0x4, 0x0, 0x81, 0x8]}, &(0x7f00000005c0)=0x100) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000340)={r6, 0xb55}, &(0x7f0000000480)=0x8) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, r3, r4, r7) 20:34:41 executing program 2: r0 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x7, 0x311081) ioctl$KVM_ASSIGN_PCI_DEVICE(r0, 0x8040ae69, &(0x7f0000000040)={0x9f1, 0x578, 0xffffffff, 0x7, 0x4}) socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85) add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) [ 512.315822][T21588] hci_uart_tty_ioctl+0x8ad/0xa20 [ 512.321148][T21588] ? hci_uart_tty_write+0x10/0x10 [ 512.326359][T21588] tty_ioctl+0xfa8/0x1610 [ 512.330673][T21588] ? tty_do_resize+0x180/0x180 [ 512.335516][T21588] ? rcu_lock_release+0x9/0x30 [ 512.340662][T21588] ? __lock_acquire+0x4750/0x4750 [ 512.345888][T21588] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 512.351520][T21588] ? tomoyo_path_number_perm+0x587/0x740 [ 512.357148][T21588] ? trace_hardirqs_on+0x74/0x80 [ 512.362084][T21588] ? tomoyo_path_number_perm+0x5f0/0x740 20:34:41 executing program 2: r0 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x7, 0x311081) ioctl$KVM_ASSIGN_PCI_DEVICE(r0, 0x8040ae69, &(0x7f0000000040)={0x9f1, 0x578, 0xffffffff, 0x7, 0x4}) socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85) add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) 20:34:41 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r1 = dup3(r0, r0, 0x0) getsockopt$ax25_int(r1, 0x101, 0xf, &(0x7f00000000c0), &(0x7f0000000100)=0x4) keyctl$setperm(0x5, 0x0, 0xf8ffffff) r2 = request_key(&(0x7f0000000640)='cifs.spnego\x00', &(0x7f0000000680)={'syz', 0x0}, &(0x7f00000006c0)='trustedkeyring^ppp1!)\x00', 0xfffffffffffffffa) r3 = request_key(&(0x7f0000000080)='ceph\x00', &(0x7f0000000600)={'syz', 0x2}, &(0x7f0000000380)='/dev%cRec#', r2) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000200)={{{@in6, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@local}}, &(0x7f0000000140)=0xe8) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000440)={'bridge0\x00', 0x2400}) r5 = dup3(r0, r0, 0x80000) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r5, 0x84, 0x70, &(0x7f00000004c0)={0x0, @in={{0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}}, [0x2, 0x5b56, 0x0, 0xbca5, 0x4ed8, 0x3ff, 0x8000, 0x6, 0x8, 0x3, 0x401, 0x4, 0x0, 0x81, 0x8]}, &(0x7f00000005c0)=0x100) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, r3, r4, r6) [ 512.367724][T21588] ? tomoyo_check_path_acl+0x180/0x180 [ 512.373272][T21588] ? smk_access+0x4f0/0x4f0 [ 512.377779][T21588] ? smk_access+0x18c/0x4f0 [ 512.382281][T21588] ? tty_do_resize+0x180/0x180 [ 512.387049][T21588] do_vfs_ioctl+0x7d4/0x18f0 [ 512.391820][T21588] ? ioctl_preallocate+0x240/0x240 [ 512.396936][T21588] ? fget_many+0x30/0x30 [ 512.401350][T21588] ? debug_smp_processor_id+0x1c/0x20 [ 512.407733][T21588] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 512.414663][T21588] ? tomoyo_file_ioctl+0x23/0x30 [ 512.414675][T21588] ? security_file_ioctl+0xa1/0xd0 [ 512.414686][T21588] __x64_sys_ioctl+0xe3/0x120 [ 512.414705][T21588] do_syscall_64+0xfe/0x140 [ 512.434683][T21588] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 512.440651][T21588] RIP: 0033:0x459829 [ 512.444537][T21588] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 512.464405][T21588] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 512.472791][T21588] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 512.481432][T21588] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 512.489508][T21588] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 512.497455][T21588] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 512.505402][T21588] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 20:34:41 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$DRM_IOCTL_ADD_BUFS(r0, 0xc0206416, &(0x7f0000000400)={0x1, 0x10ae, 0x4, 0x7fffffff, 0x4, 0x9}) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) recvfrom$unix(r1, &(0x7f0000000440), 0x0, 0x40002040, &(0x7f0000000480)=@file={0x1, './file0\x00'}, 0x6e) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:34:41 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x0, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:34:41 executing program 2: r0 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x7, 0x311081) ioctl$KVM_ASSIGN_PCI_DEVICE(r0, 0x8040ae69, &(0x7f0000000040)={0x9f1, 0x578, 0xffffffff, 0x7, 0x4}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) 20:34:41 executing program 3 (fault-call:2 fault-nth:26): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) [ 512.526540][T21588] Bluetooth: Can't register HCI device 20:34:41 executing program 2: r0 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x7, 0x311081) ioctl$KVM_ASSIGN_PCI_DEVICE(r0, 0x8040ae69, &(0x7f0000000040)={0x9f1, 0x578, 0xffffffff, 0x7, 0x4}) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) 20:34:41 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") keyctl$setperm(0x5, 0x0, 0xf8ffffff) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f0000000000)) [ 512.638296][T21621] FAT-fs (loop4): error, invalid access to FAT (entry 0x00006500) [ 512.641238][T21624] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 512.673742][T21621] FAT-fs (loop4): Filesystem has been set read-only [ 512.680712][T21624] FAULT_INJECTION: forcing a failure. 20:34:41 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r1 = dup3(r0, r0, 0x0) getsockopt$ax25_int(r1, 0x101, 0xf, &(0x7f00000000c0), &(0x7f0000000100)=0x4) keyctl$setperm(0x5, 0x0, 0xf8ffffff) r2 = request_key(&(0x7f0000000640)='cifs.spnego\x00', &(0x7f0000000680)={'syz', 0x0}, &(0x7f00000006c0)='trustedkeyring^ppp1!)