dirty+0x770/0x770
[ 3172.634762]  do_writepages+0xee/0x2a0
[ 3172.635394]  ? page_writeback_cpu_online+0x20/0x20
[ 3172.636206]  ? lock_acquire+0x197/0x470
[ 3172.636868]  ? create_object.isra.0+0x3ad/0xa20
[ 3172.637645]  ? lock_release+0x680/0x680
[ 3172.637737] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 3172.638304]  ? find_held_lock+0x2c/0x110
[ 3172.640168]  __filemap_fdatawrite_range+0x24b/0x2f0
[ 3172.640999]  ? delete_from_page_cache_batch+0xa30/0xa30
[ 3172.641893]  ? mark_held_locks+0x9e/0xe0
[ 3172.642570]  ? trace_hardirqs_on+0x5b/0x180
[ 3172.643295]  filemap_write_and_wait_range+0x65/0x100
[ 3172.644137]  __iomap_dio_rw+0x552/0x1110
[ 3172.644825]  ? iomap_dio_bio_actor+0xef0/0xef0
[ 3172.645575]  ? generic_update_time+0x21c/0x370
[ 3172.646359]  ? inode_dio_wait+0xbf/0x270
[ 3172.647026]  ? __wait_on_freeing_inode+0x140/0x140
[ 3172.647834]  ? evict_inodes+0x420/0x420
[ 3172.648503]  ? down_write_killable+0x180/0x180
[ 3172.649251]  iomap_dio_rw+0x31/0x90
[ 3172.649862]  ext4_file_write_iter+0xb26/0x18d0
[ 3172.650629]  ? ext4_file_read_iter+0x4c0/0x4c0
[ 3172.651377]  ? kasan_save_stack+0x32/0x40
[ 3172.652054]  ? kasan_save_stack+0x1b/0x40
[ 3172.652733]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3172.653571]  ? iter_file_splice_write+0x16d/0xc30
[ 3172.654372]  ? direct_splice_actor+0x10f/0x170
[ 3172.655134]  ? splice_direct_to_actor+0x387/0x980
[ 3172.655910]  ? do_splice_direct+0x1c4/0x290
[ 3172.656605]  ? do_sendfile+0x553/0x1090
[ 3172.657242]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3172.658009]  do_iter_readv_writev+0x476/0x750
[ 3172.658740]  ? new_sync_write+0x660/0x660
[ 3172.659414]  ? selinux_file_permission+0x92/0x520
[ 3172.660199]  do_iter_write+0x191/0x670
[ 3172.660829]  ? trace_hardirqs_on+0x5b/0x180
[ 3172.661529]  vfs_iter_write+0x70/0xa0
[ 3172.662161]  iter_file_splice_write+0x762/0xc30
[ 3172.662939]  ? generic_splice_sendpage+0x140/0x140
[ 3172.663742]  ? avc_policy_seqno+0x9/0x70
[ 3172.664391]  ? selinux_file_permission+0x92/0x520
[ 3172.665162]  ? lockdep_init_map_type+0x2c7/0x780
[ 3172.665936]  ? generic_splice_sendpage+0x140/0x140
[ 3172.666715]  direct_splice_actor+0x10f/0x170
[ 3172.667418]  splice_direct_to_actor+0x387/0x980
[ 3172.668160]  ? pipe_to_sendpage+0x380/0x380
[ 3172.668849]  ? do_splice_to+0x160/0x160
[ 3172.669485]  ? security_file_permission+0x24e/0x570
[ 3172.670302]  do_splice_direct+0x1c4/0x290
[ 3172.670961]  ? splice_direct_to_actor+0x980/0x980
[ 3172.671721]  ? selinux_file_permission+0x92/0x520
[ 3172.672492]  ? security_file_permission+0x24e/0x570
14:08:01 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
fsetxattr$trusted_overlay_redirect(r0, &(0x7f00000000c0), &(0x7f0000000140)='./file1/file0\x00', 0xe, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
recvmsg$unix(r2, &(0x7f0000000500)={&(0x7f00000002c0), 0x6e, &(0x7f0000000440)=[{&(0x7f0000000180)}, {&(0x7f0000000340)=""/235, 0xeb}], 0x2, &(0x7f0000000480)=[@cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, <r4=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x50}, 0x10061)
openat(r4, &(0x7f0000000540)='./file1/file0\x00', 0x0, 0x1)
sendfile(r0, r1, 0x0, 0x20d315)

[ 3172.673297]  do_sendfile+0x553/0x1090
[ 3172.674087]  ? do_pwritev+0x270/0x270
[ 3172.674695]  ? wait_for_completion_io+0x270/0x270
[ 3172.675461]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3172.676195]  ? vfs_write+0x354/0xa70
[ 3172.676795]  __x64_sys_sendfile64+0x1d1/0x210
[ 3172.677509]  ? __ia32_sys_sendfile+0x220/0x220
[ 3172.678254]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3172.679089]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3172.679912]  do_syscall_64+0x33/0x40
[ 3172.680575]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3172.681444] RIP: 0033:0x7f47d2c10b19
[ 3172.682101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3172.685166] RSP: 002b:00007f47d0186188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3172.686473] RAX: ffffffffffffffda RBX: 00007f47d2d23f60 RCX: 00007f47d2c10b19
[ 3172.687661] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[ 3172.688849] RBP: 00007f47d01861d0 R08: 0000000000000000 R09: 0000000000000000
[ 3172.690067] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3172.691256] R13: 00007ffd9481803f R14: 00007f47d0186300 R15: 0000000000022000
[ 3172.707947] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
14:08:02 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62}], 0x0, &(0x7f0000012900)=ANY=[])

