Warning: Permanently added '10.128.1.55' (ECDSA) to the list of known hosts. 2019/12/04 19:59:14 fuzzer started 2019/12/04 19:59:16 dialing manager at 10.128.0.26:40111 2019/12/04 19:59:16 syscalls: 2696 2019/12/04 19:59:16 code coverage: enabled 2019/12/04 19:59:16 comparison tracing: enabled 2019/12/04 19:59:16 extra coverage: enabled 2019/12/04 19:59:16 setuid sandbox: enabled 2019/12/04 19:59:16 namespace sandbox: enabled 2019/12/04 19:59:16 Android sandbox: /sys/fs/selinux/policy does not exist 2019/12/04 19:59:16 fault injection: enabled 2019/12/04 19:59:16 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/12/04 19:59:16 net packet injection: enabled 2019/12/04 19:59:16 net device setup: enabled 2019/12/04 19:59:16 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2019/12/04 19:59:16 devlink PCI setup: PCI device 0000:00:10.0 is not available 20:01:41 executing program 0: 20:01:42 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8e", 0x72}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) syzkaller login: [ 218.906972][ T9051] IPVS: ftp: loaded support on port[0] = 21 20:01:42 executing program 2: perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x444, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$vcs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) creat(0x0, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x81805) r0 = socket(0x10, 0x0, 0x0) getsockname$packet(r0, 0x0, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, 0x0, 0x0) lstat(0x0, 0x0) setgroups(0x4000000000000086, &(0x7f0000000380)=[0x0]) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) dup(0xffffffffffffffff) [ 218.952394][ T9053] IPVS: ftp: loaded support on port[0] = 21 [ 219.137969][ T9051] chnl_net:caif_netlink_parms(): no params data found 20:01:42 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 219.262121][ T9051] bridge0: port 1(bridge_slave_0) entered blocking state [ 219.271718][ T9051] bridge0: port 1(bridge_slave_0) entered disabled state [ 219.280431][ T9051] device bridge_slave_0 entered promiscuous mode [ 219.297873][ T9053] chnl_net:caif_netlink_parms(): no params data found [ 219.320012][ T9051] bridge0: port 2(bridge_slave_1) entered blocking state [ 219.336442][ T9051] bridge0: port 2(bridge_slave_1) entered disabled state [ 219.356768][ T9051] device bridge_slave_1 entered promiscuous mode [ 219.389574][ T9057] IPVS: ftp: loaded support on port[0] = 21 [ 219.445534][ T9051] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 219.472662][ T9051] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 219.487840][ T9053] bridge0: port 1(bridge_slave_0) entered blocking state [ 219.494896][ T9053] bridge0: port 1(bridge_slave_0) entered disabled state [ 219.504586][ T9053] device bridge_slave_0 entered promiscuous mode [ 219.522969][ T9053] bridge0: port 2(bridge_slave_1) entered blocking state [ 219.533549][ T9053] bridge0: port 2(bridge_slave_1) entered disabled state [ 219.541998][ T9053] device bridge_slave_1 entered promiscuous mode [ 219.558389][ T9059] IPVS: ftp: loaded support on port[0] = 21 [ 219.582848][ T9051] team0: Port device team_slave_0 added [ 219.604235][ T9051] team0: Port device team_slave_1 added [ 219.614807][ T9053] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 219.631791][ T9053] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link 20:01:43 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 219.712018][ T9053] team0: Port device team_slave_0 added [ 219.771452][ T9051] device hsr_slave_0 entered promiscuous mode [ 219.826654][ T9051] device hsr_slave_1 entered promiscuous mode [ 219.880817][ T9053] team0: Port device team_slave_1 added 20:01:43 executing program 5: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0, 0x168}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000680)='status\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bd, 0x8080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) r1 = socket(0x0, 0x0, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000000), 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) preadv(r0, &(0x7f00000017c0), 0x332, 0x0) [ 219.955777][ T9061] IPVS: ftp: loaded support on port[0] = 21 [ 220.038497][ T9057] chnl_net:caif_netlink_parms(): no params data found [ 220.060462][ T9051] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 220.159608][ T9053] device hsr_slave_0 entered promiscuous mode [ 220.206710][ T9053] device hsr_slave_1 entered promiscuous mode [ 220.246388][ T9053] debugfs: Directory 'hsr0' with parent '/' already present! [ 220.292303][ T9051] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 220.349148][ T9051] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 220.450597][ T9051] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 220.522363][ T9057] bridge0: port 1(bridge_slave_0) entered blocking state [ 220.529740][ T9057] bridge0: port 1(bridge_slave_0) entered disabled state [ 220.537786][ T9057] device bridge_slave_0 entered promiscuous mode [ 220.550159][ T9057] bridge0: port 2(bridge_slave_1) entered blocking state [ 220.560200][ T9057] bridge0: port 2(bridge_slave_1) entered disabled state [ 220.561885][ T9064] IPVS: ftp: loaded support on port[0] = 21 [ 220.574005][ T9057] device bridge_slave_1 entered promiscuous mode [ 220.582930][ T9059] chnl_net:caif_netlink_parms(): no params data found [ 220.654950][ T9057] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 220.683992][ T9057] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 220.694468][ T9059] bridge0: port 1(bridge_slave_0) entered blocking state [ 220.702845][ T9059] bridge0: port 1(bridge_slave_0) entered disabled state [ 220.710832][ T9059] device bridge_slave_0 entered promiscuous mode [ 220.720204][ T9053] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 220.782100][ T9053] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 220.841314][ T9053] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 220.903968][ T9053] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 220.948016][ T9059] bridge0: port 2(bridge_slave_1) entered blocking state [ 220.955099][ T9059] bridge0: port 2(bridge_slave_1) entered disabled state [ 220.963507][ T9059] device bridge_slave_1 entered promiscuous mode [ 220.993299][ T9059] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 221.017384][ T9057] team0: Port device team_slave_0 added [ 221.027853][ T9057] team0: Port device team_slave_1 added [ 221.037210][ T9059] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 221.118280][ T9057] device hsr_slave_0 entered promiscuous mode [ 221.176612][ T9057] device hsr_slave_1 entered promiscuous mode [ 221.236281][ T9057] debugfs: Directory 'hsr0' with parent '/' already present! [ 221.325720][ T9061] chnl_net:caif_netlink_parms(): no params data found [ 221.337063][ T9059] team0: Port device team_slave_0 added [ 221.345466][ T9059] team0: Port device team_slave_1 added [ 221.410808][ T9059] device hsr_slave_0 entered promiscuous mode [ 221.476873][ T9059] device hsr_slave_1 entered promiscuous mode [ 221.506340][ T9059] debugfs: Directory 'hsr0' with parent '/' already present! [ 221.588022][ T9061] bridge0: port 1(bridge_slave_0) entered blocking state [ 221.595162][ T9061] bridge0: port 1(bridge_slave_0) entered disabled state [ 221.603013][ T9061] device bridge_slave_0 entered promiscuous mode [ 221.612391][ T9061] bridge0: port 2(bridge_slave_1) entered blocking state [ 221.619574][ T9061] bridge0: port 2(bridge_slave_1) entered disabled state [ 221.627949][ T9061] device bridge_slave_1 entered promiscuous mode [ 221.651168][ T9064] chnl_net:caif_netlink_parms(): no params data found [ 221.686860][ T9061] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 221.721460][ T9057] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 221.773777][ T9057] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 221.828945][ T9061] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 221.842952][ T9059] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 221.893833][ T9057] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 221.954984][ T9057] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 222.030057][ T9059] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 222.060075][ T9059] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 222.129279][ T9061] team0: Port device team_slave_0 added [ 222.153772][ T9051] 8021q: adding VLAN 0 to HW filter on device bond0 [ 222.162048][ T9059] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 222.218771][ T9061] team0: Port device team_slave_1 added [ 222.228414][ T9064] bridge0: port 1(bridge_slave_0) entered blocking state [ 222.235596][ T9064] bridge0: port 1(bridge_slave_0) entered disabled state [ 222.243816][ T9064] device bridge_slave_0 entered promiscuous mode [ 222.253377][ T9064] bridge0: port 2(bridge_slave_1) entered blocking state [ 222.260567][ T9064] bridge0: port 2(bridge_slave_1) entered disabled state [ 222.271647][ T9064] device bridge_slave_1 entered promiscuous mode [ 222.312685][ T9064] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 222.337291][ T9064] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 222.350794][ T2999] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 222.360069][ T2999] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 222.371114][ T9053] 8021q: adding VLAN 0 to HW filter on device bond0 [ 222.382676][ T9051] 8021q: adding VLAN 0 to HW filter on device team0 [ 222.428866][ T9061] device hsr_slave_0 entered promiscuous mode [ 222.486691][ T9061] device hsr_slave_1 entered promiscuous mode [ 222.536398][ T9061] debugfs: Directory 'hsr0' with parent '/' already present! [ 222.578335][ T9064] team0: Port device team_slave_0 added [ 222.588008][ T9064] team0: Port device team_slave_1 added [ 222.596603][ T3709] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 222.605251][ T3709] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 222.614104][ T3709] bridge0: port 1(bridge_slave_0) entered blocking state [ 222.621322][ T3709] bridge0: port 1(bridge_slave_0) entered forwarding state [ 222.630429][ T3709] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 222.639621][ T3709] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 222.648233][ T3709] bridge0: port 2(bridge_slave_1) entered blocking state [ 222.655308][ T3709] bridge0: port 2(bridge_slave_1) entered forwarding state [ 222.693624][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 222.701994][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 222.723179][ T9053] 8021q: adding VLAN 0 to HW filter on device team0 [ 222.750276][ T9061] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 222.803940][ T9061] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 222.860768][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 222.869382][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 222.878204][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 222.885863][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 222.894647][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 222.903210][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 222.912013][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 222.921050][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 222.978387][ T9064] device hsr_slave_0 entered promiscuous mode [ 223.016728][ T9064] device hsr_slave_1 entered promiscuous mode [ 223.046820][ T9064] debugfs: Directory 'hsr0' with parent '/' already present! [ 223.060098][ T9061] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 223.119897][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 223.128607][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 223.137890][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 223.147052][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 223.155480][ T26] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.162630][ T26] bridge0: port 1(bridge_slave_0) entered forwarding state [ 223.170649][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 223.179398][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 223.187937][ T26] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.195007][ T26] bridge0: port 2(bridge_slave_1) entered forwarding state [ 223.222708][ T9061] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 223.271713][ T9051] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 223.283075][ T9051] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 223.293550][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 223.302974][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 223.311776][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 223.320389][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 223.342571][ T9059] 8021q: adding VLAN 0 to HW filter on device bond0 [ 223.369319][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 223.410930][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 223.420220][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 223.429485][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 223.437364][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 223.445115][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 223.454278][ T9064] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 223.498795][ T9064] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 223.549342][ T9064] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 223.590983][ T9059] 8021q: adding VLAN 0 to HW filter on device team0 [ 223.624098][ T9064] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 223.655227][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 223.664248][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 223.673318][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 223.681852][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 223.692438][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 223.700787][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 223.709165][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 223.717276][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 223.728018][ T9057] 8021q: adding VLAN 0 to HW filter on device bond0 [ 223.749562][ T9053] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 223.777589][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 223.786094][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 223.795278][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.802372][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 223.812096][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 223.820846][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 223.829351][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.836571][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 223.844186][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 223.853105][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 223.873660][ T9061] 8021q: adding VLAN 0 to HW filter on device bond0 [ 223.904731][ T9051] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 223.912661][ T2999] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 223.921676][ T2999] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 223.930992][ T2999] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 223.939931][ T2999] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 223.948825][ T2999] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 223.957615][ T2999] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 223.965318][ T2999] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 223.974064][ T2999] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 224.001826][ T9061] 8021q: adding VLAN 0 to HW filter on device team0 [ 224.021551][ T9053] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 224.040164][ T2999] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 224.053536][ T2999] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 224.064107][ T2999] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 224.072681][ T2999] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 224.084384][ T9057] 8021q: adding VLAN 0 to HW filter on device team0 [ 224.119226][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 224.127734][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 224.135852][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 224.144597][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 224.153531][ T26] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.160644][ T26] bridge0: port 1(bridge_slave_0) entered forwarding state [ 224.168828][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 224.177541][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 224.185833][ T26] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.192909][ T26] bridge0: port 2(bridge_slave_1) entered forwarding state [ 224.205970][ T9059] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 224.219066][ T9059] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 224.285109][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 224.312541][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 224.327725][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready 20:01:47 executing program 0: mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x2, 0x1c90, 0xffffffffffffffff, 0x0) r0 = open$dir(&(0x7f0000000000)='./file0\x00', 0x2088611, 0x0) r1 = open$dir(&(0x7f0000001240)='./file0\x00', 0x42000400000002c1, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f00000006c0), 0x100000}], 0x1, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f0000000000), 0x2cfea}], 0x1000000000000013) writev(r0, &(0x7f0000000280), 0xd) [ 224.336035][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 224.356386][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 224.368621][ T26] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.375706][ T26] bridge0: port 1(bridge_slave_0) entered forwarding state 20:01:47 executing program 1: syz_emit_ethernet(0x42, &(0x7f0000000400)=ANY=[@ANYBLOB="01937cc03900004e82000080810001a10bdd6050b93214680000fe8000000000000000dfff000000bbfe8000000000000000000000000000aa0000c81a4d023df62fc5b13d5214af1cb27c9dc04934161862b36a63eb4e4534ed00"], 0x0) [ 224.383908][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 224.392947][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 224.402350][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 224.412308][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 224.459689][ T3709] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 224.481686][ T3709] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 224.493574][ T3709] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready 20:01:47 executing program 1: r0 = socket$inet(0x10, 0x2, 0x0) write(r0, &(0x7f0000000040)="240000001e005f0214fffffffff80700000000000000000000000800080008000c000000", 0x353) [ 224.513724][ T3709] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 224.522695][ T3709] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.529806][ T3709] bridge0: port 2(bridge_slave_1) entered forwarding state 20:01:47 executing program 0: write$P9_RSETATTR(0xffffffffffffffff, 0x0, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/attr/current\x00', 0x2, 0x0) write$apparmor_current(r0, &(0x7f0000000240)=ANY=[@ANYBLOB='permprofile ::net0-}ser\x00'/37], 0x25) fcntl$dupfd(0xffffffffffffffff, 0x203, 0xffffffffffffffff) fcntl$getown(0xffffffffffffffff, 0x9) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000600)={'bridge_slave_1\x00'}) getsockopt$inet_mreq(r1, 0x0, 0x24, &(0x7f0000000000)={@initdev, @multicast1}, 0x0) ptrace$cont(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$cont(0xffffffffffffffff, 0x0, 0x0, 0x800) [ 224.564628][ T3709] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 224.589375][ T3709] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 224.606895][ T3709] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 224.615484][ T3709] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 224.625041][ T3709] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 224.650689][ T3709] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 224.662649][ T27] kauditd_printk_skb: 3 callbacks suppressed [ 224.662661][ T27] audit: type=1400 audit(1575489707.947:31): apparmor="DENIED" operation="change_profile" info="label not found" error=-2 profile="unconfined" name="::net0-}ser" pid=9091 comm="syz-executor.0" 20:01:48 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_buf(r0, 0x6, 0xb, &(0x7f00000003c0)=""/184, &(0x7f0000000480)=0xb8) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000200)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x8000000006}]}, 0x10) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c) getpid() ptrace(0xffffffffffffffff, 0x0) getpgid(0x0) ptrace$getregset(0x4204, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x0, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x20000000, &(0x7f0000000380)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) socket(0x0, 0x0, 0x0) sendto$inet6(r0, &(0x7f00000002c0)='#', 0x1, 0x40001, 0x0, 0x0) poll(&(0x7f0000000040)=[{r0}], 0x1, 0xef) [ 224.707290][ T9064] 8021q: adding VLAN 0 to HW filter on device bond0 [ 224.719035][ T9059] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 224.733696][ T9061] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 224.745317][ T9061] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 224.782945][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 224.793419][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 224.803219][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 224.813081][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 224.822980][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready 20:01:48 executing program 1: syz_open_dev$evdev(0x0, 0x40000000004, 0x0) open(0x0, 0x0, 0x44) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) keyctl$revoke(0x3, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x2, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x4}, 0x1c) setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x20, 0x0, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) [ 224.832045][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 224.842583][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 224.851396][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 224.876084][ T9064] 8021q: adding VLAN 0 to HW filter on device team0 [ 224.922916][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 224.931813][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 224.940089][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 224.954965][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 224.965577][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 224.974776][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 224.984829][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 224.993500][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 225.004769][ T9057] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 225.022410][ C0] hrtimer: interrupt took 60661 ns 20:01:48 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet6_int(r2, 0x29, 0x41, 0x0, &(0x7f0000000040)=0x202) [ 225.046643][ T9061] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 225.061587][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 225.082687][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 225.103233][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 225.114145][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 225.139133][ T26] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.146880][ T26] bridge0: port 1(bridge_slave_0) entered forwarding state 20:01:48 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaaae88, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x1e, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000140)={0xffffffffffffffff, 0x0}, 0x20) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 225.206465][ T9070] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 225.214479][ T9070] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 225.240922][ T9070] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 225.257076][ T9070] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.264139][ T9070] bridge0: port 2(bridge_slave_1) entered forwarding state [ 225.264578][ T9070] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 225.337003][ T9057] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 225.352137][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 225.361857][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 225.387068][ T9124] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 225.417478][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 225.429790][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 225.438903][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 225.450465][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 225.492858][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 225.526137][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 225.546347][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 225.554796][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 225.570950][ T9064] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 225.608321][ T9064] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 225.629311][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 225.639434][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 225.664346][ T9064] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 225.719584][ T2999] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 225.727930][ T2999] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready 20:01:49 executing program 2: perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x444, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$vcs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) creat(0x0, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x81805) r0 = socket(0x10, 0x0, 0x0) getsockname$packet(r0, 0x0, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, 0x0, 0x0) lstat(0x0, 0x0) setgroups(0x4000000000000086, &(0x7f0000000380)=[0x0]) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) dup(0xffffffffffffffff) 20:01:49 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000740)='net/dev_snmp6\x00') mkdirat$cgroup(r0, &(0x7f0000000380)='syz0\x00', 0x1ff) 20:01:49 executing program 0: r0 = socket$inet(0x2, 0x6000000000000003, 0x6) sendto$inet(r0, &(0x7f0000000080), 0xfe7a, 0x0, &(0x7f00000001c0), 0x10) socket$inet(0x2, 0x0, 0x0) 20:01:49 executing program 5: unshare(0xa000600) r0 = socket$netlink(0x10, 0x3, 0x0) getsockname(r0, &(0x7f00000000c0)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}}}, &(0x7f0000000040)=0x80) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000140)='/dev/urandom\x00', 0x0, 0x0) tee(r1, r2, 0x8, 0x0) 20:01:49 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:01:49 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f0000000140)='lotrusted\x1a\x00', 0x0) r1 = syz_open_dev$sndseq(&(0x7f00000003c0)='/dev/snd/seq\x00', 0x0, 0x1) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}], 0xffffff76) 20:01:49 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) 20:01:49 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$lock(r1, 0x10000000000025, &(0x7f0000000040)={0x1}) close(r0) 20:01:49 executing program 0: perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, 0xffffffffffffffff) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0xa, &(0x7f0000000080)=0xfd1, 0x4) bind$inet(r0, &(0x7f0000001440)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x2200cf7d, &(0x7f0000e68000)={0x2, 0x4e23}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x7843c471) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) recvmsg(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000000400)=""/4096, 0x1fa0}], 0x1, 0x0, 0xff96ce4aaaa47475, 0x15000000}, 0x100) 20:01:49 executing program 2: r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) ptrace$setopts(0x4206, r1, 0x0, 0x0) ptrace(0x4207, r1) ptrace$setregset(0x4202, r1, 0x0, 0x0) 20:01:49 executing program 5: syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f00000000c0)={[{@journal_async_commit='journal_async_commit'}]}) [ 226.461076][ T9192] ptrace attach of "/root/syz-executor.2"[9057] was attempted by "/root/syz-executor.2"[9192] [ 226.514302][ T9192] ptrace attach of "/root/syz-executor.2"[9057] was attempted by "/root/syz-executor.2"[9192] 20:01:49 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:01:49 executing program 1: perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x800002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() clone(0x68002100, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) write$FUSE_POLL(0xffffffffffffffff, 0x0, 0x0) r1 = gettid() perf_event_open(&(0x7f0000000200)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82008, 0x9, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x0, 0x0, 0x2, 0x2}, r1, 0x0, 0xffffffffffffffff, 0x5) getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x2, &(0x7f0000001a80)=""/166, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioperm(0x80, 0xd80, 0x3) [ 226.602596][ T9196] EXT4-fs (loop5): Unsupported filesystem blocksize 0 (1923657432 log_block_size) [ 226.742794][ T9201] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 226.783759][ T9196] EXT4-fs (loop5): Unsupported filesystem blocksize 0 (1923657432 log_block_size) [ 226.794980][ T9201] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities 20:01:50 executing program 5: clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) getresgid(0x0, 0x0, &(0x7f0000000140)) clone(0x1ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='comm\x00') finit_module(0xffffffffffffffff, 0x0, 0x0) ioctl$EVIOCGABS3F(r0, 0x8018457f, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x8031, 0xffffffffffffffff, 0x0) io_setup(0x4a2, &(0x7f0000000000)=0x0) io_cancel(r1, 0x0, 0x0) [ 226.918070][ T9209] ptrace attach of "/root/syz-executor.1"[9207] was attempted by "/root/syz-executor.1"[9209] 20:01:50 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:01:50 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'ip6gretap0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="03"]}) [ 227.193325][ T9209] ptrace attach of "/root/syz-executor.1"[9211] was attempted by "/root/syz-executor.1"[9209] [ 227.254465][ T9230] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 227.283567][ T9227] IPVS: ftp: loaded support on port[0] = 21 [ 227.306687][ T9230] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities [ 227.492014][ T9207] IPVS: ftp: loaded support on port[0] = 21 [ 227.784618][ T212] tipc: TX() has been purged, node left! 20:01:52 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 234.126271][ T212] tipc: TX() has been purged, node left! 20:01:59 executing program 3: openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup\x00', 0x200002, 0x0) 20:01:59 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000200)=""/187) 20:01:59 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:01:59 executing program 5: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000200)={[{@lazytime='lazytime'}]}) 20:01:59 executing program 1: perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x800002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() clone(0x68002100, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) write$FUSE_POLL(0xffffffffffffffff, 0x0, 0x0) r1 = gettid() perf_event_open(&(0x7f0000000200)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82008, 0x9, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x0, 0x0, 0x2, 0x2}, r1, 0x0, 0xffffffffffffffff, 0x5) getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x2, &(0x7f0000001a80)=""/166, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioperm(0x80, 0xd80, 0x3) 20:01:59 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 235.936933][ T9259] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 235.946662][ T9259] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities [ 235.974680][ T9261] EXT4-fs (loop5): couldn't mount as ext3 due to feature incompatibilities 20:01:59 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) getdents64(r0, 0x0, 0x0) 20:01:59 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000200)=""/187) [ 236.011155][ T9269] ptrace attach of "/root/syz-executor.1"[9266] was attempted by "/root/syz-executor.1"[9269] [ 236.077704][ T9261] EXT4-fs (loop5): couldn't mount as ext3 due to feature incompatibilities 20:01:59 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) getdents64(r0, 0x0, 0x0) 20:01:59 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:01:59 executing program 5: 20:01:59 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000200)=""/187) [ 236.324787][ T9266] IPVS: ftp: loaded support on port[0] = 21 20:01:59 executing program 5: 20:01:59 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) getdents64(r0, 0x0, 0x0) [ 236.387357][ T9290] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 236.415264][ T9290] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities 20:01:59 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000200)=""/187) 20:01:59 executing program 5: 20:02:00 executing program 1: [ 238.546369][ T212] tipc: TX() has been purged, node left! 20:02:02 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$cont(0x20, r0, 0x0, 0x0) 20:02:02 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:02 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) getdents64(r0, 0x0, 0x0) 20:02:02 executing program 5: 20:02:02 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f0000000200)=""/187) 20:02:02 executing program 1: 20:02:02 executing program 5: 20:02:02 executing program 1: 20:02:02 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, 0x0, 0x0) 20:02:02 executing program 1: 20:02:02 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f0000000200)=""/187) 20:02:02 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:02 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$cont(0x20, r0, 0x0, 0x0) 20:02:02 executing program 5: 20:02:02 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, 0x0, 0x0) 20:02:02 executing program 1: 20:02:02 executing program 5: 20:02:02 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f0000000200)=""/187) 20:02:02 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00') getdents64(r0, &(0x7f00000003c0)=""/4096, 0x1000) 20:02:02 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000080)=""/194, 0x18) 20:02:02 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, 0x0, 0x0) 20:02:02 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:02 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000200)=""/187) 20:02:02 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=@ipv6_newaddr={0x2c, 0x14, 0x1, 0x0, 0x0, {0x2}, [@IFA_LOCAL={0x14, 0x2, @local}]}, 0x2c}}, 0x0) [ 239.771118][ T9382] netlink: 'syz-executor.5': attribute type 2 has an invalid length. 