\x00', 0xfffffffffffffffa) r3 = request_key(&(0x7f0000000080)='ceph\x00', &(0x7f0000000600)={'syz', 0x2}, &(0x7f0000000380)='/dev%cRec#', r2) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000200)={{{@in6, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@local}}, &(0x7f0000000140)=0xe8) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000440)={'bridge0\x00', 0x2400}) dup3(r0, r0, 0x80000) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, r3, r4, r5) [ 512.680712][T21624] name failslab, interval 1, probability 0, space 0, times 0 20:34:41 executing program 2: r0 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x7, 0x311081) ioctl$KVM_ASSIGN_PCI_DEVICE(r0, 0x8040ae69, &(0x7f0000000040)={0x9f1, 0x578, 0xffffffff, 0x7, 0x4}) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) [ 512.738302][T21624] CPU: 0 PID: 21624 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 512.746317][T21624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 512.756372][T21624] Call Trace: [ 512.759665][T21624] dump_stack+0x1d8/0x2f8 [ 512.763998][T21624] should_fail+0x608/0x860 [ 512.768406][T21624] ? setup_fault_attr+0x2b0/0x2b0 [ 512.773415][T21624] ? __kernfs_new_node+0x99/0x6e0 [ 512.778524][T21624] __should_failslab+0x11a/0x160 [ 512.783452][T21624] ? __kernfs_new_node+0x99/0x6e0 [ 512.788468][T21624] should_failslab+0x9/0x20 [ 512.792964][T21624] __kmalloc_track_caller+0x79/0x340 [ 512.798241][T21624] kstrdup_const+0x55/0x90 [ 512.802742][T21624] __kernfs_new_node+0x99/0x6e0 [ 512.807596][T21624] ? __kasan_check_write+0x14/0x20 [ 512.812700][T21624] ? kernfs_new_node+0x180/0x180 [ 512.817632][T21624] ? trace_lock_release+0x135/0x1a0 [ 512.822829][T21624] kernfs_new_node+0x97/0x180 [ 512.827495][T21624] kernfs_create_link+0xbb/0x210 [ 512.832433][T21624] sysfs_do_create_link_sd+0x89/0x120 20:34:42 executing program 2: r0 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x7, 0x311081) ioctl$KVM_ASSIGN_PCI_DEVICE(r0, 0x8040ae69, &(0x7f0000000040)={0x9f1, 0x578, 0xffffffff, 0x7, 0x4}) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) [ 512.837806][T21624] sysfs_create_link+0x68/0x80 [ 512.842567][T21624] device_add+0xa32/0x1570 [ 512.846978][T21624] ? dev_set_name+0x110/0x110 [ 512.851647][T21624] ? debugfs_create_dir+0x37/0x440 [ 512.856764][T21624] ? memset+0x31/0x40 [ 512.860747][T21624] hci_register_dev+0x331/0x720 [ 512.865603][T21624] hci_uart_tty_ioctl+0x8ad/0xa20 [ 512.870635][T21624] ? hci_uart_tty_write+0x10/0x10 [ 512.875657][T21624] tty_ioctl+0xfa8/0x1610 [ 512.879988][T21624] ? tty_do_resize+0x180/0x180 20:34:42 executing program 2: syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x7, 0x311081) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) [ 512.884750][T21624] ? rcu_lock_release+0x9/0x30 [ 512.889515][T21624] ? __lock_acquire+0x4750/0x4750 [ 512.894545][T21624] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 512.900175][T21624] ? tomoyo_path_number_perm+0x587/0x740 [ 512.905802][T21624] ? trace_hardirqs_on+0x74/0x80 [ 512.910739][T21624] ? tomoyo_path_number_perm+0x5f0/0x740 [ 512.916376][T21624] ? tomoyo_check_path_acl+0x180/0x180 [ 512.921834][T21624] ? smk_access+0x4f0/0x4f0 [ 512.926335][T21624] ? smk_access+0x18c/0x4f0 [ 512.930843][T21624] ? tty_do_resize+0x180/0x180 20:34:42 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) [ 512.935608][T21624] do_vfs_ioctl+0x7d4/0x18f0 [ 512.940201][T21624] ? ioctl_preallocate+0x240/0x240 [ 512.945317][T21624] ? fget_many+0x30/0x30 [ 512.949638][T21624] ? debug_smp_processor_id+0x1c/0x20 [ 512.955007][T21624] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 512.961084][T21624] ? tomoyo_file_ioctl+0x23/0x30 [ 512.966022][T21624] ? security_file_ioctl+0xa1/0xd0 [ 512.971144][T21624] __x64_sys_ioctl+0xe3/0x120 [ 512.975827][T21624] do_syscall_64+0xfe/0x140 [ 512.980333][T21624] entry_SYSCALL_64_after_hwframe+0x49/0xbe 20:34:42 executing program 2: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) [ 512.986224][T21624] RIP: 0033:0x459829 [ 512.990120][T21624] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 513.009723][T21624] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 513.018225][T21624] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 513.026195][T21624] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 513.034157][T21624] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 513.042131][T21624] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 513.050106][T21624] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 513.082613][T21624] Bluetooth: Can't register HCI device 20:34:42 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000400)=ANY=[@ANYBLOB="83000000290000000000000100000000000000000000000005000000000000000405002e2f627573233783694d150000000000000000000000000009000000696c65300004000016584b93d24f03bc0d533dba402b0000000000000000000900000000000000df05002e2f6275730000000000000000000000000000000000000000000513002e"], 0x83) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000700)={'team0\x00', 0x0}) getsockopt$inet6_mreq(r1, 0x29, 0x14, &(0x7f0000003bc0)={@ipv4={[], [], @multicast2}, 0x0}, &(0x7f0000003c00)=0x14) getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000003c40)={{{@in=@dev, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in6=@remote}}, &(0x7f0000003d40)=0xe8) sendmsg$inet(r2, &(0x7f0000003e00)={&(0x7f0000000300)={0x2, 0x4e24, @multicast1}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000600)="a91c63315d62165c4d78bb00d17e1e82457e29263aaf81520ccc5fdfe561b30aa3d1e74c20a1308b3ec9a3665b3d4670c3bbc15d40cf183aa765f58e55981a33163f775d312f00e48dbf157b969828305050a4da827ea81f64a354b9714377b4b455fcfe6798462c79f47c4bec213a87d110e753ca43ff0a0d91493d0fc8cb86bb94b196903fa43f51454017865539b0394b69886a5b39c1599f726acdee76aefd790a85c4e7ab886d383ef069f98bf95289dcde5f530ef46a135d82cff6da4cf83165c2f6a14eaafefd86fa6793665f1ef22aa78a041f6b853b8ba099f8cccb191d90", 0xe3}, {&(0x7f0000000880)="bc9f49074ba310d8c2c2d0c4e6e223a7cf302bb397c292fa984e6b8fa6f1ea8501db60f7fa3d3a586551ae9d794c2188175f24823a4b958cd8852adc60f9ecc2543a13173bfdfda0765421182757254890bf831df686606e5faf8d59b539d2003fb590c8d34915aa6615f101290b4ab0146b1fb7e14134fcf6cc0bd6caaed06e99573ed4132981e2a2d2fdafb81ef4f3e29b46bdd988bfaee0c44b89a18996275db8baa22d5f98fe67b3430dbad86e642ca8de46b3a4c642c32c1fa6a55ed5682d646f19c0a4f6ea16d498126a5b607c062384476be3209945", 0xd9}, {&(0x7f0000000340)="cabec37705e4a5a826905336285be6d6e9bccc675c2a57f6a50c9c92d3c283c8287b23d51c5d60435a824dd167850a439a60d15090e0ecf90e03aaeedb90f5a80fb8d274806100166178365b0a7e035e4fa04883d39365e5951c8fa3ad9c75e521e39937b9894837ed4b7b3f33e15b96a9f10f440d", 0x75}], 0x3, &(0x7f0000003d80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @loopback}}}, @ip_ttl={{0x14}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @empty, @multicast1}}}], 0x78}, 0x20040800) r6 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) ioctl$RTC_UIE_ON(r2, 0x7003) write$binfmt_aout(r6, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r6, r6, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:34:42 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x0, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:34:42 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r1 = dup3(r0, r0, 0x0) getsockopt$ax25_int(r1, 0x101, 0xf, &(0x7f00000000c0), &(0x7f0000000100)=0x4) keyctl$setperm(0x5, 0x0, 0xf8ffffff) r2 = request_key(&(0x7f0000000640)='cifs.spnego\x00', &(0x7f0000000680)={'syz', 0x0}, &(0x7f00000006c0)='trustedkeyring^ppp1!)