[ 3172.791107] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 3172.793945] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 3172.878931] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
14:08:22 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 41)

14:08:22 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d353)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:08:22 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x302, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:08:22 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x0, 0x121)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:08:22 executing program 1:
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x40000, 0x0, &(0x7f0000000200), 0x20, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:08:22 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62}], 0x0, &(0x7f0000012900)=ANY=[])

14:08:22 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
pipe(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}})
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2, 0x12, r4, 0x8000000)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r6}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:08:22 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d35a)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 3193.701941] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 3193.705128] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
[ 3193.716581] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 3193.746079] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 3193.752779] FAULT_INJECTION: forcing a failure.
[ 3193.752779] name failslab, interval 1, probability 0, space 0, times 0
[ 3193.755601] CPU: 0 PID: 20450 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 3193.757104] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3193.758930] Call Trace:
[ 3193.759506]  dump_stack+0x107/0x167
[ 3193.760321]  should_fail.cold+0x5/0xa
[ 3193.761146]  ? create_object.isra.0+0x3a/0xa20
[ 3193.762167]  should_failslab+0x5/0x20
[ 3193.762993]  kmem_cache_alloc+0x5b/0x310
[ 3193.763895]  ? entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3193.765037]  create_object.isra.0+0x3a/0xa20
[ 3193.766141]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3193.767552]  __kmalloc+0x16e/0x390
[ 3193.768590]  ext4_find_extent+0xa3d/0xd30
[ 3193.769690]  ext4_ext_map_blocks+0x1c8/0x5850
[ 3193.770988]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3193.772504]  ? perf_trace_lock+0xac/0x490
[ 3193.773698]  ? __lockdep_reset_lock+0x180/0x180
[ 3193.775081]  ? ext4_ext_release+0x10/0x10
[ 3193.776280]  ? ext4_map_blocks+0x5e0/0x1940
[ 3193.777538]  ? lock_release+0x680/0x680
[ 3193.778714]  ? ext4_es_lookup_extent+0x48d/0xaa0
[ 3193.780065]  ? lock_downgrade+0x6d0/0x6d0
[ 3193.781021]  ? __unwind_start+0x523/0x7e0
[ 3193.781952]  ? down_write+0xe0/0x160
[ 3193.782807]  ? down_write_killable+0x180/0x180
[ 3193.783854]  ext4_map_blocks+0x652/0x1940
[ 3193.784821]  ? ext4_issue_zeroout+0x1c0/0x1c0
[ 3193.785832]  ? trace_hardirqs_on+0x5b/0x180
[ 3193.786836]  ? kmem_cache_alloc+0x2a6/0x310
[ 3193.787722]  ext4_writepages+0x19bf/0x3350
[ 3193.788592]  ? unwind_next_frame+0x13ef/0x1a90
[ 3193.789642]  ? find_held_lock+0x2c/0x110
[ 3193.790703]  ? __ext4_mark_inode_dirty+0x770/0x770
[ 3193.791778]  ? __is_insn_slot_addr+0x14c/0x290
[ 3193.792772]  ? __kernel_text_address+0x9/0x40
[ 3193.793757]  ? unwind_get_return_address+0x55/0xa0
[ 3193.794859]  ? create_prof_cpu_mask+0x20/0x20
[ 3193.795908]  ? stack_trace_save+0x8c/0xc0
[ 3193.796844]  ? stack_trace_consume_entry+0x160/0x160
[ 3193.798198]  ? kasan_save_stack+0x32/0x40
[ 3193.799116]  ? kasan_save_stack+0x1b/0x40
[ 3193.800013]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3193.801134]  ? __ext4_mark_inode_dirty+0x770/0x770
[ 3193.802208]  do_writepages+0xee/0x2a0
[ 3193.803064]  ? page_writeback_cpu_online+0x20/0x20
[ 3193.804112]  ? lock_acquire+0x197/0x470
[ 3193.804952]  ? create_object.isra.0+0x3ad/0xa20
[ 3193.806060]  ? lock_release+0x680/0x680
[ 3193.807029]  ? find_held_lock+0x2c/0x110
[ 3193.807915]  __filemap_fdatawrite_range+0x24b/0x2f0
[ 3193.808982]  ? delete_from_page_cache_batch+0xa30/0xa30
[ 3193.810107]  ? mark_held_locks+0x9e/0xe0
[ 3193.811018]  ? trace_hardirqs_on+0x5b/0x180
[ 3193.811944]  filemap_write_and_wait_range+0x65/0x100
[ 3193.813028]  __iomap_dio_rw+0x552/0x1110
[ 3193.813921]  ? iomap_dio_bio_actor+0xef0/0xef0
[ 3193.814905]  ? generic_update_time+0x21c/0x370
[ 3193.815874]  ? inode_dio_wait+0xbf/0x270
[ 3193.816740]  ? __wait_on_freeing_inode+0x140/0x140
[ 3193.817984]  ? evict_inodes+0x420/0x420
[ 3193.819110]  ? down_write_killable+0x180/0x180
[ 3193.820125]  iomap_dio_rw+0x31/0x90
[ 3193.820916]  ext4_file_write_iter+0xb26/0x18d0
[ 3193.822043]  ? ext4_file_read_iter+0x4c0/0x4c0
[ 3193.823058]  ? asm_sysvec_call_function_single+0x12/0x20
[ 3193.824240]  do_iter_readv_writev+0x476/0x750
[ 3193.825244]  ? new_sync_write+0x660/0x660
[ 3193.826247]  ? selinux_file_permission+0x92/0x520
[ 3193.827326]  do_iter_write+0x191/0x670
[ 3193.828167]  ? trace_hardirqs_on+0x5b/0x180
[ 3193.829103]  vfs_iter_write+0x70/0xa0
[ 3193.829924]  iter_file_splice_write+0x762/0xc30
[ 3193.831108]  ? generic_splice_sendpage+0x140/0x140
[ 3193.832385]  ? avc_policy_seqno+0x9/0x70
[ 3193.833282]  ? selinux_file_permission+0x92/0x520
[ 3193.834380]  ? lockdep_init_map_type+0x2c7/0x780
[ 3193.835433]  ? generic_splice_sendpage+0x140/0x140
[ 3193.836492]  direct_splice_actor+0x10f/0x170
[ 3193.837440]  splice_direct_to_actor+0x387/0x980
[ 3193.838471]  ? pipe_to_sendpage+0x380/0x380
[ 3193.839433]  ? do_splice_to+0x160/0x160
[ 3193.840498]  ? security_file_permission+0x24e/0x570
[ 3193.841627]  do_splice_direct+0x1c4/0x290
[ 3193.842542]  ? splice_direct_to_actor+0x980/0x980
[ 3193.843564]  ? selinux_file_permission+0x92/0x520
[ 3193.844598]  ? security_file_permission+0x24e/0x570
[ 3193.845676]  do_sendfile+0x553/0x1090
[ 3193.846527]  ? do_pwritev+0x270/0x270
[ 3193.847346]  ? wait_for_completion_io+0x270/0x270
[ 3193.848413]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3193.849439]  ? vfs_write+0x354/0xa70
[ 3193.850270]  __x64_sys_sendfile64+0x1d1/0x210
[ 3193.851243]  ? __ia32_sys_sendfile+0x220/0x220
[ 3193.852231]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3193.853354]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3193.854498]  do_syscall_64+0x33/0x40
[ 3193.855359]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3193.856469] RIP: 0033:0x7f47d2c10b19
[ 3193.857274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3193.861201] RSP: 002b:00007f47d0165188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3193.863197] RAX: ffffffffffffffda RBX: 00007f47d2d24020 RCX: 00007f47d2c10b19
[ 3193.864730] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[ 3193.866479] RBP: 00007f47d01651d0 R08: 0000000000000000 R09: 0000000000000000
[ 3193.868039] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3193.869580] R13: 00007ffd9481803f R14: 00007f47d0165300 R15: 0000000000022000
[ 3193.888181] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 3193.893624] EXT4-fs error (device loop2): __ext4_new_inode:1068: comm syz-executor.2: reserved inode found cleared - inode=1
[ 3193.920821] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
14:08:23 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}], 0x0, 0x0)