20:02:05 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$cont(0x20, r0, 0x0, 0x0) 20:02:05 executing program 3: getdents64(0xffffffffffffffff, &(0x7f0000000080)=""/194, 0xff42) getdents64(0xffffffffffffffff, 0x0, 0x0) 20:02:05 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000040)=@gcm_256={{}, "018000da7d469c04", "02a839a6c7986edc3f8a6200c88e37de79b97525cedefaa0bded32e7d887ec99", "612a56d3", "00943f4aece800"}, 0xfe83) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) writev(r0, &(0x7f0000000580)=[{&(0x7f0000000200)="b030c59d020b19a36fc6c2032605e48fed512ff0afacb781681045267a803e73094fe0462aea606bb92411079d1c1952e4a3eb9b9a785926fbc1797224a0e707231ccc2c38dad91f2428a30ca4b0a3f72bec993f", 0x54}, {&(0x7f0000000340)="d13cbd1958bc2d26f7a0ab47cdd2fa926c19785c9bde300e0983514a9a5df33d57fa889fa437d3b5555a1e322a24e129cc235da25627d3ff0ef550d63e98072055051aab5af62084f4b72b4ad15ee12d7246f84b534d7225a81e96df768d66", 0x5f}, {&(0x7f00000004c0)="338fdcf2e414a5a26f61c5f465c704f50660d54bcedcacd1286b5d1785bef9c76cdc240c2c358b8b140c6290c94a88ca84d22b61444a3e80948e32bcb247157adf93ce7f415cc060889e928d9c1bc50833302ff1f34ad9115aaa1845c33ef4578dc842ee6fa946073185274040a5d80537ea7c8071084cf8fa6a1fb419b3efef4947fa339a448250b3c74e87ec4c9aa38cfcc08cb307", 0x96}, {&(0x7f0000000640)="9a3ffed8e6489ecde3977307b074ae61d4745e237b0da0578f9addecb1abb9935fbc198e8f6bb4a6dca28cc44ed77a9e5f87430566c1514b3aa22f28d97cb8b232fd1fbf182e212f55d39c1cdb0eda9a0ea2f888516f69289f53c5dad589e6261ff133244adfe88a9976dd5bbca588056459ec82dc72f833da7680b9764698094be4651694e49d6d92260c516bf90c0d98cf57f7fde5370bc00aba8896b5619e4363059d4f25ae6f1480", 0xaa}, {&(0x7f00000007c0)="aa5ea441335012e69f349ef35fd875e683b41cb009ed", 0x16}], 0x5) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="23ff1f0a8117fb62d5eb1b3c750c75c5533f060023a16997c30e069cb5b742686128af8baad097514187691d92010000009e3db9e86db57e1d384bfe3042c49ef9134937af481f2b44e023b3884e0ad27912a4e389c1736159f7e92eaaf2573b513e33fd96c9d3c9afed9390b357a4000000000000000a01e8ffffff02000000000832ff0769dea9ed32487d2bf1ac37afcf98d817857774004608d609000000701f793b97fdcccc622708000000e69857745a810000be890000975504"], 0xbd) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xda9, 0x4) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860005cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) 20:02:05 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', 0x0, 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000200)=""/187) 20:02:05 executing program 5: r0 = socket$inet6(0xa, 0x3, 0x80000000000007) setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000000)="ff02040000ee050000000000000000000000000000020205", 0x18) sendmmsg$inet6(r0, &(0x7f0000000080)=[{{&(0x7f0000000040)={0xa, 0x0, 0x0, @remote}, 0x1c, 0x0}}], 0x1, 0x0) 20:02:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000200)=""/187) 20:02:05 executing program 3: getdents64(0xffffffffffffffff, &(0x7f0000000080)=""/194, 0xff42) getdents64(0xffffffffffffffff, 0x0, 0x0) 20:02:05 executing program 5: r0 = syz_open_procfs(0x0, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup2(0xffffffffffffffff, r2) ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fstat(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setgid(r4) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r8 = dup3(r5, r6, 0x0) dup2(r8, r7) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0) ioctl$KVM_RUN(r11, 0xae80, 0x0) r12 = dup3(r9, r10, 0x0) dup2(r12, r11) ioctl$KVM_CREATE_DEVICE(r8, 0xc00caee0, &(0x7f0000000a80)={0x2, r12, 0x1}) r13 = accept4$inet6(r3, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000200)=0x1c, 0x800) ioctl$LOOP_SET_FD(r8, 0x4c00, r13) r14 = socket(0xa, 0x0, 0x0) fstat(r14, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setgid(r15) setregid(r4, r15) pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00') socket$netlink(0x10, 0x3, 0x0) getsockname$inet(r0, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f00000001c0)=0x10) 20:02:05 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', 0x0, 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:05 executing program 0: socketpair$unix(0x1, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000200)=""/187) 20:02:06 executing program 3: getdents64(0xffffffffffffffff, &(0x7f0000000080)=""/194, 0xff42) getdents64(0xffffffffffffffff, 0x0, 0x0) 20:02:08 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:02:08 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', 0x0, 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:08 executing program 0: socketpair$unix(0x1, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000200)=""/187) 20:02:08 executing program 3: r0 = syz_open_procfs(0x0, 0x0) getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) getdents64(r0, 0x0, 0x0) 20:02:08 executing program 5: mknod$loop(&(0x7f0000000080)='./file0\x00', 0x1, 0x1) r0 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) unlink(&(0x7f0000000100)='./file0\x00') unshare(0x20600) execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 20:02:08 executing program 1: epoll_create1(0x0) epoll_create1(0x0) timerfd_create(0x0, 0x0) listen(0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) connect(0xffffffffffffffff, &(0x7f0000931ff4)=@un=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) socket$packet(0x11, 0x0, 0x300) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @perf_bp={0x0}, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r0 = open(&(0x7f0000000300)='./file0\x00', 0x0, 0x0) openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xed\x1f', r1}) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) close(r2) getsockopt$inet6_mreq(r2, 0x29, 0x14, &(0x7f00000009c0)={@rand_addr, 0x0}, &(0x7f0000000a00)=0x14) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xed\x1f'}) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xed\x1f', r5}) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) close(r6) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xed\x1f', r7}) ioctl$sock_SIOCDELRT(r6, 0x890c, &(0x7f0000001a00)={0x0, @hci={0x1f, r7, 0x2}, @generic={0x8, "9bf4b1db5b2f11c47c583d72f8c2"}, @llc={0x1a, 0x337, 0x9, 0x1, 0x3, 0xba, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x175d910c1f9b4bb6}}, 0x6, 0x0, 0x0, 0x0, 0x76f3, &(0x7f00000019c0)='bridge0\x00', 0x9, 0x7, 0xfffd}) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xed\x1f', r9}) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xed\x1f', r10}) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)=[{{&(0x7f0000000100)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000180), 0x0, &(0x7f0000000240)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x3f}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x100}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xc6}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x20}}], 0x60}}, {{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f00000001c0)="61c52da48270753242926935ccd1db492eb10c33fee7c1a9f8a0aa590d97ba6b586e676b10e206a9b8", 0x29}, {&(0x7f0000000340)="c71da3bdfb65a5f397fda52c859dd2c5e52b16547663382e9c01c58d331ca6b2bf99853b67f25e056de0241556375c2bbd41562081dcad418326093a91d8730d74e91ec9bfdd1be485c9f8b21d59278e70560a1767275c26ec53c718087d1de59fea58946fde4a376a87edcf93512ba4015571715a5f72a3f391bae59a4603e22734e0df412e1ce71e9a5d0f18e3463042ea1dd81f335f123351816335cc3a4d93d1c50732998f37017968dfaf45782a560a95995ea2e9f01f7f9c60ab66ef673056e2b1224e2884164a954a4b4b5aeb042b8ed66151c9f529f945e222a9", 0xde}, {&(0x7f0000000580)="f020f6aaccf3296c3efc5ab8a6451722ab2fa7a5eaedf362363ef9dfddfa6ae9fd498ad5aef1c8b68be7d9bafec451c17414c540e017cadcd534b7e957cfe0d04c7a7dd6fd343d2b34d0b126723e853ddf1d19f75dc3b40ef9bbb1bb9340e4c3c22bf29642f6e211503225d82715ee38446a759c8b9b43da2f73feb1ab5d4670476ed3ec4a880cf7e98a8f2977acc73c459d2823888214b193dd13720a2a965ea61aab0924e7a5393b84ff1da6ff0f75fc9ea38caa3ce38de3ffeef698d894dcc0a4973f6b771358ba0be40d0429d126fba83b029d74db22d47b43c2d146f6", 0xdf}, {&(0x7f0000000480)="fb4d9ea88895016db4db7799c4ab9d5bab4269ec6c40fb7748efc3bd086e5bcce2c9859d7decdf79be679754d900", 0x2e}], 0x4, &(0x7f0000000680)=[@ip_ttl={{0x14, 0x0, 0x2, 0x401}}, @ip_ttl={{0x14, 0x0, 0x2, 0x1000}}, @ip_retopts={{0x64, 0x0, 0x7, {[@cipso={0x86, 0x2b, 0x7, [{0x5, 0xe, "ce6bad3c444dc5a99c99463a"}, {0x7, 0x4, "cffb"}, {0x2, 0xa, "0e3ffc31faad3faa"}, {0x2, 0x9, "1a5b3e1061870d"}]}, @noop, @cipso={0x86, 0x21, 0x9a6, [{0x0, 0x2}, {0x1, 0x9, "cc05dc0bdb0266"}, {0x5, 0x10, "f99b84704372869be5372578250d"}]}, @ra={0x94, 0x6, 0x7fa9}]}}}], 0x98}}, {{&(0x7f0000000500)={0x2, 0x4}, 0x10, &(0x7f0000000740)=[{&(0x7f0000000880)="437616d890b373f994c65e80a88ec1ad86951c481e2649ebe7d80bbf9b92636720d313622be9c8bb7f8f181a4dd4df630fa30f94ed75474cbb43895abf429c194fe608fadf59c0f88c7c9dd95f500a079e0a902b36f3fff38c33ec162898d0cf6e43ae8aa2e4e7abc6056c0226a17e5d28fd604a93346294bfdd15be99f7b8d78d32494678639bc7f47f8efc64c9640f3ee6e4929565fa698da0f95299f1c447c329038f258e1eec51f1580b9ea3ebe2afb92f09607360bb912eb2b9131dbee0b4b1d039577e89d5e8b9f048", 0xcc}], 0x1, &(0x7f0000000a40)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r1, @empty, @rand_addr=0xf99}}}, @ip_retopts={{0x2c, 0x0, 0x7, {[@cipso={0x86, 0xc, 0x20, [{0x5, 0x4, 'sZ'}, {0x0, 0x2}]}, @end, @ssrr={0x89, 0x7, 0x1f, [@remote]}, @lsrr={0x83, 0x7, 0x1, [@local]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @rand_addr=0x80000001, @remote}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @rand_addr=0x2532, @empty}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x3f}}, @ip_ttl={{0x14, 0x0, 0x2, 0x1}}, @ip_retopts={{0x60, 0x0, 0x7, {[@cipso={0x86, 0x28, 0x5ea, [{0x5, 0xb, "28b00714f524d91fc2"}, {0x0, 0xb, "dc70bd736fe5db5ae2"}, {0x6, 0xc, "ab114f83abafcd85b471"}]}, @timestamp={0x44, 0x10, 0x3d, 0x1, 0xe, [{[], 0xec}, {[@broadcast], 0x18000000}]}, @rr={0x7, 0x13, 0x9, [@broadcast, @rand_addr=0x8, @dev={0xac, 0x14, 0x14, 0x1f}, @multicast2]}, @noop, @end, @noop]}}}], 0x120}}, {{&(0x7f0000000bc0)={0x2, 0x4e21, @multicast2}, 0x10, &(0x7f0000000e40)=[{&(0x7f0000000c00)="3947a324afc7ed7135e3e99e581f07e8e055d8846798df90c1f9b30f3aeec5d9af5a5f5d6c8d6e8d1dab", 0x2a}, {&(0x7f0000000c40)="5100b4c9c5cc4db3c4670533d93b587ee9558431747a6f69fb379141bfaddc78732f9e041c663cec3b7b69539da4013f696886d6641c9c68a8f6471c2e68bddf792142460a668dba81bea801130407bd43e7f28aa375959190196bf11082978c751730e96ab4dd85e1ad87ce3d7ae81f8f26c954b837e4bda6dcc93fb10fc918d7b845415795971f2fa6c558208cccd58f7acecfb26934bcf0de4e070e75bea529491212f1b834b4251e4db71c0fa5dfaf05a5e10894af3e11acd3fbc037e5cfe9e2617e318857cdce5734db79be0354068cb10ce756ce8e5845d0c6265e7c9bd775760fe826f76f828ad741ab51685409ee", 0xf2}, {&(0x7f0000000d40)="5b5885caa349d7ca3c5b070fbe790cc06749ebd6a82eb6fd6df6f4b76a168830c802e979ecddae64f981e426cd16cc49d830c4a48e37de9dadc9108fb853e6222e5dd482ca87f2b338c10178a0e731c88d82517580533738ccb211d2ca4803b68ae4ecdcd3f8786aac67333d8a21cf58e082f2327879878dee728f2730ef258a9ec1f1d53d366fa514c39a7e68565529fd8970659938d8be7702e9b1d6400f0db236e41b668139940ecf61f8ba4b389578eae0bed7248228a4dfe635b18862c00987ccd82a47fdbe3104c9b8cfc707f86f61ab12148844b834a6caaa44c56e404c57", 0xe2}], 0x3, &(0x7f0000000e80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x23}, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @ip_retopts={{0x14, 0x0, 0x7, {[@end]}}}, @ip_retopts={{0x3c, 0x0, 0x7, {[@rr={0x7, 0x1f, 0xff, [@loopback, @broadcast, @dev={0xac, 0x14, 0x14, 0x23}, @multicast2, @empty, @initdev={0xac, 0x1e, 0x1, 0x0}, @local]}, @generic={0x0, 0xd, "dfd7470c49abd3454a803a"}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xf1}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @rand_addr=0x66a000, @multicast2}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x4}}, @ip_tos_int={{0x14}}], 0xe0}}, {{0x0, 0x0, &(0x7f0000001100)=[{&(0x7f0000000f80)="15eecf96e8a9d741cb9f37c5ed3ae118cbba8846cd2053b7dc170f894103cf6a7fe88ee85f52d72c11a572376847b390279c3399f919c3dbe075ee0766ae351217ada626c22c4d4ed37853989e730bd3515400945df0", 0x56}, {&(0x7f0000001040)="a6c6d4a91ec601811aa87e388213007e99c55e597036c5b1833adbf6c4f37ec11d34bdcf32e687c020d5d2f8ec0f20", 0x2f}], 0x2, &(0x7f0000001140)}}, {{&(0x7f0000001180)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000001340)=[@ip_ttl={{0x14, 0x0, 0x2, 0x81}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @loopback, @multicast1}}}, @ip_retopts={{0x38, 0x0, 0x7, {[@timestamp={0x44, 0x4, 0x81, 0x3, 0xa}, @end, @end, @ra={0x94, 0x6, 0x6}, @timestamp={0x44, 0x14, 0x71, 0x0, 0x2, [{[], 0x1}, {[], 0x99a6}, {[@remote], 0xfffffff8}]}, @rr={0x7, 0x7, 0x40, [@local]}]}}}, @ip_tos_int={{0x14}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x72}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x26}}, @ip_retopts={{0x1c, 0x0, 0x7, {[@lsrr={0x83, 0x7, 0xe, [@initdev={0xac, 0x1e, 0x1, 0x0}]}, @end, @end, @end]}}}], 0xd8}}, {{&(0x7f0000001440)={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f0000001700)=[{&(0x7f0000001480)="f0746c592900a0b77d3050821ef9a2f9c1e557955f8823f2", 0x18}, {&(0x7f00000014c0)="e00a21d93482a22117f03df2177438c686e3e21c6cb48bceab27acab414cebf7", 0x20}, {&(0x7f0000001500)='/', 0x1}, {0x0}, {&(0x7f0000001600)="31bd0c297beebdacce4e61910dae8186734e4a4b7528b48881db4fbc00df7f8e9fbee5147896eb9e60a980ada9e1daa3622df901aaed7c32d060acd223335d8815579cfb39dfca5e60d2c4409f13a11eb19e11fcc68026436ac440831c22ac097bc1045b8d0bd1b019afaa98658898d266e27aa85bc55148cfc4406b69a696141ce1c531291c7225dffde367a48763b4353732d0eb35e0bacae0d4cb3ef6227ff2a1a57825eccd43cd6b4248e5f815de24da911d90a813830b0b372d5f8ed0166cac153803b4d5fbd64806b443560f54013714188314a43518d038dadbaf577095ab66dbecaa64", 0xe7}], 0x5, &(0x7f0000001a80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r8, @remote, @loopback}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @loopback, @remote}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r10, @broadcast, @dev={0xac, 0x14, 0x14, 0x20}}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x8e27dde}}], 0x78}}], 0x7, 0x4000000) fchdir(r0) r11 = open(&(0x7f00000000c0)='./bus\x00', 0x1fe, 0x0) write$binfmt_aout(r11, &(0x7f0000000440)=ANY=[@ANYRES64], 0x8) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unlink(&(0x7f0000001e00)='./bus\x00') sendfile(r11, r11, &(0x7f0000000000), 0x8080fffffffe) creat(&(0x7f0000000200)='./bus\x00', 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 20:02:08 executing program 0: socketpair$unix(0x1, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000200)=""/187) [ 245.535314][ T9451] ERROR: Domain ' /sbin/init /etc/init.d/rc /sbin/startpar /etc/init.d/ssh /sbin/start-stop-daemon /usr/sbin/sshd /usr/sbin/sshd /bin/bash /root/syz-fuzzer /root/syz-executor.5 proc:/self/fd/3' not defined. 20:02:08 executing program 3: r0 = syz_open_procfs(0x0, 0x0) getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) getdents64(r0, 0x0, 0x0) 20:02:09 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:09 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000200)=""/187) 20:02:09 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000200)=""/187) 20:02:09 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000200)=""/187) [ 245.997396][ T9488] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 20:02:11 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:02:11 executing program 3: r0 = syz_open_procfs(0x0, 0x0) getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) getdents64(r0, 0x0, 0x0) 20:02:11 executing program 5: prlimit64(0x0, 0x0, &(0x7f00000001c0), 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x69, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 20:02:11 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f0000000200)=""/187) 20:02:11 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:11 executing program 1: epoll_create1(0x0) epoll_create1(0x0) timerfd_create(0x0, 0x0) listen(0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) connect(0xffffffffffffffff, &(0x7f0000931ff4)=@un=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) socket$packet(0x11, 0x0, 0x300) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @perf_bp={0x0}, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r0 = open(&(0x7f0000000300)='./file0\x00', 0x0, 0x0) openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xed\x1f', r1}) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) close(r2) getsockopt$inet6_mreq(r2, 0x29, 0x14, &(0x7f00000009c0)={@rand_addr, 0x0}, &(0x7f0000000a00)=0x14) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xed\x1f'}) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xed\x1f', r5}) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) close(r6) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xed\x1f', r7}) ioctl$sock_SIOCDELRT(r6, 0x890c, &(0x7f0000001a00)={0x0, @hci={0x1f, r7, 0x2}, @generic={0x8, "9bf4b1db5b2f11c47c583d72f8c2"}, @llc={0x1a, 0x337, 0x9, 0x1, 0x3, 0xba, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x175d910c1f9b4bb6}}, 0x6, 0x0, 0x0, 0x0, 0x76f3, &(0x7f00000019c0)='bridge0\x00', 0x9, 0x7, 0xfffd}) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xed\x1f', r9}) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xed\x1f', r10}) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)=[{{&(0x7f0000000100)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000180), 0x0, &(0x7f0000000240)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x3f}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x100}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xc6}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x20}}], 0x60}}, {{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f00000001c0)="61c52da48270753242926935ccd1db492eb10c33fee7c1a9f8a0aa590d97ba6b586e676b10e206a9b8", 0x29}, {&(0x7f0000000340)="c71da3bdfb65a5f397fda52c859dd2c5e52b16547663382e9c01c58d331ca6b2bf99853b67f25e056de0241556375c2bbd41562081dcad418326093a91d8730d74e91ec9bfdd1be485c9f8b21d59278e70560a1767275c26ec53c718087d1de59fea58946fde4a376a87edcf93512ba4015571715a5f72a3f391bae59a4603e22734e0df412e1ce71e9a5d0f18e3463042ea1dd81f335f123351816335cc3a4d93d1c50732998f37017968dfaf45782a560a95995ea2e9f01f7f9c60ab66ef673056e2b1224e2884164a954a4b4b5aeb042b8ed66151c9f529f945e222a9", 0xde}, {&(0x7f0000000580)="f020f6aaccf3296c3efc5ab8a6451722ab2fa7a5eaedf362363ef9dfddfa6ae9fd498ad5aef1c8b68be7d9bafec451c17414c540e017cadcd534b7e957cfe0d04c7a7dd6fd343d2b34d0b126723e853ddf1d19f75dc3b40ef9bbb1bb9340e4c3c22bf29642f6e211503225d82715ee38446a759c8b9b43da2f73feb1ab5d4670476ed3ec4a880cf7e98a8f2977acc73c459d2823888214b193dd13720a2a965ea61aab0924e7a5393b84ff1da6ff0f75fc9ea38caa3ce38de3ffeef698d894dcc0a4973f6b771358ba0be40d0429d126fba83b029d74db22d47b43c2d146f6", 0xdf}, {&(0x7f0000000480)="fb4d9ea88895016db4db7799c4ab9d5bab4269ec6c40fb7748efc3bd086e5bcce2c9859d7decdf79be679754d900", 0x2e}], 0x4, &(0x7f0000000680)=[@ip_ttl={{0x14, 0x0, 0x2, 0x401}}, @ip_ttl={{0x14, 0x0, 0x2, 0x1000}}, @ip_retopts={{0x64, 0x0, 0x7, {[@cipso={0x86, 0x2b, 0x7, [{0x5, 0xe, "ce6bad3c444dc5a99c99463a"}, {0x7, 0x4, "cffb"}, {0x2, 0xa, "0e3ffc31faad3faa"}, {0x2, 0x9, "1a5b3e1061870d"}]}, @noop, @cipso={0x86, 0x21, 0x9a6, [{0x0, 0x2}, {0x1, 0x9, "cc05dc0bdb0266"}, {0x5, 0x10, "f99b84704372869be5372578250d"}]}, @ra={0x94, 0x6, 0x7fa9}]}}}], 0x98}}, {{&(0x7f0000000500)={0x2, 0x4}, 0x10, &(0x7f0000000740)=[{&(0x7f0000000880)="437616d890b373f994c65e80a88ec1ad86951c481e2649ebe7d80bbf9b92636720d313622be9c8bb7f8f181a4dd4df630fa30f94ed75474cbb43895abf429c194fe608fadf59c0f88c7c9dd95f500a079e0a902b36f3fff38c33ec162898d0cf6e43ae8aa2e4e7abc6056c0226a17e5d28fd604a93346294bfdd15be99f7b8d78d32494678639bc7f47f8efc64c9640f3ee6e4929565fa698da0f95299f1c447c329038f258e1eec51f1580b9ea3ebe2afb92f09607360bb912eb2b9131dbee0b4b1d039577e89d5e8b9f048", 0xcc}], 0x1, &(0x7f0000000a40)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r1, @empty, @rand_addr=0xf99}}}, @ip_retopts={{0x2c, 0x0, 0x7, {[@cipso={0x86, 0xc, 0x20, [{0x5, 0x4, 'sZ'}, {0x0, 0x2}]}, @end, @ssrr={0x89, 0x7, 0x1f, [@remote]}, @lsrr={0x83, 0x7, 0x1, [@local]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @rand_addr=0x80000001, @remote}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @rand_addr=0x2532, @empty}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x3f}}, @ip_ttl={{0x14, 0x0, 0x2, 0x1}}, @ip_retopts={{0x60, 0x0, 0x7, {[@cipso={0x86, 0x28, 0x5ea, [{0x5, 0xb, "28b00714f524d91fc2"}, {0x0, 0xb, "dc70bd736fe5db5ae2"}, {0x6, 0xc, "ab114f83abafcd85b471"}]}, @timestamp={0x44, 0x10, 0x3d, 0x1, 0xe, [{[], 0xec}, {[@broadcast], 0x18000000}]}, @rr={0x7, 0x13, 0x9, [@broadcast, @rand_addr=0x8, @dev={0xac, 0x14, 0x14, 0x1f}, @multicast2]}, @noop, @end, @noop]}}}], 0x120}}, {{&(0x7f0000000bc0)={0x2, 0x4e21, @multicast2}, 0x10, &(0x7f0000000e40)=[{&(0x7f0000000c00)="3947a324afc7ed7135e3e99e581f07e8e055d8846798df90c1f9b30f3aeec5d9af5a5f5d6c8d6e8d1dab", 0x2a}, {&(0x7f0000000c40)="5100b4c9c5cc4db3c4670533d93b587ee9558431747a6f69fb379141bfaddc78732f9e041c663cec3b7b69539da4013f696886d6641c9c68a8f6471c2e68bddf792142460a668dba81bea801130407bd43e7f28aa375959190196bf11082978c751730e96ab4dd85e1ad87ce3d7ae81f8f26c954b837e4bda6dcc93fb10fc918d7b845415795971f2fa6c558208cccd58f7acecfb26934bcf0de4e070e75bea529491212f1b834b4251e4db71c0fa5dfaf05a5e10894af3e11acd3fbc037e5cfe9e2617e318857cdce5734db79be0354068cb10ce756ce8e5845d0c6265e7c9bd775760fe826f76f828ad741ab51685409ee", 0xf2}, {&(0x7f0000000d40)="5b5885caa349d7ca3c5b070fbe790cc06749ebd6a82eb6fd6df6f4b76a168830c802e979ecddae64f981e426cd16cc49d830c4a48e37de9dadc9108fb853e6222e5dd482ca87f2b338c10178a0e731c88d82517580533738ccb211d2ca4803b68ae4ecdcd3f8786aac67333d8a21cf58e082f2327879878dee728f2730ef258a9ec1f1d53d366fa514c39a7e68565529fd8970659938d8be7702e9b1d6400f0db236e41b668139940ecf61f8ba4b389578eae0bed7248228a4dfe635b18862c00987ccd82a47fdbe3104c9b8cfc707f86f61ab12148844b834a6caaa44c56e404c57", 0xe2}], 0x3, &(0x7f0000000e80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x23}, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @ip_retopts={{0x14, 0x0, 0x7, {[@end]}}}, @ip_retopts={{0x3c, 0x0, 0x7, {[@rr={0x7, 0x1f, 0xff, [@loopback, @broadcast, @dev={0xac, 0x14, 0x14, 0x23}, @multicast2, @empty, @initdev={0xac, 0x1e, 0x1, 0x0}, @local]}, @generic={0x0, 0xd, "dfd7470c49abd3454a803a"}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xf1}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @rand_addr=0x66a000, @multicast2}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x4}}, @ip_tos_int={{0x14}}], 0xe0}}, {{0x0, 0x0, &(0x7f0000001100)=[{&(0x7f0000000f80)="15eecf96e8a9d741cb9f37c5ed3ae118cbba8846cd2053b7dc170f894103cf6a7fe88ee85f52d72c11a572376847b390279c3399f919c3dbe075ee0766ae351217ada626c22c4d4ed37853989e730bd3515400945df0", 0x56}, {&(0x7f0000001040)="a6c6d4a91ec601811aa87e388213007e99c55e597036c5b1833adbf6c4f37ec11d34bdcf32e687c020d5d2f8ec0f20", 0x2f}], 0x2, &(0x7f0000001140)}}, {{&(0x7f0000001180)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000001340)=[@ip_ttl={{0x14, 0x0, 0x2, 0x81}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @loopback, @multicast1}}}, @ip_retopts={{0x38, 0x0, 0x7, {[@timestamp={0x44, 0x4, 0x81, 0x3, 0xa}, @end, @end, @ra={0x94, 0x6, 0x6}, @timestamp={0x44, 0x14, 0x71, 0x0, 0x2, [{[], 0x1}, {[], 0x99a6}, {[@remote], 0xfffffff8}]}, @rr={0x7, 0x7, 0x40, [@local]}]}}}, @ip_tos_int={{0x14}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x72}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x26}}, @ip_retopts={{0x1c, 0x0, 0x7, {[@lsrr={0x83, 0x7, 0xe, [@initdev={0xac, 0x1e, 0x1, 0x0}]}, @end, @end, @end]}}}], 0xd8}}, {{&(0x7f0000001440)={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f0000001700)=[{&(0x7f0000001480)="f0746c592900a0b77d3050821ef9a2f9c1e557955f8823f2", 0x18}, {&(0x7f00000014c0)="e00a21d93482a22117f03df2177438c686e3e21c6cb48bceab27acab414cebf7", 0x20}, {&(0x7f0000001500)='/', 0x1}, {0x0}, {&(0x7f0000001600)="31bd0c297beebdacce4e61910dae8186734e4a4b7528b48881db4fbc00df7f8e9fbee5147896eb9e60a980ada9e1daa3622df901aaed7c32d060acd223335d8815579cfb39dfca5e60d2c4409f13a11eb19e11fcc68026436ac440831c22ac097bc1045b8d0bd1b019afaa98658898d266e27aa85bc55148cfc4406b69a696141ce1c531291c7225dffde367a48763b4353732d0eb35e0bacae0d4cb3ef6227ff2a1a57825eccd43cd6b4248e5f815de24da911d90a813830b0b372d5f8ed0166cac153803b4d5fbd64806b443560f54013714188314a43518d038dadbaf577095ab66dbecaa64", 0xe7}], 0x5, &(0x7f0000001a80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r8, @remote, @loopback}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @loopback, @remote}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r10, @broadcast, @dev={0xac, 0x14, 0x14, 0x20}}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x8e27dde}}], 0x78}}], 0x7, 0x4000000) fchdir(r0) r11 = open(&(0x7f00000000c0)='./bus\x00', 0x1fe, 0x0) write$binfmt_aout(r11, &(0x7f0000000440)=ANY=[@ANYRES64], 0x8) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unlink(&(0x7f0000001e00)='./bus\x00') sendfile(r11, r11, &(0x7f0000000000), 0x8080fffffffe) creat(&(0x7f0000000200)='./bus\x00', 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 20:02:11 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(0xffffffffffffffff, &(0x7f0000000080)=""/194, 0xff42) getdents64(r0, 0x0, 0x0) [ 248.615928][ T9511] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 20:02:12 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:12 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f0000000200)=""/187) 20:02:12 executing program 5: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsa\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) r1 = getpid() tkill(r1, 0x9) socket(0x10, 0x3, 0x0) read$FUSE(r0, &(0x7f0000000040), 0x1000) 20:02:12 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(0xffffffffffffffff, &(0x7f0000000080)=""/194, 0xff42) getdents64(r0, 0x0, 0x0) 20:02:12 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(0xffffffffffffffff, &(0x7f0000000080)=""/194, 0xff42) getdents64(r0, 0x0, 0x0) [ 248.936675][ T9531] EXT4-fs (loop2): VFS: Can't find ext4 filesystem [ 249.308374][ T9513] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 249.361380][ T9513] FAT-fs (loop1): Filesystem has been set read-only [ 249.409111][ T9513] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 0) [ 249.434113][ T9506] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF 20:02:14 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:02:14 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f0000000200)=""/187) 20:02:14 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:14 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, 0x0, 0x0) getdents64(r0, 0x0, 0x0) 20:02:14 executing program 5: perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000004d80)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002dad25568af7580b81d0799dd99cb75fedd7ac7ebbf6277939b33d0591e85197d35d8363806e3cac83a2fb756fb36c9aa9a3e423a9f53dab"], 0x48}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_IFNAME={0x14, 0x3, '/eth1_to_bond\x00'}]}, 0x34}}, 0x0) 20:02:14 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @broadcast, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @broadcast=0xe0000001}, @icmp}}}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) shutdown(r2, 0x0) recvfrom$inet(r2, 0x0, 0x327, 0x142, 0x0, 0x0) recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x800e0080f) 20:02:15 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, 0x0, 0x0) getdents64(r0, 0x0, 0x0) [ 251.645720][ T9555] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 20:02:15 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) 20:02:15 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:15 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, 0x0, 0x0) getdents64(r0, 0x0, 0x0) 20:02:15 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS3\x00', 0x0, 0x0) ioctl$TCSETSW(r0, 0x545c, &(0x7f00000000c0)) 20:02:15 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) [ 251.920032][ T9575] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 20:02:18 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:02:18 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS3\x00', 0x0, 0x0) ioctl$TCSETSW(r0, 0x545c, &(0x7f00000000c0)) 20:02:18 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) getdents64(0xffffffffffffffff, 0x0, 0x0) 20:02:18 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:18 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, 0x0) 20:02:18 executing program 1: epoll_create1(0x0) epoll_create1(0x0) timerfd_create(0x0, 0x0) listen(0xffffffffffffffff, 0x0) close(0xffffffffffffffff) connect(0xffffffffffffffff, 0x0, 0x0) socket$packet(0x11, 0x0, 0x300) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r0 = open(&(0x7f0000000300)='./file0\x00', 0x0, 0x0) r1 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xed\x1f', r2}) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xed\x1f', r4}) pipe(0x0) close(0xffffffffffffffff) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xed\x1f'}) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xed\x1f', r6}) sendmmsg$inet(r1, &(0x7f0000001b00)=[{{0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000240)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x3f}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x100}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xc6}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x20}}], 0x60}}, {{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f00000001c0)="61c52da48270753242926935ccd1db492eb10c33fee7c1a9f8a0aa590d97ba6b586e676b10e206a9b89b", 0x2a}, {&(0x7f0000000340)}, {&(0x7f0000000580)="f020f6aaccf3296c3efc5ab8a6451722ab2fa7a5eaedf362363ef9dfddfa6ae9fd498ad5aef1c8b68be7d9bafec451c17414c540e017cadcd534b7e957cfe0d04c7a7dd6fd343d2b34d0b126723e853ddf1d19f75dc3b40ef9bbb1bb9340e4c3c22bf29642f6e211503225d82715ee38446a759c8b9b43da2f73feb1ab5d4670476ed3ec4a880cf7e98a8f2977acc73c459d2823888214b193dd13720a2a965ea61aab0924e7a5393b84ff1da6ff0f75fc9ea38caa3ce38de3ffeef698d894dcc0a4973f6b771358ba0be40d0429d126fba83b029d74db22d47b43c2d146f6", 0xdf}, {&(0x7f0000000480)="fb4d9ea88895016db4db7799c4ab9d5bab4269ec6c40fb7748efc3bd086e5bcce2c9859d7decdf79be679754d900", 0x2e}], 0x4, &(0x7f0000000680)=[@ip_ttl={{0x14, 0x0, 0x2, 0x401}}, @ip_ttl={{0x14, 0x0, 0x2, 0x1000}}, @ip_retopts={{0x4c, 0x0, 0x7, {[@cipso={0x86, 0x28, 0x0, [{0x5, 0xe, "ce6bad3c444dc5a99c99463a"}, {0x7, 0x4, "cffb"}, {0x2, 0x7, "0e3ffc31fa"}, {0x0, 0x9, "1a5b3e1061870d"}]}, @noop, @cipso={0x86, 0x10, 0x9a6, [{0x0, 0x2}, {0x1, 0x6, "cc05dc0b"}, {0x5, 0x2}]}]}}}], 0x80}}, {{&(0x7f0000000500), 0x10, 0x0, 0x0, &(0x7f0000000a40)=[@ip_retopts={{0x44, 0x0, 0x7, {[@cipso={0x86, 0x8, 0x20, [{0x0, 0x2}]}, @end, @ssrr={0x89, 0x23, 0x0, [@multicast1, @multicast1, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty, @multicast1, @dev={0xac, 0x14, 0x14, 0x1a}, @loopback]}, @lsrr={0x83, 0x7, 0x1, [@local]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @rand_addr, @remote}}}, @ip_ttl={{0x14}}, @ip_retopts={{0x54, 0x0, 0x7, {[@cipso={0x86, 0x2c, 0x5ea, [{0x0, 0x10, "c581ab02e6453320966a2890873e"}, {0x5, 0xb, "28b00714f524d91fc2"}, {0x0, 0xb, "dc70bd736fe5db5ae2"}]}, @rr={0x7, 0x13, 0x9, [@broadcast, @rand_addr, @dev={0xac, 0x14, 0x14, 0x1f}, @multicast2]}, @end, @end, @noop]}}}], 0xd8}}, {{0x0, 0x0, &(0x7f0000000e40)=[{0x0}, {0x0}], 0x2, &(0x7f0000000e80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x23}, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xf1}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @rand_addr=0x66a000, @multicast2}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x4}}], 0x70}}, {{0x0, 0x0, &(0x7f0000001100)=[{&(0x7f0000000f80)}, {&(0x7f0000001040)="a6c6d4a91ec601811aa87e388213007e99c55e597036c5b1833adbf6c4f37ec11d34bdcf32e687c020d5d2f8ec0f20", 0x2f}, {&(0x7f0000001080)="483428de0c225b6137cf80fe80f823962c1c082f03f00a44c6e4ef7c9933099322567f3f6afee05cf2fc30fce38e13ea3458b2b7bb427ccf02c88bc545a15dc0ac63bb70", 0x44}], 0x3, &(0x7f0000001140)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}}}], 0x20}}, {{&(0x7f0000001440)={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f0000001700)=[{&(0x7f00000014c0)="e00a21d93482a22117f03df2177438c6", 0x10}, {&(0x7f0000001600)}], 0x2, &(0x7f0000001a80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @loopback}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @loopback, @remote}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @broadcast, @dev={0xac, 0x14, 0x14, 0x20}}}}, @ip_tos_int={{0x14}}], 0x78}}], 0x6, 0x4000000) fchdir(r0) r7 = open(&(0x7f00000000c0)='./bus\x00', 0x1fe, 0x0) write$binfmt_aout(r7, &(0x7f0000000440)=ANY=[@ANYRES64], 0x8) ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, 0x0) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unlink(&(0x7f0000001e00)='./bus\x00') sendfile(r7, r7, &(0x7f0000000000), 0x8080fffffffe) creat(&(0x7f0000000200)='./bus\x00', 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 20:02:18 executing program 0: 20:02:18 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) getdents64(0xffffffffffffffff, 0x0, 0x0) [ 254.904345][ T9602] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 20:02:18 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:18 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) getdents64(0xffffffffffffffff, 0x0, 0x0) [ 255.110791][ T9613] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 255.119720][ T9613] FAT-fs (loop1): Filesystem has been set read-only [ 255.130624][ T9613] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 0) 20:02:18 executing program 0: [ 255.167809][ T9597] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF 20:02:18 executing program 0: [ 255.214050][ T9627] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 20:02:21 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:02:21 executing program 3: 20:02:21 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:21 executing program 1: epoll_create1(0x0) epoll_create1(0x0) timerfd_create(0x0, 0x0) listen(0xffffffffffffffff, 0x0) close(0xffffffffffffffff) connect(0xffffffffffffffff, 0x0, 0x0) socket$packet(0x11, 0x0, 0x300) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r0 = open(&(0x7f0000000300)='./file0\x00', 0x0, 0x0) r1 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xed\x1f', r2}) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xed\x1f', r4}) pipe(0x0) close(0xffffffffffffffff) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xed\x1f'}) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xed\x1f', r6}) sendmmsg$inet(r1, &(0x7f0000001b00)=[{{0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000240)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x3f}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x100}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xc6}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x20}}], 0x60}}, {{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f00000001c0)="61c52da48270753242926935ccd1db492eb10c33fee7c1a9f8a0aa590d97ba6b586e676b10e206a9b89b", 0x2a}, {&(0x7f0000000340)}, {&(0x7f0000000580)="f020f6aaccf3296c3efc5ab8a6451722ab2fa7a5eaedf362363ef9dfddfa6ae9fd498ad5aef1c8b68be7d9bafec451c17414c540e017cadcd534b7e957cfe0d04c7a7dd6fd343d2b34d0b126723e853ddf1d19f75dc3b40ef9bbb1bb9340e4c3c22bf29642f6e211503225d82715ee38446a759c8b9b43da2f73feb1ab5d4670476ed3ec4a880cf7e98a8f2977acc73c459d2823888214b193dd13720a2a965ea61aab0924e7a5393b84ff1da6ff0f75fc9ea38caa3ce38de3ffeef698d894dcc0a4973f6b771358ba0be40d0429d126fba83b029d74db22d47b43c2d146f6", 0xdf}, {&(0x7f0000000480)="fb4d9ea88895016db4db7799c4ab9d5bab4269ec6c40fb7748efc3bd086e5bcce2c9859d7decdf79be679754d900", 0x2e}], 0x4, &(0x7f0000000680)=[@ip_ttl={{0x14, 0x0, 0x2, 0x401}}, @ip_ttl={{0x14, 0x0, 0x2, 0x1000}}, @ip_retopts={{0x4c, 0x0, 0x7, {[@cipso={0x86, 0x28, 0x0, [{0x5, 0xe, "ce6bad3c444dc5a99c99463a"}, {0x7, 0x4, "cffb"}, {0x2, 0x7, "0e3ffc31fa"}, {0x0, 0x9, "1a5b3e1061870d"}]}, @noop, @cipso={0x86, 0x10, 0x9a6, [{0x0, 0x2}, {0x1, 0x6, "cc05dc0b"}, {0x5, 0x2}]}]}}}], 0x80}}, {{&(0x7f0000000500), 0x10, 0x0, 0x0, &(0x7f0000000a40)=[@ip_retopts={{0x44, 0x0, 0x7, {[@cipso={0x86, 0x8, 0x20, [{0x0, 0x2}]}, @end, @ssrr={0x89, 0x23, 0x0, [@multicast1, @multicast1, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty, @multicast1, @dev={0xac, 0x14, 0x14, 0x1a}, @loopback]}, @lsrr={0x83, 0x7, 0x1, [@local]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @rand_addr, @remote}}}, @ip_ttl={{0x14}}, @ip_retopts={{0x54, 0x0, 0x7, {[@cipso={0x86, 0x2c, 0x5ea, [{0x0, 0x10, "c581ab02e6453320966a2890873e"}, {0x5, 0xb, "28b00714f524d91fc2"}, {0x0, 0xb, "dc70bd736fe5db5ae2"}]}, @rr={0x7, 0x13, 0x9, [@broadcast, @rand_addr, @dev={0xac, 0x14, 0x14, 0x1f}, @multicast2]}, @end, @end, @noop]}}}], 0xd8}}, {{0x0, 0x0, &(0x7f0000000e40)=[{0x0}, {0x0}], 0x2, &(0x7f0000000e80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x23}, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xf1}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @rand_addr=0x66a000, @multicast2}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x4}}], 0x70}}, {{0x0, 0x0, &(0x7f0000001100)=[{&(0x7f0000000f80)}, {&(0x7f0000001040)="a6c6d4a91ec601811aa87e388213007e99c55e597036c5b1833adbf6c4f37ec11d34bdcf32e687c020d5d2f8ec0f20", 0x2f}, {&(0x7f0000001080)="483428de0c225b6137cf80fe80f823962c1c082f03f00a44c6e4ef7c9933099322567f3f6afee05cf2fc30fce38e13ea3458b2b7bb427ccf02c88bc545a15dc0ac63bb70", 0x44}], 0x3, &(0x7f0000001140)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}}}], 0x20}}, {{&(0x7f0000001440)={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f0000001700)=[{&(0x7f00000014c0)="e00a21d93482a22117f03df2177438c6", 0x10}, {&(0x7f0000001600)}], 0x2, &(0x7f0000001a80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @loopback}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @loopback, @remote}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @broadcast, @dev={0xac, 0x14, 0x14, 0x20}}}}, @ip_tos_int={{0x14}}], 0x78}}], 0x6, 0x4000000) fchdir(r0) r7 = open(&(0x7f00000000c0)='./bus\x00', 0x1fe, 0x0) write$binfmt_aout(r7, &(0x7f0000000440)=ANY=[@ANYRES64], 0x8) ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, 0x0) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unlink(&(0x7f0000001e00)='./bus\x00') sendfile(r7, r7, &(0x7f0000000000), 0x8080fffffffe) creat(&(0x7f0000000200)='./bus\x00', 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 20:02:21 executing program 0: epoll_create1(0x0) epoll_create1(0x0) timerfd_create(0x0, 0x0) listen(0xffffffffffffffff, 0x0) close(0xffffffffffffffff) connect(0xffffffffffffffff, 0x0, 0x0) socket$packet(0x11, 0x0, 0x300) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r0 = open(&(0x7f0000000300)='./file0\x00', 0x0, 0x0) r1 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xed\x1f', r2}) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xed\x1f', r4}) pipe(0x0) close(0xffffffffffffffff) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xed\x1f'}) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xed\x1f', r6}) sendmmsg$inet(r1, &(0x7f0000001b00)=[{{0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000240)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x3f}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x100}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xc6}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x20}}], 0x60}}, {{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f00000001c0)="61c52da48270753242926935ccd1db492eb10c33fee7c1a9f8a0aa590d97ba6b586e676b10e206a9b89b", 0x2a}, {&(0x7f0000000340)}, {&(0x7f0000000580)="f020f6aaccf3296c3efc5ab8a6451722ab2fa7a5eaedf362363ef9dfddfa6ae9fd498ad5aef1c8b68be7d9bafec451c17414c540e017cadcd534b7e957cfe0d04c7a7dd6fd343d2b34d0b126723e853ddf1d19f75dc3b40ef9bbb1bb9340e4c3c22bf29642f6e211503225d82715ee38446a759c8b9b43da2f73feb1ab5d4670476ed3ec4a880cf7e98a8f2977acc73c459d2823888214b193dd13720a2a965ea61aab0924e7a5393b84ff1da6ff0f75fc9ea38caa3ce38de3ffeef698d894dcc0a4973f6b771358ba0be40d0429d126fba83b029d74db22d47b43c2d146f6", 0xdf}, {&(0x7f0000000480)="fb4d9ea88895016db4db7799c4ab9d5bab4269ec6c40fb7748efc3bd086e5bcce2c9859d7decdf79be679754d900", 0x2e}], 0x4, &(0x7f0000000680)=[@ip_ttl={{0x14, 0x0, 0x2, 0x401}}, @ip_ttl={{0x14, 0x0, 0x2, 0x1000}}, @ip_retopts={{0x4c, 0x0, 0x7, {[@cipso={0x86, 0x28, 0x0, [{0x5, 0xe, "ce6bad3c444dc5a99c99463a"}, {0x7, 0x4, "cffb"}, {0x2, 0x7, "0e3ffc31fa"}, {0x0, 0x9, "1a5b3e1061870d"}]}, @noop, @cipso={0x86, 0x10, 0x9a6, [{0x0, 0x2}, {0x1, 0x6, "cc05dc0b"}, {0x5, 0x2}]}]}}}], 0x80}}, {{&(0x7f0000000500), 0x10, 0x0, 0x0, &(0x7f0000000a40)=[@ip_retopts={{0x44, 0x0, 0x7, {[@cipso={0x86, 0x8, 0x20, [{0x0, 0x2}]}, @end, @ssrr={0x89, 0x23, 0x0, [@multicast1, @multicast1, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty, @multicast1, @dev={0xac, 0x14, 0x14, 0x1a}, @loopback]}, @lsrr={0x83, 0x7, 0x1, [@local]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @rand_addr, @remote}}}, @ip_ttl={{0x14}}, @ip_retopts={{0x54, 0x0, 0x7, {[@cipso={0x86, 0x2c, 0x5ea, [{0x0, 0x10, "c581ab02e6453320966a2890873e"}, {0x5, 0xb, "28b00714f524d91fc2"}, {0x0, 0xb, "dc70bd736fe5db5ae2"}]}, @rr={0x7, 0x13, 0x9, [@broadcast, @rand_addr, @dev={0xac, 