\x00', 0xfffffffffffffffa) r3 = request_key(&(0x7f0000000080)='ceph\x00', &(0x7f0000000600)={'syz', 0x2}, &(0x7f0000000380)='/dev%cRec#', r2) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000200)={{{@in6, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@local}}, &(0x7f0000000140)=0xe8) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000440)={'bridge0\x00', 0x2400}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, r3, r4, r5) 20:34:42 executing program 1: syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x2, 0x600040) r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$inet_udp_int(r0, 0x11, 0x6f, &(0x7f0000000180), &(0x7f0000000200)=0x4) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r1 = add_key(&(0x7f0000000040)='trusted\x00', &(0x7f0000000080)={'syz', 0x3}, &(0x7f00000000c0)="8e8ac717319abd2476bacedbd5e159af57a2f795be5203a66fd513502485b21b4845d7c9cc3eead510d190318100a139844809b6f82bf930e115f534a5b328d9ca65a0670c11ee9b0c20c2069fdc373b4f8d63fc3a48f28e71a6825ec6d2800ef14a2fa5167ecc09e882e18d9d889e0b2755cf1d721f4046fbb59e622e14cc6cedcaed5281c7fdcff9bc71815e21e25d9cf1898f18c9d6630ce33d377c6d8d4062b96a3098", 0xa5, 0xfffffffffffffffb) keyctl$setperm(0x5, r1, 0x2000) 20:34:42 executing program 2: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) 20:34:42 executing program 3 (fault-call:2 fault-nth:27): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:34:42 executing program 2: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) 20:34:42 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r1 = dup3(r0, r0, 0x0) getsockopt$ax25_int(r1, 0x101, 0xf, &(0x7f00000000c0), &(0x7f0000000100)=0x4) keyctl$setperm(0x5, 0x0, 0xf8ffffff) r2 = request_key(&(0x7f0000000640)='cifs.spnego\x00', &(0x7f0000000680)={'syz', 0x0}, &(0x7f00000006c0)='trustedkeyring^ppp1!)\x00', 0xfffffffffffffffa) r3 = request_key(&(0x7f0000000080)='ceph\x00', &(0x7f0000000600)={'syz', 0x2}, &(0x7f0000000380)='/dev%cRec#', r2) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000200)={{{@in6, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@local}}, &(0x7f0000000140)=0xe8) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, r3, r4, r5) 20:34:42 executing program 1: r0 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)="545c7a02622e2fae65c463b24a2b8aafb4858a72b3851cbe0ec17d32b35943f318ec5f3253113d41469ea3d3ff68121e0b340acb609b6127f56d269cbd3ff2896a032a6dd6da31e16feb8cf5190048ae6d906c50c92d041f03a82ae1e29919cce910d7b547ba9694758c1748615de3a1fe322ad6c642af011d5f74ca75aa435f42fd771862b18b6462418bc07b5c1418f096ad0e515b0b0d22", 0x99, 0xffffffffffffffff) keyctl$setperm(0x5, r0, 0x801) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") keyctl$setperm(0x5, 0x0, 0xf8ffffff) [ 513.466087][T21658] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 513.494804][T21658] FAULT_INJECTION: forcing a failure. [ 513.494804][T21658] name failslab, interval 1, probability 0, space 0, times 0 [ 513.542183][T21658] CPU: 0 PID: 21658 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 513.550195][T21658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 513.560245][T21658] Call Trace: [ 513.563543][T21658] dump_stack+0x1d8/0x2f8 [ 513.567882][T21658] should_fail+0x608/0x860 [ 513.572301][T21658] ? setup_fault_attr+0x2b0/0x2b0 [ 513.577321][T21658] ? __kernfs_new_node+0x99/0x6e0 [ 513.582343][T21658] __should_failslab+0x11a/0x160 [ 513.587280][T21658] ? __kernfs_new_node+0x99/0x6e0 20:34:42 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x0, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:34:42 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r1 = dup3(r0, r0, 0x0) getsockopt$ax25_int(r1, 0x101, 0xf, &(0x7f00000000c0), &(0x7f0000000100)=0x4) keyctl$setperm(0x5, 0x0, 0xf8ffffff) r2 = request_key(&(0x7f0000000640)='cifs.spnego\x00', &(0x7f0000000680)={'syz', 0x0}, &(0x7f00000006c0)='trustedkeyring^ppp1!)\x00', 0xfffffffffffffffa) r3 = request_key(&(0x7f0000000080)='ceph\x00', &(0x7f0000000600)={'syz', 0x2}, &(0x7f0000000380)='/dev%cRec#', r2) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, r3, 0x0, r4) [ 513.592299][T21658] should_failslab+0x9/0x20 [ 513.596798][T21658] __kmalloc_track_caller+0x79/0x340 [ 513.602082][T21658] kstrdup_const+0x55/0x90 [ 513.606500][T21658] __kernfs_new_node+0x99/0x6e0 [ 513.611608][T21658] ? __kasan_check_write+0x14/0x20 [ 513.616802][T21658] ? kernfs_new_node+0x180/0x180 [ 513.621731][T21658] ? trace_lock_release+0x135/0x1a0 [ 513.626934][T21658] kernfs_new_node+0x97/0x180 [ 513.631608][T21658] kernfs_create_link+0xbb/0x210 [ 513.636551][T21658] sysfs_do_create_link_sd+0x89/0x120 [ 513.641919][T21658] sysfs_create_link+0x68/0x80 [ 513.646680][T21658] device_add+0xa32/0x1570 [ 513.646696][T21658] ? dev_set_name+0x110/0x110 [ 513.655774][T21658] ? debugfs_create_dir+0x37/0x440 [ 513.655787][T21658] ? memset+0x31/0x40 [ 513.655799][T21658] hci_register_dev+0x331/0x720 [ 513.655814][T21658] hci_uart_tty_ioctl+0x8ad/0xa20 [ 513.655823][T21658] ? hci_uart_tty_write+0x10/0x10 [ 513.655836][T21658] tty_ioctl+0xfa8/0x1610 [ 513.655845][T21658] ? tty_do_resize+0x180/0x180 20:34:42 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) [ 513.655861][T21658] ? rcu_lock_release+0x9/0x30 [ 513.693817][T21658] ? __lock_acquire+0x4750/0x4750 [ 513.698846][T21658] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 513.704481][T21658] ? tomoyo_path_number_perm+0x587/0x740 [ 513.710114][T21658] ? trace_hardirqs_on+0x74/0x80 [ 513.715049][T21658] ? tomoyo_path_number_perm+0x5f0/0x740 [ 513.720767][T21658] ? tomoyo_check_path_acl+0x180/0x180 [ 513.726222][T21658] ? smk_access+0x4f0/0x4f0 [ 513.730719][T21658] ? smk_access+0x18c/0x4f0 [ 513.735231][T21658] ? tty_do_resize+0x180/0x180 [ 513.739998][T21658] do_vfs_ioctl+0x7d4/0x18f0 [ 513.744588][T21658] ? ioctl_preallocate+0x240/0x240 [ 513.749698][T21658] ? fget_many+0x30/0x30 [ 513.753936][T21658] ? debug_smp_processor_id+0x1c/0x20 [ 513.759308][T21658] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 513.765372][T21658] ? tomoyo_file_ioctl+0x23/0x30 [ 513.770307][T21658] ? security_file_ioctl+0xa1/0xd0 [ 513.775420][T21658] __x64_sys_ioctl+0xe3/0x120 [ 513.780101][T21658] do_syscall_64+0xfe/0x140 [ 513.784600][T21658] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 513.790488][T21658] RIP: 0033:0x459829 [ 513.794380][T21658] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 