14:08:23 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d35b)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:08:23 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x382, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:08:23 executing program 1:
setxattr$trusted_overlay_redirect(&(0x7f0000000180)='./file2\x00', &(0x7f00000002c0), &(0x7f0000000300)='./file1\x00', 0x8, 0x2)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
ftruncate(0xffffffffffffffff, 0xfff)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)
r4 = fspick(0xffffffffffffffff, &(0x7f00000000c0)='./file1\x00', 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, &(0x7f0000000140)={{0x1, 0x1, 0x18, r4, @out_args}, './file1\x00'})

14:08:23 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 42)

14:08:23 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f0000000140)='./file2\x00', 0x7, 0x1, &(0x7f0000000180)=[{&(0x7f00000002c0)="5e850a791fb0ab1e6e3cf891fca9d7cbcb99506617b1fc59e463a4b650866327c5603a5b953684d6cb7f60c49e1a9e63cede3388d620bd674ca5b63a99cd8e504efb44ee8f861461f1840eb45661154cdb205d43da50efc69a03e81acb80cd8c5ee1e30e", 0x64, 0x1}], 0x100000, &(0x7f0000000340)={[{@map_acorn}, {@map_acorn}, {@map_normal}, {@utf8}, {@check_strict}, {@block={'block', 0x3d, 0x800}}, {@uid={'uid', 0x3d, 0xee01}}, {@gid}], [{@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@dont_measure}, {@smackfstransmute={'smackfstransmute', 0x3d, '\\(/'}}, {@subj_role={'subj_role', 0x3d, '\x11-\xca'}}]})
openat(r3, &(0x7f0000000400)='./file0\x00', 0x402400, 0xe6)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:08:23 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}], 0x0, 0x0)

14:08:23 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}})
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x101000)
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r5, 0x8008f511, &(0x7f0000000180))
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:08:23 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
close(r0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