0x14, 0x14, 0x1f}, @multicast2]}, @end, @end, @noop]}}}], 0xd8}}, {{0x0, 0x0, &(0x7f0000000e40)=[{0x0}, {0x0}], 0x2, &(0x7f0000000e80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x23}, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xf1}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @rand_addr=0x66a000, @multicast2}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x4}}], 0x70}}, {{0x0, 0x0, &(0x7f0000001100)=[{&(0x7f0000000f80)}, {&(0x7f0000001040)="a6c6d4a91ec601811aa87e388213007e99c55e597036c5b1833adbf6c4f37ec11d34bdcf32e687c020d5d2f8ec0f20", 0x2f}, {&(0x7f0000001080)="483428de0c225b6137cf80fe80f823962c1c082f03f00a44c6e4ef7c9933099322567f3f6afee05cf2fc30fce38e13ea3458b2b7bb427ccf02c88bc545a15dc0ac63bb70", 0x44}], 0x3, &(0x7f0000001140)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}}}], 0x20}}, {{&(0x7f0000001440)={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f0000001700)=[{&(0x7f00000014c0)="e00a21d93482a22117f03df2177438c6", 0x10}, {&(0x7f0000001600)}], 0x2, &(0x7f0000001a80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @loopback}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @loopback, @remote}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @broadcast, @dev={0xac, 0x14, 0x14, 0x20}}}}, @ip_tos_int={{0x14}}], 0x78}}], 0x6, 0x4000000) fchdir(r0) r7 = open(&(0x7f00000000c0)='./bus\x00', 0x1fe, 0x0) write$binfmt_aout(r7, &(0x7f0000000440)=ANY=[@ANYRES64], 0x8) ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, 0x0) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unlink(&(0x7f0000001e00)='./bus\x00') sendfile(r7, r7, &(0x7f0000000000), 0x8080fffffffe) creat(&(0x7f0000000200)='./bus\x00', 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 20:02:21 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS3\x00', 0x0, 0x0) ioctl$TCSETSW(r0, 0x545c, &(0x7f00000000c0)) [ 258.015081][ T9650] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 20:02:21 executing program 3: epoll_create1(0x0) epoll_create1(0x0) timerfd_create(0x0, 0x0) listen(0xffffffffffffffff, 0x0) close(0xffffffffffffffff) connect(0xffffffffffffffff, 0x0, 0x0) socket$packet(0x11, 0x0, 0x300) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r0 = open(&(0x7f0000000300)='./file0\x00', 0x0, 0x0) r1 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xed\x1f', r2}) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xed\x1f', r4}) pipe(0x0) close(0xffffffffffffffff) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xed\x1f'}) getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000004c0)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xed\x1f', r6}) sendmmsg$inet(r1, &(0x7f0000001b00)=[{{0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000240)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x3f}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x100}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xc6}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x20}}], 0x60}}, {{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f00000001c0)="61c52da48270753242926935ccd1db492eb10c33fee7c1a9f8a0aa590d97ba6b586e676b10e206a9b89b", 0x2a}, {&(0x7f0000000340)}, {&(0x7f0000000580)="f020f6aaccf3296c3efc5ab8a6451722ab2fa7a5eaedf362363ef9dfddfa6ae9fd498ad5aef1c8b68be7d9bafec451c17414c540e017cadcd534b7e957cfe0d04c7a7dd6fd343d2b34d0b126723e853ddf1d19f75dc3b40ef9bbb1bb9340e4c3c22bf29642f6e211503225d82715ee38446a759c8b9b43da2f73feb1ab5d4670476ed3ec4a880cf7e98a8f2977acc73c459d2823888214b193dd13720a2a965ea61aab0924e7a5393b84ff1da6ff0f75fc9ea38caa3ce38de3ffeef698d894dcc0a4973f6b771358ba0be40d0429d126fba83b029d74db22d47b43c2d146f6", 0xdf}, {&(0x7f0000000480)="fb4d9ea88895016db4db7799c4ab9d5bab4269ec6c40fb7748efc3bd086e5bcce2c9859d7decdf79be679754d900", 0x2e}], 0x4, &(0x7f0000000680)=[@ip_ttl={{0x14, 0x0, 0x2, 0x401}}, @ip_ttl={{0x14, 0x0, 0x2, 0x1000}}, @ip_retopts={{0x4c, 0x0, 0x7, {[@cipso={0x86, 0x28, 0x0, [{0x5, 0xe, "ce6bad3c444dc5a99c99463a"}, {0x7, 0x4, "cffb"}, {0x2, 0x7, "0e3ffc31fa"}, {0x0, 0x9, "1a5b3e1061870d"}]}, @noop, @cipso={0x86, 0x10, 0x9a6, [{0x0, 0x2}, {0x1, 0x6, "cc05dc0b"}, {0x5, 0x2}]}]}}}], 0x80}}, {{&(0x7f0000000500), 0x10, 0x0, 0x0, &(0x7f0000000a40)=[@ip_retopts={{0x44, 0x0, 0x7, {[@cipso={0x86, 0x8, 0x20, [{0x0, 0x2}]}, @end, @ssrr={0x89, 0x23, 0x0, [@multicast1, @multicast1, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty, @multicast1, @dev={0xac, 0x14, 0x14, 0x1a}, @loopback]}, @lsrr={0x83, 0x7, 0x1, [@local]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @rand_addr, @remote}}}, @ip_ttl={{0x14}}, @ip_retopts={{0x54, 0x0, 0x7, {[@cipso={0x86, 0x2c, 0x5ea, [{0x0, 0x10, "c581ab02e6453320966a2890873e"}, {0x5, 0xb, "28b00714f524d91fc2"}, {0x0, 0xb, "dc70bd736fe5db5ae2"}]}, @rr={0x7, 0x13, 0x9, [@broadcast, @rand_addr, @dev={0xac, 0x14, 0x14, 0x1f}, @multicast2]}, @end, @end, @noop]}}}], 0xd8}}, {{0x0, 0x0, &(0x7f0000000e40)=[{0x0}, {0x0}], 0x2, &(0x7f0000000e80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x23}, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xf1}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @rand_addr=0x66a000, @multicast2}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x4}}], 0x70}}, {{0x0, 0x0, &(0x7f0000001100)=[{&(0x7f0000000f80)}, {&(0x7f0000001040)="a6c6d4a91ec601811aa87e388213007e99c55e597036c5b1833adbf6c4f37ec11d34bdcf32e687c020d5d2f8ec0f20", 0x2f}, {&(0x7f0000001080)="483428de0c225b6137cf80fe80f823962c1c082f03f00a44c6e4ef7c9933099322567f3f6afee05cf2fc30fce38e13ea3458b2b7bb427ccf02c88bc545a15dc0ac63bb70", 0x44}], 0x3, &(0x7f0000001140)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}}}], 0x20}}, {{&(0x7f0000001440)={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f0000001700)=[{&(0x7f00000014c0)="e00a21d93482a22117f03df2177438c6", 0x10}, {&(0x7f0000001600)}], 0x2, &(0x7f0000001a80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @loopback}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @loopback, @remote}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @broadcast, @dev={0xac, 0x14, 0x14, 0x20}}}}, @ip_tos_int={{0x14}}], 0x78}}], 0x6, 0x4000000) fchdir(r0) r7 = open(&(0x7f00000000c0)='./bus\x00', 0x1fe, 0x0) write$binfmt_aout(r7, &(0x7f0000000440)=ANY=[@ANYRES64], 0x8) ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, 0x0) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unlink(&(0x7f0000001e00)='./bus\x00') sendfile(r7, r7, &(0x7f0000000000), 0x8080fffffffe) creat(&(0x7f0000000200)='./bus\x00', 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 20:02:21 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) [ 258.354122][ T9655] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 258.364444][ T9655] FAT-fs (loop0): Filesystem has been set read-only [ 258.372160][ T9655] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 0) [ 258.422304][ T9648] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 258.475503][ T9673] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 20:02:21 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140), 0x0, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:21 executing program 0: perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x10000000013, &(0x7f00000006c0)=0x2000000000000001, 0x4) fcntl$setflags(r0, 0x2, 0x1) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000001c0)='veth1_to_team\x00', 0x10) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4) setsockopt$inet_tcp_int(r1, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0xdf5, 0xf087}, 0x14) setsockopt$inet_tcp_int(r1, 0x6, 0x4000000000013, &(0x7f0000000180), 0x4) sendto$inet(r1, &(0x7f0000000040)="b9", 0x1, 0x8000, 0x0, 0x4d) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, 0x0) write$binfmt_elf32(r1, &(0x7f0000001040)=ANY=[@ANYBLOB="db3f06f8ec83cf3f00000060dc4b9e3237d0cb0ac77c4e0000000000000008526c8b4741b9292ab545d6d15a8d32ee6c358f53186882f559eac27b30301f8fe21424983c437530b2411deb7ed069ca50ba39bff3cb3361235b45728489f9e45d793522658917072a47a400beb64c48455f2c815d191109b497d59b988776787ee305d86e053adc92bd82fdbe772fd53e13c520bedf64f638035597e892dfd9947cb2f7619266ccb03092d2ec2e43281e4df2c960d9390317b9608dc023737f898cae5065a19fcd554a3c0d0a161bd961b43af340668e27467cce502687e1db6bbea0da2798f5ddc91b8b7b6bc4197dc9b00f860aa44e892731fc373e49ba1e286177df78522665abff35c6bcaacebdb6b680d481ae671b4aec4b0882319b17f467a59ff8d61e5ce78fac3decde0e6a08fd0d7bdea4a0a763f2da618042abc931657864d77e3d5b6106f5f64a9ec82c16e1d27b389747d3f0982fd14138c068f277a224aa9a41509f6e1e00a13ba22734f6b4e0bd069dc7abc0023126ae4cdf369e7257fe31615717dc6951e4417efe1f73ff80c3bb5f08e64a763b4252f39f0a4b1e22b8e975fbbfef8b562d3eb58894af88b58f7f659a92b00000000000000000000000000000002d754f7f04ad3873d53cbb267b1ebd17b29bfe6ea6eec40f48598dc58c0eabacf9d27188ff139de50321dd0fa2e539b2e262d2b1baf1c47b0efa974b3b9ce5407311244afcf28d927441707dbc1ff96306462bead35d83fa6dc7b099ec552427f7149a347018e73661ddade7a2d2f3a99c859de54a2f428b045a12f69034e487986297ec8b25b9888201d74796e9c0a6b34ba91d40d43448441d7e9ff2dd18ea0e7b1501fe42d4992a31dd4a76f6fc65f9c3c2a78c29b8c2334cd0671a586086ccdadd76c8417c8f5cbf23e4c6fd60d2d3576a80ba886f30e6fede6d4c993785f89fd14d4e57b4b8e4", @ANYRES16=0x0, @ANYBLOB="b7e73a1d2edd3910dcaeab8c30d059d1eb1665345e000000000000800112130be48d7b1397f69b5aee61355b5ec6a8395a8c5a833203a695734ab0abab5a26801fa1eff10f4b8737e3750602d2721607a8bb4bee07eb9528c12e1e70aa4855b07d989a8c48d11e4c6cafad2067d98fd2c165ef0fa928881fa85e9e023fd6bbb74bece396aa022590ef45c7f4666193d7531ad97c7a77fcece5b04214b12c00b972a44b0fe2fe2233d9fbf99667588930b3b36eb34d34d28fc93050e2d8f207747c7cf6c870de9d800e74131b04d3933f77f091980207359d67cfbbbce18c246bd082af616ef6fd993b52ed245b5999341385e8596d9a144557817c8c6df9fb28215d3a67a2c20f0b4a15fca980d34f503612ed36c3d13272db440f0d040338fde7777fe67d6a55137f27d953cca32920f36d122a2e889c42e6d44328e4d338a0bd195ba8e46a0f7c6c49ede7961e0f28c4791284ebed9c14720ace4e39239ed67d399eca61a04eac3e9b1f0b000000000000b1ef5be5112250895b5892d09f7e2022d6afb5bfe7eac95c479b28e6571b573cbbfdb09816ba4f00"/439, @ANYPTR64=&(0x7f0000000d40)=ANY=[@ANYRES64, @ANYRESHEX=0x0, @ANYBLOB="6c95e315b13a9b25cf4b5b917f3a17b03f53dbf01a4efbc9867da9224c099282e150a3000000824b10de7341d8ac8197a260a2634ab05ef3d4b6a228df903fdfcd1678f2b47baf90fdc5d519a20ef1d1b7505588f1a7b2219aef112e1676a809ed122a3630296c9452ee8913525a868f40096d2a65daf4f8dfa66f220db58095a2e20091df22c8e4b702734ceb2c02f6f42047cfbd7fc08a9b8cb0693970ba6db9f14832972f55a0a2cc2c32fceef3a534132ecadbc4eba12f9af0a5387ca8162955b410bcb785a523b1818f5104ad3616bec2796dba29ab743322b6f7cce4c9da4e7d7e015b2b678224acbc346f05168fdd678906f1f4bf3b7a35c6e4dd2702a93b0e47ee77b0608b3ccb8da716a7bbae31cad5182280c08c227b50f8136d3d2da9861a2cc56ed578315c8b14fb4a41c228969f511b12e4ea057a5a2d7dbd99df0c2e6723488b7f982b990ab2677c8ab2de13eee566a2ea2b24e1312596bdb31cf2cd198ace6acf52d03e4f228bb22788eb87b220f5fc86d2f20400000000000000e8450b6f58f19f94525d4d77cf306be81b2bcb3539fd007638d771cfc96e6e0d2beccb7c3d0dc1de8524bcfb8fc4", @ANYBLOB="fdff2465c85ee721210885b8e8f40a06d48c6bd1507ae657bb1f27296b741258470a753d2863b9fe61f3d538c9339a8d3511f702a8958b96836fe7e06a2991b69c692854cbf3e4b0cb77a8bfaf66ce76817c66392eb3df56f646c6788cc39364b3272090c7fbcc4a5bdfd4db63591603d635af1010edf8e8185062583c2a0ac82b9506ea2c860b28d7081be5ca1601d8182a9c58db373f78781db87e2a9b1c2b363b2e1547060b69cdce9e15756b85d3711c0951e33be244871cde07548a985417f2ecd51df9f0091cff2f7b8826bbbe318ee0dd13c74b27b6332681bf4db264d97a48429808007162cf30c0e91c0773ac40c3ed822600b2b4bbed4a1e0e508b5c25db7f9bec0ed301e97a5be4ce4aa5aa", @ANYRESDEC, @ANYRES32=0x0], @ANYRESHEX], 0xfffffffffffffffb) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) fcntl$setownex(0xffffffffffffffff, 0xf, 0x0) [ 258.722843][ T9644] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 258.748299][ T9677] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 20:02:22 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS3\x00', 0x0, 0x0) ioctl$TCSETSW(r0, 0x545c, &(0x7f00000000c0)) [ 258.772220][ T9644] FAT-fs (loop1): Filesystem has been set read-only [ 258.863184][ T9644] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 0) [ 258.873279][ T9644] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF 20:02:22 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140), 0x0, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) [ 259.173651][ T9694] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 20:02:24 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:02:24 executing program 1: getxattr(0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) ptrace$setopts(0x4206, r1, 0x0, 0x0) ptrace(0x4207, r1) ptrace$setregset(0x11, r1, 0x20000004, 0x0) 20:02:24 executing program 0: perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x10000000013, &(0x7f00000006c0)=0x2000000000000001, 0x4) fcntl$setflags(r0, 0x2, 0x1) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000001c0)='veth1_to_team\x00', 0x10) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4) setsockopt$inet_tcp_int(r1, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0xdf5, 0xf087}, 0x14) setsockopt$inet_tcp_int(r1, 0x6, 0x4000000000013, &(0x7f0000000180), 0x4) sendto$inet(r1, &(0x7f0000000040)="b9", 0x1, 0x8000, 0x0, 0x4d) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, 0x0) write$binfmt_elf32(r1, &(0x7f0000001040)=ANY=[@ANYBLOB="db3f06f8ec83cf3f00000060dc4b9e3237d0cb0ac77c4e0000000000000008526c8b4741b9292ab545d6d15a8d32ee6c358f53186882f559eac27b30301f8fe21424983c437530b2411deb7ed069ca50ba39bff3cb3361235b45728489f9e45d793522658917072a47a400beb64c48455f2c815d191109b497d59b988776787ee305d86e053adc92bd82fdbe772fd53e13c520bedf64f638035597e892dfd9947cb2f7619266ccb03092d2ec2e43281e4df2c960d9390317b9608dc023737f898cae5065a19fcd554a3c0d0a161bd961b43af340668e27467cce502687e1db6bbea0da2798f5ddc91b8b7b6bc4197dc9b00f860aa44e892731fc373e49ba1e286177df78522665abff35c6bcaacebdb6b680d481ae671b4aec4b0882319b17f467a59ff8d61e5ce78fac3decde0e6a08fd0d7bdea4a0a763f2da618042abc931657864d77e3d5b6106f5f64a9ec82c16e1d27b389747d3f0982fd14138c068f277a224aa9a41509f6e1e00a13ba22734f6b4e0bd069dc7abc0023126ae4cdf369e7257fe31615717dc6951e4417efe1f73ff80c3bb5f08e64a763b4252f39f0a4b1e22b8e975fbbfef8b562d3eb58894af88b58f7f659a92b00000000000000000000000000000002d754f7f04ad3873d53cbb267b1ebd17b29bfe6ea6eec40f48598dc58c0eabacf9d27188ff139de50321dd0fa2e539b2e262d2b1baf1c47b0efa974b3b9ce5407311244afcf28d927441707dbc1ff96306462bead35d83fa6dc7b099ec552427f7149a347018e73661ddade7a2d2f3a99c859de54a2f428b045a12f69034e487986297ec8b25b9888201d74796e9c0a6b34ba91d40d43448441d7e9ff2dd18ea0e7b1501fe42d4992a31dd4a76f6fc65f9c3c2a78c29b8c2334cd0671a586086ccdadd76c8417c8f5cbf23e4c6fd60d2d3576a80ba886f30e6fede6d4c993785f89fd14d4e57b4b8e4", @ANYRES16=0x0, @ANYBLOB="b7e73a1d2edd3910dcaeab8c30d059d1eb1665345e000000000000800112130be48d7b1397f69b5aee61355b5ec6a8395a8c5a833203a695734ab0abab5a26801fa1eff10f4b8737e3750602d2721607a8bb4bee07eb9528c12e1e70aa4855b07d989a8c48d11e4c6cafad2067d98fd2c165ef0fa928881fa85e9e023fd6bbb74bece396aa022590ef45c7f4666193d7531ad97c7a77fcece5b04214b12c00b972a44b0fe2fe2233d9fbf99667588930b3b36eb34d34d28fc93050e2d8f207747c7cf6c870de9d800e74131b04d3933f77f091980207359d67cfbbbce18c246bd082af616ef6fd993b52ed245b5999341385e8596d9a144557817c8c6df9fb28215d3a67a2c20f0b4a15fca980d34f503612ed36c3d13272db440f0d040338fde7777fe67d6a55137f27d953cca32920f36d122a2e889c42e6d44328e4d338a0bd195ba8e46a0f7c6c49ede7961e0f28c4791284ebed9c14720ace4e39239ed67d399eca61a04eac3e9b1f0b000000000000b1ef5be5112250895b5892d09f7e2022d6afb5bfe7eac95c479b28e6571b573cbbfdb09816ba4f00"/439, @ANYPTR64=&(0x7f0000000d40)=ANY=[@ANYRES64, @ANYRESHEX=0x0, @ANYBLOB="6c95e315b13a9b25cf4b5b917f3a17b03f53dbf01a4efbc9867da9224c099282e150a3000000824b10de7341d8ac8197a260a2634ab05ef3d4b6a228df903fdfcd1678f2b47baf90fdc5d519a20ef1d1b7505588f1a7b2219aef112e1676a809ed122a3630296c9452ee8913525a868f40096d2a65daf4f8dfa66f220db58095a2e20091df22c8e4b702734ceb2c02f6f42047cfbd7fc08a9b8cb0693970ba6db9f14832972f55a0a2cc2c32fceef3a534132ecadbc4eba12f9af0a5387ca8162955b410bcb785a523b1818f5104ad3616bec2796dba29ab743322b6f7cce4c9da4e7d7e015b2b678224acbc346f05168fdd678906f1f4bf3b7a35c6e4dd2702a93b0e47ee77b0608b3ccb8da716a7bbae31cad5182280c08c227b50f8136d3d2da9861a2cc56ed578315c8b14fb4a41c228969f511b12e4ea057a5a2d7dbd99df0c2e6723488b7f982b990ab2677c8ab2de13eee566a2ea2b24e1312596bdb31cf2cd198ace6acf52d03e4f228bb22788eb87b220f5fc86d2f20400000000000000e8450b6f58f19f94525d4d77cf306be81b2bcb3539fd007638d771cfc96e6e0d2beccb7c3d0dc1de8524bcfb8fc4", @ANYBLOB="fdff2465c85ee721210885b8e8f40a06d48c6bd1507ae657bb1f27296b741258470a753d2863b9fe61f3d538c9339a8d3511f702a8958b96836fe7e06a2991b69c692854cbf3e4b0cb77a8bfaf66ce76817c66392eb3df56f646c6788cc39364b3272090c7fbcc4a5bdfd4db63591603d635af1010edf8e8185062583c2a0ac82b9506ea2c860b28d7081be5ca1601d8182a9c58db373f78781db87e2a9b1c2b363b2e1547060b69cdce9e15756b85d3711c0951e33be244871cde07548a985417f2ecd51df9f0091cff2f7b8826bbbe318ee0dd13c74b27b6332681bf4db264d97a48429808007162cf30c0e91c0773ac40c3ed822600b2b4bbed4a1e0e508b5c25db7f9bec0ed301e97a5be4ce4aa5aa", @ANYRESDEC, @ANYRES32=0x0], @ANYRESHEX], 0xfffffffffffffffb) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) fcntl$setownex(0xffffffffffffffff, 0xf, 0x0) 20:02:24 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140), 0x0, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:24 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x10000000013, &(0x7f00000006c0)=0x2000000000000001, 0x4) fcntl$setflags(r0, 0x2, 0x1) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000001c0)='veth1_to_team\x00', 0x10) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4) setsockopt$inet_tcp_int(r1, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0xdf5, 0xf087}, 0x14) setsockopt$inet_tcp_int(r1, 0x6, 0x4000000000013, &(0x7f0000000180), 0x4) sendto$inet(r1, &(0x7f0000000040)="b9", 0x1, 0x8000, 0x0, 0x4d) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, 0x0) write$binfmt_elf32(r1, &(0x7f0000001040)=ANY=[@ANYBLOB="db3f06f8ec83cf3f00000060dc4b9e3237d0cb0ac77c4e0000000000000008526c8b4741b9292ab545d6d15a8d32ee6c358f53186882f559eac27b30301f8fe21424983c437530b2411deb7ed069ca50ba39bff3cb3361235b45728489f9e45d793522658917072a47a400beb64c48455f2c815d191109b497d59b988776787ee305d86e053adc92bd82fdbe772fd53e13c520bedf64f638035597e892dfd9947cb2f7619266ccb03092d2ec2e43281e4df2c960d9390317b9608dc023737f898cae5065a19fcd554a3c0d0a161bd961b43af340668e27467cce502687e1db6bbea0da2798f5ddc91b8b7b6bc4197dc9b00f860aa44e892731fc373e49ba1e286177df78522665abff35c6bcaacebdb6b680d481ae671b4aec4b0882319b17f467a59ff8d61e5ce78fac3decde0e6a08fd0d7bdea4a0a763f2da618042abc931657864d77e3d5b6106f5f64a9ec82c16e1d27b389747d3f0982fd14138c068f277a224aa9a41509f6e1e00a13ba22734f6b4e0bd069dc7abc0023126ae4cdf369e7257fe31615717dc6951e4417efe1f73ff80c3bb5f08e64a763b4252f39f0a4b1e22b8e975fbbfef8b562d3eb58894af88b58f7f659a92b00000000000000000000000000000002d754f7f04ad3873d53cbb267b1ebd17b29bfe6ea6eec40f48598dc58c0eabacf9d27188ff139de50321dd0fa2e539b2e262d2b1baf1c47b0efa974b3b9ce5407311244afcf28d927441707dbc1ff96306462bead35d83fa6dc7b099ec552427f7149a347018e73661ddade7a2d2f3a99c859de54a2f428b045a12f69034e487986297ec8b25b9888201d74796e9c0a6b34ba91d40d43448441d7e9ff2dd18ea0e7b1501fe42d4992a31dd4a76f6fc65f9c3c2a78c29b8c2334cd0671a586086ccdadd76c8417c8f5cbf23e4c6fd60d2d3576a80ba886f30e6fede6d4c993785f89fd14d4e57b4b8e4", @ANYRES16=0x0, @ANYBLOB="b7e73a1d2edd3910dcaeab8c30d059d1eb1665345e000000000000800112130be48d7b1397f69b5aee61355b5ec6a8395a8c5a833203a695734ab0abab5a26801fa1eff10f4b8737e3750602d2721607a8bb4bee07eb9528c12e1e70aa4855b07d989a8c48d11e4c6cafad2067d98fd2c165ef0fa928881fa85e9e023fd6bbb74bece396aa022590ef45c7f4666193d7531ad97c7a77fcece5b04214b12c00b972a44b0fe2fe2233d9fbf99667588930b3b36eb34d34d28fc93050e2d8f207747c7cf6c870de9d800e74131b04d3933f77f091980207359d67cfbbbce18c246bd082af616ef6fd993b52ed245b5999341385e8596d9a144557817c8c6df9fb28215d3a67a2c20f0b4a15fca980d34f503612ed36c3d13272db440f0d040338fde7777fe67d6a55137f27d953cca32920f36d122a2e889c42e6d44328e4d338a0bd195ba8e46a0f7c6c49ede7961e0f28c4791284ebed9c14720ace4e39239ed67d399eca61a04eac3e9b1f0b000000000000b1ef5be5112250895b5892d09f7e2022d6afb5bfe7eac95c479b28e6571b573cbbfdb09816ba4f00"/439, @ANYPTR64=&(0x7f0000000d40)=ANY=[@ANYRES64, @ANYRESHEX=0x0, @ANYBLOB="6c95e315b13a9b25cf4b5b917f3a17b03f53dbf01a4efbc9867da9224c099282e150a3000000824b10de7341d8ac8197a260a2634ab05ef3d4b6a228df903fdfcd1678f2b47baf90fdc5d519a20ef1d1b7505588f1a7b2219aef112e1676a809ed122a3630296c9452ee8913525a868f40096d2a65daf4f8dfa66f220db58095a2e20091df22c8e4b702734ceb2c02f6f42047cfbd7fc08a9b8cb0693970ba6db9f14832972f55a0a2cc2c32fceef3a534132ecadbc4eba12f9af0a5387ca8162955b410bcb785a523b1818f5104ad3616bec2796dba29ab743322b6f7cce4c9da4e7d7e015b2b678224acbc346f05168fdd678906f1f4bf3b7a35c6e4dd2702a93b0e47ee77b0608b3ccb8da716a7bbae31cad5182280c08c227b50f8136d3d2da9861a2cc56ed578315c8b14fb4a41c228969f511b12e4ea057a5a2d7dbd99df0c2e6723488b7f982b990ab2677c8ab2de13eee566a2ea2b24e1312596bdb31cf2cd198ace6acf52d03e4f228bb22788eb87b220f5fc86d2f20400000000000000e8450b6f58f19f94525d4d77cf306be81b2bcb3539fd007638d771cfc96e6e0d2beccb7c3d0dc1de8524bcfb8fc4", @ANYBLOB="fdff2465c85ee721210885b8e8f40a06d48c6bd1507ae657bb1f27296b741258470a753d2863b9fe61f3d538c9339a8d3511f702a8958b96836fe7e06a2991b69c692854cbf3e4b0cb77a8bfaf66ce76817c66392eb3df56f646c6788cc39364b3272090c7fbcc4a5bdfd4db63591603d635af1010edf8e8185062583c2a0ac82b9506ea2c860b28d7081be5ca1601d8182a9c58db373f78781db87e2a9b1c2b363b2e1547060b69cdce9e15756b85d3711c0951e33be244871cde07548a985417f2ecd51df9f0091cff2f7b8826bbbe318ee0dd13c74b27b6332681bf4db264d97a48429808007162cf30c0e91c0773ac40c3ed822600b2b4bbed4a1e0e508b5c25db7f9bec0ed301e97a5be4ce4aa5aa", @ANYRESDEC, @ANYRES32=0x0], @ANYRESHEX], 0xfffffffffffffffb) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) fcntl$setownex(0xffffffffffffffff, 0xf, 0x0) 20:02:24 executing program 5: perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, 0xffffffffffffffff) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0xa, &(0x7f0000000080)=0xfd1, 0x4) bind$inet(r0, &(0x7f0000001440)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x2200cf7d, &(0x7f0000e68000)={0x2, 0x4e23}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x7843c471) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) recvmsg(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000000400)=""/4096, 0x1fa0}], 0x1, 0x0, 0xff96ce4aaaa47475, 0x15000000}, 0x100) [ 261.167845][ T9712] EXT4-fs (loop2): VFS: Can't find ext4 filesystem [ 261.181145][ T9713] ptrace attach of "/root/syz-executor.1"[9053] was attempted by "/root/syz-executor.1"[9713] [ 261.259356][ T9725] ptrace attach of "/root/syz-executor.1"[9053] was attempted by "/root/syz-executor.1"[9725] 20:02:24 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea87294", 0x1d, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:24 executing program 1: getxattr(0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) ptrace$setopts(0x4206, r1, 0x0, 0x0) ptrace(0x4207, r1) ptrace$setregset(0x11, r1, 0x20000004, 0x0) [ 261.469283][ T9731] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 20:02:24 executing program 0: perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$vcsn(&(0x7f0000000200)='/dev/vcs#\x00', 0x7, 0x0) ioctl$KVM_NMI(r0, 0xae9a) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0xa, &(0x7f0000000080)=0xfd1, 0x4) bind$inet(r1, &(0x7f0000001440)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x2200cf7d, &(0x7f0000e68000)={0x2, 0x4e23}, 0x10) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x7843c471) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) ioctl$BLKDISCARD(0xffffffffffffffff, 0x1277, 0x0) recvmsg(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000000400)=""/4096, 0x1fa0}], 0x1, 0x0, 0xff96ce4aaaa47475, 0x15000000}, 0x100) 20:02:24 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea87294", 0x1d, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) [ 261.592273][ T9735] ptrace attach of "/root/syz-executor.1"[9053] was attempted by "/root/syz-executor.1"[9735] 20:02:24 executing program 3: unshare(0xa000600) pipe(&(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000000)={r1}) 20:02:25 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000080)="0f01dfdde80f32d9e90f08dcdc65676426f7c5000000000f2245de2eefef23f5", 0x20}], 0x1, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x36, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb], 0x12000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 261.726408][ T9743] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 20:02:27 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:02:27 executing program 5: 20:02:27 executing program 1: 20:02:27 executing program 3: 20:02:27 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea87294", 0x1d, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:27 executing program 0: 20:02:27 executing program 0: 20:02:27 executing program 3: 20:02:27 executing program 5: 20:02:27 executing program 1: [ 264.212277][ T9771] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 20:02:27 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:02:27 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e", 0x2c, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:27 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:02:27 executing program 3: 20:02:27 executing program 1: 20:02:27 executing program 0: 20:02:27 executing program 5: 20:02:27 executing program 3: 20:02:27 executing program 0: 20:02:27 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 264.589903][ T9797] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 20:02:27 executing program 1: 20:02:28 executing program 0: 20:02:28 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e", 0x2c, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:28 executing program 5: 20:02:28 executing program 3: 20:02:28 executing program 1: 20:02:28 executing program 5: 20:02:28 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:02:28 executing program 1: [ 265.032026][ T9825] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 20:02:28 executing program 1: 20:02:28 executing program 5: 20:02:28 executing program 0: 20:02:28 executing program 3: 20:02:28 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e", 0x2c, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:28 executing program 1: 20:02:28 executing program 5: 20:02:28 executing program 0: 20:02:28 executing program 3: 20:02:28 executing program 0: [ 265.464387][ T9852] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 20:02:31 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:02:31 executing program 3: 20:02:31 executing program 1: 20:02:31 executing program 0: 20:02:31 executing program 5: 20:02:31 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63c", 0x33, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:31 executing program 5: 20:02:31 executing program 3: 20:02:31 executing program 0: 20:02:31 executing program 1: [ 268.138798][ T9872] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 20:02:31 executing program 5: 20:02:31 executing program 0: 20:02:34 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:02:34 executing program 3: 20:02:34 executing program 1: 20:02:34 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63c", 0x33, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:34 executing program 5: 20:02:34 executing program 0: 20:02:34 executing program 0: 20:02:34 executing program 3: 20:02:34 executing program 1: 20:02:34 executing program 5: [ 271.216348][ T9900] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 20:02:34 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63c", 0x33, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:34 executing program 1: mknod$loop(&(0x7f0000000080)='./file0\x00', 0x1, 0xffffffffffffffff) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) clone(0x2100001ff7, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1100) [ 271.523953][ T9919] ERROR: Domain ' /sbin/init /etc/init.d/rc /sbin/startpar /etc/init.d/ssh /sbin/start-stop-daemon /usr/sbin/sshd /usr/sbin/sshd /bin/bash /root/syz-fuzzer /root/syz-executor.1 proc:/self/fd/3' not defined. [ 271.577279][ T9922] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 20:02:37 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:02:37 executing program 0: perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffff00000001}, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x444, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$vcs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) creat(0x0, 0x0) io_setup(0x0, 0x0) io_submit(0x0, 0x0, &(0x7f0000000540)) write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) r0 = socket(0x0, 0x803, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000580)={{{@in=@broadcast, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@initdev}, 0x0, @in=@remote}}, &(0x7f0000000080)=0xe8) getgroups(0x1, &(0x7f0000000180)=[0x0]) setgroups(0x4000000000000086, &(0x7f0000000380)=[0x0]) socket(0x0, 0x2, 0x0) setresuid(0x0, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) lstat(0x0, &(0x7f0000000100)) setgroups(0x0, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000680)={{{@in6=@loopback, @in=@loopback}}, {{@in6=@mcast2}, 0x0, @in=@loopback}}, &(0x7f0000000280)=0xe8) setgroups(0x0, 0x0) write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f0000000780)={0x148, 0x0, 0x4, [{{0x3, 0x0, 0x74, 0x0, 0x9, 0x0, {0x0, 0xd84, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x93e2, r1, 0x0, 0x0, 0x59}}, {0x2, 0x6}}, {{0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}}, {0x0, 0x0, 0x1, 0x0, ')'}}]}, 0x148) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x24000000) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) 20:02:37 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x8c, 0x24040040, &(0x7f0000000100)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xb}}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x9f) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0xdc00}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100) write$binfmt_elf64(r0, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 20:02:37 executing program 5: bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x92008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0x42, 0xe000000, &(0x7f00000000c0)="b9ff030000ffffff7f9e14f00a051fffffff00004000630677fbac141414e934a0a662079f4b4d2f87e5feca6aab845013f2325f1a39010105050100010000000000df74e30d7eabe773afef6f6e4798ab117e9f84fa406b913de8ad827a022e1faee50887dc302819a8a3d0cde36b67f337ce8eee124e061f8fea8ab95f1e8f99c7edea980697449b78569ea293c3eed3b28fc3205db63b2c65e77f19ab28c632cc80d9f2f37f9ba67174fffcb5244b0c909eb8e12116bebc47cf97d2ea8acadfb34ca580b64df7c800113e53bae401cd22f50072deabf93dd4d3e626", 0x0, 0x100, 0x0, 0x296, 0x0, &(0x7f0000000000), &(0x7f0000000040)}, 0x28) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x3e, 0x0, 0x0) recvmsg(r0, &(0x7f0000001980)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000280)=""/87, 0x57}, {&(0x7f0000000400)=""/240, 0xf0}, {&(0x7f00000005c0)=""/113, 0x71}, {&(0x7f0000000640)=""/104, 0x68}, {&(0x7f00000006c0)=""/225, 0xe1}, {&(0x7f00000007c0)=""/201, 0xc9}], 0x6, &(0x7f0000000980)=""/4096, 0x1000}, 0x0) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000007640)={&(0x7f0000007380)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, 0x80, 0x0}, 0x3) recvmsg(0xffffffffffffffff, &(0x7f000000c0c0)={&(0x7f000000a880)=@xdp={0x2c, 0x0, 0x0}, 0x80, 0x0}, 0x1) r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x2da8020000100000, 0x500001c) openat$cgroup_ro(r4, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000c1c0)={0x16, 0x1, &(0x7f00000004c0)=ANY=[@ANYPTR64=&(0x7f00000003c0)=ANY=[@ANYRESOCT=r2, @ANYRES16=0x0]], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], r3, 0x0, r4, 0x8, &(0x7f000000c140)={0x6}, 0x8, 0x10, 0x0}, 0x78) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000300)='cgroup.stat\x00', 0x0, 0x0) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x1, 0x0, 0x209e21}, 0x3c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000000)={r6, &(0x7f00000000c0), &(0x7f0000000180)}, 0x20) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={r5, 0xc0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)=0x1, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=0x7fffffff}}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000001ac0)={0xffffffffffffffff, 0x10, &(0x7f0000001a80)={&(0x7f00000019c0)=""/181, 0xb5, r7}}, 0x10) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x401c5820, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) 20:02:37 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @broadcast}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200000ca, &(0x7f0000000080)={0x2, 0x4e20, @local}, 0x10) sendto$inet(r0, &(0x7f0000000040)="c51e5090311ec90d90e5d60d12", 0xfffffff8, 0x80002060c76b9, 0x0, 0x459) recvfrom$inet(r0, 0x0, 0x98c2e669afef9535, 0x10120, 0x0, 0xffffffffffffff73) 20:02:37 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc676", 0x37, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) [ 274.253124][ T9940] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 274.309332][ T9941] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 20:02:37 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc676", 0x37, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:37 executing program 0: perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffff00000001}, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x444, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$vcs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) creat(0x0, 0x0) io_setup(0x0, 0x0) io_submit(0x0, 0x0, &(0x7f0000000540)) write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) r0 = socket(0x0, 0x803, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000580)={{{@in=@broadcast, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@initdev}, 0x0, @in=@remote}}, &(0x7f0000000080)=0xe8) getgroups(0x1, &(0x7f0000000180)=[0x0]) setgroups(0x4000000000000086, &(0x7f0000000380)=[0x0]) socket(0x0, 0x2, 0x0) setresuid(0x0, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) lstat(0x0, &(0x7f0000000100)) setgroups(0x0, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000680)={{{@in6=@loopback, @in=@loopback}}, {{@in6=@mcast2}, 0x0, @in=@loopback}}, &(0x7f0000000280)=0xe8) setgroups(0x0, 0x0) write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f0000000780)={0x148, 0x0, 0x4, [{{0x3, 0x0, 0x74, 0x0, 0x9, 0x0, {0x0, 0xd84, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x93e2, r1, 0x0, 0x0, 0x59}}, {0x2, 0x6}}, {{0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}}, {0x0, 0x0, 0x1, 0x0, ')'}}]}, 0x148) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x24000000) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) 20:02:37 executing program 5: seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x800000, 0x0) write$binfmt_elf64(r0, &(0x7f0000000440)=ANY=[@ANYBLOB='2'], 0x1) [ 274.642715][ T9964] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 20:02:38 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc676", 0x37, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) [ 274.763653][ T27] audit: type=1326 audit(1575489758.047:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=9971 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45d4ba code=0x0 20:02:38 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000001380)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab35f4ad614fd33cebbc158bb2b03b5b2461179f5f90bba001b5080da6218a8106df2858ec973328e5a2c078a3fe3b52020203517e25ee74e82ba80a0fa881e689f7615baf78f08ea33bcb860d6a0b61193d4a1cb622431d42fee5e91531bfdfe5cb19ff15d6d891a92ef", 0xb3}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 274.867524][ T9977] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 20:02:38 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253", 0x39, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) [ 275.032716][ T9990] EXT4-fs (loop2): VFS: Can't find ext4 filesystem [ 275.556680][ T27] audit: type=1326 audit(1575489758.847:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=9971 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45d4ba code=0x0 20:02:40 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:02:40 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2a4500, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 20:02:40 executing program 3: poll(0x0, 0x0, 0x42) r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r0, 0x0, 0xfd1d, 0x0, 0x0, 0xffffffa0) recvmsg(0xffffffffffffffff, &(0x7f0000000380), 0x1) r1 = open$dir(&(0x7f0000001240)='./file0\x00', 0x40000400001803c1, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f00000006c0), 0x100000}], 0x1, 0x0) shutdown(0xffffffffffffffff, 0x0) 20:02:40 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253", 0x39, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:40 executing program 5: r0 = socket(0x10, 0x80002, 0x0) writev(r0, &(0x7f0000000280)=[{&(0x7f0000000380)="3100000013000900690006342fc56aef40be44081000000046000107000000540d0003c0256465a300000000ffff0000b8", 0x31}], 0x1) 20:02:40 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) io_getevents(0x0, 0x0, 0x0, 0x0, 0x0) io_destroy(0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000180)='uid_map\x00') write$FUSE_NOTIFY_INVAL_INODE(r2, 0x0, 0x0) [ 277.355674][T10004] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.5'. [ 277.386509][T10005] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 20:02:40 executing program 1: syz_mount_image$ext4(0x0, 0x0, 0x0, 0x1, &(0x7f00000007c0)=[{&(0x7f0000000580)="62f23e748cdfecc0d3bcb88248f9f8f8e87edc5637656d6e511dcdc6041c8d8a0957939950c15c7ac6360c7820e1d5957b", 0x31, 0x9}], 0x0, 0x0) r0 = getpid() r1 = gettid() rt_tgsigqueueinfo(r1, r0, 0x4, &(0x7f0000000200)={0x0, 0x0, 0xffffffff}) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20800, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x20000, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000340)}, 