513.813987][T21658] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 513.822489][T21658] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 513.830463][T21658] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 513.838433][T21658] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 513.846396][T21658] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 513.854464][T21658] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 513.863731][T21658] Bluetooth: Can't register HCI device [ 513.950212][T21684] FAT-fs (loop4): error, invalid access to FAT (entry 0x00006500) [ 513.960242][T21684] FAT-fs (loop4): Filesystem has been set read-only 20:34:43 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000400)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:34:43 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) 20:34:43 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008913, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x80, 0x0) setsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x3, &(0x7f0000000080)=0x1a, 0x4) keyctl$setperm(0x5, 0x0, 0xf8ffffff) 20:34:43 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r1 = dup3(r0, r0, 0x0) getsockopt$ax25_int(r1, 0x101, 0xf, &(0x7f00000000c0), &(0x7f0000000100)=0x4) keyctl$setperm(0x5, 0x0, 0xf8ffffff) request_key(&(0x7f0000000640)='cifs.spnego\x00', &(0x7f0000000680)={'syz', 0x0}, &(0x7f00000006c0)='trustedkeyring^ppp1!)\x00', 0xfffffffffffffffa) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r2) 20:34:43 executing program 3 (fault-call:2 fault-nth:28): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:34:43 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) [ 514.327325][T21698] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 514.367375][T21698] FAULT_INJECTION: forcing a failure. 20:34:43 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r1 = dup3(r0, r0, 0x0) getsockopt$ax25_int(r1, 0x101, 0xf, &(0x7f00000000c0), &(0x7f0000000100)=0x4) keyctl$setperm(0x5, 0x0, 0xf8ffffff) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r2) 20:34:43 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) 20:34:43 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) [ 514.367375][T21698] name failslab, interval 1, probability 0, space 0, times 0 [ 514.405138][T21698] CPU: 0 PID: 21698 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 514.413176][T21698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 514.423245][T21698] Call Trace: [ 514.426565][T21698] dump_stack+0x1d8/0x2f8 [ 514.431270][T21698] should_fail+0x608/0x860 [ 514.435694][T21698] ? setup_fault_attr+0x2b0/0x2b0 [ 514.440724][T21698] ? __kernfs_new_node+0x99/0x6e0 [ 514.445753][T21698] __should_failslab+0x11a/0x160 20:34:43 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) 20:34:43 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) [ 514.450695][T21698] ? __kernfs_new_node+0x99/0x6e0 [ 514.455893][T21698] should_failslab+0x9/0x20 [ 514.460410][T21698] __kmalloc_track_caller+0x79/0x340 [ 514.465694][T21698] kstrdup_const+0x55/0x90 [ 514.470116][T21698] __kernfs_new_node+0x99/0x6e0 [ 514.475058][T21698] ? __kasan_check_write+0x14/0x20 [ 514.480168][T21698] ? kernfs_new_node+0x180/0x180 [ 514.485109][T21698] ? trace_lock_release+0x135/0x1a0 [ 514.490339][T21698] kernfs_new_node+0x97/0x180 [ 514.495014][T21698] kernfs_create_link+0xbb/0x210 [ 514.499958][T21698] sysfs_do_create_link_sd+0x89/0x120 [ 514.505329][T21698] sysfs_create_link+0x68/0x80 [ 514.510093][T21698] device_add+0xa32/0x1570 [ 514.514606][T21698] ? dev_set_name+0x110/0x110 [ 514.519288][T21698] ? debugfs_create_dir+0x37/0x440 [ 514.524400][T21698] ? memset+0x31/0x40 [ 514.528383][T21698] hci_register_dev+0x331/0x720 [ 514.533239][T21698] hci_uart_tty_ioctl+0x8ad/0xa20 [ 514.538262][T21698] ? hci_uart_tty_write+0x10/0x10 [ 514.543373][T21698] tty_ioctl+0xfa8/0x1610 [ 514.547705][T21698] ? tty_do_resize+0x180/0x180 20:34:43 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) [ 514.552469][T21698] ? rcu_lock_release+0x9/0x30 [ 514.557240][T21698] ? __lock_acquire+0x4750/0x4750 [ 514.562268][T21698] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 514.567904][T21698] ? tomoyo_path_number_perm+0x587/0x740 [ 514.573544][T21698] ? trace_hardirqs_on+0x74/0x80 [ 514.578487][T21698] ? tomoyo_path_number_perm+0x5f0/0x740 [ 514.584118][T21698] ? tomoyo_check_path_acl+0x180/0x180 [ 514.589749][T21698] ? smk_access+0x4f0/0x4f0 [ 514.594340][T21698] ? smk_access+0x18c/0x4f0 [ 514.598840][T21698] ? tty_do_resize+0x180/0x180 [ 514.598858][T21698] do_vfs_ioctl+0x7d4/0x18f0 [ 514.608244][T21698] ? ioctl_preallocate+0x240/0x240 [ 514.613355][T21698] ? fget_many+0x30/0x30 [ 514.613366][T21698] ? debug_smp_processor_id+0x1c/0x20 [ 514.613375][T21698] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 514.613387][T21698] ? tomoyo_file_ioctl+0x23/0x30 [ 514.613399][T21698] ? security_file_ioctl+0xa1/0xd0 [ 514.613411][T21698] __x64_sys_ioctl+0xe3/0x120 [ 514.613426][T21698] do_syscall_64+0xfe/0x140 [ 514.613438][T21698] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 514.613451][T21698] RIP: 0033:0x459829 [ 514.658118][T21698] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 514.677810][T21698] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 514.686231][T21698] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 514.694287][T21698] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 514.702262][T21698] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 514.710300][T21698] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 514.719461][T21698] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 514.729893][T21698] Bluetooth: Can't register HCI device 20:34:44 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:34:44 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r1 = dup3(r0, r0, 0x0) getsockopt$ax25_int(r1, 0x101, 0xf, &(0x7f00000000c0), &(0x7f0000000100)=0x4) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r2) 20:34:44 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)) add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) 20:34:44 executing program 3 (fault-call:2 fault-nth:29): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:34:44 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000080)="11dca50d5e0bcfe47bf070") keyctl$setperm(0x5, 0x0, 0xf8ffffff) r1 