[ 3194.409610] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 3194.483499] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 3194.563252] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 3194.577938] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 3194.616440] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 3194.625642] FAULT_INJECTION: forcing a failure.
[ 3194.625642] name failslab, interval 1, probability 0, space 0, times 0
[ 3194.628666] CPU: 0 PID: 20494 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 3194.630365] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3194.632157] Call Trace:
[ 3194.632774]  dump_stack+0x107/0x167
[ 3194.633617]  should_fail.cold+0x5/0xa
[ 3194.634536]  ? ext4_alloc_io_end_vec+0x1f/0x120
[ 3194.635571]  should_failslab+0x5/0x20
[ 3194.636437]  kmem_cache_alloc+0x5b/0x310
[ 3194.637264]  ext4_alloc_io_end_vec+0x1f/0x120
[ 3194.638293]  ext4_writepages+0x17a5/0x3350
[ 3194.639253]  ? unwind_next_frame+0x13ef/0x1a90
[ 3194.641529]  ? find_held_lock+0x2c/0x110
[ 3194.642586]  ? __ext4_mark_inode_dirty+0x770/0x770
[ 3194.643761]  ? __is_insn_slot_addr+0x14c/0x290
[ 3194.644859]  ? __kernel_text_address+0x9/0x40
[ 3194.645931]  ? unwind_get_return_address+0x55/0xa0
[ 3194.647164]  ? create_prof_cpu_mask+0x20/0x20
[ 3194.648325]  ? stack_trace_save+0x8c/0xc0
[ 3194.649380]  ? stack_trace_consume_entry+0x160/0x160
[ 3194.650654]  ? kasan_save_stack+0x32/0x40
[ 3194.651651]  ? kasan_save_stack+0x1b/0x40
[ 3194.652648]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3194.653871]  ? __ext4_mark_inode_dirty+0x770/0x770
[ 3194.655070]  do_writepages+0xee/0x2a0
[ 3194.656014]  ? page_writeback_cpu_online+0x20/0x20
[ 3194.657196]  ? lock_acquire+0x197/0x470
[ 3194.658179]  ? create_object.isra.0+0x3ad/0xa20
[ 3194.659256]  ? lock_release+0x680/0x680
[ 3194.660145]  ? find_held_lock+0x2c/0x110
[ 3194.661056]  __filemap_fdatawrite_range+0x24b/0x2f0
[ 3194.662172]  ? delete_from_page_cache_batch+0xa30/0xa30
[ 3194.663445]  ? mark_held_locks+0x9e/0xe0
[ 3194.664534]  ? trace_hardirqs_on+0x5b/0x180
[ 3194.665569]  filemap_write_and_wait_range+0x65/0x100
[ 3194.666747]  __iomap_dio_rw+0x552/0x1110
[ 3194.667656]  ? iomap_dio_bio_actor+0xef0/0xef0
[ 3194.668704]  ? generic_update_time+0x21c/0x370
[ 3194.669820]  ? inode_dio_wait+0xbf/0x270
[ 3194.670827]  ? __wait_on_freeing_inode+0x140/0x140
[ 3194.672014]  ? evict_inodes+0x420/0x420
[ 3194.672979]  ? down_write_killable+0x180/0x180
[ 3194.674070]  iomap_dio_rw+0x31/0x90
[ 3194.674962]  ext4_file_write_iter+0xb26/0x18d0
[ 3194.676080]  ? ext4_file_read_iter+0x4c0/0x4c0
[ 3194.677163]  ? kasan_save_stack+0x32/0x40
[ 3194.678186]  ? kasan_save_stack+0x1b/0x40
[ 3194.679161]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3194.680318]  ? iter_file_splice_write+0x16d/0xc30
[ 3194.681466]  ? direct_splice_actor+0x10f/0x170
[ 3194.682569]  ? splice_direct_to_actor+0x387/0x980
[ 3194.683705]  ? do_splice_direct+0x1c4/0x290
[ 3194.684761]  ? do_sendfile+0x553/0x1090
[ 3194.685732]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3194.686872]  do_iter_readv_writev+0x476/0x750
[ 3194.687966]  ? new_sync_write+0x660/0x660
[ 3194.688974]  ? selinux_file_permission+0x92/0x520
[ 3194.690185]  do_iter_write+0x191/0x670
[ 3194.691143]  ? trace_hardirqs_on+0x5b/0x180
[ 3194.692201]  vfs_iter_write+0x70/0xa0
[ 3194.693097]  iter_file_splice_write+0x762/0xc30
[ 3194.694235]  ? generic_splice_sendpage+0x140/0x140
[ 3194.695423]  ? avc_policy_seqno+0x9/0x70
[ 3194.696403]  ? selinux_file_permission+0x92/0x520
[ 3194.697603]  ? lockdep_init_map_type+0x2c7/0x780
[ 3194.698839]  ? generic_splice_sendpage+0x140/0x140
[ 3194.700081]  direct_splice_actor+0x10f/0x170
[ 3194.701153]  splice_direct_to_actor+0x387/0x980
[ 3194.702296]  ? pipe_to_sendpage+0x380/0x380
[ 3194.703336]  ? do_splice_to+0x160/0x160
[ 3194.704286]  ? security_file_permission+0x24e/0x570
[ 3194.705522]  do_splice_direct+0x1c4/0x290
[ 3194.706545]  ? splice_direct_to_actor+0x980/0x980
[ 3194.707709]  ? selinux_file_permission+0x92/0x520
[ 3194.708889]  ? security_file_permission+0x24e/0x570
[ 3194.710101]  do_sendfile+0x553/0x1090
[ 3194.711072]  ? do_pwritev+0x270/0x270
[ 3194.711995]  ? wait_for_completion_io+0x270/0x270
[ 3194.713165]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3194.714310]  ? vfs_write+0x354/0xa70
[ 3194.715254]  __x64_sys_sendfile64+0x1d1/0x210
[ 3194.716368]  ? __ia32_sys_sendfile+0x220/0x220
[ 3194.717426]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3194.718759]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3194.720040]  do_syscall_64+0x33/0x40
[ 3194.720968]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3194.722246] RIP: 0033:0x7f47d2c10b19
[ 3194.723063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3194.723799] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 3194.727458] RSP: 002b:00007f47d0165188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3194.730913] RAX: ffffffffffffffda RBX: 00007f47d2d24020 RCX: 00007f47d2c10b19
[ 3194.732669] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[ 3194.734415] RBP: 00007f47d01651d0 R08: 0000000000000000 R09: 0000000000000000
[ 3194.736140] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3194.737874] R13: 00007ffd9481803f R14: 00007f47d0165300 R15: 0000000000022000
14:08:24 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x382, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:08:24 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}], 0x0, 0x0)