0x0, 0x2, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x2, 0x100800) ioctl$INOTIFY_IOC_SETNEXTWD(r2, 0x40044900, 0xffffffff) write$P9_RLERROR(r2, &(0x7f0000000040)={0xe, 0x7, 0x1, {0x5, 'nodev'}}, 0xe) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) prctl$PR_SET_TSC(0x1a, 0x3) wait4(0x0, 0x0, 0x80000000, 0x0) r3 = getpid() openat(0xffffffffffffffff, 0x0, 0x48000, 0x10) tkill(r3, 0x9) r4 = creat(&(0x7f0000000840)='./file1\x00', 0x24) ioctl$FS_IOC_RESVSP(r4, 0x402c5828, &(0x7f0000000080)={0x0, 0x0, 0x100000000000000a}) openat$cgroup_ro(r4, &(0x7f0000000780)='pids.current\x00', 0x0, 0x0) r5 = creat(&(0x7f0000000840)='./file1\x00', 0x0) ioctl$FS_IOC_RESVSP(r5, 0x402c5828, &(0x7f0000000080)) creat(&(0x7f0000000840)='./file1\x00', 0x0) ioctl$KVM_GET_SREGS(0xffffffffffffffff, 0x8138ae83, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x1, &(0x7f0000000100)=[{&(0x7f00000000c0)="800800033804000019000300e60100096c000008000000000100000001000000004000000040000008000000000000006d5ebe5a0000ffff53ef", 0x3a, 0x400}], 0x4801, 0x0) 20:02:40 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253", 0x39, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:40 executing program 5: 20:02:41 executing program 5: [ 277.706344][T10031] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 20:02:41 executing program 0: 20:02:41 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) [ 278.129988][T10044] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 20:02:43 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:02:43 executing program 5: 20:02:43 executing program 1: 20:02:43 executing program 0: 20:02:43 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:43 executing program 3: 20:02:43 executing program 0: 20:02:43 executing program 5: 20:02:43 executing program 3: [ 280.515848][T10056] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 20:02:43 executing program 0: 20:02:43 executing program 1: 20:02:43 executing program 5: 20:02:46 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:02:46 executing program 1: 20:02:46 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:02:46 executing program 5: 20:02:46 executing program 3: 20:02:46 executing program 0: 20:02:46 executing program 5: 20:02:46 executing program 1: [ 283.597434][T10084] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 20:02:46 executing program 3: 20:02:46 executing program 0: 20:02:47 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, 0x0) 20:02:47 executing program 5: [ 283.951895][T10103] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities 20:02:49 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:02:49 executing program 3: 20:02:49 executing program 1: 20:02:49 executing program 0: 20:02:49 executing program 5: 20:02:49 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, 0x0) 20:02:49 executing program 5: 20:02:49 executing program 3: [ 286.677250][T10119] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities 20:02:50 executing program 3: 20:02:50 executing program 1: 20:02:50 executing program 0: 20:02:50 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, 0x0) [ 287.102387][T10142] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities 20:02:52 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:02:52 executing program 1: 20:02:52 executing program 5: 20:02:52 executing program 3: 20:02:52 executing program 0: 20:02:52 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)) 20:02:53 executing program 1: 20:02:53 executing program 5: mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x2, 0x1c90, 0xffffffffffffffff, 0x0) r0 = open$dir(&(0x7f0000000000)='./file0\x00', 0x2088611, 0x0) r1 = open$dir(&(0x7f0000001240)='./file0\x00', 0x42000400000002c1, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f00000006c0), 0x100000}], 0x1, 0x0) writev(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f0000000000), 0x2cfea}], 0x1000000000000013) writev(r0, &(0x7f0000000280), 0xd) 20:02:53 executing program 3: [ 289.764340][T10151] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities 20:02:53 executing program 0: 20:02:53 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)) 20:02:53 executing program 1: [ 290.146465][T10176] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities 20:02:56 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:02:56 executing program 3: 20:02:56 executing program 0: 20:02:56 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="0000a46c81d4adb09ddd4d37fe4127ff00101457ba4f0001dde3f14644107cd8fc4616c56a9eefb943b8bd0a6a0e9344e46e27f79d104aee01f897c3133828419898cc705c8db99da4f7277a9d08f529ff918e088f022ff800"/98], 0x48}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@ipv6_newaddr={0x40, 0x14, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r3}, [@IFA_LOCAL={0x14, 0x2, @local}, @IFA_CACHEINFO={0x14, 0x6, {0x40, 0x7}}]}, 0x40}}, 0x0) 20:02:56 executing program 5: open(0x0, 0x0, 0x0) fcntl$setownex(0xffffffffffffffff, 0xf, 0x0) fcntl$notify(0xffffffffffffffff, 0x402, 0x8) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(0x0, 0x0, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 20:02:56 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)) 20:02:56 executing program 3: 20:02:56 executing program 0: 20:02:56 executing program 1: [ 292.899562][T10192] netlink: 'syz-executor.1': attribute type 2 has an invalid length. [ 292.914115][T10196] netlink: 'syz-executor.1': attribute type 2 has an invalid length. [ 292.933808][T10191] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities 20:02:56 executing program 0: 20:02:56 executing program 1: pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e23, @multicast2}, 0x10) sendto$inet(r3, 0x0, 0x0, 0x20000801, &(0x7f0000000100)={0x2, 0x4e23, @loopback}, 0x10) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a61c) splice(r0, 0x0, r2, 0x0, 0x10005, 0x0) 20:02:56 executing program 3: fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = dup3(0xffffffffffffffff, r1, 0x0) ioctl$VT_DISALLOCATE(r2, 0x5608) r3 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) getsockopt$ARPT_SO_GET_ENTRIES(r3, 0x0, 0x61, &(0x7f0000000c40)={'filter\x00', 0x1000, "889909115427ee2a0ee274b2fbd71dc148535c4fac4597bea634baa2bef24b3051fa89f38be12cdd7539d5dd2534681ecd63d9bfa939ecb249d1e6559024b237be3eb699cb425a00c16587895f8e629a4c89ab1e597b848690ac54dba154765be2ae4772f7c4fb9ecc8d46b860ff631cb467c1bfe084d308f5959a6e8fcfd7e4d8dec75ef2a6df200e585665a77654d2317ae423a17f8bca28c0e2dc33c5af4b08fd5c0f2a1bd6ba256fa2fdaf8db45ab10f5dd43f9bf96dc6a73329b4a91f3311f60e3f9615de1325fc8732710d068d3a748d14a2d683edf459758b1a609a1b4d2db358e1db1b49e5fd7e1fd10c5b2543e789ffad8aa77dd4cd75471c30e085385b44efa2e2dcd823531728d95b051e05bafbc1f04998071f83ce9d13222af6e7da119a3f9531119f0ccf698c12c3b50a324f1c0607d8b8c75335aa896df7b7c5d5fdc12d2c99c63a3630af8b33c5e96d8ab6c42390e8c6494fb67ec1a35216a2b938347a80b307da9bac78fd61267e295a88f41cb5e2e71efa2b3e8178396d3d3c1a0ea04e8a3be7511c5cb45ed77ac35279ea48d572bc11cd33ddc3224d9ad730508e6ecd6c1746970ce7ca613e4728408a0c3421667108dc0e30c65f04ba20c5116e546373a5ed201b709d653d634cdb60b694bb34f44abb81569749e2aed0a77d15ca6556cd6056a3b9b06a018e2c0158b742ddd7aaa5599db244ac7735ea4a2d6e819b6ecb5aba24d33a0f94c8bac417760024e89903bdcc8b4416a3d627a3e2648c61481cb3e25f2dab8bac193cc924cb38d3e0677bf1f9b28e2e81b62f77ac4822a2775aed3852cff03ae8a27be4fb372b58f3a9d492ff2806d9f24e82769c0aeb11baf6a9be01b156de659a69fe09e579123e593c943d6a6a48927878b24e13d549935721f3d85173e99706d117fcc4488c01d40dcda6ad81679695b879ec452ca2d533229856926c26bc9923834fa909f254fdc39b73ae3b41bc21f570b381d130c032fe4e946f30297cb822e285f2f2276c683a878eab40754a16421439535d74dc424da02029cdeb1c1328b4cb1e9556307e8e4233d67f60b6098b881183d21897fd1a47564d40f8072944471f6d0a7b0934728ee3d97d5943a5bfc903ae8bde370d968aef3e994aa3de4bb5b7843b0f4e3c75286e798e46a6f947ef2205a6541dc565f910cbbfea54c49eb97659d3ca204c2763806f00d1c021febfd39d1a083016fcebbad9830cf7f7097d388d548319d97a775c15d381d54d747b98487bab24dd660bfeca7d2dfe9dabc8ce551bae015aab569d61be6aa15cdcced829f0e1523c0a3d7d31e0475103206f3e0fd515691f82d8171736be3c5f535cb7c92abdfa2f986f13711061bfe57b7d64cf37b317de2d2a8d15e76996b9f43cf025417c6353ba57e4430a17ef0d69bcfe8128cf31ed10807ee34b1a85f443794239ec016d76169a29fd38bea7de49169545a5388a9fd929771cac44b327ef56b574d17d20f6558efe813ebbbc90801f7f9769bfd381c817e186877bf87385c8ca82ea91ddaf9318e21ee48fd4d2faa0a665e37effc21e02ac5578361f3e0fcc27f7f541957b064c37ba7e949a7be51635d4c203a233d4c877ffef27e21e9bebe2c5ee9ca0ccbbd9a408a17f9b11179847d11c5b129fcf60be8df9fee42e145710f1f89308ee93fd268e9ca70d1c41d8060481e38a27cf0966840ad295d37abd792a218f0b12de84896df69c58a65d5c4131dc691636c4d6da7dbaa2d93897ca903a19ca0b38d2057b00ff7f7068d0f00138b243507021600465aba0ada88755012b24fd0253866612ea0a08b3a97793234b2c40fe31118a49653ff4df9d4ffc976675666a88ee6d98a84528fdd5097448a89c3de65b7ee33a3ff689d1ffa4ba72dd0b45022022e840ae72a48f212851e660d91a106bf2c6ef617f9a99605b0b23787d7b7b1a0a744fec4e7f5f64852e3a3172ff760709ea25b413c23a5944e8c4c0b3f91039bec406104993052dd452701dd43dd816f52953324e4778e200399eed2639207899e02b7d774dc383e78bb1e4bb18df3051136c26605cc80bdb1575210cb1fa87128ae3e99102ca9e51b24acdae3a69858a3a9a5cefcbe9cd22f6a5bcdc00477d41c2a058abb83f8400661face91a25b78e70663a6ba0db4c36a819f11a047f5aae9f92e4acfca3ce17c665d6408e1d852b9e7e49a9476706052f5c4d08267096a025fb59c6feda5b1ab4cccf198c4497b37c837f11dce1f112fa9a8924ff90a0b262274456e6963abba33b9bac3c3312a0a0cc8cc8f898d39a6a8bd261469027061cc427202779e276f051c8b1071a55438291fb3001a74fba3ba30baf93f6cb96086b646fd052ba78c47f2e80867bd9509f4a8e8c42078bf59fd55aafb2ec6c2fd74837c1231a7382a79e816c25fb3f7a4535a3b3978bd24f0f82a7265093e67c89cdebbbfad7ad2111e93724aee5cf4f8a89d210732165893477386a4e07255e2e423bdc8add006569c8c118efa016dd005099568fe654dc1157173ff109b9b4b4ff03e179bc1c243cad9ad5a52b4e6414249db741d01d8b91f086664ba1fb0ab40c75e501edc463476039b71f5c346d7ba2b5fca0367225abeee59925c4179c2e7d82fe8144b2e213324ccc756fb201b6c7d2e4048e1e8fbcce6099af8fba79b38bd7947ca11066bdb6b7135f77a2b15081031cffc4c8df0e57c72e1b9009c2db2ad7242dd7b1c303e33f4896ee74afd04762ed40cff774eba18b7382a69dc2914dbd331b632fdcdcffae74c01ede321e39c8d25b84767fa6201cfce73f05b4ca31832313fc11018a41f5a69c589dd0a13de1aef6531b96e6d19c3135e8a393569ad26615a1f5b8f9524c754365fd4fb2619183556cde3a0457eefa386739f6097dc8e71913cedf8ef5132f1e225bcc21db5f5faa8598319a5db94cd02c3ed847fdb59f82df21d0d55f9fc1cfd12b36a411fb41cece10bb08043d39fe9c9ef70ed34e6e3c2536d84457d700bfdc53880368e923dace7b5afc054d514cd01d51939b73cf88d2a6e5f4930eefb634ba58f8fd351efb83a73fc30abfdd83f618c7aca94701f75ade7cacdd715373b34486465a3bb3051feaab5e8d073fd936a1d6d6149e48847b8b9ab0874dc7a795473e8f1d16b6cbeefd9a67ae60f505e725faf64659ef4b3dfb67d06fd124173c838745c66285cb62b74ca495f0899c67eea53c06adb200b0cce016145123ad0e3842dee426156da097948e5401ff62af94d497e923b49dc8ef85d985c314f577e27e2bad315f73ec63dd62351b64c3049ee49a0d975a3758a7a91bd28268319f7cc8611a0e28c1e86956480ec9eec9f4305a79dfed851ecf347983c91c2dda147a9f47a72add55900248305c96c90978910887074a62dff7f2b70897dbf27d9b3432753053b59fa65d37d67bfa5a90b23e6f656de2360bc0e6eea0fcc1df3ab863936a62a6e83869808a6b927796188b507203c859bdf8b702fedeaa5a7daf8c38589ea9f8a2d7a30b48691120fc56610efbca66b19258dc54bb511ec2c06da799757bfa6359b4141d09be979eedb521ff5eb21cea905c7c26ba2fe4de86781017beed9ef3ed82f825b881a188d4ca4bd0c9909b1842789c7d73943cc9c21e41e1b30e60bb7e38144795a6f581ab53fb2cacb0aed0455b84eded1e57dcb8bc60d540217cbb8dae53ee8d7bb704b750d532d263348024cab7a163a895840c53c643e2bb0a6243f2fc0938d072c45594130b831d0f8e43f0236f903d448cb5eb6445b3e3e766f4e777288d15c1e3ab1ebb737c2f2ad0d594c1773397753cca2cbbe8e38060afb1051b7beff3dd36c07cd8b07266b8d1e20e6f42c5e1439236726c1354dbedeb348b7312ff032bfca64dccdeccf3127881747d88ffdb7800d73111ba07f9ff84ac15ff1c17c510fc45b6866f461fc3fc5ab49391cae72feb12a1f9a746b9edd0f0b0472884483724b8bd19e7edd38be678690d93d63fce682f69118a60e7a652e4307637e522f432cea9433cd8fa685007bc337b1805771a99e8d683717312349ca812d092820fe1781fab061146cf2ebc3e7a3304a2ccdab1c5891710b78a49edc5624c2fb7a995e7bbe89adbccdfbe000ce282e2be9386bacd779237314e6f02305301d1c659a84fba8a49e0c07b419d4c8f21445f982a154b9a84d5963e5392befd17bf42606305be5d1561c36ee6cd813a95ffb90f0a10d5f677f7199196267210b77321780c9baf04749b5b254fcb2b7e2b1a96df1d794182fe53fd47c71727d2b55e7bd6d3918a70801f75db36906cfceebc1387f036fe1a19d9a8c6ac34c4341dfc5c5ec5049df16cab0f13aac9a8b245072fa2b4d344f6728696cc2dbd1b7455fce760cbbf91780d54c69838aac084318804e4b49f7643b9b8d35dc1041bda3d39afa365cfbae835358e5da29018cfcd007661955989366af3af3abdb0b56433b4a52aa1a5fd9653a7accfccc28a42d6e06c816bb3289d9ba93c885df714547728d8403fdab5f92342e60294cb861d411f29a21165b08fca6b5d7c09f0f03a1c9cfc644f7bea7d6ce70916621e495f60bf55c66cb7cb023fd16c25b1d9ca8a7365717d649f24e07a9507a8d48649e2a1f5b7ad2df800f5b75882c2193743540b41dc7a8a3c34b5fe2e7ecd1c5bd99e054cd3b7a0004c72530180248d3bace8ece19a4a486c0fae8c809179a8baa406f9ff3fee953870b1464798fa47363dbab249322b4902a022c265980e4da23ba3743175e838fcd04c7f06544a454eaadc9cf799002a6b25e589d97bcfb87598aca424699bb506c9622eee235f4d52d8415315389a19537371243d7f96b226be483a73830e5a0bb787f63a4efeb3fc38c127f8d49e5015f7647695118c8f1a2b8f6c7da0f2d927b1396a96551a9e3dde57afc32f0a1a3111b7a1113a8b39486b233fbe69d7151504028e247153042780958f1869ebad289f66de0cb02a26bdbb4c6d31f9f8373116b618abe377aa05da4bb4674e60fde88249d577d3c46065c664986bd90690d6d6b98a956cd260db59f15e47ac37bd5f5d62d4166f67f20f7641e7a5f1a55a1d6387a6a61127a01bca5b791b774c8a453ce44ca26ce8c672b468d5482850a48b859f76bfac5f267474f001ef074979c26c516cf4e28adbb24b9998b07f893729863fbe329f27037caab5a900832f9f53f8350d3d01ce28f6051d4883b7ed6d5e49e5f7ba09ac53cd9a134522d34ecdec83c4dbbdd386a974816a4a2cdd893ec658b11c49f3d291abf468c91c2005c2930fe66ef9f4f7abb70cab572625c564a4687bab514bf73ceeac9ed8e4e90a7c12ac57aa3bf33e158f6a5675fc99d59fd6c53b0f1b940e223a123375467138d2ec2b3af9feae784231221c6bdd0960c5ad784db433f4ddb451a0e30094cf29817b5343a094accff1a93bb9b0b30e19ee89619d33403c2140bc9ae9a7592256447ffedd1cae4fe6aeeafe6b5130c8a5448a3af33cce64851f09c6c0aab2c3b38dd94083cdf58cc9bb00127a3cd5a7a749c635c053ec1870c6879b377a33fac7f647d813c050ac48e2a782a3b4e9ef18670f043f7ca638480465b1b8677bae01ef0d800b4b8fc9564f8e710e44bb0a0c4b9e3802cb300819d553501d61e32c08f464ace28b9818ac482a58998c32b7d60c8bf53ed59258424a83f860c190c13e18d8158cb82ae7fe1dfb36e6115bf343153399a292f83aa73a4e50924f4a9be9eb963a3cd121a824284dca7eb015384a60842696d14e184cb52088d2df"}, &(0x7f00000002c0)=0x1024) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0xa447bc803640080}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket(0xa, 0x0, 0x0) setgid(0x0) socket(0xa, 0x0, 0x0) fstat(0xffffffffffffffff, 0x0) setgid(0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) r6 = dup3(r4, r5, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r6, 0x29, 0x22, &(0x7f0000000b00)={{{@in6=@mcast2, @in=@loopback}}, {{@in=@local}, 0x0, @in6}}, &(0x7f0000000c00)=0xe8) name_to_handle_at(r6, &(0x7f0000000140)='./file0\x00', &(0x7f0000000500)=ANY=[@ANYBLOB="6600000000000000370b95cad52e45497be1b4e351dee70800e915dd50750388c4a71fc6e148d0279a9fd3fb5eec6a2fd45e1a50d14012b8763ec6407d7cf8933d9c479a95eedfeaa961eb789e1752e51418a04379441d21faa0dde7200798c080b1360df28540e3797d2f9c62bd0c47c1d73bccb70e7c08e5aac02f98f77560657fe31bbbb89bbe2dd4d9b044485785c4f439cf1db5949ad11afbde706b948fc546c403c1cce0f9045f4dc8f952106aaae6fc1cd1bd4dc48b73e7f8eadd281d5c50fd3f60c8b5c66bef3e9107c9005b3df28d9df12f7d4d8cd92546b3962f143879682b0ea5a090dc005673051489435fed47168cc96ef3fbac3bcfdda7335fc409b896e0cea124d003fbee68435c4914e494c7192670dcffc21dd4e237eb2d09b926366118552c87d17a049997311f456eae0881797839c442582cccf87aec57c2"], &(0x7f0000000280), 0x1400) pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00') sendmsg$TIPC_NL_NAME_TABLE_GET(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x20, 0x0, 0x20, 0x70bd29, 0x25dfdbfb, {}, [@TIPC_NLA_SOCK={0xc, 0x2, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x8}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x10080) socket$netlink(0x10, 0x3, 0x0) getsockname$inet(r0, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f00000001c0)=0x10) openat$vsock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vsock\x00', 0x20000, 0x0) 20:02:59 executing program 2: syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)={[{@map_off='map=off'}]}) 20:02:59 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r2, 0x4138ae84, &(0x7f0000000080)=ANY=[]) 20:02:59 executing program 5: r0 = socket$inet6(0xa, 0x22000000002, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={[], [], @remote}}, 0x1a) sendmmsg(r0, &(0x7f00000092c0), 0x400003b, 0x0) 20:02:59 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:02:59 executing program 1: r0 = gettid() prctl$PR_SET_NAME(0xf, 0x0) getegid() setgid(0x0) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0)) rename(0x0, 0x0) chown(0x0, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x1c9c380}, {0x0, 0x9}}, 0x0) shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil) shmctl$IPC_RMID(0x0, 0x0) name_to_handle_at(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x0, 0x0) accept4$unix(r1, &(0x7f0000000080), &(0x7f0000000100)=0x6e, 0x80000) tkill(r0, 0x1000000000016) 20:02:59 executing program 3: fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = dup3(0xffffffffffffffff, r1, 0x0) ioctl$VT_DISALLOCATE(r2, 0x5608) r3 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) getsockopt$ARPT_SO_GET_ENTRIES(r3, 0x0, 0x61, &(0x7f0000000c40)={'filter\x00', 0x1000, "889909115427ee2a0ee274b2fbd71dc148535c4fac4597bea634baa2bef24b3051fa89f38be12cdd7539d5dd2534681ecd63d9bfa939ecb249d1e6559024b237be3eb699cb425a00c16587895f8e629a4c89ab1e597b848690ac54dba154765be2ae4772f7c4fb9ecc8d46b860ff631cb467c1bfe084d308f5959a6e8fcfd7e4d8dec75ef2a6df200e585665a77654d2317ae423a17f8bca28c0e2dc33c5af4b08fd5c0f2a1bd6ba256fa2fdaf8db45ab10f5dd43f9bf96dc6a73329b4a91f3311f60e3f9615de1325fc8732710d068d3a748d14a2d683edf459758b1a609a1b4d2db358e1db1b49e5fd7e1fd10c5b2543e789ffad8aa77dd4cd75471c30e085385b44efa2e2dcd823531728d95b051e05bafbc1f04998071f83ce9d13222af6e7da119a3f9531119f0ccf698c12c3b50a324f1c0607d8b8c75335aa896df7b7c5d5fdc12d2c99c63a3630af8b33c5e96d8ab6c42390e8c6494fb67ec1a35216a2b938347a80b307da9bac78fd61267e295a88f41cb5e2e71efa2b3e8178396d3d3c1a0ea04e8a3be7511c5cb45ed77ac35279ea48d572bc11cd33ddc3224d9ad730508e6ecd6c1746970ce7ca613e4728408a0c3421667108dc0e30c65f04ba20c5116e546373a5ed201b709d653d634cdb60b694bb34f44abb81569749e2aed0a77d15ca6556cd6056a3b9b06a018e2c0158b742ddd7aaa5599db244ac7735ea4a2d6e819b6ecb5aba24d33a0f94c8bac417760024e89903bdcc8b4416a3d627a3e2648c61481cb3e25f2dab8bac193cc924cb38d3e0677bf1f9b28e2e81b62f77ac4822a2775aed3852cff03ae8a27be4fb372b58f3a9d492ff2806d9f24e82769c0aeb11baf6a9be01b156de659a69fe09e579123e593c943d6a6a48927878b24e13d549935721f3d85173e99706d117fcc4488c01d40dcda6ad81679695b879ec452ca2d533229856926c26bc9923834fa909f254fdc39b73ae3b41bc21f570b381d130c032fe4e946f30297cb822e285f2f2276c683a878eab40754a16421439535d74dc424da02029cdeb1c1328b4cb1e9556307e8e4233d67f60b6098b881183d21897fd1a47564d40f8072944471f6d0a7b0934728ee3d97d5943a5bfc903ae8bde370d968aef3e994aa3de4bb5b7843b0f4e3c75286e798e46a6f947ef2205a6541dc565f910cbbfea54c49eb97659d3ca204c2763806f00d1c021febfd39d1a083016fcebbad9830cf7f7097d388d548319d97a775c15d381d54d747b98487bab24dd660bfeca7d2dfe9dabc8ce551bae015aab569d61be6aa15cdcced829f0e1523c0a3d7d31e0475103206f3e0fd515691f82d8171736be3c5f535cb7c92abdfa2f986f13711061bfe57b7d64cf37b317de2d2a8d15e76996b9f43cf025417c6353ba57e4430a17ef0d69bcfe8128cf31ed10807ee34b1a85f443794239ec016d76169a29fd38bea7de49169545a5388a9fd929771cac44b327ef56b574d17d20f6558efe813ebbbc90801f7f9769bfd381c817e186877bf87385c8ca82ea91ddaf9318e21ee48fd4d2faa0a665e37effc21e02ac5578361f3e0fcc27f7f541957b064c37ba7e949a7be51635d4c203a233d4c877ffef27e21e9bebe2c5ee9ca0ccbbd9a408a17f9b11179847d11c5b129fcf60be8df9fee42e145710f1f89308ee93fd268e9ca70d1c41d8060481e38a27cf0966840ad295d37abd792a218f0b12de84896df69c58a65d5c4131dc691636c4d6da7dbaa2d93897ca903a19ca0b38d2057b00ff7f7068d0f00138b243507021600465aba0ada88755012b24fd0253866612ea0a08b3a97793234b2c40fe31118a49653ff4df9d4ffc976675666a88ee6d98a84528fdd5097448a89c3de65b7ee33a3ff689d1ffa4ba72dd0b45022022e840ae72a48f212851e660d91a106bf2c6ef617f9a99605b0b23787d7b7b1a0a744fec4e7f5f64852e3a3172ff760709ea25b413c23a5944e8c4c0b3f91039bec406104993052dd452701dd43dd816f52953324e4778e200399eed2639207899e02b7d774dc383e78bb1e4bb18df3051136c26605cc80bdb1575210cb1fa87128ae3e99102ca9e51b24acdae3a69858a3a9a5cefcbe9cd22f6a5bcdc00477d41c2a058abb83f8400661face91a25b78e70663a6ba0db4c36a819f11a047f5aae9f92e4acfca3ce17c665d6408e1d852b9e7e49a9476706052f5c4d08267096a025fb59c6feda5b1ab4cccf198c4497b37c837f11dce1f112fa9a8924ff90a0b262274456e6963abba33b9bac3c3312a0a0cc8cc8f898d39a6a8bd261469027061cc427202779e276f051c8b1071a55438291fb3001a74fba3ba30baf93f6cb96086b646fd052ba78c47f2e80867bd9509f4a8e8c42078bf59fd55aafb2ec6c2fd74837c1231a7382a79e816c25fb3f7a4535a3b3978bd24f0f82a7265093e67c89cdebbbfad7ad2111e93724aee5cf4f8a89d210732165893477386a4e07255e2e423bdc8add006569c8c118efa016dd005099568fe654dc1157173ff109b9b4b4ff03e179bc1c243cad9ad5a52b4e6414249db741d01d8b91f086664ba1fb0ab40c75e501edc463476039b71f5c346d7ba2b5fca0367225abeee59925c4179c2e7d82fe8144b2e213324ccc756fb201b6c7d2e4048e1e8fbcce6099af8fba79b38bd7947ca11066bdb6b7135f77a2b15081031cffc4c8df0e57c72e1b9009c2db2ad7242dd7b1c303e33f4896ee74afd04762ed40cff774eba18b7382a69dc2914dbd331b632fdcdcffae74c01ede321e39c8d25b84767fa6201cfce73f05b4ca31832313fc11018a41f5a69c589dd0a13de1aef6531b96e6d19c3135e8a393569ad26615a1f5b8f9524c754365fd4fb2619183556cde3a0457eefa386739f6097dc8e71913cedf8ef5132f1e225bcc21db5f5faa8598319a5db94cd02c3ed847fdb59f82df21d0d55f9fc1cfd12b36a411fb41cece10bb08043d39fe9c9ef70ed34e6e3c2536d84457d700bfdc53880368e923dace7b5afc054d514cd01d51939b73cf88d2a6e5f4930eefb634ba58f8fd351efb83a73fc30abfdd83f618c7aca94701f75ade7cacdd715373b34486465a3bb3051feaab5e8d073fd936a1d6d6149e48847b8b9ab0874dc7a795473e8f1d16b6cbeefd9a67ae60f505e725faf64659ef4b3dfb67d06fd124173c838745c66285cb62b74ca495f0899c67eea53c06adb200b0cce016145123ad0e3842dee426156da097948e5401ff62af94d497e923b49dc8ef85d985c314f577e27e2bad315f73ec63dd62351b64c3049ee49a0d975a3758a7a91bd28268319f7cc8611a0e28c1e86956480ec9eec9f4305a79dfed851ecf347983c91c2dda147a9f47a72add55900248305c96c90978910887074a62dff7f2b70897dbf27d9b3432753053b59fa65d37d67bfa5a90b23e6f656de2360bc0e6eea0fcc1df3ab863936a62a6e83869808a6b927796188b507203c859bdf8b702fedeaa5a7daf8c38589ea9f8a2d7a30b48691120fc56610efbca66b19258dc54bb511ec2c06da799757bfa6359b4141d09be979eedb521ff5eb21cea905c7c26ba2fe4de86781017beed9ef3ed82f825b881a188d4ca4bd0c9909b1842789c7d73943cc9c21e41e1b30e60bb7e38144795a6f581ab53fb2cacb0aed0455b84eded1e57dcb8bc60d540217cbb8dae53ee8d7bb704b750d532d263348024cab7a163a895840c53c643e2bb0a6243f2fc0938d072c45594130b831d0f8e43f0236f903d448cb5eb6445b3e3e766f4e777288d15c1e3ab1ebb737c2f2ad0d594c1773397753cca2cbbe8e38060afb1051b7beff3dd36c07cd8b07266b8d1e20e6f42c5e1439236726c1354dbedeb348b7312ff032bfca64dccdeccf3127881747d88ffdb7800d73111ba07f9ff84ac15ff1c17c510fc45b6866f461fc3fc5ab49391cae72feb12a1f9a746b9edd0f0b0472884483724b8bd19e7edd38be678690d93d63fce682f69118a60e7a652e4307637e522f432cea9433cd8fa685007bc337b1805771a99e8d683717312349ca812d092820fe1781fab061146cf2ebc3e7a3304a2ccdab1c5891710b78a49edc5624c2fb7a995e7bbe89adbccdfbe000ce282e2be9386bacd779237314e6f02305301d1c659a84fba8a49e0c07b419d4c8f21445f982a154b9a84d5963e5392befd17bf42606305be5d1561c36ee6cd813a95ffb90f0a10d5f677f7199196267210b77321780c9baf04749b5b254fcb2b7e2b1a96df1d794182fe53fd47c71727d2b55e7bd6d3918a70801f75db36906cfceebc1387f036fe1a19d9a8c6ac34c4341dfc5c5ec5049df16cab0f13aac9a8b245072fa2b4d344f6728696cc2dbd1b7455fce760cbbf91780d54c69838aac084318804e4b49f7643b9b8d35dc1041bda3d39afa365cfbae835358e5da29018cfcd007661955989366af3af3abdb0b56433b4a52aa1a5fd9653a7accfccc28a42d6e06c816bb3289d9ba93c885df714547728d8403fdab5f92342e60294cb861d411f29a21165b08fca6b5d7c09f0f03a1c9cfc644f7bea7d6ce70916621e495f60bf55c66cb7cb023fd16c25b1d9ca8a7365717d649f24e07a9507a8d48649e2a1f5b7ad2df800f5b75882c2193743540b41dc7a8a3c34b5fe2e7ecd1c5bd99e054cd3b7a0004c72530180248d3bace8ece19a4a486c0fae8c809179a8baa406f9ff3fee953870b1464798fa47363dbab249322b4902a022c265980e4da23ba3743175e838fcd04c7f06544a454eaadc9cf799002a6b25e589d97bcfb87598aca424699bb506c9622eee235f4d52d8415315389a19537371243d7f96b226be483a73830e5a0bb787f63a4efeb3fc38c127f8d49e5015f7647695118c8f1a2b8f6c7da0f2d927b1396a96551a9e3dde57afc32f0a1a3111b7a1113a8b39486b233fbe69d7151504028e247153042780958f1869ebad289f66de0cb02a26bdbb4c6d31f9f8373116b618abe377aa05da4bb4674e60fde88249d577d3c46065c664986bd90690d6d6b98a956cd260db59f15e47ac37bd5f5d62d4166f67f20f7641e7a5f1a55a1d6387a6a61127a01bca5b791b774c8a453ce44ca26ce8c672b468d5482850a48b859f76bfac5f267474f001ef074979c26c516cf4e28adbb24b9998b07f893729863fbe329f27037caab5a900832f9f53f8350d3d01ce28f6051d4883b7ed6d5e49e5f7ba09ac53cd9a134522d34ecdec83c4dbbdd386a974816a4a2cdd893ec658b11c49f3d291abf468c91c2005c2930fe66ef9f4f7abb70cab572625c564a4687bab514bf73ceeac9ed8e4e90a7c12ac57aa3bf33e158f6a5675fc99d59fd6c53b0f1b940e223a123375467138d2ec2b3af9feae784231221c6bdd0960c5ad784db433f4ddb451a0e30094cf29817b5343a094accff1a93bb9b0b30e19ee89619d33403c2140bc9ae9a7592256447ffedd1cae4fe6aeeafe6b5130c8a5448a3af33cce64851f09c6c0aab2c3b38dd94083cdf58cc9bb00127a3cd5a7a749c635c053ec1870c6879b377a33fac7f647d813c050ac48e2a782a3b4e9ef18670f043f7ca638480465b1b8677bae01ef0d800b4b8fc9564f8e710e44bb0a0c4b9e3802cb300819d553501d61e32c08f464ace28b9818ac482a58998c32b7d60c8bf53ed59258424a83f860c190c13e18d8158cb82ae7fe1dfb36e6115bf343153399a292f83aa73a4e50924f4a9be9eb963a3cd121a824284dca7eb015384a60842696d14e184cb52088d2df"}, &(0x7f00000002c0)=0x1024) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0xa447bc803640080}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket(0xa, 0x0, 0x0) setgid(0x0) socket(0xa, 0x0, 0x0) fstat(0xffffffffffffffff, 0x0) setgid(0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) r6 = dup3(r4, r5, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r6, 0x29, 0x22, &(0x7f0000000b00)={{{@in6=@mcast2, @in=@loopback}}, {{@in=@local}, 0x0, @in6}}, &(0x7f0000000c00)=0xe8) name_to_handle_at(r6, &(0x7f0000000140)='./file0\x00', &(0x7f0000000500)=ANY=[@ANYBLOB="6600000000000000370b95cad52e45497be1b4e351dee70800e915dd50750388c4a71fc6e148d0279a9fd3fb5eec6a2fd45e1a50d14012b8763ec6407d7cf8933d9c479a95eedfeaa961eb789e1752e51418a04379441d21faa0dde7200798c080b1360df28540e3797d2f9c62bd0c47c1d73bccb70e7c08e5aac02f98f77560657fe31bbbb89bbe2dd4d9b044485785c4f439cf1db5949ad11afbde706b948fc546c403c1cce0f9045f4dc8f952106aaae6fc1cd1bd4dc48b73e7f8eadd281d5c50fd3f60c8b5c66bef3e9107c9005b3df28d9df12f7d4d8cd92546b3962f143879682b0ea5a090dc005673051489435fed47168cc96ef3fbac3bcfdda7335fc409b896e0cea124d003fbee68435c4914e494c7192670dcffc21dd4e237eb2d09b926366118552c87d17a049997311f456eae0881797839c442582cccf87aec57c2"], &(0x7f0000000280), 0x1400) pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00') sendmsg$TIPC_NL_NAME_TABLE_GET(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x20, 0x0, 0x20, 0x70bd29, 0x25dfdbfb, {}, [@TIPC_NLA_SOCK={0xc, 0x2, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x8}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x10080) socket$netlink(0x10, 0x3, 0x0) getsockname$inet(r0, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f00000001c0)=0x10) openat$vsock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vsock\x00', 0x20000, 0x0) 20:02:59 executing program 1: 20:02:59 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r2, 0x4138ae84, &(0x7f0000000080)=ANY=[]) [ 296.040771][T10238] ISOFS: Unable to identify CD-ROM format. 20:02:59 executing program 5: 20:02:59 executing program 1: r0 = socket$inet6(0xa, 0x80003, 0x3) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000100)=0x140, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) [ 296.243823][T10238] ISOFS: Unable to identify CD-ROM format. 20:02:59 executing program 1: keyctl$unlink(0x9, 0x0, 0xfffffffffffffffd) setuid(0x0) 20:02:59 executing program 2: r0 = socket$inet6(0xa, 0x801, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0x5a, &(0x7f0000000180)={@local, @random="192bce5e2dfb", [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x24, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x9, 0x2, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa}, @exp_fastopen={0xfe, 0x4}]}}}}}}}}, 0x0) 20:02:59 executing program 5: sendmsg$TIPC_NL_NET_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="a2293f4a", @ANYRES16=0x0, @ANYBLOB="000000000000000000000e00000048000100440000000000000000010000b4ac607299ff010000000000b80000ff0700000000fe800019000000000000000000000000070200000000000000e6ffffff0000"], 0x5c}}, 0x0) r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) r1 = socket$inet6(0xa, 0x80003, 0x6b) ioctl(r1, 0x1000008912, &(0x7f0000000740)="0805b5055e0bcfe8475071") getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="480000002400e574a885ddb05cc582f24186cf0d", @ANYRES32=r2, @ANYBLOB="0000f5fffeffffff0000"], 0x3}}, 0x0) r3 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r3, &(0x7f0000000140)=[{0x6, 0x0, &(0x7f0000000100), 0x6, &(0x7f0000000100)}], 0x492492492492805, 0x0) 20:02:59 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r2, 0x4138ae84, &(0x7f0000000080)=ANY=[]) 20:02:59 executing program 1: [ 296.544331][T10277] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.5'. [ 296.696999][T10284] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.5'. [ 298.102348][T10291] IPVS: ftp: loaded support on port[0] = 21 [ 298.186082][T10291] chnl_net:caif_netlink_parms(): no params data found [ 298.218575][T10291] bridge0: port 1(bridge_slave_0) entered blocking state [ 298.225692][T10291] bridge0: port 1(bridge_slave_0) entered disabled state [ 298.233615][T10291] device bridge_slave_0 entered promiscuous mode [ 298.242360][T10291] bridge0: port 2(bridge_slave_1) entered blocking state [ 298.249874][T10291] bridge0: port 2(bridge_slave_1) entered disabled state [ 298.257805][T10291] device bridge_slave_1 entered promiscuous mode [ 298.280890][T10291] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 298.292931][T10291] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 298.317335][T10291] team0: Port device team_slave_0 added [ 298.325782][T10291] team0: Port device team_slave_1 added [ 298.388479][T10291] device hsr_slave_0 entered promiscuous mode [ 298.426684][T10291] device hsr_slave_1 entered promiscuous mode [ 298.476388][T10291] debugfs: Directory 'hsr0' with parent '/' already present! [ 298.500897][T10291] bridge0: port 2(bridge_slave_1) entered blocking state [ 298.508287][T10291] bridge0: port 2(bridge_slave_1) entered forwarding state [ 298.515978][T10291] bridge0: port 1(bridge_slave_0) entered blocking state [ 298.523216][T10291] bridge0: port 1(bridge_slave_0) entered forwarding state [ 298.577980][T10291] 8021q: adding VLAN 0 to HW filter on device bond0 [ 298.596408][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 298.605131][ T9067] bridge0: port 1(bridge_slave_0) entered disabled state [ 298.613833][ T9067] bridge0: port 2(bridge_slave_1) entered disabled state [ 298.622177][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 298.635515][T10291] 8021q: adding VLAN 0 to HW filter on device team0 [ 298.649975][ T2999] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 298.658519][ T2999] bridge0: port 1(bridge_slave_0) entered blocking state [ 298.665558][ T2999] bridge0: port 1(bridge_slave_0) entered forwarding state [ 298.677530][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 298.685939][ T9067] bridge0: port 2(bridge_slave_1) entered blocking state [ 298.693036][ T9067] bridge0: port 2(bridge_slave_1) entered forwarding state [ 298.717363][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 298.725946][ T9067] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 298.742007][ T2999] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 298.759943][ T9070] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 298.768095][ T9070] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 298.781084][T10291] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 298.802930][ T9070] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 298.811782][ T9070] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 298.825172][T10291] 8021q: adding VLAN 0 to HW filter on device batadv0 20:03:02 executing program 3: 20:03:02 executing program 2: 20:03:02 executing program 1: 20:03:02 executing program 5: 20:03:02 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r2, 0x4138ae84, &(0x7f0000000080)=ANY=[]) 20:03:02 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:02 executing program 5: 20:03:02 executing program 2: 20:03:02 executing program 1: 20:03:02 executing program 5: 20:03:02 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_GET_MSRS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000080)=ANY=[]) 20:03:02 executing program 2: 20:03:03 executing program 3: 20:03:03 executing program 1: 20:03:03 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_GET_MSRS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000080)=ANY=[]) 20:03:03 executing program 2: 20:03:03 executing program 5: [ 299.986304][ T329] tipc: TX() has been purged, node left! 20:03:05 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:05 executing program 2: 20:03:05 executing program 5: 20:03:05 executing program 1: 20:03:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_GET_MSRS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000080)=ANY=[]) 20:03:05 executing program 3: 20:03:05 executing program 1: 20:03:05 executing program 5: 20:03:05 executing program 2: 20:03:05 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r2, 0x4138ae84, &(0x7f0000000080)=ANY=[]) 20:03:05 executing program 1: 20:03:05 executing program 2: 20:03:05 executing program 5: 20:03:06 executing program 5: 20:03:06 executing program 2: 20:03:06 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r2, 0x4138ae84, &(0x7f0000000080)=ANY=[]) [ 303.790155][ T329] device bridge_slave_1 left promiscuous mode [ 303.798104][ T329] bridge0: port 2(bridge_slave_1) entered disabled state [ 303.851172][ T329] device bridge_slave_0 left promiscuous mode [ 303.857535][ T329] bridge0: port 1(bridge_slave_0) entered disabled state [ 305.987101][ T329] device hsr_slave_0 left promiscuous mode [ 306.056547][ T329] device hsr_slave_1 left promiscuous mode [ 306.111616][ T329] team0 (unregistering): Port device team_slave_1 removed [ 306.125356][ T329] team0 (unregistering): Port device team_slave_0 removed [ 306.139698][ T329] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 306.184632][ T329] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 306.323259][ T329] bond0 (unregistering): Released all slaves [ 306.454867][T10396] IPVS: ftp: loaded support on port[0] = 21 [ 306.543337][T10396] chnl_net:caif_netlink_parms(): no params data found [ 306.580584][T10396] bridge0: port 1(bridge_slave_0) entered blocking state [ 306.587781][T10396] bridge0: port 1(bridge_slave_0) entered disabled state [ 306.595482][T10396] device bridge_slave_0 entered promiscuous mode [ 306.607036][T10396] bridge0: port 2(bridge_slave_1) entered blocking state [ 306.614170][T10396] bridge0: port 2(bridge_slave_1) entered disabled state [ 306.622593][T10396] device bridge_slave_1 entered promiscuous mode [ 306.643270][T10396] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 306.655029][T10396] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 306.680453][T10396] team0: Port device team_slave_0 added [ 306.689604][T10396] team0: Port device team_slave_1 added [ 306.739625][T10396] device hsr_slave_0 entered promiscuous mode [ 306.776684][T10396] device hsr_slave_1 entered promiscuous mode [ 306.846496][T10396] debugfs: Directory 'hsr0' with parent '/' already present! [ 306.866440][T10396] bridge0: port 2(bridge_slave_1) entered blocking state [ 306.873514][T10396] bridge0: port 2(bridge_slave_1) entered forwarding state [ 306.881200][T10396] bridge0: port 1(bridge_slave_0) entered blocking state [ 306.888333][T10396] bridge0: port 1(bridge_slave_0) entered forwarding state [ 306.941124][T10396] 8021q: adding VLAN 0 to HW filter on device bond0 [ 306.958430][ T2999] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 306.967710][ T2999] bridge0: port 1(bridge_slave_0) entered disabled state [ 306.975662][ T2999] bridge0: port 2(bridge_slave_1) entered disabled state [ 306.991750][T10396] 8021q: adding VLAN 0 to HW filter on device team0 [ 307.004457][ T2999] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 307.014014][ T2999] bridge0: port 1(bridge_slave_0) entered blocking state [ 307.021346][ T2999] bridge0: port 1(bridge_slave_0) entered forwarding state [ 307.051713][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 307.061037][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 307.068306][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 307.078764][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 307.087371][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 307.107514][ T9065] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 307.115830][ T9065] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 307.129310][ T9065] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 307.143423][T10396] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 307.165540][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 307.173625][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 307.189558][T10396] 8021q: adding VLAN 0 to HW filter on device batadv0 20:03:10 executing program 3: 20:03:10 executing program 1: 20:03:10 executing program 5: 20:03:10 executing program 2: 20:03:10 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, 0x0, 0x0, 0x0) 20:03:10 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r2, 0x4138ae84, &(0x7f0000000080)=ANY=[]) 20:03:10 executing program 1: 20:03:10 executing program 2: socket$kcm(0x2c, 