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000240)=ANY=[@ANYRES32=0x0, @ANYBLOB="008003000600c0ff0700c4bffc7e673b897831cd2c1d166c165107698e21dd130f86354d31c4f70fd41a1a156e374ed89c01d4e3993e45525962c8ccd2310f35d9e7731fbddd0989e04cf8ebd4d7b8608d59e09bdb83ea85438518409baccebb5a4649b666e7fb968eac389da3b1f5542824d74b0d2959196db28884fb50126656357a136a2c32b17131db8a129e8509125ad34e9c38935a1e0ad2973f1657a84c286f18bf4e93ffffffff546a300ae171290748f9edc7ca9077a275746f3e356c24e62b8b81f0d4ae77468d869e75ce7fa90c88af057505aec7ac112f2e6827b8399356d078baa4ad0da9fd7ae3b5132944e0f37c38287ef3a8077871be84c0a008373bcefc65771d8428e49c11b0125373b65d6cd04819262845670e9b884a7bafa664e490840b42beecfab0e40f229a84cea0a0e0ead4f55a0f9660ccf29e964d7bb52b048420731a2d11c290dc729bff572df69f3754"], &(0x7f0000000100)=0xe) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000140)={0x3108, 0x6, 0x80000000, 0x100000001, r2}, &(0x7f0000000180)=0x10) ioctl$RTC_PLL_GET(r1, 0x80207011, &(0x7f0000000040)) 20:34:44 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:34:44 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, 0x0, 0x0) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:34:44 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") dup3(r0, r0, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) 20:34:44 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)) add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) 20:34:44 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") keyctl$setperm(0x5, 0x0, 0xf8ffffff) r1 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x200, 0x0) setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f00000000c0)={0x7fff}, 0x4) syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0xa14b, 0x400100) ioctl$sock_inet_tcp_SIOCINQ(r1, 0x541b, &(0x7f0000000040)) [ 515.293261][T21732] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 515.323168][T21732] FAULT_INJECTION: forcing a failure. [ 515.323168][T21732] name failslab, interval 1, probability 0, space 0, times 0 20:34:44 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)) add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) 20:34:44 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) [ 515.362611][T21732] CPU: 0 PID: 21732 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 515.370626][T21732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 515.380678][T21732] Call Trace: [ 515.384243][T21732] dump_stack+0x1d8/0x2f8 [ 515.388603][T21732] should_fail+0x608/0x860 [ 515.393028][T21732] ? setup_fault_attr+0x2b0/0x2b0 [ 515.398101][T21732] ? __lock_acquire+0x4750/0x4750 [ 515.403218][T21732] __should_failslab+0x11a/0x160 [ 515.408152][T21732] ? __kernfs_new_node+0xd9/0x6e0 [ 515.413202][T21732] should_failslab+0x9/0x20 [ 515.417737][T21732] kmem_cache_alloc+0x56/0x2e0 [ 515.422503][T21732] __kernfs_new_node+0xd9/0x6e0 [ 515.427438][T21732] ? trace_lock_release+0x135/0x1a0 [ 515.432732][T21732] ? kernfs_new_node+0x180/0x180 [ 515.437773][T21732] ? __lock_acquire+0x4750/0x4750 [ 515.442796][T21732] ? mutex_lock_io_nested+0x60/0x60 [ 515.448003][T21732] ? __kasan_check_write+0x14/0x20 [ 515.453484][T21732] kernfs_new_node+0x97/0x180 [ 515.458159][T21732] kernfs_create_dir_ns+0x44/0x130 [ 515.463271][T21732] internal_create_group+0x234/0xdf0 [ 515.468644][T21732] ? mutex_unlock+0xd/0x10 [ 515.473060][T21732] ? sysfs_create_group+0x30/0x30 [ 515.478086][T21732] ? __kasan_check_write+0x14/0x20 [ 515.483283][T21732] ? kernfs_put+0x48/0x4a0 [ 515.487698][T21732] ? kernfs_create_link+0x1a6/0x210 [ 515.492911][T21732] sysfs_create_group+0x1f/0x30 [ 515.497761][T21732] dpm_sysfs_add+0x5d/0x250 [ 515.502256][T21732] device_add+0xba3/0x1570 [ 515.506673][T21732] ? device_add+0xa41/0x1570 [ 515.511260][T21732] ? dev_set_name+0x110/0x110 [ 515.515945][T21732] ? debugfs_create_dir+0x37/0x440 [ 515.521052][T21732] ? memset+0x31/0x40 [ 515.525031][T21732] hci_register_dev+0x331/0x720 [ 515.530067][T21732] hci_uart_tty_ioctl+0x8ad/0xa20 [ 515.535100][T21732] ? hci_uart_tty_write+0x10/0x10 [ 515.540133][T21732] tty_ioctl+0xfa8/0x1610 [ 515.544468][T21732] ? tty_do_resize+0x180/0x180 [ 515.549255][T21732] ? rcu_lock_release+0x9/0x30 [ 515.554108][T21732] ? __lock_acquire+0x4750/0x4750 [ 515.559136][T21732] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 515.564766][T21732] ? tomoyo_path_number_perm+0x587/0x740 [ 515.570417][T21732] ? trace_hardirqs_on+0x74/0x80 [ 515.575354][T21732] ? tomoyo_path_number_perm+0x5f0/0x740 [ 515.581363][T21732] ? tomoyo_check_path_acl+0x180/0x180 [ 515.587282][T21732] ? smk_access+0x4f0/0x4f0 [ 515.591804][T21732] ? smk_access+0x18c/0x4f0 [ 515.596312][T21732] ? tty_do_resize+0x180/0x180 [ 515.601096][T21732] do_vfs_ioctl+0x7d4/0x18f0 [ 515.605694][T21732] ? ioctl_preallocate+0x240/0x240 [ 515.610820][T21732] ? fget_many+0x30/0x30 [ 515.615072][T21732] ? debug_smp_processor_id+0x1c/0x20 [ 515.620441][T21732] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 515.626681][T21732] ? tomoyo_file_ioctl+0x23/0x30 [ 515.631649][T21732] ? security_file_ioctl+0xa1/0xd0 [ 515.636752][T21732] __x64_sys_ioctl+0xe3/0x120 [ 515.641591][T21732] do_syscall_64+0xfe/0x140 [ 515.646081][T21732] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 515.651960][T21732] RIP: 0033:0x459829 [ 515.655856][T21732] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 515.675569][T21732] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 515.683977][T21732] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 515.692042][T21732] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 515.700046][T21732] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 515.708021][T21732] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 515.716003][T21732] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 515.726157][T21732] Bluetooth: Can't register HCI device 20:34:45 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) setsockopt$packet_tx_ring(r1, 0x107, 0xd, &(0x7f0000000600)=@req={0x7, 0x1, 0x200, 0x1}, 0x10) accept4$llc(r0, 0x0, &(0x7f0000000400), 0x80000) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) ioctl$VIDIOC_S_FBUF(r1, 0x4030560b, &(0x7f0000000500)={0x0, 0x4b, &(0x7f0000000440)="a34d7e34c1d100f0a970dadf281985f4243cd46f250162b4b24b26fb04c10690bd77a413879818776a7129dc4ea05e45840e0a124246a5a2e5904ae610c50f939befec67976b8ed99924eeac9ec185c837f87b8f83b78693b71bb180041602821f562559aacd1690994ca9835badd050fe5cb119ab5d0856063401a3b3f68f16184c65761314682a226db1b50b5d147f5ebdcd163f286520cf8f3a8cc80f0969d26aa28d74793340c19c3f2ed49a9938d757a60276", {0x8, 0x1000, 0x51424752, 0xd, 0x0, 0x4, 0xf, 0xb8}}) 20:34:45 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0b") add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) 