14:08:24 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
write(r1, &(0x7f0000000440)="d26c740e9f045d28e3051cfb1ffeda4b6f23cbdf4f8b2518a526beffe4e08551c93fad97b8fbfe062ecdf3888203450d29059ce840979cccc2cf05f48c12d6a257fe5470fb26342d74cead482176f19dee606b7cc575ee904d1904aeb4e73bac4336546fd92a53a7b1dd1abaa53c6d908b020ac4a0c7", 0x76)
clone3(&(0x7f00000003c0)={0x80000, &(0x7f00000000c0), &(0x7f0000000140), &(0x7f0000000180), {0x2d}, &(0x7f00000002c0)=""/54, 0x36, &(0x7f0000000300)=""/82, &(0x7f0000000380)=[0x0, 0x0], 0x2, {r0}}, 0x58)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat2$dir(0xffffffffffffff9c, &(0x7f00000004c0)='./file1\x00', &(0x7f0000000500)={0x202000, 0x43, 0x4}, 0x18)
sendfile(r3, r2, &(0x7f0000000540)=0x8, 0x4)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:08:24 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="83a36197ab57d08e37f067d4e0dfd60344967234261e9f9c641b174bc38427f8850abc37c16309eea0d2b2eac84a2f5318003c2231adcdce71e2ffd9ab3c69abb8d4777192c181434d446935ee635e5b450ac0fe0621088f41938b84e3c124e9e218ff2ca67667e74b9e7d2ab2877bcba89e6c7f32ebd36909ad0799d9367215b2dfd5935688089ed7f81f35986e61c478e31b0f806529ba58fc366968ad5a7e9f8c2b10690f9634070dd6119da24abe13ebffacf2f917036e562c39009d5bc0bfb2a4e1bc4024765e14232ac5ca80", @ANYRES16=r0, @ANYRESHEX=r0, @ANYRESDEC=0x0])
chdir(&(0x7f0000000040)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}})
renameat2(r1, &(0x7f00000000c0)='./file1/file0\x00', r5, &(0x7f0000000140)='./file0\x00', 0x0)
write(r3, &(0x7f0000000240)="01", 0x1)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r7}})
perf_event_open(&(0x7f0000000d00)={0x1, 0x80, 0xc, 0x1, 0x1f, 0xfe, 0x0, 0xfff, 0x8200, 0xf, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x3, 0x1, @perf_config_ext={0x1, 0x10000}, 0x8000, 0x0, 0x9b, 0x6, 0x170f9047, 0x4, 0x3ff, 0x0, 0x3, 0x0, 0x4}, 0xffffffffffffffff, 0x1, r6, 0xf72317f48f7d6f2c)
r8 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r8, 0xffff)
setxattr$trusted_overlay_nlink(&(0x7f0000000180)='./file1\x00', &(0x7f0000000b40), &(0x7f0000000b80)={'U+'}, 0x16, 0x1)
write$binfmt_elf64(r1, &(0x7f00000002c0)={{0x7f, 0x45, 0x4c, 0x46, 0x1, 0x0, 0x9, 0x1, 0x8000, 0x3, 0x6, 0x7, 0x2c6, 0x40, 0x57, 0x617, 0x3, 0x38, 0x1, 0x8, 0x8001}, [{0x2, 0x6, 0x8, 0x3, 0x8, 0x101, 0x8, 0x8}, {0x5, 0x3851, 0x6db659a5, 0x53, 0x3f, 0x100000000, 0x4, 0x1}], "0f7b836631ebc51f5536303fbc0e6a8a501861b813f6bea154ba437f22f97060ba8aaa0ff87c999602d341126bbc4b8aadc1b25ae6e83c5ce3a0239239333a6bece404c1df68da901e60034c45be54a40a4d626684d9a09f428242820c78af80d6fc4733ff2575fdf6ef14e0e704879f187ba0665f117212bea44ffb078e9eea0bca40600286d8364e7466a8e85f0a0858683a05f4a2c799c124acd8e79557a1d7d74bfd7c64", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x856)
sendfile(r1, r2, 0x0, 0x20d315)