0x3, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) bpf$MAP_CREATE(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x11, 0xa, 0x300) socket$kcm(0x2c, 0x0, 0x0) socket$kcm(0x2, 0x1000000000000002, 0x0) socket$kcm(0x29, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cpuset.memory_pressure\x00', 0x0, 0x0) write$cgroup_int(r1, &(0x7f0000000540), 0x12) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f00000000c0)='mime_type]trustedvmnet1\x00') bpf$MAP_CREATE(0x0, &(0x7f0000002a80)={0x1d, 0x3a, 0x40, 0x9, 0x0, 0xffffffffffffffff, 0x1, [], 0x0, 0xffffffffffffffff, 0x4}, 0x3c) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$cgroup_ro(r1, &(0x7f0000000080)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)='cpuset.mems\x00', 0x2, 0x0) ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x5452, &(0x7f0000000400)) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r3 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r2, 0x161) openat$cgroup_ro(r2, &(0x7f0000000040)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) sendmsg$kcm(r3, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r3, &(0x7f0000000280)={[{0x0, 'memory'}]}, 0xfdef) 20:03:10 executing program 5: socket$kcm(0x2c, 0x3, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) bpf$MAP_CREATE(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x11, 0xa, 0x300) socket$kcm(0x2c, 0x0, 0x0) socket$kcm(0x2, 0x1000000000000002, 0x0) socket$kcm(0x29, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cpuset.memory_pressure\x00', 0x0, 0x0) write$cgroup_int(r1, &(0x7f0000000540), 0x12) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f00000000c0)='mime_type]trustedvmnet1\x00') recvmsg(0xffffffffffffffff, &(0x7f0000002a40)={&(0x7f0000001640)=@can={0x1d, 0x0}, 0x80, &(0x7f0000002980), 0x5, &(0x7f0000000300)=""/47, 0x30}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000002a80)={0x1d, 0x3a, 0x40, 0x9, 0x0, 0xffffffffffffffff, 0x1, [], r2}, 0x3c) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$cgroup_ro(r1, &(0x7f0000000080)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)='cpuset.mems\x00', 0x2, 0x0) ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x5452, &(0x7f0000000400)) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r4 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r4, 0x1, 0x3e, &(0x7f00000002c0)=r3, 0x161) openat$cgroup_ro(r3, &(0x7f0000000040)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) sendmsg$kcm(r4, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r4, &(0x7f0000000280)={[{0x0, 'memory'}]}, 0xfdef) 20:03:10 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, 0x0, 0x0, 0x0) 20:03:10 executing program 3: r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e0000001c008105e00f80ecdb4cb9f207c804a01c000000a30305000a000200040ada1b40d805000500c50083b8", 0x2e}], 0x1}, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) 20:03:10 executing program 1: r0 = socket$kcm(0xa, 0x922000000003, 0x11) setsockopt$sock_attach_bpf(r0, 0x29, 0x24, &(0x7f00000000c0), 0x4) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f0000000180)="f4001100002b2c25e994efd18498d6620bbaa68754a3f5ffffff020000000000000000000000000021000080fe000000", 0x30}], 0x1}, 0x0) [ 307.586463][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 307.593014][ C1] protocol 88fb is buggy, dev hsr_slave_1 20:03:10 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, 0x0, 0x0, 0x0) 20:03:11 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r0, 0x4138ae84, &(0x7f0000000080)=ANY=[]) 20:03:11 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 307.846342][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 307.852397][ C1] protocol 88fb is buggy, dev hsr_slave_1 20:03:11 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:11 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r0, 0x4138ae84, &(0x7f0000000080)=ANY=[]) 20:03:11 executing program 3 (fault-call:0 fault-nth:0): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:03:11 executing program 2 (fault-call:2 fault-nth:0): r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) getdents64(r0, 0x0, 0x0) 20:03:11 executing program 5: socket$kcm(0x2c, 0x3, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) bpf$MAP_CREATE(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x11, 0xa, 0x300) socket$kcm(0x2c, 0x0, 0x0) socket$kcm(0x2, 0x1000000000000002, 0x0) socket$kcm(0x29, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cpuset.memory_pressure\x00', 0x0, 0x0) write$cgroup_int(r1, &(0x7f0000000540), 0x12) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f00000000c0)='mime_type]trustedvmnet1\x00') recvmsg(0xffffffffffffffff, &(0x7f0000002a40)={&(0x7f0000001640)=@can={0x1d, 0x0}, 0x80, &(0x7f0000002980), 0x5, &(0x7f0000000300)=""/47, 0x30}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000002a80)={0x1d, 0x3a, 0x40, 0x9, 0x0, 0xffffffffffffffff, 0x1, [], r2}, 0x3c) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$cgroup_ro(r1, &(0x7f0000000080)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)='cpuset.mems\x00', 0x2, 0x0) ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x5452, &(0x7f0000000400)) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r4 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r4, 0x1, 0x3e, &(0x7f00000002c0)=r3, 0x161) openat$cgroup_ro(r3, &(0x7f0000000040)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) sendmsg$kcm(r4, &(0x7f0000003d00)={&(0x7f0000000380)=@in={0x2, 0x4e23, @multicast1}, 0x80, 0x0}, 0xfd00) write$cgroup_subtree(r4, &(0x7f0000000280)={[{0x0, 'memory'}]}, 0xfdef) 20:03:11 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:11 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r0, 0x4138ae84, &(0x7f0000000080)=ANY=[]) [ 308.084710][T10465] FAULT_INJECTION: forcing a failure. [ 308.084710][T10465] name failslab, interval 1, probability 0, space 0, times 1 [ 308.160367][T10465] CPU: 0 PID: 10465 Comm: syz-executor.3 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 308.170156][T10465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 308.180228][T10465] Call Trace: [ 308.183643][T10465] dump_stack+0x197/0x210 [ 308.188043][T10465] should_fail.cold+0xa/0x15 [ 308.192897][T10465] ? fault_create_debugfs_attr+0x180/0x180 [ 308.198779][T10465] ? ___might_sleep+0x163/0x2c0 [ 308.203730][T10465] __should_failslab+0x121/0x190 20:03:11 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r1, 0x4138ae84, &(0x7f0000000080)=ANY=[]) [ 308.208759][T10465] should_failslab+0x9/0x14 [ 308.213319][T10465] __kmalloc+0x2e0/0x770 [ 308.217618][T10465] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 308.223918][T10465] ? fput_many+0x12c/0x1a0 [ 308.228349][T10465] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 308.234600][T10465] ? strnlen_user+0x1ed/0x2e0 [ 308.239332][T10465] ? __x64_sys_memfd_create+0x13c/0x470 [ 308.244899][T10465] __x64_sys_memfd_create+0x13c/0x470 [ 308.250288][T10465] ? memfd_fcntl+0x18c0/0x18c0 [ 308.255132][T10465] ? do_syscall_64+0x26/0x790 [ 308.259846][T10465] ? lockdep_hardirqs_on+0x421/0x5e0 [ 308.265296][T10465] ? trace_hardirqs_on+0x67/0x240 [ 308.270344][T10465] do_syscall_64+0xfa/0x790 [ 308.275047][T10465] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 308.280948][T10465] RIP: 0033:0x45a679 [ 308.284864][T10465] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 20:03:11 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) getdents64(r0, 0x0, 0x0) 20:03:11 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r1, 0x4138ae84, &(0x7f0000000080)=ANY=[]) [ 308.304726][T10465] RSP: 002b:00007fa857adea88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 308.313176][T10465] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 000000000045a679 [ 308.321898][T10465] RDX: 0000000020000028 RSI: 0000000000000000 RDI: 00000000004bf712 [ 308.330026][T10465] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 308.338012][T10465] R10: 0000000000000400 R11: 0000000000000246 R12: 00007fa857adf6d4 [ 308.345996][T10465] R13: 00000000004caa0e R14: 00000000004e3e70 R15: 0000000000000003 20:03:11 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:11 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r1, 0x4138ae84, &(0x7f0000000080)=ANY=[]) [ 308.486317][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 308.492318][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 308.646789][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 308.653075][ C0] protocol 88fb is buggy, dev hsr_slave_1 20:03:14 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:14 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) getdents64(r0, 0x0, 0x7ffffffff000) 20:03:14 executing program 3 (fault-call:0 fault-nth:1): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:03:14 executing program 4: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:14 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r2, 0x4138ae84, &(0x7f0000000080)=ANY=[]) 20:03:14 executing program 5 (fault-call:2 fault-nth:0): socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000200)=""/187) [ 311.028189][T10500] FAULT_INJECTION: forcing a failure. [ 311.028189][T10500] name failslab, interval 1, probability 0, space 0, times 0 [ 311.041812][T10505] FAULT_INJECTION: forcing a failure. [ 311.041812][T10505] name failslab, interval 1, probability 0, space 0, times 0 [ 311.060188][T10504] ptrace attach of "/root/syz-executor.4"[10502] was attempted by "/root/syz-executor.4"[10504] 20:03:14 executing program 4: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:14 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r2, 0x4138ae84, &(0x7f0000000080)=ANY=[]) [ 311.096145][T10500] CPU: 0 PID: 10500 Comm: syz-executor.5 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 311.105730][T10500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 311.115802][T10500] Call Trace: [ 311.119108][T10500] dump_stack+0x197/0x210 [ 311.123455][T10500] should_fail.cold+0xa/0x15 [ 311.128056][T10500] ? fault_create_debugfs_attr+0x180/0x180 [ 311.128087][T10500] ? ___might_sleep+0x163/0x2c0 [ 311.128108][T10500] __should_failslab+0x121/0x190 [ 311.128126][T10500] should_failslab+0x9/0x14 [ 311.128141][T10500] __kmalloc+0x2e0/0x770 [ 311.128153][T10500] ? mark_held_locks+0xf0/0xf0 [ 311.128162][T10500] ? mark_lock+0xc2/0x1220 [ 311.128248][T10500] ? _parse_integer+0x190/0x190 [ 311.128319][T10500] ? tomoyo_realpath_from_path+0xc5/0x660 [ 311.157568][T10500] tomoyo_realpath_from_path+0xc5/0x660 [ 311.157583][T10500] ? tomoyo_path_number_perm+0x193/0x520 [ 311.157603][T10500] tomoyo_path_number_perm+0x1dd/0x520 [ 311.157614][T10500] ? tomoyo_path_number_perm+0x193/0x520 [ 311.157629][T10500] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 311.157716][T10500] ? __f_unlock_pos+0x19/0x20 [ 311.157755][T10500] ? __fget+0x37f/0x550 [ 311.157774][T10500] ? ksys_dup3+0x3e0/0x3e0 [ 311.195218][T10500] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 311.195239][T10500] ? fput_many+0x12c/0x1a0 [ 311.220982][T10516] ptrace attach of "/root/syz-executor.4"[10514] was attempted by "/root/syz-executor.4"[10516] [ 311.224967][T10500] tomoyo_file_ioctl+0x23/0x30 [ 311.225047][T10500] security_file_ioctl+0x77/0xc0 20:03:14 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r2, 0x4138ae84, &(0x7f0000000080)=ANY=[]) [ 311.245080][T10500] ksys_ioctl+0x57/0xd0 [ 311.249263][T10500] __x64_sys_ioctl+0x73/0xb0 [ 311.253862][T10500] do_syscall_64+0xfa/0x790 [ 311.258368][T10500] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 311.258381][T10500] RIP: 0033:0x45a679 [ 311.258396][T10500] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 311.258404][T10500] RSP: 002b:00007f171e29cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 20:03:14 executing program 4: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 311.258416][T10500] RAX: ffffffffffffffda RBX: 00007f171e29cc90 RCX: 000000000045a679 [ 311.258429][T10500] RDX: 0000000020000200 RSI: 00000000c008ae05 RDI: 0000000000000003 [ 311.312130][T10500] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 311.320099][T10500] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f171e29d6d4 [ 311.328067][T10500] R13: 00000000004c3cae R14: 00000000004d9220 R15: 0000000000000004 [ 311.343348][T10505] CPU: 1 PID: 10505 Comm: syz-executor.3 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 311.352916][T10505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 311.362972][T10505] Call Trace: [ 311.365413][T10500] ERROR: Out of memory at tomoyo_realpath_from_path. [ 311.366264][T10505] dump_stack+0x197/0x210 [ 311.366283][T10505] should_fail.cold+0xa/0x15 [ 311.366303][T10505] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 311.387997][T10505] ? fault_create_debugfs_attr+0x180/0x180 [ 311.393816][T10505] ? ___might_sleep+0x163/0x2c0 [ 311.398679][T10505] __should_failslab+0x121/0x190 [ 311.403628][T10505] ? shmem_destroy_inode+0x80/0x80 [ 311.408746][T10505] should_failslab+0x9/0x14 [ 311.413258][T10505] kmem_cache_alloc+0x2aa/0x710 [ 311.418103][T10505] ? __alloc_fd+0x487/0x620 [ 311.418122][T10505] ? shmem_destroy_inode+0x80/0x80 [ 311.418136][T10505] shmem_alloc_inode+0x1c/0x50 [ 311.418150][T10505] alloc_inode+0x68/0x1e0 [ 311.418166][T10505] new_inode_pseudo+0x19/0xf0 [ 311.436819][T10505] new_inode+0x1f/0x40 20:03:14 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) getdents64(r0, 0x0, 0xf0ffffff7f0000) 20:03:14 executing program 5 (fault-call:2 fault-nth:1): socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000200)=""/187) [ 311.436835][T10505] shmem_get_inode+0x84/0x7e0 [ 311.436854][T10505] __shmem_file_setup.part.0+0x7e/0x2b0 [ 311.436874][T10505] shmem_file_setup+0x66/0x90 [ 311.445605][T10505] __x64_sys_memfd_create+0x2a2/0x470 [ 311.466959][T10505] ? memfd_fcntl+0x18c0/0x18c0 [ 311.471745][T10505] ? do_syscall_64+0x26/0x790 [ 311.476523][T10505] ? lockdep_hardirqs_on+0x421/0x5e0 [ 311.481826][T10505] ? trace_hardirqs_on+0x67/0x240 [ 311.486885][T10505] do_syscall_64+0xfa/0x790 [ 311.491406][T10505] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 311.497302][T10505] RIP: 0033:0x45a679 [ 311.501206][T10505] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 311.521620][T10505] RSP: 002b:00007fa857adea88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 311.530144][T10505] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 000000000045a679 [ 311.538136][T10505] RDX: 0000000020000028 RSI: 0000000000000000 RDI: 00000000004bf712 [ 311.546114][T10505] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 311.554186][T10505] R10: 0000000000000400 R11: 0000000000000246 R12: 00007fa857adf6d4 [ 311.562166][T10505] R13: 00000000004caa0e R14: 00000000004e3e70 R15: 0000000000000003 [ 311.564852][T10527] FAULT_INJECTION: forcing a failure. [ 311.564852][T10527] name failslab, interval 1, probability 0, space 0, times 0 [ 311.592906][T10530] ptrace attach of "/root/syz-executor.4"[10529] was attempted by "/root/syz-executor.4"[10530] [ 311.602057][T10527] CPU: 0 PID: 10527 Comm: syz-executor.5 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 311.613070][T10527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 311.623114][T10527] Call Trace: [ 311.623141][T10527] dump_stack+0x197/0x210 [ 311.623163][T10527] should_fail.cold+0xa/0x15 [ 311.623180][T10527] ? fault_create_debugfs_attr+0x180/0x180 [ 311.623201][T10527] ? ___might_sleep+0x163/0x2c0 [ 311.646001][T10527] __should_failslab+0x121/0x190 [ 311.650966][T10527] should_failslab+0x9/0x14 [ 311.655484][T10527] __kmalloc+0x2e0/0x770 [ 311.659736][T10527] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 311.666041][T10527] ? d_absolute_path+0x11b/0x170 [ 311.670986][T10527] ? __d_path+0x140/0x140 [ 311.675320][T10527] ? tomoyo_encode2.part.0+0xf5/0x400 [ 311.680866][T10527] tomoyo_encode2.part.0+0xf5/0x400 [ 311.686072][T10527] tomoyo_encode+0x2b/0x50 [ 311.690653][T10527] tomoyo_realpath_from_path+0x19c/0x660 [ 311.696303][T10527] tomoyo_path_number_perm+0x1dd/0x520 [ 311.701779][T10527] ? tomoyo_path_number_perm+0x193/0x520 [ 311.707423][T10527] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 311.713229][T10527] ? __f_unlock_pos+0x19/0x20 [ 311.713274][T10527] ? __fget+0x37f/0x550 [ 311.722073][T10527] ? ksys_dup3+0x3e0/0x3e0 [ 311.726583][T10527] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 311.732834][T10527] ? fput_many+0x12c/0x1a0 [ 311.737263][T10527] tomoyo_file_ioctl+0x23/0x30 [ 311.737279][T10527] security_file_ioctl+0x77/0xc0 [ 311.737298][T10527] ksys_ioctl+0x57/0xd0 [ 311.737315][T10527] __x64_sys_ioctl+0x73/0xb0 [ 311.737334][T10527] do_syscall_64+0xfa/0x790 [ 311.737355][T10527] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 311.737367][T10527] RIP: 0033:0x45a679 [ 311.737381][T10527] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 311.737393][T10527] RSP: 002b:00007f171e29cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 311.751232][T10527] RAX: ffffffffffffffda RBX: 00007f171e29cc90 RCX: 000000000045a679 [ 311.751242][T10527] RDX: 0000000020000200 RSI: 00000000c008ae05 RDI: 0000000000000003 [ 311.751250][T10527] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 311.751263][T10527] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f171e29d6d4 [ 311.830765][T10527] R13: 00000000004c3cae R14: 00000000004d9220 R15: 0000000000000004 [ 311.866429][T10527] ERROR: Out of memory at tomoyo_realpath_from_path. 20:03:17 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:17 executing program 3 (fault-call:0 fault-nth:2): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:03:17 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:17 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) getdents64(r0, 0x0, 0xffffffff00000000) 20:03:17 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r1, 0x4138ae84, &(0x7f0000000080)=ANY=[]) 20:03:17 executing program 5 (fault-call:2 fault-nth:2): socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000200)=""/187) [ 314.128735][T10542] FAULT_INJECTION: forcing a failure. [ 314.128735][T10542] name failslab, interval 1, probability 0, space 0, times 0 [ 314.155617][T10546] FAULT_INJECTION: forcing a failure. [ 314.155617][T10546] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 314.168869][T10546] CPU: 0 PID: 10546 Comm: syz-executor.3 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 314.178423][T10546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 314.188479][T10546] Call Trace: [ 314.191772][T10546] dump_stack+0x197/0x210 [ 314.196101][T10546] should_fail.cold+0xa/0x15 [ 314.200694][T10546] ? fault_create_debugfs_attr+0x180/0x180 [ 314.206640][T10546] ? find_held_lock+0x35/0x130 [ 314.211418][T10546] ? percpu_ref_tryget+0xea/0x230 [ 314.216473][T10546] should_fail_alloc_page+0x50/0x60 [ 314.221663][T10546] __alloc_pages_nodemask+0x1a1/0x910 [ 314.227026][T10546] ? find_held_lock+0x35/0x130 [ 314.231784][T10546] ? __alloc_pages_slowpath+0x2900/0x2900 [ 314.237498][T10546] ? __kasan_check_read+0x11/0x20 [ 314.242522][T10546] ? lock_downgrade+0x920/0x920 [ 314.247369][T10546] cache_grow_begin+0x90/0xc60 [ 314.252120][T10546] ? shmem_alloc_inode+0x1c/0x50 [ 314.257064][T10546] ? trace_hardirqs_off+0x62/0x240 [ 314.262164][T10546] kmem_cache_alloc+0x64e/0x710 [ 314.267021][T10546] ? __alloc_fd+0x487/0x620 [ 314.271541][T10546] ? shmem_destroy_inode+0x80/0x80 [ 314.276658][T10546] shmem_alloc_inode+0x1c/0x50 [ 314.281429][T10546] alloc_inode+0x68/0x1e0 [ 314.285761][T10546] new_inode_pseudo+0x19/0xf0 [ 314.290429][T10546] new_inode+0x1f/0x40 [ 314.294506][T10546] shmem_get_inode+0x84/0x7e0 [ 314.299179][T10546] __shmem_file_setup.part.0+0x7e/0x2b0 [ 314.304715][T10546] shmem_file_setup+0x66/0x90 [ 314.309383][T10546] __x64_sys_memfd_create+0x2a2/0x470 [ 314.314744][T10546] ? memfd_fcntl+0x18c0/0x18c0 [ 314.319500][T10546] ? do_syscall_64+0x26/0x790 [ 314.324170][T10546] ? lockdep_hardirqs_on+0x421/0x5e0 [ 314.329443][T10546] ? trace_hardirqs_on+0x67/0x240 [ 314.334468][T10546] do_syscall_64+0xfa/0x790 [ 314.338977][T10546] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 314.344854][T10546] RIP: 0033:0x45a679 [ 314.348735][T10546] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 314.368324][T10546] RSP: 002b:00007fa857adea88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 314.376734][T10546] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 000000000045a679 [ 314.384693][T10546] RDX: 0000000020000028 RSI: 0000000000000000 RDI: 00000000004bf712 [ 314.392671][T10546] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 314.400626][T10546] R10: 0000000000000400 R11: 0000000000000246 R12: 00007fa857adf6d4 [ 314.408592][T10546] R13: 00000000004caa0e R14: 00000000004e3e70 R15: 0000000000000003 [ 314.416572][T10542] CPU: 1 PID: 10542 Comm: syz-executor.5 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 314.426119][T10542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 314.436172][T10542] Call Trace: [ 314.439497][T10542] dump_stack+0x197/0x210 [ 314.443840][T10542] should_fail.cold+0xa/0x15 [ 314.448435][T10542] ? fault_create_debugfs_attr+0x180/0x180 [ 314.454336][T10542] ? ___might_sleep+0x163/0x2c0 [ 314.459193][T10542] __should_failslab+0x121/0x190 [ 314.464139][T10542] should_failslab+0x9/0x14 [ 314.468651][T10542] __kmalloc+0x2e0/0x770 [ 314.472902][T10542] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 314.479145][T10542] ? d_absolute_path+0x11b/0x170 [ 314.479160][T10542] ? __d_path+0x140/0x140 [ 314.479175][T10542] ? tomoyo_encode2.part.0+0xf5/0x400 [ 314.479193][T10542] tomoyo_encode2.part.0+0xf5/0x400 [ 314.479208][T10542] tomoyo_encode+0x2b/0x50 [ 314.488553][T10542] tomoyo_realpath_from_path+0x19c/0x660 [ 314.488579][T10542] tomoyo_path_number_perm+0x1dd/0x520 [ 314.488593][T10542] ? tomoyo_path_number_perm+0x193/0x520 [ 314.488611][T10542] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 314.488624][T10542] ? __f_unlock_pos+0x19/0x20 [ 314.488664][T10542] ? __fget+0x37f/0x550 [ 314.488684][T10542] ? ksys_dup3+0x3e0/0x3e0 [ 314.488700][T10542] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 314.488719][T10542] ? fput_many+0x12c/0x1a0 [ 314.505375][T10546] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 314.509370][T10542] tomoyo_file_ioctl+0x23/0x30 [ 314.509387][T10542] security_file_ioctl+0x77/0xc0 [ 314.509406][T10542] ksys_ioctl+0x57/0xd0 [ 314.509424][T10542] __x64_sys_ioctl+0x73/0xb0 [ 314.509443][T10542] do_syscall_64+0xfa/0x790 20:03:17 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$SCSI_IOCTL_PROBE_HOST(r2, 0x5385, &(0x7f0000000340)={0x77, ""/119}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r4 = dup2(r3, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) getsockopt$bt_rfcomm_RFCOMM_LM(r4, 0x12, 0x3, &(0x7f00000003c0), &(0x7f0000000400)=0x4) getdents64(r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000000)=[{&(0x7f0000000180)=""/121, 0x79}], 0x1, &(0x7f0000000300)=[{&(0x7f0000000200)=""/196, 0xc4}], 0x1, 0x0) 20:03:17 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r1, 0x4138ae84, &(0x7f0000000080)=ANY=[]) [ 314.509468][T10542] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 314.521564][T10546] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities [ 314.526312][T10542] RIP: 0033:0x45a679 [ 314.526329][T10542] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 314.526337][T10542] RSP: 002b:00007f171e29cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 20:03:17 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:18 executing program 5 (fault-call:2 fault-nth:3): socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000200)=""/187) [ 314.526351][T10542] RAX: ffffffffffffffda RBX: 00007f171e29cc90 RCX: 000000000045a679 [ 314.526359][T10542] RDX: 0000000020000200 RSI: 00000000c008ae05 RDI: 0000000000000003 [ 314.526367][T10542] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 314.526374][T10542] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f171e29d6d4 [ 314.526382][T10542] R13: 00000000004c3cae R14: 00000000004d9220 R15: 0000000000000004 [ 314.588910][T10542] ERROR: Out of memory at tomoyo_realpath_from_path. 20:03:18 executing program 3 (fault-call:0 fault-nth:3): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:03:18 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r1, 0x4138ae84, &(0x7f0000000080)=ANY=[]) [ 314.964719][T10576] FAULT_INJECTION: forcing a failure. [ 314.964719][T10576] name failslab, interval 1, probability 0, space 0, times 0 [ 314.973738][T10577] FAULT_INJECTION: forcing a failure. [ 314.973738][T10577] name failslab, interval 1, probability 0, space 0, times 0 [ 314.992862][T10577] CPU: 0 PID: 10577 Comm: syz-executor.5 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 315.002429][T10577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 315.002436][T10577] Call Trace: [ 315.002460][T10577] dump_stack+0x197/0x210 [ 315.002481][T10577] should_fail.cold+0xa/0x15 [ 315.024777][T10577] ? __kernel_text_address+0xd/0x40 [ 315.030271][T10577] ? fault_create_debugfs_attr+0x180/0x180 [ 315.030295][T10577] ? ___might_sleep+0x163/0x2c0 [ 315.040923][T10577] __should_failslab+0x121/0x190 [ 315.040940][T10577] should_failslab+0x9/0x14 [ 315.040957][T10577] kmem_cache_alloc_node_trace+0x274/0x750 [ 315.056192][T10577] ? __kasan_check_read+0x11/0x20 [ 315.061233][T10577] __get_vm_area_node+0x12b/0x4f0 [ 315.066259][T10577] ? __kasan_check_read+0x11/0x20 [ 315.071295][T10577] __vmalloc_node_range+0xd4/0x810 [ 315.076479][T10577] ? kvm_dev_ioctl_get_cpuid+0x13a/0xb47 [ 315.082105][T10577] ? __might_fault+0x12b/0x1e0 [ 315.086863][T10577] ? kvm_dev_ioctl_get_cpuid+0x13a/0xb47 [ 315.092490][T10577] vzalloc+0x6b/0x90 [ 315.096397][T10577] ? kvm_dev_ioctl_get_cpuid+0x13a/0xb47 [ 315.102017][T10577] kvm_dev_ioctl_get_cpuid+0x13a/0xb47 [ 315.107466][T10577] ? kvm_vcpu_ioctl_get_cpuid2+0x1c0/0x1c0 [ 315.113286][T10577] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 315.119520][T10577] ? _copy_from_user+0x12c/0x1a0 [ 315.124949][T10577] kvm_arch_dev_ioctl+0x300/0x4b0 [ 315.129973][T10577] ? kvm_vm_ioctl_check_extension+0x3d0/0x3d0 [ 315.136026][T10577] ? tomoyo_path_number_perm+0x454/0x520 [ 315.142358][T10577] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 315.148599][T10577] ? tomoyo_path_number_perm+0x25e/0x520 [ 315.154256][T10577] kvm_dev_ioctl+0x127/0x17d0 [ 315.158923][T10577] ? kvm_put_kvm+0xcc0/0xcc0 [ 315.163505][T10577] ? kvm_put_kvm+0xcc0/0xcc0 [ 315.168079][T10577] do_vfs_ioctl+0x977/0x14e0 [ 315.172656][T10577] ? compat_ioctl_preallocate+0x220/0x220 [ 315.178357][T10577] ? __fget+0x37f/0x550 [ 315.182499][T10577] ? ksys_dup3+0x3e0/0x3e0 [ 315.186906][T10577] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 315.193134][T10577] ? fput_many+0x12c/0x1a0 [ 315.197566][T10577] ? tomoyo_file_ioctl+0x23/0x30 [ 315.202617][T10577] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 315.208854][T10577] ? security_file_ioctl+0x8d/0xc0 [ 315.214060][T10577] ksys_ioctl+0xab/0xd0 [ 315.218213][T10577] __x64_sys_ioctl+0x73/0xb0 [ 315.222795][T10577] do_syscall_64+0xfa/0x790 [ 315.227297][T10577] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 315.233319][T10577] RIP: 0033:0x45a679 [ 315.237207][T10577] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 315.256809][T10577] RSP: 002b:00007f171e29cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 315.265212][T10577] RAX: ffffffffffffffda RBX: 00007f171e29cc90 RCX: 000000000045a679 [ 315.273170][T10577] RDX: 0000000020000200 RSI: 00000000c008ae05 RDI: 0000000000000003 [ 315.281127][T10577] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 315.289106][T10577] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f171e29d6d4 [ 315.297068][T10577] R13: 00000000004c3cae R14: 00000000004d9220 R15: 0000000000000004 [ 315.305139][T10576] CPU: 1 PID: 10576 Comm: syz-executor.3 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 315.314693][T10576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 315.324752][T10576] Call Trace: [ 315.328060][T10576] dump_stack+0x197/0x210 [ 315.332401][T10576] should_fail.cold+0xa/0x15 [ 315.336306][T10577] syz-executor.5: vmalloc: allocation failure: 120 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1 [ 315.337024][T10576] ? fault_create_debugfs_attr+0x180/0x180 [ 315.337044][T10576] ? ___might_sleep+0x163/0x2c0 [ 315.337064][T10576] __should_failslab+0x121/0x190 [ 315.366648][T10576] should_failslab+0x9/0x14 [ 315.371170][T10576] kmem_cache_alloc+0x2aa/0x710 [ 315.376091][T10576] ? rwlock_bug.part.0+0x90/0x90 [ 315.381018][T10576] ? lock_downgrade+0x920/0x920 [ 315.385865][T10576] __alloc_file+0x27/0x340 [ 315.390282][T10576] alloc_empty_file+0x72/0x170 [ 315.395038][T10576] alloc_file+0x5e/0x4d0 [ 315.399276][T10576] alloc_file_pseudo+0x189/0x280 [ 315.404212][T10576] ? alloc_file+0x4d0/0x4d0 [ 315.408721][T10576] ? lockdep_annotate_inode_mutex_key+0x5b/0x70 [ 315.414956][T10576] __shmem_file_setup.part.0+0x108/0x2b0 [ 315.420586][T10576] shmem_file_setup+0x66/0x90 [ 315.425252][T10576] __x64_sys_memfd_create+0x2a2/0x470 [ 315.430613][T10576] ? memfd_fcntl+0x18c0/0x18c0 [ 315.435366][T10576] ? do_syscall_64+0x26/0x790 [ 315.440031][T10576] ? lockdep_hardirqs_on+0x421/0x5e0 [ 315.445318][T10576] ? trace_hardirqs_on+0x67/0x240 [ 315.450330][T10576] do_syscall_64+0xfa/0x790 [ 315.454824][T10576] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 315.460702][T10576] RIP: 0033:0x45a679 [ 315.464583][T10576] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 315.484281][T10576] RSP: 002b:00007fa857adea88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 315.492680][T10576] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 000000000045a679 [ 315.500637][T10576] RDX: 0000000020000028 RSI: 0000000000000000 RDI: 00000000004bf712 [ 315.509905][T10576] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 315.517878][T10576] R10: 0000000000000400 R11: 0000000000000246 R12: 00007fa857adf6d4 [ 315.525834][T10576] R13: 00000000004caa0e R14: 00000000004e3e70 R15: 0000000000000003 [ 315.535150][T10577] CPU: 0 PID: 10577 Comm: syz-executor.5 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 315.544709][T10577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 315.554956][T10577] Call Trace: [ 315.558245][T10577] dump_stack+0x197/0x210 [ 315.562732][T10577] warn_alloc.cold+0x87/0x164 [ 315.567417][T10577] ? zone_watermark_ok_safe+0x260/0x260 [ 315.573005][T10577] ? __get_vm_area_node+0x344/0x4f0 [ 315.578184][T10577] ? __kasan_check_read+0x11/0x20 [ 315.583221][T10577] __vmalloc_node_range+0x4cf/0x810 [ 315.588418][T10577] ? __might_fault+0x12b/0x1e0 [ 315.593171][T10577] ? kvm_dev_ioctl_get_cpuid+0x13a/0xb47 [ 315.598785][T10577] vzalloc+0x6b/0x90 [ 315.602664][T10577] ? kvm_dev_ioctl_get_cpuid+0x13a/0xb47 [ 315.608281][T10577] kvm_dev_ioctl_get_cpuid+0x13a/0xb47 [ 315.613726][T10577] ? kvm_vcpu_ioctl_get_cpuid2+0x1c0/0x1c0 [ 315.619520][T10577] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 315.625741][T10577] ? _copy_from_user+0x12c/0x1a0 [ 315.630665][T10577] kvm_arch_dev_ioctl+0x300/0x4b0 [ 315.635671][T10577] ? kvm_vm_ioctl_check_extension+0x3d0/0x3d0 [ 315.641730][T10577] ? tomoyo_path_number_perm+0x454/0x520 [ 315.647437][T10577] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 315.653679][T10577] ? tomoyo_path_number_perm+0x25e/0x520 [ 315.659308][T10577] kvm_dev_ioctl+0x127/0x17d0 [ 315.663974][T10577] ? kvm_put_kvm+0xcc0/0xcc0 [ 315.668549][T10577] ? kvm_put_kvm+0xcc0/0xcc0 [ 315.673123][T10577] do_vfs_ioctl+0x977/0x14e0 [ 315.677712][T10577] ? compat_ioctl_preallocate+0x220/0x220 [ 315.683416][T10577] ? __fget+0x37f/0x550 [ 315.687553][T10577] ? ksys_dup3+0x3e0/0x3e0 [ 315.691950][T10577] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 315.698171][T10577] ? fput_many+0x12c/0x1a0 [ 315.702577][T10577] ? tomoyo_file_ioctl+0x23/0x30 [ 315.707498][T10577] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 315.713727][T10577] ? security_file_ioctl+0x8d/0xc0 [ 315.718829][T10577] ksys_ioctl+0xab/0xd0 [ 315.722969][T10577] __x64_sys_ioctl+0x73/0xb0 [ 315.727544][T10577] do_syscall_64+0xfa/0x790 [ 315.732032][T10577] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 315.737906][T10577] RIP: 0033:0x45a679 [ 315.741780][T10577] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 315.761366][T10577] RSP: 002b:00007f171e29cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 315.769795][T10577] RAX: ffffffffffffffda RBX: 00007f171e29cc90 RCX: 000000000045a679 [ 315.777873][T10577] RDX: 0000000020000200 RSI: 00000000c008ae05 RDI: 0000000000000003 [ 315.785859][T10577] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 315.793828][T10577] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f171e29d6d4 [ 315.801805][T10577] R13: 00000000004c3cae R14: 00000000004d9220 R15: 0000000000000004 [ 315.815563][T10577] Mem-Info: [ 315.829713][T10577] active_anon:109876 inactive_anon:214 isolated_anon:0 [ 315.829713][T10577] active_file:7764 inactive_file:37880 isolated_file:0 [ 315.829713][T10577] unevictable:0 dirty:339 writeback:0 unstable:0 [ 315.829713][T10577] slab_reclaimable:12433 slab_unreclaimable:90406 [ 315.829713][T10577] mapped:59218 shmem:285 pagetables:1276 bounce:0 [ 315.829713][T10577] free:1257664 free_pcp:632 free_cma:0 [ 315.874596][T10577] Node 0 active_anon:439504kB inactive_anon:856kB active_file:30920kB inactive_file:151520kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236872kB dirty:1356kB writeback:0kB shmem:1140kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 71680kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 315.908563][T10577] Node 1 active_anon:0kB inactive_anon:0kB active_file:136kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 315.942267][T10577] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 315.975452][T10577] lowmem_reserve[]: 0 2537 2537 2537 2537 [ 315.981453][T10577] Node 0 DMA32 free:1242104kB min:36104kB low:45128kB high:54152kB reserved_highatomic:0KB active_anon:439504kB inactive_anon:856kB active_file:30920kB inactive_file:151520kB unevictable:0kB writepending:1356kB present:3129332kB managed:2601072kB mlocked:0kB kernel_stack:7772kB pagetables:4952kB bounce:0kB free_pcp:2284kB local_pcp:908kB free_cma:0kB [ 316.020740][T10577] lowmem_reserve[]: 0 0 0 0 0 [ 316.025425][T10577] Node 0 Normal free:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 316.055119][T10577] lowmem_reserve[]: 0 0 0 0 0 [ 316.060717][T10577] Node 1 Normal free:3772432kB min:53780kB low:67224kB high:80668kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:136kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870200kB mlocked:0kB kernel_stack:16kB pagetables:4kB bounce:0kB free_pcp:248kB local_pcp:248kB free_cma:0kB [ 316.092471][T10577] lowmem_reserve[]: 0 0 0 0 0 [ 316.097496][T10577] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 316.112070][T10577] Node 0 DMA32: 1674*4kB (UM) 2007*8kB (ME) 1285*16kB (UM) 777*32kB (UME) 423*64kB (UME) 106*128kB (UME) 47*256kB (UME) 23*512kB (UME) 13*1024kB (UM) 3*2048kB (M) 266*4096kB (M) = 1241616kB [ 316.130883][T10577] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 316.142357][T10577] Node 1 Normal: 2*4kB (ME) 115*8kB (UME) 195*16kB (UM) 84*32kB (UME) 33*64kB (UME) 23*128kB (UME) 4*256kB (U) 5*512kB (UE) 1*1024kB (M) 2*2048kB (ME) 916*4096kB (M) = 3772432kB [ 316.160067][T10577] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 316.170169][T10577] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 316.179500][T10577] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 316.189090][T10577] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 316.198433][T10577] 45930 total pagecache pages [ 316.203099][T10577] 0 pages in swap cache [ 316.207297][T10577] Swap cache stats: add 0, delete 0, find 0/0 [ 316.213364][T10577] Free swap = 0kB [ 316.218010][T10577] Total swap = 0kB [ 316.221728][T10577] 1965979 pages RAM [ 316.225511][T10577] 0 pages HighMem/MovableOnly [ 316.230205][T10577] 344184 pages reserved [ 316.234348][T10577] 0 pages cma reserved 20:03:20 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:20 executing program 2: r0 = getpgrp(0x0) r1 = gettid() rt_tgsigqueueinfo(r0, r1, 0xb, &(0x7f0000000080)={0x0, 0x0, 0x3}) r2 = syz_open_procfs(r1, &(0x7f00000001c0)='ns\x00') getdents64(r2, &(0x7f0000000080)=""/194, 0xff42) r3 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x80, 0x8000) timerfd_gettime(r3, &(0x7f0000000180)) getdents64(r2, 0x0, 0x0) 20:03:20 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r2, 0x4138ae84, &(0x7f0000000080)=ANY=[]) 20:03:20 executing program 3 (fault-call:0 fault-nth:4): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:03:20 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000200)=""/187) 20:03:20 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup2(r1, r1) setsockopt$inet6_IPV6_ADDRFORM(r2, 0x29, 0x1, &(0x7f0000000200), 0x4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r4 = dup2(r3, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x101000, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x8) ioctl$IOC_PR_REGISTER(r2, 0x401870c8, &(0x7f0000000000)={0xfff, 0x4}) getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) getdents64(r0, 0x0, 0x0) [ 317.242649][T10590] FAULT_INJECTION: forcing a failure. [ 317.242649][T10590] name failslab, interval 1, probability 0, space 0, times 0 [ 317.296144][T10590] CPU: 0 PID: 10590 Comm: syz-executor.3 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 317.305720][T10590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 317.315762][T10590] Call Trace: [ 317.319177][T10590] dump_stack+0x197/0x210 [ 317.323494][T10590] should_fail.cold+0xa/0x15 [ 317.328075][T10590] ? memcg_kmem_put_cache+0xad/0x1a0 [ 317.333362][T10590] ? fault_create_debugfs_attr+0x180/0x180 [ 317.339158][T10590] ? ___might_sleep+0x163/0x2c0 [ 317.344022][T10590] __should_failslab+0x121/0x190 [ 317.348957][T10590] should_failslab+0x9/0x14 [ 317.353463][T10590] kmem_cache_alloc+0x2aa/0x710 [ 317.358323][T10590] ? kmem_cache_alloc+0x364/0x710 [ 317.363353][T10590] security_file_alloc+0x39/0x170 [ 317.368383][T10590] __alloc_file+0xde/0x340 [ 317.372810][T10590] alloc_empty_file+0x72/0x170 [ 317.377582][T10590] alloc_file+0x5e/0x4d0 [ 317.382028][T10590] alloc_file_pseudo+0x189/0x280 [ 317.386974][T10590] ? alloc_file+0x4d0/0x4d0 [ 317.391503][T10590] ? lockdep_annotate_inode_mutex_key+0x5b/0x70 [ 317.397870][T10590] __shmem_file_setup.part.0+0x108/0x2b0 [ 317.403504][T10590] shmem_file_setup+0x66/0x90 [ 317.408206][T10590] __x64_sys_memfd_create+0x2a2/0x470 [ 317.413592][T10590] ? memfd_fcntl+0x18c0/0x18c0 [ 317.418344][T10590] ? do_syscall_64+0x26/0x790 [ 317.423039][T10590] ? lockdep_hardirqs_on+0x421/0x5e0 [ 317.428463][T10590] ? trace_hardirqs_on+0x67/0x240 [ 317.433487][T10590] do_syscall_64+0xfa/0x790 [ 317.437990][T10590] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 317.443886][T10590] RIP: 0033:0x45a679 [ 317.447784][T10590] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 317.467550][T10590] RSP: 002b:00007fa857adea88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 317.476225][T10590] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 000000000045a679 [ 317.484282][T10590] RDX: 0000000020000028 RSI: 0000000000000000 RDI: 00000000004bf712 20:03:20 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x2, &(0x7f0000000200)=""/187) [ 317.492333][T10590] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 317.500287][T10590] R10: 0000000000000400 R11: 0000000000000246 R12: 00007fa857adf6d4 [ 317.508254][T10590] R13: 00000000004caa0e R14: 00000000004e3e70 R15: 0000000000000003 20:03:20 executing program 3 (fault-call:0 fault-nth:5): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:03:20 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x10, &(0x7f0000000200)=""/187) 20:03:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r2, 0x4138ae84, &(0x7f0000000080)=ANY=[]) 20:03:20 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 317.770309][T10619] FAULT_INJECTION: forcing a failure. [ 317.770309][T10619] name failslab, interval 1, probability 0, space 0, times 0 [ 317.834926][T10619] CPU: 0 PID: 10619 Comm: syz-executor.3 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 317.844503][T10619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 317.844510][T10619] Call Trace: [ 317.844536][T10619] dump_stack+0x197/0x210 [ 317.844557][T10619] should_fail.cold+0xa/0x15 [ 317.844577][T10619] ? memcg_kmem_put_cache+0xad/0x1a0 [ 317.872245][T10619] ? fault_create_debugfs_attr+0x180/0x180 [ 317.878066][T10619] ? ___might_sleep+0x163/0x2c0 [ 317.882921][T10619] __should_failslab+0x121/0x190 [ 317.882941][T10619] should_failslab+0x9/0x14 [ 317.882955][T10619] kmem_cache_alloc+0x2aa/0x710 [ 317.882975][T10619] ? kmem_cache_alloc+0x364/0x710 [ 317.902385][T10619] security_file_alloc+0x39/0x170 [ 317.907419][T10619] __alloc_file+0xde/0x340 [ 317.911837][T10619] alloc_empty_file+0x72/0x170 [ 317.916617][T10619] alloc_file+0x5e/0x4d0 [ 317.920864][T10619] alloc_file_pseudo+0x189/0x280 [ 317.925797][T10619] ? alloc_file+0x4d0/0x4d0 [ 317.930292][T10619] ? lockdep_annotate_inode_mutex_key+0x5b/0x70 [ 317.936652][T10619] __shmem_file_setup.part.0+0x108/0x2b0 [ 317.942327][T10619] shmem_file_setup+0x66/0x90 [ 317.947009][T10619] __x64_sys_memfd_create+0x2a2/0x470 [ 317.952364][T10619] ? memfd_fcntl+0x18c0/0x18c0 [ 317.957121][T10619] ? do_syscall_64+0x26/0x790 [ 317.961818][T10619] ? lockdep_hardirqs_on+0x421/0x5e0 [ 317.967102][T10619] ? trace_hardirqs_on+0x67/0x240 [ 317.972514][T10619] do_syscall_64+0xfa/0x790 [ 317.977028][T10619] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 317.982937][T10619] RIP: 0033:0x45a679 [ 317.986822][T10619] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 318.006713][T10619] RSP: 002b:00007fa857adea88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 318.015172][T10619] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 000000000045a679 [ 318.023293][T10619] RDX: 0000000020000028 RSI: 0000000000000000 RDI: 00000000004bf712 [ 318.031532][T10619] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 318.039498][T10619] R10: 0000000000000400 R11: 0000000000000246 R12: 00007fa857adf6d4 [ 318.047541][T10619] R13: 00000000004caa0e R14: 00000000004e3e70 R15: 0000000000000003 20:03:23 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:23 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:23 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x4c00, &(0x7f0000000200)=""/187) 20:03:23 executing program 2: r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffd6a, &(0x7f0000000080), 0x1}, 0x0) r1 = dup3(r0, 0xffffffffffffffff, 0x80000) r2 = socket(0x10, 0x803, 0x0) r3 = socket(0x2000000000000010, 0x3, 0x0) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200)='IPVS\x00') ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000000380)={'team_slave_1\x00', @remote}) sendmsg$IPVS_CMD_GET_DEST(r3, &(0x7f0000000240)={0x0, 0x7e, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="03fbffff0700800000000000594b7b2b58b3f72cca10d4785ea3ca7f7bb0cded44c6c1b10fc97d4e43baa619cc33f0087d169fa9a23337518620e8cdb9336aac251f2f0717e871348bca02839acdc7540e0aecb23a4d4c3fc27d057fb44b8b69b76a26262140b8790ca38c0e8095c7ccb41c60e970fe94c4abfd21cf229f58074304f6e0fef782bc17e74143e8f4992c33b8ee9aa8e8076805c8a978ac216bf61e99a70d2b2aeb30d712338002d50e0d00df6d96da259c29ac1543a581e36a50559ed53c41f676c9a7075aeb649c7471efcb547f99d983e445b9b34fa37ae1b8b13baa"], 0x14}}, 0x0) sendmsg$IPVS_CMD_GET_INFO(r2, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000240)={&(0x7f0000000140)={0x1c, r4, 0x2, 0x70bd29, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x8000) getsockopt$IP6T_SO_GET_INFO(r2, 0x29, 0x40, &(0x7f00000002c0)={'security\x00'}, &(0x7f0000000340)=0x54) sendmsg$IPVS_CMD_SET_SERVICE(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x29014240}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r4, 0x201, 0x70bd2a, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xc2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x4000020) setsockopt$RXRPC_SECURITY_KEY(r1, 0x110, 0x1, &(0x7f00000004c0)='team_slave_1\x00', 0xd) r5 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r5, &(0x7f0000000080)=""/194, 0xff42) getdents64(r5, 0x0, 0x0) 20:03:23 executing program 3 (fault-call:0 fault-nth:6): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:03:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r2, 0x4138ae84, &(0x7f0000000080)=ANY=[]) 20:03:23 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x4c01, &(0x7f0000000200)=""/187) [ 320.322540][T10639] FAULT_INJECTION: forcing a failure. [ 320.322540][T10639] name failslab, interval 1, probability 0, space 0, times 0 [ 320.337682][T10639] CPU: 1 PID: 10639 Comm: syz-executor.3 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 320.347236][T10639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 320.347259][T10639] Call Trace: [ 320.347284][T10639] dump_stack+0x197/0x210 [ 320.347304][T10639] should_fail.cold+0xa/0x15 [ 320.347323][T10639] ? fault_create_debugfs_attr+0x180/0x180 [ 320.347344][T10639] ? ___might_sleep+0x163/0x2c0 [ 320.347364][T10639] __should_failslab+0x121/0x190 [ 320.347381][T10639] should_failslab+0x9/0x14 [ 320.347396][T10639] __kmalloc+0x2e0/0x770 [ 320.347406][T10639] ? mark_held_locks+0xf0/0xf0 [ 320.347479][T10639] ? stack_trace_save+0xac/0xe0 [ 320.375543][T10639] ? tomoyo_realpath_from_path+0xc5/0x660 [ 320.375563][T10639] tomoyo_realpath_from_path+0xc5/0x660 [ 320.414958][T10639] ? tomoyo_path_perm+0x1cb/0x430 [ 320.419992][T10639] tomoyo_path_perm+0x230/0x430 [ 320.424894][T10639] ? tomoyo_path_perm+0x1cb/0x430 [ 320.429904][T10639] ? tomoyo_check_open_permission+0x3e0/0x3e0 [ 320.436016][T10639] ? rcu_read_lock_held+0x9c/0xb0 [ 320.441055][T10639] ? rcu_read_lock_any_held+0xcd/0xf0 [ 320.446441][T10639] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 320.451738][T10639] tomoyo_path_truncate+0x1d/0x30 [ 320.456831][T10639] security_path_truncate+0xf2/0x150 [ 320.462202][T10639] do_sys_ftruncate+0x3d9/0x550 [ 320.467054][T10639] __x64_sys_ftruncate+0x59/0x80 [ 320.472144][T10639] do_syscall_64+0xfa/0x790 [ 320.476666][T10639] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 320.482626][T10639] RIP: 0033:0x45a647 [ 320.486516][T10639] Code: 24 29 d7 48 69 ff e8 03 00 00 48 89 7c 24 08 48 89 e7 e8 dc e4 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 b8 4d 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 320.507163][T10639] RSP: 002b:00007fa857adea88 EFLAGS: 00000217 ORIG_RAX: 000000000000004d [ 320.515565][T10639] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 000000000045a647 [ 320.523548][T10639] RDX: 0000000020000028 RSI: 0000000000000800 RDI: 0000000000000004 [ 320.531516][T10639] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 320.539477][T10639] R10: 0000000000000400 R11: 0000000000000217 R12: 0000000000000004 [ 320.547633][T10639] R13: 00000000004caa0e R14: 00000000004e3e70 R15: 0000000000000003 [ 320.558787][T10639] ERROR: Out of memory at tomoyo_realpath_from_path. 20:03:23 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$CAPI_SET_FLAGS(r2, 0x80044324, &(0x7f0000000000)) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="2e0000001d00810ee00f80ecdb4cb9e307f029a00d0000002f003efb0a0002000300000000000f00030005000600", 0x2e}], 0x1}, 0x0) preadv(r3, &(0x7f0000000400)=[{&(0x7f00000001c0)=""/245, 0xf5}, {&(0x7f00000002c0)=""/158, 0x9e}, {&(0x7f0000000380)=""/102, 0x66}], 0x3, 0x3) openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000440)='/dev/dlm-monitor\x00', 0x301000, 0x0) getdents64(r0, &(0x7f0000000080)=""/194, 0xb1567838276436e6) getdents64(r0, 0x0, 0x0) 20:03:23 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5421, &(0x7f0000000200)=""/187) 20:03:23 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 320.617911][T10639] EXT4-fs (loop3): Ignoring removed mblk_io_submit option 20:03:24 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5450, &(0x7f0000000200)=""/187) [ 320.710383][T10639] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities 20:03:24 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r2, 0x4138ae84, &(0x7f0000000080)=ANY=[]) [ 320.843032][T10669] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.2'. [ 320.914660][T10676] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.2'. 20:03:26 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:26 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:26 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5451, &(0x7f0000000200)=""/187) 20:03:26 executing program 3 (fault-call:0 fault-nth:7): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:03:26 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r2, 0x4138ae84, &(0x7f0000000080)=ANY=[]) 20:03:26 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000080)=""/194, 0xfffffffffffffdf3) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r4 = dup2(r3, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, r4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r6 = dup2(r5, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r8 = dup2(r7, r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer\x00', 0x480, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r10 = dup2(r9, r9) ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r12 = dup2(r11, r11) ioctl$PERF_EVENT_IOC_ENABLE(r12, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r14 = dup2(r13, r13) ioctl$PERF_EVENT_IOC_ENABLE(r14, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r16 = dup2(r15, r15) ioctl$PERF_EVENT_IOC_ENABLE(r16, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r18 = dup2(r17, r17) ioctl$PERF_EVENT_IOC_ENABLE(r18, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r20 = dup2(r19, r19) ioctl$PERF_EVENT_IOC_ENABLE(r20, 0x8912, 0x400200) getdents64(r2, 0x0, 0xffffffffffffffc2) r21 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x12002) write$rfkill(r21, &(0x7f00000001c0)={0x4, 0x8, 0x0, 0xff}, 0x8) r22 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r22, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="2e0000001d00810ee00f80ecdb4cb9e307f029a00d0000002f003efb0a0002000300000000000f00030005000600", 0x2e}], 0x1}, 0x0) ioctl$FICLONE(r22, 0x40049409, r4) [ 323.359282][T10688] FAULT_INJECTION: forcing a failure. [ 323.359282][T10688] name failslab, interval 1, probability 0, space 0, times 0 [ 323.400176][T10688] CPU: 0 PID: 10688 Comm: syz-executor.3 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 323.409759][T10688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 323.419825][T10688] Call Trace: [ 323.423275][T10688] dump_stack+0x197/0x210 [ 323.427596][T10688] should_fail.cold+0xa/0x15 [ 323.432215][T10688] ? fault_create_debugfs_attr+0x180/0x180 [ 323.438010][T10688] ? ___might_sleep+0x163/0x2c0 [ 323.442853][T10688] __should_failslab+0x121/0x190 [ 323.447781][T10688] should_failslab+0x9/0x14 [ 323.452385][T10688] __kmalloc+0x2e0/0x770 [ 323.456610][T10688] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 323.462833][T10688] ? simple_dname+0xd1/0x1f0 [ 323.467410][T10688] ? tomoyo_encode2.part.0+0xf5/0x400 [ 323.472767][T10688] tomoyo_encode2.part.0+0xf5/0x400 [ 323.477955][T10688] tomoyo_encode+0x2b/0x50 [ 323.482394][T10688] tomoyo_realpath_from_path+0x19c/0x660 [ 323.488025][T10688] ? tomoyo_path_perm+0x1cb/0x430 [ 323.493050][T10688] tomoyo_path_perm+0x230/0x430 [ 323.497884][T10688] ? tomoyo_path_perm+0x1cb/0x430 [ 323.502914][T10688] ? tomoyo_check_open_permission+0x3e0/0x3e0 [ 323.508987][T10688] ? rcu_read_lock_held+0x9c/0xb0 [ 323.514024][T10688] ? rcu_read_lock_any_held+0xcd/0xf0 [ 323.519374][T10688] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 323.524643][T10688] tomoyo_path_truncate+0x1d/0x30 [ 323.529659][T10688] security_path_truncate+0xf2/0x150 [ 323.534943][T10688] do_sys_ftruncate+0x3d9/0x550 [ 323.539791][T10688] __x64_sys_ftruncate+0x59/0x80 [ 323.544759][T10688] do_syscall_64+0xfa/0x790 [ 323.549264][T10688] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 323.555134][T10688] RIP: 0033:0x45a647 [ 323.559037][T10688] Code: 24 29 d7 48 69 ff e8 03 00 00 48 89 7c 24 08 48 89 e7 e8 dc e4 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 b8 4d 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 323.578624][T10688] RSP: 002b:00007fa857adea88 EFLAGS: 00000217 ORIG_RAX: 000000000000004d [ 323.587032][T10688] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 000000000045a647 [ 323.594985][T10688] RDX: 0000000020000028 RSI: 0000000000000800 RDI: 0000000000000004 [ 323.602938][T10688] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 323.610891][T10688] R10: 0000000000000400 R11: 0000000000000217 R12: 0000000000000004 [ 323.618845][T10688] R13: 00000000004caa0e R14: 00000000004e3e70 R15: 0000000000000003 20:03:26 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="2e0000001d00810ee00f80ecdb4cb9e307f029a00d0000002f003efb0a0002000300000000000f00030005000600", 0x2e}], 0x1}, 0x0) preadv(r1, &(0x7f0000000180)=[{&(0x7f0000000000)=""/46, 0x2e}], 0x1, 0x5) getdents64(r0, 0x0, 0x0) 20:03:26 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5452, &(0x7f0000000200)=""/187) [ 323.653416][T10688] ERROR: Out of memory at tomoyo_realpath_from_path. 20:03:27 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r2, 0x4138ae84, &(0x7f0000000080)=ANY=[]) [ 323.760110][T10688] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 323.790909][T10688] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities [ 323.802909][T10704] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.2'. 20:03:27 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x545c, &(0x7f0000000200)=""/187) [ 323.844959][T10704] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.2'. 20:03:27 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000180)=""/194, 0xfffffffffffffdff) getdents64(r0, 0x0, 0x0) 20:03:27 executing program 3 (fault-call:0 fault-nth:8): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) [ 324.096710][T10723] FAULT_INJECTION: forcing a failure. [ 324.096710][T10723] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 324.123988][T10723] CPU: 1 PID: 10723 Comm: syz-executor.3 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 324.133626][T10723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 324.143776][T10723] Call Trace: [ 324.147079][T10723] dump_stack+0x197/0x210 [ 324.151417][T10723] should_fail.cold+0xa/0x15 [ 324.156022][T10723] ? fault_create_debugfs_attr+0x180/0x180 [ 324.161827][T10723] ? ___might_sleep+0x163/0x2c0 [ 324.166684][T10723] should_fail_alloc_page+0x50/0x60 [ 324.171881][T10723] __alloc_pages_nodemask+0x1a1/0x910 [ 324.177285][T10723] ? mark_lock+0xc2/0x1220 [ 324.181712][T10723] ? __alloc_pages_slowpath+0x2900/0x2900 [ 324.188381][T10723] ? __kasan_check_read+0x11/0x20 [ 324.193402][T10723] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 324.199621][T10723] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 324.205857][T10723] alloc_pages_vma+0xdd/0x620 [ 324.210527][T10723] shmem_alloc_page+0xc0/0x180 [ 324.215278][T10723] ? shmem_swapin+0x1a0/0x1a0 [ 324.219936][T10723] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 324.226190][T10723] ? xas_start+0x166/0x560 [ 324.230630][T10723] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 324.236338][T10723] ? __vm_enough_memory+0x1b7/0x390 [ 324.241535][T10723] shmem_alloc_and_acct_page+0x165/0x990 [ 324.247163][T10723] shmem_getpage_gfp+0x56d/0x29a0 [ 324.252197][T10723] ? mark_lock+0xc2/0x1220 [ 324.256611][T10723] ? shmem_unuse_inode+0x1140/0x1140 [ 324.261925][T10723] ? ktime_get_coarse_real_ts64+0xeb/0x2a0 [ 324.267722][T10723] ? current_time+0x6b/0x110 [ 324.272386][T10723] ? ktime_get_coarse_real_ts64+0xeb/0x2a0 [ 324.278560][T10723] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 324.284785][T10723] ? iov_iter_fault_in_readable+0x22c/0x450 [ 324.290708][T10723] shmem_write_begin+0x105/0x1e0 [ 324.296054][T10723] generic_perform_write+0x23b/0x540 [ 324.301364][T10723] ? timestamp_truncate+0x2f0/0x2f0 [ 324.306568][T10723] ? trace_event_raw_event_file_check_and_advance_wb_err+0x4b0/0x4b0 [ 324.314626][T10723] ? current_time+0x110/0x110 [ 324.319285][T10723] ? __kasan_check_write+0x14/0x20 [ 324.324375][T10723] ? down_write+0xdf/0x150 [ 324.328840][T10723] __generic_file_write_iter+0x25e/0x630 [ 324.334466][T10723] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 324.340171][T10723] generic_file_write_iter+0x420/0x68e [ 324.345624][T10723] ? __generic_file_write_iter+0x630/0x630 [ 324.351437][T10723] ? __kasan_check_read+0x11/0x20 [ 324.356452][T10723] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 324.362763][T10723] ? iov_iter_init+0xee/0x220 [ 324.367441][T10723] new_sync_write+0x4d3/0x770 [ 324.372118][T10723] ? new_sync_read+0x800/0x800 [ 324.376877][T10723] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 324.383103][T10723] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 324.388407][T10723] __vfs_write+0xe1/0x110 [ 324.392738][T10723] vfs_write+0x268/0x5d0 [ 324.396990][T10723] ksys_pwrite64+0x183/0x1c0 [ 324.401579][T10723] ? __ia32_sys_pread64+0xf0/0xf0 [ 324.406597][T10723] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 324.412067][T10723] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 324.417736][T10723] ? do_syscall_64+0x26/0x790 [ 324.422408][T10723] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 324.428492][T10723] ? do_syscall_64+0x26/0x790 [ 324.433167][T10723] __x64_sys_pwrite64+0x97/0xf0 [ 324.438098][T10723] do_syscall_64+0xfa/0x790 [ 324.442600][T10723] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 324.448488][T10723] RIP: 0033:0x414477 [ 324.452397][T10723] Code: 12 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 a1 18 00 00 c3 48 83 ec 08 e8 a7 f9 ff ff 48 89 04 24 49 89 ca b8 12 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 ed f9 ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 324.472008][T10723] RSP: 002b:00007fa857adea80 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 324.480416][T10723] RAX: ffffffffffffffda RBX: 0000000020000010 RCX: 0000000000414477 [ 324.488380][T10723] RDX: 000000000000003a RSI: 0000000020000140 RDI: 0000000000000004 [ 324.496429][T10723] RBP: 0000000000000000 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 324.504378][T10723] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000004 [ 324.512340][T10723] R13: 00000000004caa0e R14: 00000000004e3e70 R15: 0000000000000003 [ 324.552296][T10723] EXT4-fs (loop3): VFS: Can't find ext4 filesystem 20:03:29 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_MSRS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000080)=ANY=[]) 20:03:29 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x5460, &(0x7f0000000200)=""/187) 20:03:29 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000) r1 = syz_open_dev$vcsa(&(0x7f0000000140)='/dev/vcsa#\x00', 0xfeb, 0x800) ioctl$ASHMEM_SET_PROT_MASK(r1, 0x40087705, &(0x7f0000000240)={0x2}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r5 = dup2(r4, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) getdents64(r5, &(0x7f0000000080)=""/190, 0x252) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x81, 0x1, 0x8, 0x2, 0x0, 0x0, 0x80, 0x9, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, @perf_config_ext={0x81, 0x4}, 0x800, 0x10000, 0x4, 0x0, 0x6, 0x80000000, 0x6}, 0xffffffffffffffff, 0x7, r5, 0x8) r7 = dup2(r6, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) setsockopt$inet_tcp_TLS_TX(r7, 0x6, 0x1, &(0x7f0000000000)=@gcm_256={{0x304}, "7da4ed5c6d91229d", "af176e10196e1d4433aaddef76ac9952e59a66127576cf1c4078fc2026a11063", "bb438697", "a1be320cb4d79ce1"}, 0x38) getdents64(r0, 0x0, 0x0) 20:03:29 executing program 3 (fault-call:0 fault-nth:9): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:03:29 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 326.474105][T10742] FAULT_INJECTION: forcing a failure. [ 326.474105][T10742] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 326.487342][T10742] CPU: 1 PID: 10742 Comm: syz-executor.3 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 326.496882][T10742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 326.506924][T10742] Call Trace: [ 326.510211][T10742] dump_stack+0x197/0x210 [ 326.514533][T10742] should_fail.cold+0xa/0x15 [ 326.519111][T10742] ? fault_create_debugfs_attr+0x180/0x180 [ 326.524901][T10742] ? __kasan_check_read+0x11/0x20 [ 326.529909][T10742] ? __lock_acquire+0x16f2/0x4a00 [ 326.534919][T10742] should_fail_alloc_page+0x50/0x60 [ 326.540101][T10742] __alloc_pages_nodemask+0x1a1/0x910 [ 326.545453][T10742] ? fs_reclaim_release+0xf/0x30 [ 326.550372][T10742] ? __alloc_pages_slowpath+0x2900/0x2900 [ 326.556072][T10742] ? fs_reclaim_release+0xf/0x30 [ 326.560992][T10742] ? new_sync_write+0x53d/0x770 [ 326.565885][T10742] ? fault_create_debugfs_attr+0x180/0x180 [ 326.571697][T10742] cache_grow_begin+0x90/0xc60 [ 326.576464][T10742] ? getname_flags+0xd6/0x5b0 [ 326.581128][T10742] ? trace_hardirqs_off+0x62/0x240 [ 326.586228][T10742] kmem_cache_alloc+0x64e/0x710 [ 326.591081][T10742] getname_flags+0xd6/0x5b0 [ 326.595577][T10742] getname+0x1a/0x20 [ 326.599462][T10742] do_sys_open+0x2c9/0x5d0 [ 326.603961][T10742] ? filp_open+0x80/0x80 [ 326.608192][T10742] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 326.613636][T10742] ? do_syscall_64+0x26/0x790 [ 326.618473][T10742] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 326.624629][T10742] ? do_syscall_64+0x26/0x790 [ 326.629290][T10742] __x64_sys_open+0x7e/0xc0 [ 326.633779][T10742] do_syscall_64+0xfa/0x790 [ 326.638277][T10742] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 326.644153][T10742] RIP: 0033:0x414411 [ 326.648113][T10742] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 326.667774][T10742] RSP: 002b:00007fa857adea80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 326.676170][T10742] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000414411 [ 326.684126][T10742] RDX: 00007fa857adeb0a RSI: 0000000000000002 RDI: 00007fa857adeb00 [ 326.692078][T10742] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 326.700029][T10742] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 326.707980][T10742] R13: 00000000004caa0e R14: 00000000004e3e70 R15: 0000000000000003 20:03:30 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$IOC_PR_CLEAR(r2, 0x401070cd, &(0x7f0000000000)={0x6}) getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) getdents64(r0, 0x0, 0x0) 20:03:30 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_MSRS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000080)=ANY=[]) 20:03:30 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x6364, &(0x7f0000000200)=""/187) [ 326.831620][T10742] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 326.839098][T10742] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities 20:03:30 executing program 3 (fault-call:0 fault-nth:10): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:03:30 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r3, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000680)=[@in={0x2, 0x0, @rand_addr=0x40}]}, &(0x7f0000000180)=0x10) r4 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r3, 0x84, 0x6, &(0x7f0000000040)={r5, @in6={{0xa, 0x0, 0x0, @local}}}, &(0x7f00000002c0)=0x84) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x6c, &(0x7f0000000180)={r5, 0xed, "28ea0b82bc892de68de22a54ab5ab31ba4104d827352ab28bbd2aec88e02428666bc2d9b1a4130fab323a9c2e76c0a19b2d94b15a568c6274c041e147a98ef12a0830579fdcc13ec59b2df1565d0c2b77963dcb8439011986ff89cc9170cfdcc76b74c06927965e57c7bc26699fa159465a95c34d9325dd891e73117a183662706fe721da8920f57c90dc0560a89330463f60abe2ed5966bf62b172ab4443fa34812839e599fb76612008fde7cc4f9ce65b8fe7f2d8bd705432c7369772c7324ce49b10274238d7c4a4590ee3d1bc16f6f65c93c0394105ebce8b053e61644ef575a951d969c5f77c1e6b79b06"}, &(0x7f0000000000)=0xf5) getdents64(r0, 0x0, 0x0) 20:03:30 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8912, &(0x7f0000000200)=""/187) [ 327.078641][T10769] FAULT_INJECTION: forcing a failure. [ 327.078641][T10769] name failslab, interval 1, probability 0, space 0, times 0 [ 327.166069][T10769] CPU: 0 PID: 10769 Comm: syz-executor.3 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 327.175646][T10769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 327.185696][T10769] Call Trace: [ 327.189003][T10769] dump_stack+0x197/0x210 [ 327.189026][T10769] should_fail.cold+0xa/0x15 [ 327.189078][T10769] ? fault_create_debugfs_attr+0x180/0x180 [ 327.203770][T10769] ? ___might_sleep+0x163/0x2c0 [ 327.208634][T10769] __should_failslab+0x121/0x190 [ 327.213584][T10769] should_failslab+0x9/0x14 [ 327.218094][T10769] kmem_cache_alloc+0x2aa/0x710 [ 327.222950][T10769] ? rcu_read_lock_any_held+0xcd/0xf0 [ 327.228331][T10769] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 327.233625][T10769] getname_flags+0xd6/0x5b0 [ 327.238136][T10769] getname+0x1a/0x20 [ 327.242042][T10769] do_sys_open+0x2c9/0x5d0 [ 327.246459][T10769] ? filp_open+0x80/0x80 [ 327.246481][T10769] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 327.246494][T10769] ? do_syscall_64+0x26/0x790 [ 327.246510][T10769] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 327.246524][T10769] ? do_syscall_64+0x26/0x790 [ 327.246541][T10769] __x64_sys_open+0x7e/0xc0 [ 327.246558][T10769] do_syscall_64+0xfa/0x790 [ 327.246577][T10769] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 327.246587][T10769] RIP: 0033:0x414411 [ 327.246604][T10769] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 327.256345][T10769] RSP: 002b:00007fa857adea80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 327.256359][T10769] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000414411 [ 327.256366][T10769] RDX: 00007fa857adeb0a RSI: 0000000000000002 RDI: 00007fa857adeb00 [ 327.256374][T10769] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 327.256382][T10769] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 327.256390][T10769] R13: 00000000004caa0e R14: 00000000004e3e70 R15: 0000000000000003 20:03:32 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:32 executing program 2: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bsg\x00', 0x2000, 0x0) ioctl$RTC_RD_TIME(r0, 0x80247009, &(0x7f00000001c0)) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r1, &(0x7f0000000080)=""/194, 0xff42) syz_open_dev$vcsu(&(0x7f0000000200)='/dev/vcsu#\x00', 0x200, 0x381c00) getdents64(r1, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) syz_open_dev$sndpcmp(&(0x7f0000000240)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffa, 0x280401) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r5 = dup2(r4, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$SNDRV_PCM_IOCTL_RESET(r5, 0x4141, 0x0) 20:03:32 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_MSRS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000080)=ANY=[]) 20:03:32 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8933, &(0x7f0000000200)=""/187) 20:03:32 executing program 3 (fault-call:0 fault-nth:11): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:03:32 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 329.527529][T10792] FAULT_INJECTION: forcing a failure. [ 329.527529][T10792] name failslab, interval 1, probability 0, space 0, times 0 [ 329.559687][T10792] CPU: 0 PID: 10792 Comm: syz-executor.3 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 329.569430][T10792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 329.579485][T10792] Call Trace: [ 329.582785][T10792] dump_stack+0x197/0x210 [ 329.587134][T10792] should_fail.cold+0xa/0x15 [ 329.587211][T10792] ? is_bpf_text_address+0xce/0x160 [ 329.587231][T10792] ? fault_create_debugfs_attr+0x180/0x180 [ 329.597013][T10792] ? ___might_sleep+0x163/0x2c0 [ 329.597037][T10792] __should_failslab+0x121/0x190 [ 329.597055][T10792] should_failslab+0x9/0x14 [ 329.597073][T10792] kmem_cache_alloc+0x2aa/0x710 [ 329.597089][T10792] ? stack_trace_save+0xac/0xe0 20:03:32 executing program 2: getpid() r0 = getpgrp(0x0) r1 = gettid() rt_tgsigqueueinfo(r0, r1, 0xb, &(0x7f0000000080)={0x0, 0x0, 0x3}) r2 = getpgrp(0x0) r3 = gettid() rt_tgsigqueueinfo(r2, r3, 0xb, &(0x7f0000000080)={0x0, 0x0, 0x3}) r4 = syz_open_procfs(r3, &(0x7f0000000040)='ns\x00') getdents64(r4, &(0x7f0000000080)=""/194, 0xff42) getdents64(r4, 0x0, 0x0) [ 329.597104][T10792] ? stack_trace_consume_entry+0x190/0x190 [ 329.597121][T10792] __alloc_file+0x27/0x340 [ 329.597137][T10792] alloc_empty_file+0x72/0x170 [ 329.597155][T10792] path_openat+0xef/0x4500 [ 329.597168][T10792] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 329.597177][T10792] ? kasan_slab_alloc+0xf/0x20 [ 329.597195][T10792] ? kmem_cache_alloc+0x121/0x710 [ 329.662032][T10792] ? getname_flags+0xd6/0x5b0 [ 329.666706][T10792] ? getname+0x1a/0x20 [ 329.670783][T10792] ? do_sys_open+0x2c9/0x5d0 [ 329.675380][T10792] ? __x64_sys_open+0x7e/0xc0 [ 329.680062][T10792] ? mark_lock+0xc2/0x1220 [ 329.684477][T10792] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 329.690040][T10792] ? path_lookupat.isra.0+0x8d0/0x8d0 [ 329.695423][T10792] ? __alloc_fd+0x487/0x620 [ 329.699920][T10792] do_filp_open+0x1a1/0x280 [ 329.704420][T10792] ? may_open_dev+0x100/0x100 [ 329.709097][T10792] ? lock_downgrade+0x920/0x920 [ 329.713949][T10792] ? rwlock_bug.part.0+0x90/0x90 [ 329.718874][T10792] ? do_raw_spin_unlock+0x178/0x270 [ 329.724115][T10792] ? _raw_spin_unlock+0x28/0x40 [ 329.728964][T10792] ? __alloc_fd+0x487/0x620 [ 329.733467][T10792] do_sys_open+0x3fe/0x5d0 [ 329.737884][T10792] ? filp_open+0x80/0x80 [ 329.742119][T10792] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 329.747677][T10792] ? do_syscall_64+0x26/0x790 [ 329.752353][T10792] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 329.758504][T10792] ? do_syscall_64+0x26/0x790 [ 329.763205][T10792] __x64_sys_open+0x7e/0xc0 [ 329.767707][T10792] do_syscall_64+0xfa/0x790 [ 329.772228][T10792] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 329.778118][T10792] RIP: 0033:0x414411 [ 329.781994][T10792] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 329.801825][T10792] RSP: 002b:00007fa857adea80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 329.810249][T10792] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000414411 [ 329.818220][T10792] RDX: 00007fa857adeb0a RSI: 0000000000000002 RDI: 00007fa857adeb00 20:03:33 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae00, &(0x7f0000000200)=""/187) [ 329.826198][T10792] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 329.834281][T10792] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 329.842349][T10792] R13: 00000000004caa0e R14: 00000000004e3e70 R15: 0000000000000003 20:03:33 executing program 3 (fault-call:0 fault-nth:12): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:03:33 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae01, &(0x7f0000000200)=""/187) 20:03:33 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r2, 0x4138ae84, 0x0) 20:03:33 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="2e0000001d00810ee00f80ecdb4cb9e307f029a00d0000002f003efb0a0002000300000000000f00030005000600", 0x2e}], 0x1}, 0x0) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r5 = dup2(r4, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r6, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000680)=[@in={0x2, 0x0, @rand_addr=0x40}]}, &(0x7f0000000180)=0x10) r7 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r6, 0x84, 0x6, &(0x7f0000000040)={r8, @in6={{0xa, 0x0, 0x0, @local}}}, &(0x7f00000002c0)=0x84) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r5, 0x84, 0x22, &(0x7f0000000000)={0x0, 0x1, 0xe32, 0x6, r8}, &(0x7f0000000180)=0x10) setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r3, 0x84, 0x23, &(0x7f00000001c0)={r9, 0x9}, 0x8) getdents64(r0, 0x0, 0x0) [ 330.050441][T10809] FAULT_INJECTION: forcing a failure. [ 330.050441][T10809] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 330.063678][T10809] CPU: 0 PID: 10809 Comm: syz-executor.3 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 330.073214][T10809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 330.083275][T10809] Call Trace: [ 330.086578][T10809] dump_stack+0x197/0x210 [ 330.090922][T10809] should_fail.cold+0xa/0x15 [ 330.095524][T10809] ? fault_create_debugfs_attr+0x180/0x180 [ 330.101338][T10809] ? is_bpf_text_address+0xac/0x160 [ 330.106567][T10809] ? find_held_lock+0x35/0x130 [ 330.111348][T10809] should_fail_alloc_page+0x50/0x60 [ 330.116552][T10809] __alloc_pages_nodemask+0x1a1/0x910 [ 330.121407][T10814] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.2'. [ 330.121929][T10809] ? lock_downgrade+0x920/0x920 [ 330.121948][T10809] ? __alloc_pages_slowpath+0x2900/0x2900 [ 330.121960][T10809] ? __kasan_check_read+0x11/0x20 [ 330.121981][T10809] ? fault_create_debugfs_attr+0x180/0x180 [ 330.152486][T10809] cache_grow_begin+0x90/0xc60 [ 330.157241][T10809] ? tomoyo_realpath_from_path+0xc5/0x660 [ 330.162956][T10809] ? trace_hardirqs_off+0x62/0x240 [ 330.168057][T10809] __kmalloc+0x6b2/0x770 [ 330.172292][T10809] ? tomoyo_realpath_from_path+0xc5/0x660 [ 330.178000][T10809] tomoyo_realpath_from_path+0xc5/0x660 [ 330.183543][T10809] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 330.189782][T10809] ? tomoyo_init_request_info+0x105/0x1d0 [ 330.195487][T10809] tomoyo_check_open_permission+0x2a3/0x3e0 [ 330.201370][T10809] ? tomoyo_path_number_perm+0x520/0x520 [ 330.206993][T10809] ? mark_lock+0xc2/0x1220 [ 330.211407][T10809] ? lock_downgrade+0x920/0x920 [ 330.216244][T10809] ? rwlock_bug.part.0+0x90/0x90 [ 330.221184][T10809] tomoyo_file_open+0x106/0x150 [ 330.226019][T10809] security_file_open+0x71/0x300 [ 330.230943][T10809] do_dentry_open+0x37a/0x1380 [ 330.235689][T10809] ? __kasan_check_read+0x11/0x20 [ 330.240699][T10809] ? chown_common+0x5c0/0x5c0 [ 330.245362][T10809] ? inode_permission+0xb4/0x520 [ 330.250288][T10809] vfs_open+0xa0/0xd0 [ 330.254252][T10809] path_openat+0x10df/0x4500 [ 330.258824][T10809] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 330.264609][T10809] ? kasan_slab_alloc+0xf/0x20 [ 330.269476][T10809] ? kmem_cache_alloc+0x121/0x710 [ 330.274487][T10809] ? getname_flags+0xd6/0x5b0 [ 330.279155][T10809] ? getname+0x1a/0x20 [ 330.283211][T10809] ? do_sys_open+0x2c9/0x5d0 [ 330.288497][T10809] ? path_lookupat.isra.0+0x8d0/0x8d0 [ 330.293861][T10809] ? __alloc_fd+0x487/0x620 [ 330.298367][T10809] do_filp_open+0x1a1/0x280 [ 330.302860][T10809] ? may_open_dev+0x100/0x100 [ 330.307530][T10809] ? do_raw_spin_unlock+0x178/0x270 [ 330.312711][T10809] ? _raw_spin_unlock+0x28/0x40 [ 330.317543][T10809] ? __alloc_fd+0x487/0x620 [ 330.322039][T10809] do_sys_open+0x3fe/0x5d0 [ 330.326448][T10809] ? filp_open+0x80/0x80 [ 330.330677][T10809] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 330.336114][T10809] ? do_syscall_64+0x26/0x790 [ 330.340772][T10809] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 330.346820][T10809] ? do_syscall_64+0x26/0x790 [ 330.351482][T10809] __x64_sys_open+0x7e/0xc0 [ 330.355968][T10809] do_syscall_64+0xfa/0x790 [ 330.360457][T10809] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 330.366328][T10809] RIP: 0033:0x414411 [ 330.370206][T10809] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 330.389907][T10809] RSP: 002b:00007fa857adea80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 330.398304][T10809] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000414411 [ 330.406257][T10809] RDX: 00007fa857adeb0a RSI: 0000000000000002 RDI: 00007fa857adeb00 [ 330.414208][T10809] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 330.422172][T10809] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 330.430125][T10809] R13: 00000000004caa0e R14: 00000000004e3e70 R15: 0000000000000003 [ 330.459644][T10819] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.2'. [ 330.495889][T10809] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 330.515632][T10809] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities 20:03:36 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:36 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae03, &(0x7f0000000200)=""/187) 