20:34:45 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r1 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vsock\x00', 0x2000, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000100)=0x1) r2 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x0, 0x0) getsockopt$bt_l2cap_L2CAP_OPTIONS(r2, 0x6, 0x1, &(0x7f0000000040), &(0x7f0000000080)=0xc) keyctl$setperm(0x5, 0x0, 0xf9000001) 20:34:45 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) 20:34:45 executing program 3 (fault-call:2 fault-nth:30): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:34:45 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, 0x0, 0x0) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:34:45 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0b") add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) 20:34:45 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) [ 516.135165][T21776] Unknown ioctl -1073449922 [ 516.139644][T21781] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 516.147932][T21776] Unknown ioctl -1073449922 20:34:45 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") ioctl$sock_ifreq(r0, 0x8917, &(0x7f0000000000)={'rose0\x00', @ifru_hwaddr=@local}) keyctl$setperm(0x5, 0x0, 0xf8ffffff) [ 516.196761][T21781] FAULT_INJECTION: forcing a failure. [ 516.196761][T21781] name failslab, interval 1, probability 0, space 0, times 0 [ 516.221961][T21781] CPU: 1 PID: 21781 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 516.229980][T21781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 516.240058][T21781] Call Trace: [ 516.243367][T21781] dump_stack+0x1d8/0x2f8 [ 516.247714][T21781] should_fail+0x608/0x860 [ 516.252136][T21781] ? setup_fault_attr+0x2b0/0x2b0 [ 516.257160][T21781] ? __lock_acquire+0x4750/0x4750 [ 516.262188][T21781] __should_failslab+0x11a/0x160 [ 516.267304][T21781] ? __kernfs_new_node+0xd9/0x6e0 [ 516.272412][T21781] should_failslab+0x9/0x20 [ 516.272423][T21781] kmem_cache_alloc+0x56/0x2e0 [ 516.272435][T21781] __kernfs_new_node+0xd9/0x6e0 [ 516.272444][T21781] ? __kasan_check_write+0x14/0x20 [ 516.272454][T21781] ? kernfs_new_node+0x180/0x180 20:34:45 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) 20:34:45 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0b") add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) [ 516.272466][T21781] ? __mutex_unlock_slowpath+0x18c/0x630 [ 516.272475][T21781] ? mutex_unlock+0x10/0x10 [ 516.272484][T21781] ? mutex_unlock+0xd/0x10 [ 516.272491][T21781] ? kernfs_activate+0x213/0x230 [ 516.272502][T21781] kernfs_new_node+0x97/0x180 [ 516.281764][T21781] __kernfs_create_file+0x4a/0x2f0 [ 516.281775][T21781] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 516.281788][T21781] sysfs_merge_group+0x1f3/0x3c0 [ 516.336999][T21781] ? sysfs_remove_groups+0xb0/0xb0 [ 516.342124][T21781] dpm_sysfs_add+0xcc/0x250 20:34:45 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47b") add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) [ 516.346641][T21781] device_add+0xba3/0x1570 [ 516.351070][T21781] ? device_add+0xa41/0x1570 [ 516.355669][T21781] ? dev_set_name+0x110/0x110 [ 516.360372][T21781] ? debugfs_create_dir+0x37/0x440 [ 516.365492][T21781] ? memset+0x31/0x40 [ 516.369483][T21781] hci_register_dev+0x331/0x720 [ 516.374350][T21781] hci_uart_tty_ioctl+0x8ad/0xa20 [ 516.379383][T21781] ? hci_uart_tty_write+0x10/0x10 [ 516.384412][T21781] tty_ioctl+0xfa8/0x1610 [ 516.388737][T21781] ? tty_do_resize+0x180/0x180 [ 516.393518][T21781] ? rcu_lock_release+0x9/0x30 [ 516.393534][T21781] ? __lock_acquire+0x4750/0x4750 [ 516.403459][T21781] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 516.403467][T21781] ? tomoyo_path_number_perm+0x587/0x740 [ 516.403475][T21781] ? trace_hardirqs_on+0x74/0x80 [ 516.403484][T21781] ? tomoyo_path_number_perm+0x5f0/0x740 [ 516.403495][T21781] ? tomoyo_check_path_acl+0x180/0x180 [ 516.403504][T21781] ? smk_access+0x4f0/0x4f0 [ 516.403512][T21781] ? smk_access+0x18c/0x4f0 [ 516.403522][T21781] ? tty_do_resize+0x180/0x180 [ 516.403532][T21781] do_vfs_ioctl+0x7d4/0x18f0 [ 516.403542][T21781] ? ioctl_preallocate+0x240/0x240 [ 516.403556][T21781] ? fget_many+0x30/0x30 [ 516.403564][T21781] ? debug_smp_processor_id+0x1c/0x20 [ 516.403573][T21781] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 516.403583][T21781] ? tomoyo_file_ioctl+0x23/0x30 [ 516.403594][T21781] ? security_file_ioctl+0xa1/0xd0 [ 516.403601][T21781] __x64_sys_ioctl+0xe3/0x120 [ 516.403616][T21781] do_syscall_64+0xfe/0x140 [ 516.403628][T21781] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 516.403636][T21781] RIP: 0033:0x459829 [ 516.403643][T21781] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 516.403647][T21781] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 516.403655][T21781] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 516.403670][T21781] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 20:34:45 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000400), &(0x7f0000000440)=0x4) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, &(0x7f0000000600)={0x0, @in={{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x11}}}, [0x8, 0x196228cd, 0x101, 0x5, 0x29, 0xfffffffffffffff9, 0x8, 0x51f3, 0x4e, 0x3c, 0x1ff, 0xfffffffffffff801, 0x5, 0xabd, 0xfffffffffffffff8]}, &(0x7f0000000480)=0x100) getsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f00000004c0)={r4, 0x4}, &(0x7f0000000500)=0x8) 20:34:45 executing program 0: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r0) 20:34:45 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47b") add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) 20:34:45 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r1 = creat(&(0x7f00000000c0)='./file0/bus\x00', 0x0) fcntl$lock(r1, 0x7, &(0x7f0000027000)={0x1}) r2 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) fchdir(r2) r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) accept4$bt_l2cap(r2, &(0x7f0000000100), &(0x7f0000000140)=0xe, 0x80800) write$binfmt_aout(r3, &(0x7f0000000100)=ANY=[], 0x225) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000300), 0x7fff) r4 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x5, 0x8000) ioctl$TCSETAF(r4, 0x5408, &(0x7f0000000040)={0x1, 0x3, 0x1, 0x6, 0x1b, 0x6, 0x9, 0x3d, 0xc000000000000000, 0xb8d}) keyctl$setperm(0x5, 0x0, 0xf8ffffff) 20:34:45 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, 0x0, 0x0) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:34:45 executing program 3 (fault-call:2 fault-nth:31): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:34:45 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47b") add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) [ 516.543547][T21781] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 516.551498][T21781] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 516.559448][T21781] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 516.571380][T21781] Bluetooth: Can't register HCI device 20:34:45 executing program 0: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r0) 20:34:45 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[], 0x0) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) [ 516.660966][T21820] debugfs: Directory 'hci0' with parent 'bluetooth' already present! 