[ 3194.959632] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 3194.978712] EXT4-fs error (device loop2): __ext4_new_inode:1068: comm syz-executor.2: reserved inode found cleared - inode=1
[ 3195.034825] EXT4-fs (loop1): VFS: Can't find ext4 filesystem
[ 3195.048574] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 3195.210849] EXT4-fs (loop1): VFS: Can't find ext4 filesystem
14:08:40 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d35c)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:08:40 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
close(r0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:08:40 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f0000001b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@ip_ttl={{0x14}}], 0x18}}], 0x2, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x410000, 0x12)
sendmmsg$inet6(r1, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f00000003c0)="3b2eb9675d51acb18e010d2b84f81a12dd94b75da6fbfe75fad0b3ee2687302415db694cc087ec4d8da179b7ee4d2a8dcce7cca8d5e4dac5f95360a4f5ab023a5bebb797c8a1631f0bd3bb0e6f0a6af8416bdd5d9921de3c2d4dd54a9da96702b93a0bf37596854033fa0a0b803c8e425ad48d043ec4d85060ae072f5c39b0e23f960d0211e9ae65452cc9ccd8e2a3a37168f2fdfbd7039b5bdfbe95c4f1dbb7b58be34064d803d685d22570f50d363ee7f6b6c2d02463c59f96e01e5c79e4f55224d30a23361b6b0e03f3e8e7bd6e66dfea19cd4fa01bdcd50fe45f8fdad201e176", 0xe2}], 0x1, &(0x7f0000000500)=[@tclass={{0x14, 0x29, 0x43, 0x7fff}}], 0x18}}], 0x1, 0x8041)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000002c0)=ANY=[@ANYRES64, @ANYRES16=r0, @ANYRESHEX=0x0, @ANYRESOCT, @ANYRESOCT, @ANYRESHEX, @ANYRESOCT, @ANYBLOB="9c00b95a9802ece1894f8748b54807afd3945dbf78dcc057ab26086eaf51", @ANYRESOCT=r0, @ANYBLOB="60b87be1e57fc2899597911b03945770f88f368d7bb321f4e0ede38f7474e6b25a"])
chdir(&(0x7f0000000040)='./file0\x00')
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x100, 0x10e)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r4, &(0x7f0000000240)="01", 0x1)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r2, r3, 0x0, 0x20d315)
ioctl$sock_SIOCADDDLCI(r2, 0x8980, &(0x7f00000000c0)={'ip6_vti0\x00', 0x2})
r6 = getpgrp(0x0)
pidfd_open(r6, 0x0)
syz_open_procfs(r6, &(0x7f0000000140)='environ\x00')

14:08:40 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f00000000c0)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

14:08:40 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315) (fail_nth: 43)

14:08:40 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x382, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:08:40 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB="311ceee47789487d8c143d418f12f0fb2c00b2a49f6001c231fdd2fa7be81a492393dc8fe38e17da419c3d441642211461a883fbce0377e5ef56c71360a2ef"])
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:08:40 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x6, &(0x7f0000000480)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}, {&(0x7f00000002c0)="6a97146761d100c0bcfc689b57d36c125593a5a43025c33d764abf270c4dbdb77e73340076459e4113484f5e4c78db1819d473ca2dd2ee8ed7d4ec055f2b34cfb79fe43a11f4da7c749dd47a0ea8330ceb9f844788a55c42c30a15009364440d984876e2f4144162a9b8ccedbda2eecf8641a476108cf69fb78ceadd8d7edf605aa76da58218", 0x86, 0x2}, {&(0x7f0000000380)="94f446feb4b0e632aad04197a11a4c79029210b44bb1bb0d26adcccb8848140b141d30d43afd0f089e97290560eba518cece9f2aff7519e8b42fdce1dc4a8e8598f4665c4b34454405650f72e43a9b752437035037087985c075d81596910ca6832889e5bb546b3072a5972a52c954343c2dadc6d1e169dc4b7801bb3029984f091e7d3e8ed3586c6fbfebadc16efdad4f323a0595a3c7e1dcbaffbeaab814ff7bae753ec2c5f01b9b5dc70354c006199a6eb276ccbc442749068f286ad75f7e7b82", 0xc2, 0x1}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
pipe(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}})
openat(r3, &(0x7f00000000c0)='./file1\x00', 0xa000, 0x100)
write(r2, &(0x7f0000000240)="01", 0x1)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