20:03:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r2, 0x4138ae84, 0x0) 20:03:36 executing program 2: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vcsa\x00', 0x800, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r0, 0xc1004110, &(0x7f00000001c0)={0x2, [[0x401, 0x8, 0x1, 0xfffffff9, 0xffff, 0x7f, 0xa951, 0x3], [0x1f, 0x3, 0x5, 0x0, 0x49, 0x6, 0x1, 0x4], [0xffff, 0x6, 0x1, 0x6, 0x3, 0x1c, 0x9, 0x4]], [{0x1, 0x0, 0x90a}, {0x7f, 0x80000000, 0x6}, {0x1000, 0x3ff, 0xe}, {0x1, 0x3, 0x2}, {0x6, 0x1f2, 0x10001}, {0xeecd, 0x437, 0xffffff01}, {0x5, 0x80000001, 0x8}, {0x3, 0x45, 0x3}, {0xff, 0x2, 0xe4e}, {0x1, 0xc587, 0x7b80}, {0x7914, 0x4}, {0x9, 0x29a, 0x10000}], 0x8000}) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') write$P9_RSTATFS(r0, &(0x7f0000000700)={0x43, 0x9, 0x1, {0x40, 0x42, 0xfff, 0x3, 0xffffffffffffffe1, 0xfffffffffffffff9, 0xfffffffffffffd1d, 0x230a, 0x2}}, 0x43) getdents64(r1, &(0x7f0000000080)=""/194, 0xff42) getdents64(r1, 0x0, 0x0) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="2e0000001d00810ee00f80ecdb4cb9e307f029a00d0000002f003efb0a0002000300000000000f00030005000600", 0x2e}], 0x1}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r4 = dup2(r3, r3) r5 = dup(r3) utimensat(r5, &(0x7f0000000780)='./file0\x00', &(0x7f00000007c0)={{0x0, 0x7530}, {0x77359400}}, 0x80) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r4, 0xc0145401, &(0x7f0000000340)={0x3, 0x1, 0x4, 0x0, 0x787}) r6 = dup(r2) mmap$usbmon(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x300000c, 0x4010, r6, 0x1fe0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000440)={{{@in6=@mcast1, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in=@empty}}, &(0x7f0000000540)=0xe8) stat(&(0x7f0000000580)='./file0\x00', &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_unix(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)='\x00', &(0x7f0000000400)='9p\x00', 0x80000, &(0x7f0000000800)=ANY=[@ANYBLOB='trans=unixccess=any,noextend,afid=0x0000000065c56b50,sm`clfsroot=+selinux,fowner=', @ANYRESDEC=r7, @ANYBLOB=',audit,fowner=', @ANYRESDEC=r8, @ANYBLOB="b7dcadcf5d3a14f81c2bfe4e124fd54dd98e7865aa12d3213bee2fab55caa281db7e562b8d09b3ec98865b3fadca019c4e261facc41aa2294d7285e55f0d30395a0dff40b9c0321cfea1"]) 20:03:36 executing program 3 (fault-call:0 fault-nth:13): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:03:36 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:36 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae04, &(0x7f0000000200)=""/187) [ 332.947647][T10842] FAULT_INJECTION: forcing a failure. [ 332.947647][T10842] name failslab, interval 1, probability 0, space 0, times 0 [ 332.962043][T10838] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.2'. [ 332.973794][T10842] CPU: 0 PID: 10842 Comm: syz-executor.3 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 332.983394][T10842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 332.993452][T10842] Call Trace: [ 332.996763][T10842] dump_stack+0x197/0x210 [ 333.001103][T10842] should_fail.cold+0xa/0x15 [ 333.005688][T10842] ? fault_create_debugfs_attr+0x180/0x180 [ 333.011519][T10842] ? ___might_sleep+0x163/0x2c0 [ 333.016381][T10842] __should_failslab+0x121/0x190 [ 333.021335][T10842] should_failslab+0x9/0x14 [ 333.025850][T10842] __kmalloc+0x2e0/0x770 [ 333.030104][T10842] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 333.036804][T10842] ? tomoyo_realpath_from_path+0xc5/0x660 [ 333.036825][T10842] tomoyo_realpath_from_path+0xc5/0x660 [ 333.036841][T10842] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 333.036861][T10842] ? tomoyo_init_request_info+0x105/0x1d0 [ 333.036879][T10842] tomoyo_check_open_permission+0x2a3/0x3e0 [ 333.036898][T10842] ? tomoyo_path_number_perm+0x520/0x520 [ 333.036922][T10842] ? mark_lock+0xc2/0x1220 [ 333.036955][T10842] ? lock_downgrade+0x920/0x920 [ 333.082923][T10842] ? rwlock_bug.part.0+0x90/0x90 [ 333.087850][T10842] tomoyo_file_open+0x106/0x150 [ 333.092683][T10842] security_file_open+0x71/0x300 [ 333.097603][T10842] do_dentry_open+0x37a/0x1380 [ 333.102356][T10842] ? __kasan_check_read+0x11/0x20 [ 333.107642][T10842] ? chown_common+0x5c0/0x5c0 [ 333.112298][T10842] ? inode_permission+0xb4/0x520 [ 333.117217][T10842] vfs_open+0xa0/0xd0 [ 333.121182][T10842] path_openat+0x10df/0x4500 [ 333.125752][T10842] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 333.131543][T10842] ? kasan_slab_alloc+0xf/0x20 [ 333.136309][T10842] ? kmem_cache_alloc+0x121/0x710 [ 333.141312][T10842] ? getname_flags+0xd6/0x5b0 [ 333.145966][T10842] ? getname+0x1a/0x20 [ 333.150021][T10842] ? do_sys_open+0x2c9/0x5d0 [ 333.154599][T10842] ? path_lookupat.isra.0+0x8d0/0x8d0 [ 333.159955][T10842] ? __alloc_fd+0x487/0x620 [ 333.164477][T10842] do_filp_open+0x1a1/0x280 [ 333.168960][T10842] ? may_open_dev+0x100/0x100 [ 333.173620][T10842] ? do_raw_spin_unlock+0x178/0x270 [ 333.178809][T10842] ? _raw_spin_unlock+0x28/0x40 [ 333.183646][T10842] ? __alloc_fd+0x487/0x620 [ 333.188135][T10842] do_sys_open+0x3fe/0x5d0 [ 333.192534][T10842] ? filp_open+0x80/0x80 [ 333.196767][T10842] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 333.202209][T10842] ? do_syscall_64+0x26/0x790 [ 333.206870][T10842] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 333.212913][T10842] ? do_syscall_64+0x26/0x790 [ 333.217572][T10842] __x64_sys_open+0x7e/0xc0 [ 333.222057][T10842] do_syscall_64+0xfa/0x790 [ 333.226546][T10842] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 333.232417][T10842] RIP: 0033:0x414411 [ 333.236306][T10842] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 333.257470][T10842] RSP: 002b:00007fa857adea80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 333.265864][T10842] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000414411 [ 333.273825][T10842] RDX: 00007fa857adeb0a RSI: 0000000000000002 RDI: 00007fa857adeb00 [ 333.281790][T10842] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 333.289758][T10842] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 333.297802][T10842] R13: 00000000004caa0e R14: 00000000004e3e70 R15: 0000000000000003 [ 333.309034][T10842] ERROR: Out of memory at tomoyo_realpath_from_path. [ 333.338368][T10838] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.2'. [ 333.359417][T10842] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 333.388855][T10842] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities 20:03:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r2, 0x4138ae84, 0x0) 20:03:36 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000000), &(0x7f0000000180)=0x4) getdents64(r0, 0x0, 0x0) 20:03:36 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae07, &(0x7f0000000200)=""/187) 20:03:36 executing program 3 (fault-call:0 fault-nth:14): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:03:37 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000027c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_X86_SET_MCE(r5, 0x4040ae9e, 0x0) [ 333.675558][T10875] FAULT_INJECTION: forcing a failure. [ 333.675558][T10875] name failslab, interval 1, probability 0, space 0, times 0 [ 333.719049][T10875] CPU: 1 PID: 10875 Comm: syz-executor.3 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 333.728636][T10875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 333.738696][T10875] Call Trace: [ 333.738725][T10875] dump_stack+0x197/0x210 [ 333.738745][T10875] should_fail.cold+0xa/0x15 [ 333.738763][T10875] ? fault_create_debugfs_attr+0x180/0x180 [ 333.738782][T10875] ? ___might_sleep+0x163/0x2c0 [ 333.738804][T10875] __should_failslab+0x121/0x190 [ 333.766539][T10875] should_failslab+0x9/0x14 [ 333.771056][T10875] __kmalloc+0x2e0/0x770 [ 333.775306][T10875] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 333.775328][T10875] ? tomoyo_realpath_from_path+0xc5/0x660 [ 333.775344][T10875] tomoyo_realpath_from_path+0xc5/0x660 [ 333.775362][T10875] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 333.798972][T10875] ? tomoyo_init_request_info+0x105/0x1d0 [ 333.798992][T10875] tomoyo_check_open_permission+0x2a3/0x3e0 [ 333.799009][T10875] ? tomoyo_path_number_perm+0x520/0x520 [ 333.799033][T10875] ? mark_lock+0xc2/0x1220 [ 333.799062][T10875] ? lock_downgrade+0x920/0x920 [ 333.799078][T10875] ? rwlock_bug.part.0+0x90/0x90 [ 333.799099][T10875] tomoyo_file_open+0x106/0x150 [ 333.799117][T10875] security_file_open+0x71/0x300 [ 333.816321][T10875] do_dentry_open+0x37a/0x1380 [ 333.816337][T10875] ? __kasan_check_read+0x11/0x20 [ 333.816359][T10875] ? chown_common+0x5c0/0x5c0 [ 333.816376][T10875] ? inode_permission+0xb4/0x520 [ 333.816394][T10875] vfs_open+0xa0/0xd0 [ 333.816410][T10875] path_openat+0x10df/0x4500 [ 333.816423][T10875] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 333.816440][T10875] ? kasan_slab_alloc+0xf/0x20 [ 333.825848][T10875] ? kmem_cache_alloc+0x121/0x710 [ 333.825864][T10875] ? getname_flags+0xd6/0x5b0 [ 333.825878][T10875] ? getname+0x1a/0x20 [ 333.825889][T10875] ? do_sys_open+0x2c9/0x5d0 [ 333.825915][T10875] ? path_lookupat.isra.0+0x8d0/0x8d0 [ 333.902779][T10875] ? __alloc_fd+0x487/0x620 [ 333.907388][T10875] do_filp_open+0x1a1/0x280 [ 333.911909][T10875] ? may_open_dev+0x100/0x100 [ 333.916607][T10875] ? do_raw_spin_unlock+0x178/0x270 [ 333.921828][T10875] ? _raw_spin_unlock+0x28/0x40 [ 333.926805][T10875] ? __alloc_fd+0x487/0x620 [ 333.931327][T10875] do_sys_open+0x3fe/0x5d0 [ 333.935751][T10875] ? filp_open+0x80/0x80 [ 333.940007][T10875] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 333.945475][T10875] ? do_syscall_64+0x26/0x790 [ 333.950155][T10875] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 333.956212][T10875] ? do_syscall_64+0x26/0x790 [ 333.960895][T10875] __x64_sys_open+0x7e/0xc0 [ 333.965555][T10875] do_syscall_64+0xfa/0x790 [ 333.970121][T10875] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 333.976006][T10875] RIP: 0033:0x414411 [ 333.979909][T10875] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 333.999676][T10875] RSP: 002b:00007fa857adea80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 334.008077][T10875] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000414411 [ 334.016044][T10875] RDX: 00007fa857adeb0a RSI: 0000000000000002 RDI: 00007fa857adeb00 [ 334.024290][T10875] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 334.032270][T10875] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 334.040232][T10875] R13: 00000000004caa0e R14: 00000000004e3e70 R15: 0000000000000003 [ 334.062466][T10875] ERROR: Out of memory at tomoyo_realpath_from_path. [ 334.155460][T10875] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 334.174525][T10875] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities 20:03:39 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:39 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xae08, &(0x7f0000000200)=""/187) 20:03:39 executing program 2: stat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000580)={{{@in=@multicast2, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@initdev}, 0x0, @in6=@dev}}, &(0x7f00000001c0)=0xfffffffffffffdc0) r2 = getegid() chown(0x0, r1, r2) lstat(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) semctl$IPC_SET(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000380)={{0x4, r0, r2, r3, r4, 0x104, 0x200}, 0x0, 0x9, 0x3}) r5 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r5, &(0x7f0000000080)=""/194, 0xff42) r6 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f00000000c0)={0x0, 0x0}, &(0x7f0000cab000)=0x6) setuid(r7) syz_mount_image$hfs(&(0x7f0000000400)='hfs\x00', &(0x7f0000000440)='./file0\x00', 0x9, 0x1, &(0x7f0000000540)=[{&(0x7f0000000480)="f89dd4fd97c311bc7f8eb8c485211be4242ffb0a3c90d593c368d26db3cf8ee6316d57e1f2e825f38bbc5911a580bd1152102b66f757dafe1ae0abd6567140069716c2c20d6f9df74b88b4d49d380fcc88947ee10e6e7d9a0e3905cec748ce5275bfe5ca47036ad61fff14cfaf294f2d557adad086ae5b6b9b1625e7d6353e098544be77bbe933c38f4debaffeb49d6ca3ac36d58d8ef857ba", 0x99, 0x7f}], 0x2004010, &(0x7f0000000800)=ANY=[@ANYBLOB='umask=00000000000000000150416,umask=00000000000000000000004,umask=00000000000000000000011,part=0x0000000000000aa3,func=MMAP_CHECK,euid>', @ANYRESDEC=r7, @ANYBLOB="2c2ee7579412e4f8b64e9bf569990a900926fca2d67d0198cfdd01a4ee59d2aa87d966b814d7d942b630d51051166d26b672bdf654e07b4dad37f9cf61ad4a21aad174751c6b9305da349c1251ec5969c582d655757536d96c7f76bb6427b805045ec997e27856fa587eff3ac3ae16f08d5001d0ae2ec696c8d7854a95be905d8c24abc50ab56669198e97fd70fa566a72f2d7da0ad4168a2b7c4485811190f06cb52410686d70f33fbc5ac3f470919ae5967d76dcff1ac4a954336ca19c828fb718a93192417fb1a2b35d7b"]) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000740)) getdents64(r5, 0x0, 0x0) 20:03:39 executing program 0: 20:03:39 executing program 3 (fault-call:0 fault-nth:15): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:03:39 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 336.007874][T10899] FAULT_INJECTION: forcing a failure. [ 336.007874][T10899] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 336.021303][T10899] CPU: 0 PID: 10899 Comm: syz-executor.3 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 336.030891][T10899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 336.040950][T10899] Call Trace: [ 336.044252][T10899] dump_stack+0x197/0x210 [ 336.048598][T10899] should_fail.cold+0xa/0x15 [ 336.053203][T10899] ? fault_create_debugfs_attr+0x180/0x180 [ 336.059018][T10899] ? is_bpf_text_address+0xac/0x160 [ 336.064228][T10899] ? find_held_lock+0x35/0x130 [ 336.069005][T10899] should_fail_alloc_page+0x50/0x60 [ 336.069021][T10899] __alloc_pages_nodemask+0x1a1/0x910 [ 336.069036][T10899] ? lock_downgrade+0x920/0x920 [ 336.069052][T10899] ? __alloc_pages_slowpath+0x2900/0x2900 [ 336.069070][T10899] ? __kasan_check_read+0x11/0x20 [ 336.079614][T10899] ? fault_create_debugfs_attr+0x180/0x180 [ 336.079636][T10899] cache_grow_begin+0x90/0xc60 [ 336.079654][T10899] ? tomoyo_realpath_from_path+0xc5/0x660 [ 336.079669][T10899] ? trace_hardirqs_off+0x62/0x240 [ 336.079687][T10899] __kmalloc+0x6b2/0x770 [ 336.079709][T10899] ? tomoyo_realpath_from_path+0xc5/0x660 [ 336.126710][T10899] tomoyo_realpath_from_path+0xc5/0x660 [ 336.132295][T10899] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 336.138554][T10899] ? tomoyo_init_request_info+0x105/0x1d0 [ 336.144287][T10899] tomoyo_check_open_permission+0x2a3/0x3e0 [ 336.150335][T10899] ? tomoyo_path_number_perm+0x520/0x520 20:03:39 executing program 0: 20:03:39 executing program 0: [ 336.155988][T10899] ? mark_lock+0xc2/0x1220 [ 336.160425][T10899] ? lock_downgrade+0x920/0x920 [ 336.165295][T10899] ? rwlock_bug.part.0+0x90/0x90 [ 336.170245][T10899] tomoyo_file_open+0x106/0x150 [ 336.175108][T10899] security_file_open+0x71/0x300 [ 336.180054][T10899] do_dentry_open+0x37a/0x1380 [ 336.184830][T10899] ? __kasan_check_read+0x11/0x20 [ 336.189870][T10899] ? chown_common+0x5c0/0x5c0 [ 336.194550][T10899] ? inode_permission+0xb4/0x520 [ 336.199487][T10899] vfs_open+0xa0/0xd0 [ 336.199503][T10899] path_openat+0x10df/0x4500 [ 336.199516][T10899] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 336.199527][T10899] ? kasan_slab_alloc+0xf/0x20 [ 336.199542][T10899] ? kmem_cache_alloc+0x121/0x710 [ 336.199555][T10899] ? getname_flags+0xd6/0x5b0 [ 336.199568][T10899] ? getname+0x1a/0x20 [ 336.199579][T10899] ? do_sys_open+0x2c9/0x5d0 [ 336.199605][T10899] ? path_lookupat.isra.0+0x8d0/0x8d0 [ 336.199693][T10899] ? __alloc_fd+0x487/0x620 [ 336.246973][T10899] do_filp_open+0x1a1/0x280 [ 336.251486][T10899] ? may_open_dev+0x100/0x100 20:03:39 executing program 0: [ 336.256180][T10899] ? do_raw_spin_unlock+0x178/0x270 [ 336.261384][T10899] ? _raw_spin_unlock+0x28/0x40 [ 336.266247][T10899] ? __alloc_fd+0x487/0x620 [ 336.270777][T10899] do_sys_open+0x3fe/0x5d0 [ 336.275207][T10899] ? filp_open+0x80/0x80 [ 336.279460][T10899] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 336.284924][T10899] ? do_syscall_64+0x26/0x790 [ 336.289604][T10899] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 336.295680][T10899] ? do_syscall_64+0x26/0x790 [ 336.300366][T10899] __x64_sys_open+0x7e/0xc0 [ 336.304874][T10899] do_syscall_64+0xfa/0x790 [ 336.309390][T10899] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 336.315269][T10899] RIP: 0033:0x414411 [ 336.319162][T10899] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 336.338853][T10899] RSP: 002b:00007fa857adea80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 336.347265][T10899] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 0000000000414411 20:03:39 executing program 0: [ 336.355238][T10899] RDX: 00007fa857adeb0a RSI: 0000000000000002 RDI: 00007fa857adeb00 [ 336.363213][T10899] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 336.371190][T10899] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 336.379424][T10899] R13: 00000000004caa0e R14: 00000000004e3e70 R15: 0000000000000003 20:03:39 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x400454ca, &(0x7f0000000200)=""/187) 20:03:39 executing program 0: [ 336.437680][T10911] hfs: unable to parse mount options [ 336.444519][T10899] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 336.519516][T10899] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities 20:03:42 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:42 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x40049409, &(0x7f0000000200)=""/187) 20:03:42 executing program 0: 20:03:42 executing program 2: getdents64(0xffffffffffffffff, &(0x7f0000000080)=""/194, 0xff42) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r1 = dup2(r0, r0) ioctl$UI_SET_RELBIT(r1, 0x40045566, 0x7) write$binfmt_aout(r0, &(0x7f00000001c0)={{0x108, 0x1, 0x80, 0x131, 0x2dc, 0x8, 0xea, 0x9}, "32c5c2c9f110d05ded6c9fa491bc016a3e130104a03195f4728294c56a1f67f8823cd4e219", [[], [], [], [], []]}, 0x545) getdents64(0xffffffffffffffff, 0x0, 0x0) 20:03:42 executing program 3 (fault-call:0 fault-nth:16): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:03:42 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 339.123586][T10936] FAULT_INJECTION: forcing a failure. [ 339.123586][T10936] name failslab, interval 1, probability 0, space 0, times 0 [ 339.144408][T10936] CPU: 1 PID: 10936 Comm: syz-executor.3 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 339.153992][T10936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 339.164053][T10936] Call Trace: [ 339.167357][T10936] dump_stack+0x197/0x210 20:03:42 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x4008ae06, &(0x7f0000000200)=""/187) 20:03:42 executing program 0: [ 339.171701][T10936] should_fail.cold+0xa/0x15 [ 339.176305][T10936] ? fault_create_debugfs_attr+0x180/0x180 [ 339.182131][T10936] ? ___might_sleep+0x163/0x2c0 [ 339.186993][T10936] __should_failslab+0x121/0x190 [ 339.191946][T10936] should_failslab+0x9/0x14 [ 339.196445][T10936] kmem_cache_alloc+0x2aa/0x710 [ 339.201299][T10936] ? __kasan_check_read+0x11/0x20 [ 339.206325][T10936] ? mark_lock+0xc2/0x1220 [ 339.210895][T10936] __kernfs_new_node+0xf0/0x6e0 [ 339.215729][T10936] ? __lock_acquire+0x16f2/0x4a00 [ 339.220750][T10936] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 339.226221][T10936] ? __kasan_check_read+0x11/0x20 [ 339.231246][T10936] ? __lock_acquire+0x16f2/0x4a00 [ 339.236267][T10936] ? set_user_nice.part.0+0x299/0x680 [ 339.241666][T10936] kernfs_new_node+0x96/0x120 [ 339.246360][T10936] kernfs_create_dir_ns+0x52/0x160 [ 339.251594][T10936] internal_create_group+0x7f4/0xc40 [ 339.256878][T10936] ? lock_downgrade+0x920/0x920 [ 339.261745][T10936] ? remove_files.isra.0+0x190/0x190 [ 339.267126][T10936] ? __kasan_check_write+0x14/0x20 [ 339.272222][T10936] ? up_write+0x150/0x490 [ 339.276542][T10936] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 339.282790][T10936] sysfs_create_group+0x20/0x30 [ 339.287692][T10936] loop_set_fd+0xd5f/0x13c0 [ 339.292203][T10936] lo_ioctl+0x1a3/0x1460 [ 339.296445][T10936] ? loop_set_fd+0x13c0/0x13c0 [ 339.301280][T10936] blkdev_ioctl+0x1302/0x1df0 [ 339.305975][T10936] ? blkpg_ioctl+0xa90/0xa90 [ 339.310562][T10936] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 339.316421][T10936] block_ioctl+0xee/0x130 [ 339.320751][T10936] ? blkdev_fallocate+0x410/0x410 [ 339.325769][T10936] do_vfs_ioctl+0x977/0x14e0 [ 339.330343][T10936] ? compat_ioctl_preallocate+0x220/0x220 [ 339.336043][T10936] ? __fget+0x37f/0x550 [ 339.340197][T10936] ? ksys_dup3+0x3e0/0x3e0 [ 339.344604][T10936] ? do_sys_open+0x31d/0x5d0 [ 339.349186][T10936] ? tomoyo_file_ioctl+0x23/0x30 [ 339.354117][T10936] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 339.360351][T10936] ? security_file_ioctl+0x8d/0xc0 [ 339.365568][T10936] ksys_ioctl+0xab/0xd0 [ 339.369716][T10936] __x64_sys_ioctl+0x73/0xb0 [ 339.374339][T10936] do_syscall_64+0xfa/0x790 [ 339.378843][T10936] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 339.384730][T10936] RIP: 0033:0x45a4e7 [ 339.388608][T10936] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 339.408396][T10936] RSP: 002b:00007fa857adea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 20:03:42 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) getdents64(r0, 0x0, 0x0) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x400, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r1, 0xc08c5334, &(0x7f0000000180)={0x0, 0x6, 0x0, 'queue1\x00', 0x9344}) [ 339.419018][T10936] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 000000000045a4e7 [ 339.427238][T10936] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 339.435431][T10936] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 339.443461][T10936] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 339.452701][T10936] R13: 00000000004caa0e R14: 00000000004e3e70 R15: 0000000000000003 [ 339.481525][T10936] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 339.488890][T10936] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities 20:03:42 executing program 0: 20:03:42 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x40186366, &(0x7f0000000200)=""/187) 20:03:42 executing program 3 (fault-call:0 fault-nth:17): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) [ 339.743921][T10966] FAULT_INJECTION: forcing a failure. [ 339.743921][T10966] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 339.757162][T10966] CPU: 1 PID: 10966 Comm: syz-executor.3 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 339.766705][T10966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 339.776767][T10966] Call Trace: [ 339.780080][T10966] dump_stack+0x197/0x210 [ 339.784420][T10966] should_fail.cold+0xa/0x15 [ 339.789017][T10966] ? fault_create_debugfs_attr+0x180/0x180 [ 339.794837][T10966] ? lock_downgrade+0x920/0x920 [ 339.799716][T10966] should_fail_alloc_page+0x50/0x60 [ 339.804920][T10966] __alloc_pages_nodemask+0x1a1/0x910 [ 339.810305][T10966] ? __alloc_pages_slowpath+0x2900/0x2900 [ 339.816030][T10966] ? __kasan_check_read+0x11/0x20 [ 339.821070][T10966] ? fault_create_debugfs_attr+0x180/0x180 [ 339.826887][T10966] cache_grow_begin+0x90/0xc60 [ 339.831738][T10966] ? tomoyo_realpath_from_path+0xc5/0x660 [ 339.837461][T10966] ? trace_hardirqs_off+0x62/0x240 [ 339.842673][T10966] __kmalloc+0x6b2/0x770 [ 339.846921][T10966] ? mark_held_locks+0xf0/0xf0 [ 339.851866][T10966] ? tomoyo_realpath_from_path+0xc5/0x660 [ 339.857615][T10966] tomoyo_realpath_from_path+0xc5/0x660 [ 339.863168][T10966] ? tomoyo_path_number_perm+0x193/0x520 [ 339.868802][T10966] tomoyo_path_number_perm+0x1dd/0x520 [ 339.874254][T10966] ? tomoyo_path_number_perm+0x193/0x520 [ 339.879888][T10966] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 339.885730][T10966] ? __fget+0x37f/0x550 [ 339.889887][T10966] ? ksys_dup3+0x3e0/0x3e0 [ 339.894300][T10966] ? do_sys_open+0x31d/0x5d0 [ 339.898894][T10966] tomoyo_file_ioctl+0x23/0x30 [ 339.903659][T10966] security_file_ioctl+0x77/0xc0 [ 339.908597][T10966] ksys_ioctl+0x57/0xd0 [ 339.912735][T10966] __x64_sys_ioctl+0x73/0xb0 [ 339.917321][T10966] do_syscall_64+0xfa/0x790 [ 339.921832][T10966] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 339.927725][T10966] RIP: 0033:0x45a4e7 [ 339.931628][T10966] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 339.951455][T10966] RSP: 002b:00007fa857adea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 339.959994][T10966] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 000000000045a4e7 [ 339.968055][T10966] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 339.976007][T10966] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 339.984049][T10966] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 339.992011][T10966] R13: 00000000004caa0e R14: 00000000004e3e70 R15: 0000000000000003 [ 340.026396][T10966] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 340.033544][T10966] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities 20:03:45 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:45 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) getdents64(r0, 0x0, 0x10000012e) openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyprintk\x00', 0x240, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x3ba340b44781988e, &(0x7f0000000180)=0x2b, 0x4) 20:03:45 executing program 0: 20:03:45 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x4020940d, &(0x7f0000000200)=""/187) 20:03:45 executing program 3 (fault-call:0 fault-nth:18): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:03:45 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:45 executing program 0: [ 342.187644][T10981] FAULT_INJECTION: forcing a failure. [ 342.187644][T10981] name failslab, interval 1, probability 0, space 0, times 0 [ 342.226573][T10981] CPU: 0 PID: 10981 Comm: syz-executor.3 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 342.236150][T10981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 342.246207][T10981] Call Trace: [ 342.249507][T10981] dump_stack+0x197/0x210 [ 342.253858][T10981] should_fail.cold+0xa/0x15 [ 342.258456][T10981] ? fault_create_debugfs_attr+0x180/0x180 [ 342.267230][T10981] ? ___might_sleep+0x163/0x2c0 [ 342.272106][T10981] __should_failslab+0x121/0x190 [ 342.277932][T10981] should_failslab+0x9/0x14 [ 342.282469][T10981] __kmalloc+0x2e0/0x770 [ 342.286732][T10981] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 342.293024][T10981] ? d_absolute_path+0x11b/0x170 [ 342.297967][T10981] ? __d_path+0x140/0x140 [ 342.302330][T10981] ? tomoyo_encode2.part.0+0xf5/0x400 [ 342.307711][T10981] tomoyo_encode2.part.0+0xf5/0x400 [ 342.312932][T10981] tomoyo_encode+0x2b/0x50 [ 342.317352][T10981] tomoyo_realpath_from_path+0x19c/0x660 [ 342.322995][T10981] tomoyo_path_number_perm+0x1dd/0x520 [ 342.328454][T10981] ? tomoyo_path_number_perm+0x193/0x520 20:03:45 executing program 0: 20:03:45 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x800454d2, &(0x7f0000000200)=""/187) [ 342.334270][T10981] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 342.340121][T10981] ? __fget+0x37f/0x550 [ 342.344295][T10981] ? ksys_dup3+0x3e0/0x3e0 [ 342.348721][T10981] ? do_sys_open+0x31d/0x5d0 [ 342.353343][T10981] tomoyo_file_ioctl+0x23/0x30 [ 342.358119][T10981] security_file_ioctl+0x77/0xc0 [ 342.363065][T10981] ksys_ioctl+0x57/0xd0 [ 342.363081][T10981] __x64_sys_ioctl+0x73/0xb0 [ 342.363103][T10981] do_syscall_64+0xfa/0x790 [ 342.376330][T10981] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 342.382215][T10981] RIP: 0033:0x45a4e7 [ 342.382231][T10981] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 342.382239][T10981] RSP: 002b:00007fa857adea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 342.382253][T10981] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 000000000045a4e7 [ 342.382260][T10981] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 342.382273][T10981] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 20:03:45 executing program 0: [ 342.430619][T10981] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 342.430628][T10981] R13: 00000000004caa0e R14: 00000000004e3e70 R15: 0000000000000003 20:03:45 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x80086301, &(0x7f0000000200)=""/187) 20:03:45 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000180)=""/177, 0xffffffffffffff1f) getdents64(r0, 0x0, 0x0) r1 = socket$kcm(0x10, 0x2, 0x0) write$P9_RLINK(r0, &(0x7f0000000100)={0x7, 0x47, 0x2}, 0x7) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="2e0000001d00810ee00f80ecdb4cb9e307f029a00d0000002f003efb0a0002000300000000000f00030005000600", 0x2e}], 0x1}, 0x0) r3 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f00000000c0)={0x0, 0x0}, &(0x7f0000cab000)=0x6) setuid(r4) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000240)={{{@in=@dev, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in=@remote}}, &(0x7f0000000340)=0xe8) r6 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f00000000c0)={0x0, 0x0}, &(0x7f0000cab000)=0x6) setuid(r7) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000380)={{{@in=@remote, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@initdev}, 0x0, @in6=@dev}}, &(0x7f0000000480)=0xe8) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000580)={{{@in=@multicast2, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@initdev}, 0x0, @in6=@dev}}, &(0x7f00000001c0)=0xfffffffffffffdc0) r10 = getegid() chown(0x0, r9, r10) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000580)={{{@in=@multicast2, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@initdev}, 0x0, @in6=@dev}}, &(0x7f00000001c0)=0xfffffffffffffdc0) r12 = getegid() chown(0x0, r11, r12) getgroups(0x4, &(0x7f00000004c0)=[0x0, 0xffffffffffffffff, r10, r12]) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000580)={{{@in=@multicast2, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@initdev}, 0x0, @in6=@dev}}, &(0x7f00000001c0)=0xfffffffffffffdc0) r15 = getegid() chown(0x0, r14, r15) fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_access\x00', &(0x7f0000000500)={{}, {0x1, 0x1}, [{0x2, 0x6, r4}, {0x2, 0x0, r5}, {0x2, 0x2, r7}, {0x2, 0x4, r8}], {0x4, 0x8}, [{0x8, 0x0, r13}, {0x8, 0x4, r15}], {}, {0x20, 0x5}}, 0x54, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="2e0000001d00810ee00f80ecdb4cb9e307f029a00d0000002f003efb0a0002000300000000000f00030005000600", 0x2e}], 0x1}, 0x0) ioctl$BLKZEROOUT(0xffffffffffffffff, 0x127f, &(0x7f0000000000)={0x6, 0x7}) [ 342.591040][T11001] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.2'. [ 342.616441][T10981] ERROR: Out of memory at tomoyo_realpath_from_path. [ 342.662029][T10981] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 342.686312][T10981] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities 20:03:48 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:48 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) getdents64(r0, 0x0, 0x0) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x2000, 0x0) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000180)=0x6) 20:03:48 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8008ae9d, &(0x7f0000000200)=""/187) 20:03:48 executing program 0: 20:03:48 executing program 3 (fault-call:0 fault-nth:19): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:03:48 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:48 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0x8018457f, &(0x7f0000000200)=""/187) 20:03:48 executing program 0: [ 345.291290][T11025] FAULT_INJECTION: forcing a failure. [ 345.291290][T11025] name failslab, interval 1, probability 0, space 0, times 0 [ 345.317441][T11025] CPU: 1 PID: 11025 Comm: syz-executor.3 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 345.327027][T11025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 345.337176][T11025] Call Trace: 20:03:48 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:48 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000080)=""/182, 0xfd55) r1 = getpgrp(0x0) r2 = gettid() rt_tgsigqueueinfo(r1, r2, 0xb, &(0x7f0000000080)={0x0, 0x0, 0x3}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r4 = dup2(r3, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r2, r4, 0x0, 0x6, &(0x7f0000000000)='!eth1\x00', 0xffffffffffffffff}, 0x30) fdatasync(r5) getdents64(r0, 0x0, 0x0) [ 345.340485][T11025] dump_stack+0x197/0x210 [ 345.344837][T11025] should_fail.cold+0xa/0x15 [ 345.349537][T11025] ? fault_create_debugfs_attr+0x180/0x180 [ 345.355364][T11025] ? ___might_sleep+0x163/0x2c0 [ 345.360232][T11025] __should_failslab+0x121/0x190 [ 345.365186][T11025] should_failslab+0x9/0x14 [ 345.369742][T11025] kmem_cache_alloc_trace+0x2d3/0x790 [ 345.375097][T11025] ? lockdep_init_map+0x1be/0x6d0 [ 345.380209][T11025] ? loop_info64_to_compat+0x6d0/0x6d0 [ 345.385781][T11025] __kthread_create_on_node+0xf2/0x460 [ 345.391228][T11025] ? loop_set_fd+0x661/0x13c0 [ 345.395894][T11025] ? kthread_parkme+0xb0/0xb0 [ 345.400570][T11025] ? loop_set_fd+0x661/0x13c0 [ 345.405312][T11025] ? do_raw_spin_unlock+0x178/0x270 [ 345.410527][T11025] ? loop_info64_to_compat+0x6d0/0x6d0 [ 345.415984][T11025] kthread_create_on_node+0xbb/0xf0 [ 345.421197][T11025] ? __kthread_create_on_node+0x460/0x460 [ 345.426923][T11025] ? lockdep_init_map+0x1be/0x6d0 [ 345.431943][T11025] ? lockdep_init_map+0x1be/0x6d0 [ 345.436971][T11025] loop_set_fd+0x312/0x13c0 [ 345.441485][T11025] lo_ioctl+0x1a3/0x1460 [ 345.445721][T11025] ? loop_set_fd+0x13c0/0x13c0 [ 345.450520][T11025] blkdev_ioctl+0x1302/0x1df0 [ 345.455177][T11025] ? blkpg_ioctl+0xa90/0xa90 [ 345.459764][T11025] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 345.465582][T11025] block_ioctl+0xee/0x130 [ 345.469908][T11025] ? blkdev_fallocate+0x410/0x410 [ 345.474926][T11025] do_vfs_ioctl+0x977/0x14e0 [ 345.479512][T11025] ? compat_ioctl_preallocate+0x220/0x220 [ 345.485223][T11025] ? __fget+0x37f/0x550 [ 345.489378][T11025] ? ksys_dup3+0x3e0/0x3e0 [ 345.493775][T11025] ? do_sys_open+0x31d/0x5d0 [ 345.498364][T11025] ? tomoyo_file_ioctl+0x23/0x30 [ 345.503413][T11025] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 345.509635][T11025] ? security_file_ioctl+0x8d/0xc0 [ 345.514727][T11025] ksys_ioctl+0xab/0xd0 [ 345.518877][T11025] __x64_sys_ioctl+0x73/0xb0 [ 345.523476][T11025] do_syscall_64+0xfa/0x790 [ 345.527977][T11025] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 345.533882][T11025] RIP: 0033:0x45a4e7 [ 345.537772][T11025] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 345.557380][T11025] RSP: 002b:00007fa857adea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 345.565804][T11025] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 000000000045a4e7 [ 345.573778][T11025] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 345.581833][T11025] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 345.589818][T11025] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 345.597785][T11025] R13: 00000000004caa0e R14: 00000000004e3e70 R15: 0000000000000003 20:03:49 executing program 3 (fault-call:0 fault-nth:20): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:03:49 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:49 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc0045878, &(0x7f0000000200)=""/187) 20:03:49 executing program 2: inotify_init() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setsockopt$TIPC_MCAST_BROADCAST(r1, 0x10f, 0x85) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) ioctl$TIOCGSID(r3, 0x5429, &(0x7f0000000040)=0x0) r6 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r6, &(0x7f0000000280)={0x0, 