20:34:45 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf0") add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) 20:34:45 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf0") add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) [ 516.718473][T21820] FAULT_INJECTION: forcing a failure. [ 516.718473][T21820] name failslab, interval 1, probability 0, space 0, times 0 [ 516.732212][T21820] CPU: 1 PID: 21820 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 516.740306][T21820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 516.750388][T21820] Call Trace: [ 516.753686][T21820] dump_stack+0x1d8/0x2f8 [ 516.758017][T21820] should_fail+0x608/0x860 [ 516.762431][T21820] ? setup_fault_attr+0x2b0/0x2b0 [ 516.767449][T21820] ? __lock_acquire+0x4750/0x4750 [ 516.772478][T21820] __should_failslab+0x11a/0x160 [ 516.777409][T21820] ? __kernfs_new_node+0xd9/0x6e0 [ 516.777420][T21820] should_failslab+0x9/0x20 [ 516.777434][T21820] kmem_cache_alloc+0x56/0x2e0 [ 516.786919][T21820] __kernfs_new_node+0xd9/0x6e0 [ 516.786931][T21820] ? __kasan_check_write+0x14/0x20 [ 516.786942][T21820] ? kernfs_new_node+0x180/0x180 [ 516.806903][T21820] ? __mutex_unlock_slowpath+0x18c/0x630 [ 516.812569][T21820] ? mutex_unlock+0x10/0x10 20:34:46 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf0") add_key(&(0x7f0000000200)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) [ 516.812581][T21820] ? mutex_unlock+0xd/0x10 [ 516.812591][T21820] ? kernfs_activate+0x213/0x230 [ 516.812599][T21820] kernfs_new_node+0x97/0x180 [ 516.812609][T21820] __kernfs_create_file+0x4a/0x2f0 [ 516.812618][T21820] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 516.812630][T21820] sysfs_merge_group+0x1f3/0x3c0 [ 516.812642][T21820] ? sysfs_remove_groups+0xb0/0xb0 [ 516.812656][T21820] dpm_sysfs_add+0xcc/0x250 [ 516.812668][T21820] device_add+0xba3/0x1570 [ 516.812682][T21820] ? device_add+0xa41/0x1570 [ 516.821606][T21820] ? dev_set_name+0x110/0x110 [ 516.821620][T21820] ? debugfs_create_dir+0x37/0x440 [ 516.821635][T21820] ? memset+0x31/0x40 [ 516.879215][T21820] hci_register_dev+0x331/0x720 [ 516.884080][T21820] hci_uart_tty_ioctl+0x8ad/0xa20 [ 516.889286][T21820] ? hci_uart_tty_write+0x10/0x10 [ 516.894311][T21820] tty_ioctl+0xfa8/0x1610 [ 516.898640][T21820] ? tty_do_resize+0x180/0x180 [ 516.903406][T21820] ? rcu_lock_release+0x9/0x30 [ 516.908263][T21820] ? __lock_acquire+0x4750/0x4750 [ 516.913306][T21820] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 516.918938][T21820] ? tomoyo_path_number_perm+0x587/0x740 [ 516.924658][T21820] ? trace_hardirqs_on+0x74/0x80 [ 516.929727][T21820] ? tomoyo_path_number_perm+0x5f0/0x740 [ 516.935453][T21820] ? tomoyo_check_path_acl+0x180/0x180 [ 516.943707][T21820] ? smk_access+0x4f0/0x4f0 [ 516.950389][T21820] ? smk_access+0x18c/0x4f0 [ 516.954899][T21820] ? tty_do_resize+0x180/0x180 [ 516.959674][T21820] do_vfs_ioctl+0x7d4/0x18f0 [ 516.964299][T21820] ? ioctl_preallocate+0x240/0x240 [ 516.969392][T21820] ? fget_many+0x30/0x30 [ 516.973622][T21820] ? debug_smp_processor_id+0x1c/0x20 [ 516.979039][T21820] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 516.985084][T21820] ? tomoyo_file_ioctl+0x23/0x30 [ 516.990053][T21820] ? security_file_ioctl+0xa1/0xd0 [ 516.995182][T21820] __x64_sys_ioctl+0xe3/0x120 [ 516.999864][T21820] do_syscall_64+0xfe/0x140 [ 517.004351][T21820] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 517.010278][T21820] RIP: 0033:0x459829 [ 517.014195][T21820] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 517.033800][T21820] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 517.042220][T21820] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 517.050171][T21820] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 517.058123][T21820] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 517.066089][T21820] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 517.074051][T21820] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 517.083236][T21820] Bluetooth: Can't register HCI device 20:34:46 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000005c0)={&(0x7f0000ffb000/0x4000)=nil, 0x4000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) mq_open(&(0x7f0000000180)='/dev/ptmx\x00', 0x7fd, 0x88, &(0x7f0000000500)={0x7, 0x6, 0x8, 0x9, 0x6, 0x80000000, 0x2, 0x3ef7}) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000400)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70ff4030000e30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b25530b1056033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e190bb705ae7a76f42f07d3dd4259adea98c0771e17f4670b122b8af13f0327731525299b88988a950ff50af39ce37305fece3ba88d7621d93ab833aa3278bfaad3f61da61809b0bbd72f2bd95800cbad7a130e2eb1be98"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:34:46 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") add_key(0x0, &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) 20:34:46 executing program 0: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r0) 20:34:46 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[], 0x0) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:34:46 executing program 3 (fault-call:2 fault-nth:32): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:34:46 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x2, 0x2) ioctl(r0, 