[ 3211.742894] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 3211.760732] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
[ 3211.793388] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 3211.843020] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[ 3211.844892] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 3211.847625] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 3211.848985] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 3211.860012] EXT4-fs error (device loop2): __ext4_new_inode:1068: comm syz-executor.2: reserved inode found cleared - inode=1
[ 3211.876340] FAULT_INJECTION: forcing a failure.
[ 3211.876340] name failslab, interval 1, probability 0, space 0, times 0
[ 3211.878026] CPU: 1 PID: 20552 Comm: syz-executor.3 Not tainted 5.10.194 #1
[ 3211.878999] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3211.880276] Call Trace:
[ 3211.880645]  dump_stack+0x107/0x167
[ 3211.881227]  should_fail.cold+0x5/0xa
[ 3211.881822]  ? create_object.isra.0+0x3a/0xa20
[ 3211.882429]  should_failslab+0x5/0x20
[ 3211.882932]  kmem_cache_alloc+0x5b/0x310
[ 3211.883562]  ? ext4_file_write_iter+0xb26/0x18d0
[ 3211.884294]  ? do_iter_readv_writev+0x476/0x750
[ 3211.885003]  create_object.isra.0+0x3a/0xa20
[ 3211.885626]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3211.886424]  kmem_cache_alloc+0x159/0x310
[ 3211.887085]  ext4_mb_new_blocks+0x64d/0x45b0
[ 3211.887776]  ? mark_held_locks+0x9e/0xe0
[ 3211.888351]  ? trace_hardirqs_on+0x5b/0x180
[ 3211.889032]  ? kasan_unpoison_shadow+0x33/0x50
[ 3211.889742]  ? ext4_cache_extents+0x68/0x2d0
[ 3211.890494]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3211.891236]  ? ext4_discard_preallocations+0xd80/0xd80
[ 3211.891968]  ? ext4_ext_search_right+0x2e3/0xbd0
[ 3211.892669]  ? ext4_inode_to_goal_block+0x320/0x430
[ 3211.893470]  ext4_ext_map_blocks+0x1d68/0x5850
[ 3211.894144]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3211.894947]  ? perf_trace_lock+0xac/0x490
[ 3211.895567]  ? __lockdep_reset_lock+0x180/0x180
[ 3211.896267]  ? ext4_ext_release+0x10/0x10
[ 3211.896888]  ? ext4_map_blocks+0x5e0/0x1940
[ 3211.897472]  ? lock_release+0x680/0x680
[ 3211.898035]  ? ext4_es_lookup_extent+0x48d/0xaa0
[ 3211.898749]  ? lock_downgrade+0x6d0/0x6d0
[ 3211.899395]  ? down_write_killable+0x180/0x180
[ 3211.900079]  ext4_map_blocks+0x652/0x1940
[ 3211.900712]  ? ext4_issue_zeroout+0x1c0/0x1c0
[ 3211.901391]  ? trace_hardirqs_on+0x5b/0x180
[ 3211.902055]  ? kmem_cache_alloc+0x2a6/0x310
[ 3211.902739]  ext4_writepages+0x19bf/0x3350
[ 3211.903371]  ? unwind_next_frame+0x13ef/0x1a90
[ 3211.904075]  ? find_held_lock+0x2c/0x110
[ 3211.904682]  ? __ext4_mark_inode_dirty+0x770/0x770
[ 3211.905400]  ? __is_insn_slot_addr+0x14c/0x290
[ 3211.906106]  ? __kernel_text_address+0x9/0x40
[ 3211.906763]  ? unwind_get_return_address+0x55/0xa0
[ 3211.907477]  ? create_prof_cpu_mask+0x20/0x20
[ 3211.908187]  ? stack_trace_save+0x8c/0xc0
[ 3211.908820]  ? stack_trace_consume_entry+0x160/0x160
[ 3211.909581]  ? kasan_save_stack+0x32/0x40
[ 3211.910209]  ? kasan_save_stack+0x1b/0x40
[ 3211.910853]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3211.911616]  ? __ext4_mark_inode_dirty+0x770/0x770
[ 3211.912349]  do_writepages+0xee/0x2a0
[ 3211.912933]  ? page_writeback_cpu_online+0x20/0x20
[ 3211.913677]  ? lock_acquire+0x197/0x470
[ 3211.914261]  ? create_object.isra.0+0x3ad/0xa20
[ 3211.914971]  ? lock_release+0x680/0x680
[ 3211.915574]  ? find_held_lock+0x2c/0x110
[ 3211.916205]  __filemap_fdatawrite_range+0x24b/0x2f0
[ 3211.916954]  ? delete_from_page_cache_batch+0xa30/0xa30
[ 3211.917760]  ? mark_held_locks+0x9e/0xe0
[ 3211.918397]  ? trace_hardirqs_on+0x5b/0x180
[ 3211.919041]  filemap_write_and_wait_range+0x65/0x100
[ 3211.919803]  __iomap_dio_rw+0x552/0x1110
[ 3211.920429]  ? iomap_dio_bio_actor+0xef0/0xef0
[ 3211.921062]  ? generic_update_time+0x21c/0x370
[ 3211.921710]  ? inode_dio_wait+0xbf/0x270
[ 3211.922265]  ? __wait_on_freeing_inode+0x140/0x140
[ 3211.923022]  ? evict_inodes+0x420/0x420
[ 3211.923607]  ? down_write_killable+0x180/0x180
[ 3211.924262]  iomap_dio_rw+0x31/0x90
[ 3211.924797]  ext4_file_write_iter+0xb26/0x18d0
[ 3211.925481]  ? ext4_file_read_iter+0x4c0/0x4c0
[ 3211.926155]  ? kasan_save_stack+0x32/0x40
[ 3211.926785]  ? kasan_save_stack+0x1b/0x40
[ 3211.927385]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3211.928120]  ? iter_file_splice_write+0x16d/0xc30
[ 3211.928822]  ? direct_splice_actor+0x10f/0x170
[ 3211.929487]  ? splice_direct_to_actor+0x387/0x980
[ 3211.930186]  ? do_splice_direct+0x1c4/0x290
[ 3211.930825]  ? do_sendfile+0x553/0x1090
[ 3211.931409]  ? __x64_sys_sendfile64+0x1d1/0x210
[ 3211.932097]  do_iter_readv_writev+0x476/0x750
[ 3211.932750]  ? new_sync_write+0x660/0x660
[ 3211.933364]  ? selinux_file_permission+0x92/0x520
[ 3211.934091]  do_iter_write+0x191/0x670
[ 3211.934688]  ? trace_hardirqs_on+0x5b/0x180
[ 3211.935321]  vfs_iter_write+0x70/0xa0
[ 3211.935875]  iter_file_splice_write+0x762/0xc30
[ 3211.936516]  ? generic_splice_sendpage+0x140/0x140
[ 3211.937206]  ? avc_policy_seqno+0x9/0x70
[ 3211.937744]  ? selinux_file_permission+0x92/0x520
[ 3211.938395]  ? lockdep_init_map_type+0x2c7/0x780
[ 3211.938992]  ? generic_splice_sendpage+0x140/0x140
[ 3211.939590]  direct_splice_actor+0x10f/0x170
[ 3211.940147]  splice_direct_to_actor+0x387/0x980
[ 3211.940734]  ? pipe_to_sendpage+0x380/0x380
[ 3211.941289]  ? do_splice_to+0x160/0x160
[ 3211.941805]  ? security_file_permission+0x24e/0x570
[ 3211.942456]  do_splice_direct+0x1c4/0x290
[ 3211.943027]  ? splice_direct_to_actor+0x980/0x980
[ 3211.943719]  ? selinux_file_permission+0x92/0x520
[ 3211.944437]  ? security_file_permission+0x24e/0x570
[ 3211.945173]  do_sendfile+0x553/0x1090
[ 3211.945734]  ? do_pwritev+0x270/0x270
[ 3211.946294]  ? wait_for_completion_io+0x270/0x270
[ 3211.947012]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3211.947673]  ? vfs_write+0x354/0xa70
[ 3211.948220]  __x64_sys_sendfile64+0x1d1/0x210
[ 3211.948863]  ? __ia32_sys_sendfile+0x220/0x220
[ 3211.949526]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3211.950276]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3211.951038]  do_syscall_64+0x33/0x40
[ 3211.951578]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 3211.952300] RIP: 0033:0x7f47d2c10b19
[ 3211.952843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3211.955496] RSP: 002b:00007f47d0186188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 3211.956607] RAX: ffffffffffffffda RBX: 00007f47d2d23f60 RCX: 00007f47d2c10b19
[ 3211.957614] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[ 3211.958648] RBP: 00007f47d01861d0 R08: 0000000000000000 R09: 0000000000000000
[ 3211.959657] R10: 000000000020d315 R11: 0000000000000246 R12: 0000000000000002
[ 3211.960656] R13: 00007ffd9481803f R14: 00007f47d0186300 R15: 0000000000022000
14:08:41 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d35d)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:08:41 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x3c2, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r3, r4, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 3212.146445] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
14:08:41 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
write(r1, &(0x7f0000000440)="d26c740e9f045d28e3051cfb1ffeda4b6f23cbdf4f8b2518a526beffe4e08551c93fad97b8fbfe062ecdf3888203450d29059ce840979cccc2cf05f48c12d6a257fe5470fb26342d74cead482176f19dee606b7cc575ee904d1904aeb4e73bac4336546fd92a53a7b1dd1abaa53c6d908b020ac4a0c7", 0x76)
clone3(&(0x7f00000003c0)={0x80000, &(0x7f00000000c0), &(0x7f0000000140), &(0x7f0000000180), {0x2d}, &(0x7f00000002c0)=""/54, 0x36, &(0x7f0000000300)=""/82, &(0x7f0000000380)=[0x0, 0x0], 0x2, {r0}}, 0x58)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat2$dir(0xffffffffffffff9c, &(0x7f00000004c0)='./file1\x00', &(0x7f0000000500)={0x202000, 0x43, 0x4}, 0x18)
sendfile(r3, r2, &(0x7f0000000540)=0x8, 0x4)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