0xfffffe85, &(0x7f0000001680)=[{&(0x7f0000000380)="1a85508b04bd772531f6c4c4adb69b4110d7fc191d6c15aac665e8198d70a43cdfa0d8d9fcf6c09e5fe6a8c64d1806f3aedf1df3045a5e092f7fd81e18b0e4a8ee1a6cb1e2829264a4718f8ae9e5d4bdb6f31330ccf27df0290eb1640ad1accdbf901942c2d52d2ba1e481449d579e018234e56aa7ccee54022409df35fda628ea220ea272652fd8c49b0d0e6e2c4f8c22c64a801dc3294ac625ef97ee86a020d07d6e19dabcac3ff02bf6a679021f249bed98d98120791acfca370f8d426ffbcda5039278be35c2017db3737d6a282a42d45c8178e7a7e6faccd7e2693980aca591a314f2229bed162a6d7e6f56198d0065ee6b47eab31524b85d7fe23b4cb2ec5f25744edc7b2baf26b017083462166c1fb81f170f0c4553f8bab2910ce1789ba3aac4a9634e90a7e8c2acd19d7116b96adaf657cc1a1f1ab9cedbb2c617b78bdb3cabad495fd9980f8a6b7da06e7d6c3eddf2abafbb07dbcba779b64e6beeeeaf2abd81cafea5dff72bf7364ad8a450e0f6e20278a58fe0afebe93723edd6ac4b6272c35de250a8e8a3bd97e4a74643ac838f02d0b519362ae016edf329afa5aaa07de1a4cbe19db5b9ef7f1c45b85f89303f29ed535360728203734da5307d3d49c0cd97bb3bb41caf17ab5f62a297a55ab5a367d7743538457d8fa663ffec196e738e6ca17923d2012dc3fecaeec85c13c821cf689bed9ae1e170e684207304879ed6d97b1d1a886c7abaec623c4f9dd3c3d810bdb8f291185d41d8720bd3de944d15e526990a228a38c806e00aa23816dc11c437c6932eb6dd99887b6027c4716aa975870c7f739889bd815bf89921f326ea7f0c9d4a458c5cba6c8e8902bccae2b022d4ecfe9f90552f528f7bc6eac848299674c40bc711b968db86b84528baf3d8c3170576897539023d179bb5c93f67cd216712cf8007bc6d7c8c9661af5d651294355a8bc5b4c9fcc1b1e0a2b9da6c6f5e94f4f04f19c3c02bea044979cbf3155618f537e1b71f5b124f276463a7f18cbcebbe5fbdfbe51551884dc5a547cc1bd33f9b0f4346b3aadf3386c6369a8b36b7b6689f136af0b3631f9a6b3775ed85cd0f59c7e3405ae48f0a200d0cdd08bf50f44ae85198f9bc2ae830e1522f4c810dd3bf35a60595c76a03b5df305f0d35bccc2166e105f47148b2859c454d08ffadb14ef100ad2534b3167bc51630b9555d8aabc4dcf27ac50a334858be96420266aabcc4fa5c94911d83faa8badce1f2bc6827e4b851226210ca2b1e70af72ab78271badce74e356daf240221f1e11bff3e231be4464270019f4a277f275edb02dfbff215aec855ddcf9f8d53fa20915cd9b1026333f6b1868b09f8fcd765b376e0473eb1b474f0e98d03ae5405bcd6bbbe6f9a523cbee4349e8fb73c7d66a4e6e0c93a6037b93c9bc98cbf94834499dd0ed75c5f05933a7d38ed93066b47b2f0199531d5902e90cf91c7e249c779edbd8216fcc49e7b4a78ac0885d57ccab9f7a8ba866986943591fcc7fd53c07d3b3588108f77a24953b2a69efcf4da3ed79d636eff4670fc9f23c367ae1b00e6ed868499ee9d2e21e0cb9d38a7f4cb40692d07aa5343156ad66284682e52c816e52c01e9d4edc579e6d042857d93c08f1c61856724a6ff01928421b6c63354dc136e33fba4a64ab0e6cd13a1a05948ac886470061a457ce22a95b128ec46b195f6cbdca4544adb7a6f2eb65fbb59f22532be9b999b0b6886ebda7e4778a5815a0f2ab320f3bfdd4af2b955116629f33349182c05c821a5dcd2c5ae49ec5b32ea38cb581dc14aebfe80f5552fa7a57ae47ded22a783b7aba56f558b331920ad323d9c4f689a3361cc215f6fd65f7ef8f8cf5f4ce5950836942c6f7b224ec054859678b38eb66627d7e95e16d91241d0822a7f3f4914c3e2ece746eb12f2669d9daa52f3fd6025e58c32c11d6a2b1579e933ce7c21082292cc6ae17d9e1965d557357861b63f7cc2b13d74e5828d51578027c257f544453711f0870ba078838493eae933abc5450636262dbc7b8b2b03e4d6ee83130bbf889e0c1824dff30354ddf2511f2c53e97d2942cdca36a4c5aad1cc5177a8f40a14248c475e60eb59180140f93119e5202d9ea7f88d203e739cac11819c7e0deafe02b8a1dd5733681b0f22773b47fa1e7425de721fc5c903aa0dfd087b5a23700331dc5084e273a1d60c3147ae350ac7ae5d2bea6f842fe09660a91de38e2a5ea862b5be631e3a553bdfa48dbed737d1b71ac8baef225ecc27097c8741edfeee1f6473b2dac67da5967a5f39469ba81a572d6a10348e196dae509dc3e835c2f054864bc4990fa3e29f5796b5e568e5a69ddd4506e9f37396309f5eee32f82fb600f8533a4ce2e64dce82c5bfe2e77ce68e8ad4a725f89552b26c314e5822e246319569e9856a969c01f16b5b7861b029d169699950ccc4ce43ce0b0a0b626f7954438bc735f8996cec9ffdce4b5c86c9840af4decccbf4bbe83472d66065c0d431c022c9bf5353835fb00a457d4124489be4cfdc437da08c04a373a28d558d66f0aebb9f9afc1c7a99a0d9c9bcdfa50eea725082a0303c65c708cadce14940734e8a37aa21e829b13a959b5c4ed73df7a9ab1c0acfd9382d8874e7d0838708edae99e07704cb8d81a65fd4d4951328daeca059c8d2827be89a045781d0da4343cfb682f5534daec69febecdd2c826924bc75e5bbaae88eacdb5eb6e3ab7a611c4aca4cb02938b3c82bc708027ce96e479dea466a035f24b6dff901f4f8f7ab6fd375d1cfba286f32f06ccf253bb858d7c274667753a080007535bfd77c809442f64c5ad7377a32aa2589367cb03adf223a91c87159c349e0fd145255c38f91bdeb8492007f455f895fc32db67235aac71a57eddf453a7e6778269e9d6888f0ace6a80ce4ac46810569f6f492dee14f0a90336c85c64fb1b74c56024162b0e9b93376b9bef39b99447708020bf6c6696e01f682c4da506bc65d4c2737ca4cb23bfa524cf9620331533cbaec23188d957d137d0bf04ccddf279f9368502ec8833c1cb8f0debb562451f4cb4bf5c6eb91e1a0eba0e279832e352738f9c06b56d10197723448c9d54dba8c8fec65bae34c283713853bd287f4ead1985e59f07bd77dac019d21308104cb212f224880a112028d3d86064dc3861d838e30b75b0ea8bd5e1e48ff8707831f681bfb9540622722203b4334daab10633984776974efe0e02a8dcc056430011873b2c4353d40762038b02bb80914a811e5811175e9547bec6c74416349dbc67058e382170f18a2c21640316db17114d4c37500fff53e5a934e1c0aa27e6facae574a244dade97a7dc43845868af8477188f9de6261c7aaab2e24c032183de3bb766791a478ee955e10ba2e8077029f35f6b05d7978a5f4861bdf0ca6fc594878d8696d252fc3d77dae7d4ba11ee7cbeb5abfa82d3f076ee07be895d2caa33468dac29538a7994e7aacb38d041201f2d62f74506ffcb3c0eab2278a89f76019ab3aa67ce36d2956c42e05da7fa3bc799ecf88a10312d3e4d1c90022e953fc9a15f9706b5d39b433653343c9e3e805b46e7e1eff971fa18e61fc6ceb7c7d9e733c3a4196e452d3278eca60e7df5488e6d10175b7cd3cd8a049961a8fe5e06847987ea4a65d2e423c4e50d2fba503c9ec4ba618cb0e97936ba91e611768d7f41b3a5e09e1b13ad4608535069d5465c84099b2a99ff7dd4f9765f25638c4cbda719744a6a050980c9eb4f30c04057c86955be214f50a2d799b7bf62daedad6f817f93cfb432c5ab7a084c98854d2e6be1084cedaaacfd6098d0ae4682c4f3cb83c42f35cbb9ef3a87570d70ead6023366981a4f1fa5f8569d538cce9acef1753653f811b9778fd8230e457ce17c757d687a93ea2f69babf055638d1ee485c5d80e6e6a1b7e77feb4c585cd69f2ac6c8221b15ee340c6a40ac5cad7679c93c935b030ee5a84ba7a5bc9c57571a8ce04627944d4889b87502a50d380678228606954080033be386e5edb3d772c10cdb96675db16af6bf15bd6ff9a5ca9c272ac96d94467a1be0b60cec59bd461a5e213f85744bec56356a11bb49b02f11bf18476d0b44c76eecd48436fd0162e1e31d963ec6718561c89b513f8fb29447f4de142f6ee4f643bf412d04ba1cc378b604bebccdb6e3deb386aa55afea0c43ad332935c67def31848b95077414339eea7377429b53cd1cf2d569e43a3a59730b59e16e1efe94696734e2ac7f5f2fb7a23f1a6895befee85101ee2185cb364650410a04f60029bc8166f836e03d0c8cff36d91c3692e0248bd8f5d95416e533ccd4f90eb0c83e42bf86ff285628e547bbea5cc0bdfb53eca717e4b467bed000b902e1e0db3eb417c08a0a6fe7ed95ae735d4d9f81390b146d11c5330a44daa0574ba438c6f4b820c95b58f3c22de268dba7860f547636748cdacff30b208cfde23808724819645b9c629c89a8efbfad0608a7b57d239f4442ba5f88d05ea9603feaa110c5b1bbea34acbe15259ce24e98307cd8eacf70a72c3878e795a12d3a0635457162ad55fff261cdb3a80054e28a09b732d0f116efae58850b679978bfeba71a90b7e6bed226729e55346bfa9acad3c2372c404ee40b3fce9a6ce1391c6411c09afb647231aefd7bf76e1e518375bb231251e3abd6b9e2fec8e527bfd07fcaba9d4b6c5d9a13c65f4ce6c401bb36ff3b9129ffe7e43b162352b525c3b3383020afb8cfb4cb7b803bf2fae4a04c76376b5b74c56d1ed2809061a7b9dbdd0bd0de338522f0f293595d1d8fe0e404661f6ec04eb529c48b0a07b5a039a6aca46e038a1e391e811c32976b4a623a18de295f9cbf91a21dd19f07aac2af68e1340d9de835815f83cb27a812604320b63bd651fec130a77b00f11cb7bbef390979619e111f65ea505e3924d1a4dbbc8c5b45bababd4f048a69041c1663d81114fad176c377986002c3338f830dc97b5cdc82e5e1013c47876d78b22e08c9b2ef78de03311b23830e25384389b62f59ef2022ce8d51de4326b758522be17b61ffb69ef0e990411530614fea72dd18c5aa44f70d55f119894f707daa998740370c15176e5a90bd694f191ec2a2b1e4dc65f35298b66db7b706cc6aa2c0be302af08e803b615b9e81ef84cab6709eb445db14e4ed14c665467cca8932b1347514b1d8602e1e888df7e84a8a325edd86806196002ec0857226c69900e6ff291a62f41bbf093bdb74a863a8dc0eef98575ddb3f81ac1f214195cd94905ab2563ae47802e00f18f37a5170d759e4dee49e5814b1ff71f38755d9772b2d2c2ff130d99ec564b703d322aba0ed068ec5052386181da186f4e717dca2bd22bb60e1b62aba467e92ab92bd277c342c8ed7cbea174b20f5b7ee008bcab0469e1fd92ae4695f246694303ba6dd3587850bfb2b355dec096ed1c1dba630c489e75a520c55d7b1525f88c43cb0ecafc20fd2df0481da02dfd74e9b9adfa1748ee7b82f83eb014076b3ed931ae0e86503486110df10b4a0acb1938c4506753bd282939c975e85c5a6ce82398123005a422ad6197535314ab014f1581e707233fe6edde783a039b992b7b0e78f3a3da147d4f3e0e3ca67d92b871a7e0048927ae3383db6a8743569ac1db5314212332926f1aeea923a3f4a9770a05dce1c3edc7ade0e85188b4afd83b4898f2da6d6f5a9c29877922b49b7c724007794763f7c40f5b050746e04ba25ba89bc76469ba7ca65351ca3026d6691987d54dc3939276d50e349c704f391acbe07d653ebdb28e96b6fc4b5e770c5a4df2151"}, {&(0x7f00000002c0)="4639a49b6fd33c4958bd803249593ba9f4f7186a671b87b2b43437408a0183375927753ddaa8b77153e1e30969be1dedc7"}, {&(0x7f0000001380)="6e5eddda226345413e725e069fbe5673428b410f6a3f9d9b23ce5a37d78bbdf570b45d09c9bcb32473520a7370d7edc35d5aad4246621f6e821587bf8b51c1108fcc5f062d0b2a6d1e9e4740090be995b2110ebaf65966e9761d823817449aa8dc6aed4f4a4d9a327b97888efeb358a3"}, {&(0x7f0000001400)="eb17abc68f28ebc6058967ad3dec0b98ede1feb2740f02536d70f58fc2c291f51f6576d15fdcec3cd9e8584ee449a8d24a433cd1daabfd0c132f3725178c57887a6f46a0b170ce2daa1080522fc8e71f19a4911eb18f2b2c620656169b60f58e8635295ce2f4732be01e4cc769a192595466fa4475196035de6617b3794c1e4542f832c6e3d34728006c86b64c08c4bf02914898d10af589cd3365cdab9b53c83cff88f7767c"}, {&(0x7f00000014c0)="8e25ca519e78e92d19d9115e77c9fe1ec0bee50f02c68c0f5b28447860233eba367fa9ccc8df34af211eb0ba0861b7fc4e7309f0947acea07de0f9be88fe86ad44516df974c2c5af67a7ecf32e7d92be0a9ad736403befb2f618cfd3b49f97e3d1288a72181890f19c2c9c1fae985df903f74595c08d45517f99ae9904493ff5b444e970a58cf9ce4aed915060257eb6bc209505"}, {&(0x7f0000001580)="3bf761f1031cbd31363921e50faac696d312e0e6fe7f8d0d0a25ef8fd74753321c9c591aaedf3502210cc9ef8d2e8c3f464e5a2ad3776ab3a82014fd18de0f971479218401eb60fcdda9cc4ccf1d4e8babd391b01bbf0d804f6dbd69ff140db851af504f6f24f5d0b2b79fd4916083c48ee0dea949f6bb1697ce33c03a24dbc141ea990c5ab8b372f316d8284d2a897841439369cf79e45b98e2abbd84748050879004271a79264e7fa920e4784f7155f004c2213731e705266c9ac5af85b5d230ee054310c189b46949c78f47ea9d44b96fa93d4325be1207babeece7", 0x13e}]}, 0x0) r7 = fcntl$getown(r6, 0x9) r8 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="2e0000001d00810ee00f80ecdb4cb9e307f029a00d0000002f003efb0a0002000300000000000f00030005000600", 0x2e}], 0x1}, 0x0) r9 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="2e0000001d00810ee00f80ecdb4cb9e307f029a00d0000002f003efb0a0002000300000000000f00030005000600", 0x2e}], 0x1}, 0x0) kcmp(r5, r7, 0x6, r8, r9) r10 = dup2(r4, r4) ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000300)) r11 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/tcp6\x00') getdents64(r11, &(0x7f0000000080)=""/194, 0xff42) getdents64(r11, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r13 = dup2(r12, r12) ioctl$PERF_EVENT_IOC_ENABLE(r13, 0x8912, 0x400200) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r15 = dup2(r14, r14) ioctl$PERF_EVENT_IOC_ENABLE(r15, 0x8912, 0x400200) ioctl$SNDCTL_DSP_STEREO(r15, 0xc0045003, &(0x7f0000000200)=0x1) ioctl$TIOCPKT(r13, 0x5420, &(0x7f0000000240)=0x1) [ 345.810927][T11045] FAULT_INJECTION: forcing a failure. [ 345.810927][T11045] name failslab, interval 1, probability 0, space 0, times 0 [ 345.824281][T11045] CPU: 1 PID: 11045 Comm: syz-executor.3 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 345.833840][T11045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 345.843912][T11045] Call Trace: [ 345.847224][T11045] dump_stack+0x197/0x210 [ 345.851741][T11045] should_fail.cold+0xa/0x15 [ 345.856347][T11045] ? fault_create_debugfs_attr+0x180/0x180 [ 345.862159][T11045] ? ___might_sleep+0x163/0x2c0 [ 345.867046][T11045] __should_failslab+0x121/0x190 [ 345.871986][T11045] should_failslab+0x9/0x14 [ 345.876488][T11045] kmem_cache_alloc+0x2aa/0x710 [ 345.881356][T11045] __kernfs_new_node+0xf0/0x6e0 [ 345.886205][T11045] ? __schedule+0x155d/0x1f90 [ 345.890882][T11045] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 345.896338][T11045] ? __kasan_check_read+0x11/0x20 [ 345.901356][T11045] ? __lock_acquire+0x16f2/0x4a00 [ 345.906387][T11045] kernfs_new_node+0x96/0x120 [ 345.911061][T11045] kernfs_create_dir_ns+0x52/0x160 [ 345.916199][T11045] internal_create_group+0x7f4/0xc40 [ 345.921481][T11045] ? lock_downgrade+0x920/0x920 [ 345.926334][T11045] ? remove_files.isra.0+0x190/0x190 [ 345.931633][T11045] ? __kasan_check_write+0x14/0x20 [ 345.936736][T11045] ? up_write+0x150/0x490 [ 345.941081][T11045] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 345.947322][T11045] sysfs_create_group+0x20/0x30 [ 345.952170][T11045] loop_set_fd+0xd5f/0x13c0 [ 345.956701][T11045] lo_ioctl+0x1a3/0x1460 [ 345.960940][T11045] ? loop_set_fd+0x13c0/0x13c0 [ 345.965703][T11045] blkdev_ioctl+0x1302/0x1df0 [ 345.970381][T11045] ? blkpg_ioctl+0xa90/0xa90 [ 345.974971][T11045] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 345.980793][T11045] block_ioctl+0xee/0x130 [ 345.985135][T11045] ? blkdev_fallocate+0x410/0x410 [ 345.990202][T11045] do_vfs_ioctl+0x977/0x14e0 [ 345.994848][T11045] ? compat_ioctl_preallocate+0x220/0x220 [ 346.000558][T11045] ? __fget+0x37f/0x550 [ 346.004778][T11045] ? ksys_dup3+0x3e0/0x3e0 [ 346.009204][T11045] ? do_sys_open+0x31d/0x5d0 [ 346.013797][T11045] ? tomoyo_file_ioctl+0x23/0x30 [ 346.018831][T11045] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 346.025358][T11045] ? security_file_ioctl+0x8d/0xc0 [ 346.030466][T11045] ksys_ioctl+0xab/0xd0 [ 346.034612][T11045] __x64_sys_ioctl+0x73/0xb0 [ 346.039190][T11045] do_syscall_64+0xfa/0x790 [ 346.043730][T11045] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 346.049614][T11045] RIP: 0033:0x45a4e7 [ 346.053507][T11045] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 346.073225][T11045] RSP: 002b:00007fa857adea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 346.081654][T11045] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 000000000045a4e7 [ 346.089640][T11045] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 346.097629][T11045] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 20:03:49 executing program 0: [ 346.105596][T11045] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 346.113562][T11045] R13: 00000000004caa0e R14: 00000000004e3e70 R15: 0000000000000003 [ 346.180933][T11045] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 346.210303][T11045] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities 20:03:49 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc0045878, &(0x7f0000000200)=""/187) 20:03:49 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 346.260860][T11058] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.2'. [ 346.314677][T11058] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.2'. [ 346.382788][T11065] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.2'. 20:03:51 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:51 executing program 0: ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, 0x0) r0 = socket$inet6(0xa, 0x400000000001, 0x0) fchdir(0xffffffffffffffff) syz_genetlink_get_family_id$team(0x0) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0) pipe(0x0) r1 = open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) write(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) close(0xffffffffffffffff) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendmsg$IPVS_CMD_GET_INFO(r1, 0x0, 0x4088) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(0xffffffffffffffff, 0x29, 0x44, 0x0, 0xffffffffffffffff) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, 0x0) sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, 0x0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) open(0x0, 0x0, 0x0) r3 = dup(r0) bind$inet6(r0, &(0x7f0000000600)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendmsg$IPVS_CMD_GET_DAEMON(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="b581c5a291a01f6819e7a9e5c16c546bbc9f613fa96c21af60005d5c40be01a4d47982e70f715f55c2cfbfc54317a9a776924c54cd336256301279288d7be65d947d9b55596313be91c183af07b311b0cc484c62de93181e617120058aeb1f75a2f0aca22a348ecd88baf50fb84fc7ad229c80345cd225ff9e0be8c5b268ed46c57b0321b9f40a4df161a730d2b00c138423744de86c92f22713381a343cacc5659760afb69731c84d5523277b7e526d032832d54321f4e17a477795ee5d11793205c9548603114562883a8015d922193f85c6cdbd509280ba275105b7460c2f685efc730cea4bfcfa2d8e2e42f714"], 0x1}}, 0x0) write$FUSE_POLL(r3, &(0x7f00000005c0)={0x18}, 0x18) setsockopt$inet_tcp_int(r3, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_int(r3, 0x6, 0x18, &(0x7f00000001c0), 0x4) r4 = open(&(0x7f0000000240)='./bus\x00', 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000200)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x5}]}, 0x10) sendfile(r0, r4, 0x0, 0x8000fffffffe) connect$unix(r3, &(0x7f0000000400)=@abs, 0x6e) 20:03:51 executing program 3 (fault-call:0 fault-nth:21): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:03:51 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae02, &(0x7f0000000200)=""/187) 20:03:51 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) bpf$OBJ_GET_PROG(0x7, &(0x7f00000001c0)={&(0x7f0000000180)='./file0\x00', 0x0, 0x10}, 0x10) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x101000, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0xfffffff7fffffff7) getdents64(r0, 0x0, 0x0) [ 348.300001][T11088] FAULT_INJECTION: forcing a failure. [ 348.300001][T11088] name failslab, interval 1, probability 0, space 0, times 0 [ 348.313034][T11088] CPU: 1 PID: 11088 Comm: syz-executor.3 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 348.322584][T11088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 348.332825][T11088] Call Trace: [ 348.336307][T11088] dump_stack+0x197/0x210 [ 348.340658][T11088] should_fail.cold+0xa/0x15 [ 348.345346][T11088] ? fault_create_debugfs_attr+0x180/0x180 [ 348.349077][T11086] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 348.351158][T11088] ? stack_trace_save+0xac/0xe0 [ 348.351247][T11088] __should_failslab+0x121/0x190 [ 348.351269][T11088] should_failslab+0x9/0x14 [ 348.383876][T11088] kmem_cache_alloc+0x47/0x710 [ 348.388715][T11088] ? save_stack+0x5c/0x90 [ 348.393031][T11088] ? save_stack+0x23/0x90 [ 348.397343][T11088] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 348.403127][T11088] ? kasan_slab_alloc+0xf/0x20 [ 348.407881][T11088] radix_tree_node_alloc.constprop.0+0x1eb/0x340 [ 348.414195][T11088] idr_get_free+0x4a6/0x8d0 [ 348.418701][T11088] idr_alloc_u32+0x19e/0x330 [ 348.423315][T11088] ? __fprop_inc_percpu_max+0x230/0x230 [ 348.428857][T11088] ? mark_held_locks+0xf0/0xf0 [ 348.434054][T11088] idr_alloc_cyclic+0x132/0x270 [ 348.439039][T11088] ? idr_alloc+0x150/0x150 [ 348.443454][T11088] __kernfs_new_node+0x13a/0x6e0 [ 348.448509][T11088] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 348.453963][T11088] ? __kasan_check_read+0x11/0x20 [ 348.458975][T11088] ? __lock_acquire+0x16f2/0x4a00 [ 348.464000][T11088] ? set_user_nice.part.0+0x299/0x680 [ 348.469366][T11088] kernfs_new_node+0x96/0x120 [ 348.474152][T11088] kernfs_create_dir_ns+0x52/0x160 [ 348.479257][T11088] internal_create_group+0x7f4/0xc40 [ 348.484533][T11088] ? lock_downgrade+0x920/0x920 [ 348.489390][T11088] ? remove_files.isra.0+0x190/0x190 [ 348.494666][T11088] ? __kasan_check_write+0x14/0x20 [ 348.499784][T11088] ? up_write+0x150/0x490 [ 348.504112][T11088] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 348.510349][T11088] sysfs_create_group+0x20/0x30 [ 348.515200][T11088] loop_set_fd+0xd5f/0x13c0 [ 348.519710][T11088] lo_ioctl+0x1a3/0x1460 [ 348.523943][T11088] ? loop_set_fd+0x13c0/0x13c0 [ 348.528702][T11088] blkdev_ioctl+0x1302/0x1df0 [ 348.533475][T11088] ? blkpg_ioctl+0xa90/0xa90 [ 348.538076][T11088] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 348.543895][T11088] block_ioctl+0xee/0x130 [ 348.548229][T11088] ? blkdev_fallocate+0x410/0x410 [ 348.553250][T11088] do_vfs_ioctl+0x977/0x14e0 [ 348.557859][T11088] ? compat_ioctl_preallocate+0x220/0x220 [ 348.563581][T11088] ? __fget+0x37f/0x550 [ 348.567829][T11088] ? ksys_dup3+0x3e0/0x3e0 [ 348.572321][T11088] ? do_sys_open+0x31d/0x5d0 [ 348.576912][T11088] ? tomoyo_file_ioctl+0x23/0x30 [ 348.581842][T11088] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 348.588069][T11088] ? security_file_ioctl+0x8d/0xc0 [ 348.593183][T11088] ksys_ioctl+0xab/0xd0 [ 348.597345][T11088] __x64_sys_ioctl+0x73/0xb0 [ 348.601927][T11088] do_syscall_64+0xfa/0x790 [ 348.606445][T11088] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 348.612333][T11088] RIP: 0033:0x45a4e7 [ 348.616224][T11088] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 348.635929][T11088] RSP: 002b:00007fa857adea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 348.644332][T11088] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 000000000045a4e7 [ 348.652310][T11088] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 348.660273][T11088] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 348.668248][T11088] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 348.676209][T11088] R13: 00000000004caa0e R14: 00000000004e3e70 R15: 0000000000000003 20:03:52 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000180)) getdents64(r0, 0x0, 0x0) 20:03:52 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc004ae0a, &(0x7f0000000200)=""/187) [ 348.686285][ T27] audit: type=1804 audit(1575489831.607:34): pid=11086 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir734651798/syzkaller.56FTm9/116/bus" dev="sda1" ino=17125 res=1 [ 348.792973][T11088] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 348.833120][T11088] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities 20:03:52 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae02, &(0x7f0000000200)=""/187) 20:03:52 executing program 3 (fault-call:0 fault-nth:22): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:03:52 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae03, &(0x7f0000000200)=""/187) [ 349.082988][ T27] audit: type=1804 audit(1575489832.367:35): pid=11086 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir734651798/syzkaller.56FTm9/116/bus" dev="sda1" ino=17125 res=1 20:03:52 executing program 0: bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f0000000140)="40c74adc77a4e27d876f441d952bf111375896d876c4ed0f2e703cd5f8b64ff3cd946b507d0419c09fc1fe6c"}, 0xa) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400)='/dev/net/tun\x00', 0x2, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) r1 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000000440)=0xa7) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000100)={0x1, &(0x7f0000000240)="cca33d84", 0x0}, 0x20) write$cgroup_subtree(r0, &(0x7f00000000c0)={[{0x0, 'c\x86\xdd', 0x7}]}, 0x90ad) write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x0) [ 349.146402][ T27] audit: type=1800 audit(1575489832.367:36): pid=11096 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.0" name="bus" dev="sda1" ino=17125 res=0 [ 349.207173][ T27] audit: type=1800 audit(1575489832.367:37): pid=11086 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.0" name="bus" dev="sda1" ino=17125 res=0 [ 349.207238][T11121] FAULT_INJECTION: forcing a failure. [ 349.207238][T11121] name failslab, interval 1, probability 0, space 0, times 0 [ 349.247446][T11121] CPU: 1 PID: 11121 Comm: syz-executor.3 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 349.257220][T11121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 349.267278][T11121] Call Trace: [ 349.270581][T11121] dump_stack+0x197/0x210 [ 349.274925][T11121] should_fail.cold+0xa/0x15 [ 349.279516][T11121] ? fault_create_debugfs_attr+0x180/0x180 [ 349.285413][T11121] ? ___might_sleep+0x163/0x2c0 [ 349.290277][T11121] __should_failslab+0x121/0x190 [ 349.295213][T11121] should_failslab+0x9/0x14 [ 349.299708][T11121] kmem_cache_alloc+0x2aa/0x710 [ 349.304546][T11121] ? kernfs_activate+0x192/0x1f0 [ 349.309473][T11121] __kernfs_new_node+0xf0/0x6e0 [ 349.314308][T11121] ? kernfs_activate+0x34/0x1f0 [ 349.319162][T11121] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 349.324605][T11121] ? mutex_trylock+0x2f0/0x2f0 [ 349.329370][T11121] ? __kasan_check_write+0x14/0x20 [ 349.334483][T11121] ? __mutex_unlock_slowpath+0xf0/0x6a0 [ 349.340173][T11121] ? wait_for_completion+0x440/0x440 [ 349.345559][T11121] kernfs_new_node+0x96/0x120 [ 349.350236][T11121] __kernfs_create_file+0x51/0x340 [ 349.355341][T11121] sysfs_add_file_mode_ns+0x222/0x560 [ 349.360715][T11121] internal_create_group+0x359/0xc40 [ 349.366001][T11121] ? remove_files.isra.0+0x190/0x190 [ 349.371291][T11121] ? __kasan_check_write+0x14/0x20 [ 349.376392][T11121] ? up_write+0x150/0x490 [ 349.380819][T11121] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 349.387182][T11121] sysfs_create_group+0x20/0x30 [ 349.392037][T11121] loop_set_fd+0xd5f/0x13c0 [ 349.396606][T11121] lo_ioctl+0x1a3/0x1460 [ 349.400836][T11121] ? loop_set_fd+0x13c0/0x13c0 [ 349.405584][T11121] blkdev_ioctl+0x1302/0x1df0 [ 349.410328][T11121] ? blkpg_ioctl+0xa90/0xa90 [ 349.414896][T11121] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 349.420693][T11121] block_ioctl+0xee/0x130 [ 349.425002][T11121] ? blkdev_fallocate+0x410/0x410 [ 349.430018][T11121] do_vfs_ioctl+0x977/0x14e0 [ 349.434603][T11121] ? compat_ioctl_preallocate+0x220/0x220 [ 349.440313][T11121] ? __fget+0x37f/0x550 [ 349.444538][T11121] ? ksys_dup3+0x3e0/0x3e0 [ 349.448936][T11121] ? do_sys_open+0x31d/0x5d0 [ 349.453520][T11121] ? tomoyo_file_ioctl+0x23/0x30 [ 349.458449][T11121] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 349.464668][T11121] ? security_file_ioctl+0x8d/0xc0 [ 349.469775][T11121] ksys_ioctl+0xab/0xd0 [ 349.473915][T11121] __x64_sys_ioctl+0x73/0xb0 [ 349.478487][T11121] do_syscall_64+0xfa/0x790 [ 349.482983][T11121] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 349.488852][T11121] RIP: 0033:0x45a4e7 [ 349.492728][T11121] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 349.512500][T11121] RSP: 002b:00007fa857adea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 349.521072][T11121] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 000000000045a4e7 [ 349.529022][T11121] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 349.536985][T11121] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 349.544934][T11121] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 349.552882][T11121] R13: 00000000004caa0e R14: 00000000004e3e70 R15: 0000000000000003 20:03:52 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b41fd983f79e65199615607672c59957ab364bf68e6faa53367f05f4ad61421349f2f11e931e7d62ead5e7cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b5", 0x8d}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 349.615448][T11121] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 349.626136][T11121] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities [ 349.666680][T11129] device nr0 entered promiscuous mode [ 350.083930][T11129] device nr0 entered promiscuous mode 20:03:54 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)}], 0x4, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 20:03:54 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) getdents64(r0, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$fou(&(0x7f00000006c0)='fou\x00') sendmsg$FOU_CMD_ADD(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x1c, r2, 0x3, 0x0, 0x0, {}, [@FOU_ATTR_TYPE={0x8, 0x4, 0x2}]}, 0x1c}}, 0x0) sendmsg$FOU_CMD_DEL(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="14000000dc881ffba13f0fafb09a5d68040173d19deb0dd5e47103000000f4be5584556befe03ef47e7bfc9ce5ed9cfb5ee48535ad59ae1dc2ebcf", @ANYRES16=r2, @ANYBLOB="0101000000000000000002000000"], 0x14}}, 0x60) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000280)={{{@in=@dev, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in=@loopback}}, &(0x7f0000000380)=0xe8) sendmsg$FOU_CMD_GET(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1080020}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x3c, r2, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@FOU_ATTR_LOCAL_V4={0x8, 0x6, @empty}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0x8}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0x2b}, @FOU_ATTR_IFINDEX={0x8, 0xb, r3}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @empty}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x20010098) 20:03:54 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae06, &(0x7f0000000200)=""/187) 20:03:54 executing program 3 (fault-call:0 fault-nth:23): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000140)="25bca274769e620a2734fa0095e0612687ecb86a5c8802a9d8aea872943afd874e2f98b579a7086270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@mblk_io_submit='mblk_io_submit'}]}) 20:03:54 executing program 0: r0 = openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/attr/current\x00', 0x2, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$apparmor_current(r0, &(0x7f0000000040)=ANY=[@ANYBLOB='changehat 0x000000^\x00'/29], 0x1d) [ 351.314115][T11143] FAULT_INJECTION: forcing a failure. [ 351.314115][T11143] name failslab, interval 1, probability 0, space 0, times 0 [ 351.334510][T11143] CPU: 0 PID: 11143 Comm: syz-executor.3 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 351.341613][T11146] AppArmor: change_hat: Invalid input, NULL hat and NULL magic [ 351.343759][T11147] netlink: 'syz-executor.2': attribute type 4 has an invalid length. [ 351.344090][T11143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 351.344097][T11143] Call Trace: [ 351.344121][T11143] dump_stack+0x197/0x210 [ 351.344143][T11143] should_fail.cold+0xa/0x15 [ 351.372265][T11147] netlink: 'syz-executor.2': attribute type 4 has an invalid length. [ 351.373290][T11143] ? fault_create_debugfs_attr+0x180/0x180 [ 351.373310][T11143] ? ___might_sleep+0x163/0x2c0 [ 351.400974][T11143] __should_failslab+0x121/0x190 [ 351.405899][T11143] should_failslab+0x9/0x14 [ 351.410400][T11143] kmem_cache_alloc+0x2aa/0x710 [ 351.415256][T11143] ? lock_downgrade+0x920/0x920 [ 351.420196][T11143] ? kernfs_activate+0x34/0x1f0 [ 351.425124][T11143] __kernfs_new_node+0xf0/0x6e0 [ 351.429964][T11143] ? __kasan_check_write+0x14/0x20 [ 351.435070][T11143] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 351.440531][T11143] ? wait_for_completion+0x440/0x440 [ 351.445819][T11143] ? mutex_unlock+0x1b/0x30 [ 351.450307][T11143] ? kernfs_activate+0x192/0x1f0 [ 351.455234][T11143] kernfs_new_node+0x96/0x120 [ 351.459920][T11143] __kernfs_create_file+0x51/0x340 [ 351.465114][T11143] sysfs_add_file_mode_ns+0x222/0x560 [ 351.470504][T11143] internal_create_group+0x359/0xc40 [ 351.475797][T11143] ? remove_files.isra.0+0x190/0x190 [ 351.481078][T11143] ? __kasan_check_write+0x14/0x20 [ 351.486183][T11143] ? up_write+0x150/0x490 [ 351.490519][T11143] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 351.496753][T11143] sysfs_create_group+0x20/0x30 [ 351.502549][T11143] loop_set_fd+0xd5f/0x13c0 [ 351.507055][T11143] lo_ioctl+0x1a3/0x1460 [ 351.511288][T11143] ? loop_set_fd+0x13c0/0x13c0 [ 351.516047][T11143] blkdev_ioctl+0x1302/0x1df0 [ 351.520716][T11143] ? blkpg_ioctl+0xa90/0xa90 [ 351.525299][T11143] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 351.531105][T11143] block_ioctl+0xee/0x130 [ 351.535563][T11143] ? blkdev_fallocate+0x410/0x410 [ 351.540600][T11143] do_vfs_ioctl+0x977/0x14e0 [ 351.545184][T11143] ? compat_ioctl_preallocate+0x220/0x220 [ 351.550895][T11143] ? __fget+0x37f/0x550 [ 351.555046][T11143] ? ksys_dup3+0x3e0/0x3e0 [ 351.559456][T11143] ? do_sys_open+0x31d/0x5d0 [ 351.564040][T11143] ? tomoyo_file_ioctl+0x23/0x30 [ 351.568972][T11143] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 351.575202][T11143] ? security_file_ioctl+0x8d/0xc0 [ 351.580303][T11143] ksys_ioctl+0xab/0xd0 [ 351.584450][T11143] __x64_sys_ioctl+0x73/0xb0 [ 351.589032][T11143] do_syscall_64+0xfa/0x790 [ 351.593561][T11143] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 351.599440][T11143] RIP: 0033:0x45a4e7 [ 351.603338][T11143] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 351.622923][T11143] RSP: 002b:00007fa857adea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 351.631326][T11143] RAX: ffffffffffffffda RBX: 0000000020000028 RCX: 000000000045a4e7 [ 351.639281][T11143] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 351.647236][T11143] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 351.655191][T11143] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 20:03:54 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000080)=""/194, 0xff42) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x80100, 0x0) getdents64(r1, &(0x7f0000000180)=""/148, 0x94) getdents64(r0, 0x0, 0x0) 20:03:54 executing program 0: r0 = openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/attr/current\x00', 0x2, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$apparmor_current(r0, &(0x7f0000000040)=ANY=[@ANYBLOB='changehat 0x000000^\x00'/29], 0x1d) 20:03:54 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae08, &(0x7f0000000200)=""/187) [ 351.663159][T11143] R13: 00000000004caa0e R14: 00000000004e3e70 R15: 0000000000000003 [ 351.725931][T11143] EXT4-fs (loop3): Ignoring removed mblk_io_submit option 20:03:55 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae09, &(0x7f0000000200)=""/187) 20:03:55 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') getdents64(r0, &(0x7f0000000180)=""/206, 0xffffffffffffffd0) getdents64(r0, 0x0, 0x0) [ 351.838540][T11160] AppArmor: change_hat: Invalid input, NULL hat and NULL magic [ 351.846419][T11143] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities [ 351.910024][T11169] ================================================================== [ 351.918408][T11169] BUG: KASAN: vmalloc-out-of-bounds in kvm_dev_ioctl_get_cpuid+0xacc/0xb47 [ 351.927002][T11169] Write of size 4 at addr ffffc90001046078 by task syz-executor.5/11169 [ 351.935311][T11169] [ 351.937639][T11169] CPU: 1 PID: 11169 Comm: syz-executor.5 Not tainted 5.4.0-next-20191204-syzkaller #0 [ 351.947183][T11169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 351.957243][T11169] Call Trace: [ 351.960577][T11169] dump_stack+0x197/0x210 [ 351.964910][T11169] ? kvm_dev_ioctl_get_cpuid+0xacc/0xb47 [ 351.970581][T11169] print_address_description.constprop.0.cold+0x5/0x30b [ 351.977516][T11169] ? kvm_dev_ioctl_get_cpuid+0xacc/0xb47 [ 351.983140][T11169] ? kvm_dev_ioctl_get_cpuid+0xacc/0xb47 [ 351.988772][T11169] __kasan_report.cold+0x1b/0x41 [ 351.993708][T11169] ? kvm_dev_ioctl_get_cpuid+0x61/0xb47 [ 351.999251][T11169] ? kvm_dev_ioctl_get_cpuid+0xacc/0xb47 [ 352.004892][T11169] kasan_report+0x12/0x20 [ 352.009220][T11169] __asan_report_store4_noabort+0x17/0x20 [ 352.014939][T11169] kvm_dev_ioctl_get_cpuid+0xacc/0xb47 [ 352.020397][T11169] ? kvm_vcpu_ioctl_get_cpuid2+0x1c0/0x1c0 [ 352.026205][T11169] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 352.032452][T11169] ? _copy_from_user+0x12c/0x1a0 [ 352.037390][T11169] kvm_arch_dev_ioctl+0x300/0x4b0 [ 352.042420][T11169] ? kvm_vm_ioctl_check_extension+0x3d0/0x3d0 [ 352.048484][T11169] ? tomoyo_path_number_perm+0x454/0x520 [ 352.054125][T11169] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 352.060362][T11169] ? tomoyo_path_number_perm+0x25e/0x520 [ 352.065987][T11169] kvm_dev_ioctl+0x127/0x17d0 [ 352.070651][T11169] ? kvm_put_kvm+0xcc0/0xcc0 [ 352.075243][T11169] ? kvm_put_kvm+0xcc0/0xcc0 [ 352.079821][T11169] do_vfs_ioctl+0x977/0x14e0 [ 352.084408][T11169] ? compat_ioctl_preallocate+0x220/0x220 [ 352.090149][T11169] ? __fget+0x37f/0x550 [ 352.094299][T11169] ? ksys_dup3+0x3e0/0x3e0 [ 352.098707][T11169] ? ns_to_kernel_old_timeval+0x100/0x100 [ 352.104425][T11169] ? tomoyo_file_ioctl+0x23/0x30 [ 352.109357][T11169] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 352.115590][T11169] ? security_file_ioctl+0x8d/0xc0 [ 352.120707][T11169] ksys_ioctl+0xab/0xd0 [ 352.124872][T11169] __x64_sys_ioctl+0x73/0xb0 [ 352.129463][T11169] do_syscall_64+0xfa/0x790 [ 352.133983][T11169] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 352.139920][T11169] RIP: 0033:0x45a679 [ 352.143901][T11169] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 352.163495][T11169] RSP: 002b:00007f171e29cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 352.171914][T11169] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a679 [ 352.179872][T11169] RDX: 0000000020000200 RSI: 00000000c008ae09 RDI: 0000000000000003 [ 352.187844][T11169] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 352.195825][T11169] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f171e29d6d4 [ 352.203780][T11169] R13: 00000000004c3cae R14: 00000000004d9220 R15: 00000000ffffffff [ 352.211756][T11169] [ 352.214078][T11169] [ 352.216389][T11169] Memory state around the buggy address: [ 352.222036][T11169] ffffc90001045f00: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 352.230091][T11169] ffffc90001045f80: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 352.238151][T11169] >ffffc90001046000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f9 [ 352.246207][T11169] ^ 20:03:55 executing program 0: r0 = openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/attr/current\x00', 0x2, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$apparmor_current(r0, &(0x7f0000000040)=ANY=[@ANYBLOB='changehat 0x000000^\x00'/29], 0x1d) [ 352.254180][T11169] ffffc90001046080: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 352.262373][T11169] ffffc90001046100: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 352.270502][T11169] ================================================================== [ 352.278573][T11169] Disabling lock debugging due to kernel taint [ 352.308569][T11169] Kernel panic - not syncing: panic_on_warn set ... [ 352.315206][T11169] CPU: 1 PID: 11169 Comm: syz-executor.5 Tainted: G B 5.4.0-next-20191204-syzkaller #0 [ 352.326130][T11169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 352.336180][T11169] Call Trace: [ 352.339477][T11169] dump_stack+0x197/0x210 [ 352.343970][T11169] panic+0x2e3/0x75c [ 352.347876][T11169] ? add_taint.cold+0x16/0x16 [ 352.352564][T11169] ? kvm_dev_ioctl_get_cpuid+0xacc/0xb47 [ 352.358219][T11169] ? preempt_schedule+0x4b/0x60 [ 352.363074][T11169] ? ___preempt_schedule+0x16/0x18 [ 352.368195][T11169] ? trace_hardirqs_on+0x5e/0x240 [ 352.373233][T11169] ? kvm_dev_ioctl_get_cpuid+0xacc/0xb47 [ 352.378877][T11169] end_report+0x47/0x4f [ 352.383037][T11169] ? kvm_dev_ioctl_get_cpuid+0xacc/0xb47 [ 352.388675][T11169] __kasan_report.cold+0xe/0x41 [ 352.393536][T11169] ? kvm_dev_ioctl_get_cpuid+0x61/0xb47 [ 352.399091][T11169] ? kvm_dev_ioctl_get_cpuid+0xacc/0xb47 [ 352.403799][T11175] AppArmor: change_hat: Invalid input, NULL hat and NULL magic [ 352.404741][T11169] kasan_report+0x12/0x20 [ 352.416614][T11169] __asan_report_store4_noabort+0x17/0x20 [ 352.422342][T11169] kvm_dev_ioctl_get_cpuid+0xacc/0xb47 [ 352.427903][T11169] ? kvm_vcpu_ioctl_get_cpuid2+0x1c0/0x1c0 [ 352.433716][T11169] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 352.439960][T11169] ? _copy_from_user+0x12c/0x1a0 [ 352.440676][ T4093] kobject: 'loop0' (00000000d438b79b): kobject_uevent_env [ 352.445003][T11169] kvm_arch_dev_ioctl+0x300/0x4b0 [ 352.457105][T11169] ? kvm_vm_ioctl_check_extension+0x3d0/0x3d0 [ 352.463168][T11169] ? tomoyo_path_number_perm+0x454/0x520 [ 352.463273][ T4093] kobject: 'loop0' (00000000d438b79b): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 352.468808][T11169] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 352.468821][T11169] ? tomoyo_path_number_perm+0x25e/0x520 [ 352.468836][T11169] kvm_dev_ioctl+0x127/0x17d0 [ 352.468851][T11169] ? kvm_put_kvm+0xcc0/0xcc0 [ 352.468865][T11169] ? kvm_put_kvm+0xcc0/0xcc0 [ 352.468878][T11169] do_vfs_ioctl+0x977/0x14e0 [ 352.468890][T11169] ? compat_ioctl_preallocate+0x220/0x220 [ 352.468900][T11169] ? __fget+0x37f/0x550 [ 352.468916][T11169] ? ksys_dup3+0x3e0/0x3e0 [ 352.523501][T11169] ? ns_to_kernel_old_timeval+0x100/0x100 [ 352.529206][T11169] ? tomoyo_file_ioctl+0x23/0x30 [ 352.534176][T11169] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 352.540491][T11169] ? security_file_ioctl+0x8d/0xc0 [ 352.545639][T11169] ksys_ioctl+0xab/0xd0 [ 352.549776][T11169] __x64_sys_ioctl+0x73/0xb0 [ 352.554349][T11169] do_syscall_64+0xfa/0x790 [ 352.558846][T11169] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 352.564814][T11169] RIP: 0033:0x45a679 [ 352.568693][T11169] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 352.588437][T11169] RSP: 002b:00007f171e29cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 352.596839][T11169] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a679 [ 352.604942][T11169] RDX: 0000000020000200 RSI: 00000000c008ae09 RDI: 0000000000000003 [ 352.612896][T11169] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 352.620863][T11169] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f171e29d6d4 [ 352.628826][T11169] R13: 00000000004c3cae R14: 00000000004d9220 R15: 00000000ffffffff [ 352.638273][T11169] Kernel Offset: disabled [ 352.642593][T11169] Rebooting in 86400 seconds..