[ 3212.273961] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
14:08:41 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(r0, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff})
getsockopt$inet_IP_IPSEC_POLICY(r4, 0x0, 0x10, &(0x7f0000000340)={{{@in6=@mcast1, @in6=@empty}}, {{@in=@private}, 0x0, @in=@multicast2}}, &(0x7f0000000080)=0xe8)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB="2c7766646e6fddc15cc68ee8ee7393681c822ea66fd40b8b30ec72bda9bccfc9c20f8c7520276734ab60fa023258d3e8c0b8817edd5239535482829f", @ANYRESHEX, @ANYBLOB=',\x00'])
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)

14:08:41 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d35e)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 3212.470100] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
14:08:41 executing program 6:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d34a)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 3212.561034] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
14:08:41 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d35f)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

14:08:41 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
close(r0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)

[ 3212.761787] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 3212.787228] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
14:08:42 executing program 0:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
pipe(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}})
io_uring_enter(r4, 0x3808, 0x5d45, 0x3, &(0x7f0000000080)={[0x7fff]}, 0x8)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x4}, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="7472616e733d66642c7266646e6f01", @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',\x00'])
mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xfffffffffffffe27)
syz_io_uring_complete(r1)

14:08:42 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(0xffffffffffffffff, r3)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r5, 0xffff)
sendfile(r4, r5, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d360)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef)
getpgid(0x0)

[ 3212.944716] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue

VM DIAGNOSIS:
14:13:43  Registers:
info registers vcpu 0
RAX=ffffffff83e55320 RBX=0000000000000000 RCX=ffffffff83e3d3dc RDX=0000000000000000
RSI=0000000000000000 RDI=ffffffff83e55928 RBP=fffffbfff09c6450 RSP=ffffffff84e07e38
R8 =0000000000000001 R9 =ffff88806ce3c16b R10=ffffed100d9c782d R11=0000000000000001
R12=0000000000000000 R13=ffffffff85671548 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff83e5532e RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f0cc3f34010 CR3=00000000182c2000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=004a03fe016c6c6f502e726567616e61
XMM02=000000000000000040faad8000000000 XMM03=000006060606060501013c691bfc6c22
XMM04=00657a696d696e696d20636578650d00 XMM05=6578650a0073746e696820636578650a
XMM06=6f74756365786511006c61746f742063 XMM07=636578650a0073747261747365722072
XMM08=646e616320636578650e007a7a756620 XMM09=696e696d20636578650d006574616469
XMM10=73746e696820636578650a00657a696d XMM11=786511006c61746f7420636578650a00
XMM12=00737472617473657220726f74756365 XMM13=6578650a006873616d7320636578650a
XMM14=65672063657865080073646565732063 XMM15=000065676169727420636578650b006e
info registers vcpu 1
RAX=ffffffff83e55320 RBX=0000000000000001 RCX=ffffffff83e3d3dc RDX=0000000000000000
RSI=0000000000000000 RDI=ffffffff83e55928 RBP=ffffed100112e000 RSP=ffff88800897fe70
R8 =0000000000000001 R9 =ffff88806cf3c16b R10=ffffed100d9e782d R11=0000000000000001
R12=0000000000000001 R13=ffffffff85671548 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff83e5532e RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055b2b9d45678 CR3=00000000182c2000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=000000000000000041402e9800000000 XMM03=0000ff00000000000000000000000000
XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962
XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000