0x4, &(0x7f0000000240)="111fee80bdf9c1d8b55dcd51cd2fae6d0283709496d57ca082cd43f162ad85a4485b80b13e2c7acec2f5bbc2577674806fc662927120237c944d1b67770262508b03e1a9f78ed5404802a0e94237237246d1adfe636fb450628abe2b25f477022e6c5b9017f323600622e41b0ec2545e511c1d3acc095d055ae599f369eb2dc17134c48b8db15ad7b2d0b132734f8a598be21d06885cac006c326fdaa9bb4b63341c90d0a3ff14da24a5811d41013d5d3141647b2ffc19765c7bbd0cb132df7b0e3bef3cf87f") r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00') getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000015c0)={{{@in6=@local, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in=@empty}}, &(0x7f00000016c0)=0xe8) sendto$packet(r1, &(0x7f0000000340)="0916fb806257b9d395c47c40aedc611b0e716dc5e4c5e860e22823ca434e954aa330bfbe80f161ba4b5efb407b81bb58155f62933825fb1ca96e9aee1849ac9a763a16592e0c52665c766d3a28dbb559ba013b5806cfeb964b5dd6ad0b1e57ab0fb086efdeb247aeefcde85cb23e773281b9bce68a9df4f567139f2c1509a26da9933fb9386dc48a5f5211970facedbc26c971014c7774567eafe12e8c27df5c6e60170b26bc160b78b0c77618ac423c26d62c03714f16ff7bee6259de49b7e23075a598c88f9ecbb956973ecd2225b018a75153a147662b0bf6b7b95ae5c3b6577b9b1b168df9d7afc042f986fad498f6130062bc16ec07b7c854232dd2bc79aebaa0ccf83a50fda761cba0eccca11be539bd038c51dad044cff5411348548a3bfac30363b13cece582a6b45a1a5e026cd553601c106844f1aaa9c67b44358f657b5766aecfa666011b10002229f8060cfc4cb0c162a9efea31c5664a76bb78597c6291accfdc971a94d2e250f21502c684d5f79f5ad12bdb6d52ad55b3de6215a52b804f35253e14c0decd71397d7a3476be6a62a63b65b851784c63262fcb8438fe93ee80531ddcc930425a124217e130d26ec1beb8c093ce4021d23c6ba79abb44acbe9aadcc994d1ed208e2071d6079794ed2c53e96059e9593f916f864c88f12abc06f6a690dcd506fbd0d99d8692e85c7607e0695c401336d1e811e6e67c943eafc8c95c1f4b32be1ce5fd053a33747412ecb74bc943154e1f26cdf921e0e0462a23a084f12dd7eaae6b748943c1fd2964baf6640696c46fa859433cd476e95e796ceea2e016b6335a8ee3075fe95accb41e168528dc9083899f1ea011c077daf087a363eb366727442ab92cae9c74247579530bfbf3d5f1630e63db832854256e801151c89d7adce2e110bf4c2783863a54a52cfacafaff7171dd4f4b54acfec77b50d98db258ca028197fe9cdc0910462da169e7ab3763b61b2be52c8681fb120096da78d7b2af35f4a6fed6157a1ce49b29015e0397933dbaa4fb0b19f32b2bc96509ee91635a43fe7d21e2e39915e2235c6e918effcdd979d6a0838813aac84778a7e458b774c1a60be444493cdb53a128b10af560c092b854100c948d010d0cd962e132c702204181cf83a7062a6aa09661345c996d890a96d9f10d83ae82345871501ac65ccf55a2c2ae147d052fd82d6a2f7568f91076468df309e61a50692de10b3586af5053a0ccf3bda0b0900e24b7b0da8a785bd9736cdc4adcaa5f99382154166f2ba308fe9aa8d86e65e66514507c7339d281364a0706f19dee6334cb153eabdafd2201023e0f001fb904f20a4f7caa18bd617e392d9662f513ed43f7131334d95c72e76b485d79d5fbf0cf1344914e02980a63dac85928dd7f1036ff1a4d6be07eb6c58258327700a9559f8fb08ef616399cb6fb257572dcd80df7552a3b2483257f0dab44c380beffc6b3c371d4c86ad4989860859ff88408b4fe7de255ece2814eb32a3a2794297a2d50f639ccca8bf6a39fc7ce5874c1b2216157274e1963954e62982d7ce96a09b672ada4b16351a844e14c893f32532ccde9343ca5522375df0d8b70c1777df8f707a4f7341083a5c61e4cc2bde3f3cae4408315d588c538e3d052b72ec974415555fd4eb828760774e645d3018236d7c2d518046722a68461744d99e051ce520c89c9f3e1df3f549c30a1240e86db0030b855f575d3d15ce81a9ad7ca0a977a8d304ff306f9263c6ad6b2fe60b19f348c0210ebe20c2ae5891b2316efdcaf07d3b553e9e5385b61e09414ddacef75c824b6690d72e7b028cb34a597f17e831305af614cd5729839409ae2c7cb458bc1005d8e4c49977790d94f9736ab0a156893ee0fdbf5fd80104bf3ae35542acf4533926ad4db3024dff510c1bab1e18ab3e58dcfe8a64de73d0f15131ba5809422412f1a820d78e8135e40c580c27c1da6cdf6aa4f321622b62e232d88054e788b05d07a8629fb12b3e747edd079c40e6e7b7aa1c7727ef64e438aaa53c4b2780685bdc75d598e75456d17a8e3e77e8756bff04f3779d02bc70aa80230a3d67c1ecb2a7ac539787e8fb83d0da4d1af377b1e556006d0005c3d265b87772296b4e703c551a4096614c94559615bd6df1785a9a0528d5f2beebc1bc3223a188dcb024caeda9295b0357d72f2d213edbc988aba2ef5d5b78ba511a704523c0af6826056fcb27471becf1b10abd33031a1417c8013a22f8a5c3f7204a417e05f788925af92f84d37e66c36e5de4be0bc54c424d4c352f9daf169b186e036372d8ec998ab4ab80b0d2963663aaa69d6ac64706ae614a0ff4a685d80bbbed655895674c2a54be9002c14a77169586d552c3ec8a5ec0c0a4750a5f1b643bf1636553b863fcfc2a1ffe0e60444b0dba8174d2ebc2e79235288b0ab36ba26a990e8264a9b554ff42ce4999d45fad48628c3a821df73266011bed5bd1e449df50fbb88d57a1bbba17b459f9549300d8912a64096d80a4d010419cc8f7d99bf8b2c72ee0da6ea6ab1b4c9b005b04030596d129be6efc79c0692bc61c504d1ae2416e09ab8ccd94310247bb988e89d3c31ec1c4692610f9096efb96da7eb39e1d3aa43f1d0e5dd8ea10f943bb531b89d27caf7bcfe805ceb038cdd8583485ccafaabe8d0321ce8db4dd0c5e18b1a34e63c8837a5a0a1cf380c879d7da562a4012d62352c282580b87450fa96b20926c042f5716faecf18b0a517defdac34e365179db17ffb840c4846d0d5777585e6c71569d827efef6bbd9fab483dd8131359c3f75da7d1410d4d93a5600198ce850aec2a635433e1694bfa336f0abc53742df21e3e1220ace543a0f64bb9e871059c8bd5798f8733f5866d68fdc495e38cbaa7ece768b89d5db8045e6da831c4dab1587f13e1656466daa9e92ea9dbccbaf8328a00e90805aaf206cbcc34e044bd1eabc8f88fc233eb2eb317047c15c61ef8b3b90eb2fb8974d4f23af92f82713093532f712309668f7de13e6eb01a614d8bbf51e3857800ccfbb596128dbb00bb4f9d1e89a568ccd717c123884186acb1394878832e3800f8bbea71094c3cb0735fe46da3e66da4b5946a93db46c6340ddad82344e9e8c46ebba8f24fb569e32ab1b1085a16341068cf9b40abc6d1270cd70d4c8766e1788ab6759ab871a13e4dbdc39aa3b2283c2711ee92ffd85f197a43d141b3b9d90696a5250a6f73a22dcccc8b474a7cdac688e15de856e1abaec4b4a2b22ab505c6f3b8385d59d3d8da946862cf2a0614d716811a9d0f18defbfb745230956e8ccab45b079e72cbffd6914121062222c87b2c1b03b5a1894324e2b21e6751ce09edef8ca9f8b699c545c3981b69f9a59b05c675d91bf778ad1c20bbcfc60d8ed9f3c13132aafe64706a91a6e8d1edca753facd38e6207e7929cbeef667da94272420fe74c4cdd113a23e8f32554bf159f47a19faba3deb13776a246fa385f74cc4b2366a40ecf90787ec125a5dfd0437a45af62388677d2fdb6ae156da9d88c332ceba690512236e1161d495f34f23808b0a0873e03085dd4553f7b2ff8c6cbe7a8f49b62d929b1d185d9bd3952b15278e1c73bbcf3f81ba88592d46a4cc745f0e70edfc2235fcc778275da1e8aea0a9471748363709b21e6ec34686fb0670b572224ba268a9ea7d753f6e7aeb594d94fe606ae9e66993f1f63f4935f6f1852dfadbecd115f6f99fa58c16e9797f6e8f1ff745cf597cd4c8d42007b74f2c2a242f8cdcac436b4394d87cd893ad3b772e330ce7b2a5154ca312b62d430f9cae5d02031a3af5a96e83c5fab6aa85f0d7b766d70b30e40b8f2d7491cacbc3417ba9f041ca3caa4d35132680a05766b5b58eb4bb9049502bee9f1c5fa808789555854473155085b1432d3b9064b33e75f41490a44bcca18a2b8e3a25f55b1d2632a48f17c8b08474f451e57a523d8c3df24709d4d6f3f4e2fefe5ef50a1e08e4c9a26d7ad602dfca951fec34753ecb452fb5659a6aa106dfa30f374597316a5e1db732f27ea2e2bf24c6034a9f80303628f477e34134d1652fdc151a7d829626f6defe68b3ba8fdea3b6cec308feaa9dbf319589f0cb568410b38bf0d7420b25cfcaff5b7acba4f7b962711aa633aaef8e7896979d867d34f832538fc1fc9c042443d978bd609ad2d4490d27c83da632c8360fc3b455940d3ea1d1f11b9c20a1d175965fa1abbb4da7e38aad12806a5d9a2b05589e5bfc21d707d5323c9db83fa255cac8cfbbf83773f54937ce3527553da97f11acfc70032b6cf82986cb8dd39d18358f180f9a739dcdccca574ba70f80271fa81183ee70876bbc0aeaf5c28489b6f93f3e16e0ede985ea714f681b0c1b6efc649d5f6a5dfa718ace8a4fdb5308628420036fb4294eb4700cdb8b818ddea8c13b665fd2679c6919fbfc9e0c9df4a284c19a6fc66d834839b1ed12aeac4e85fa712482fa11992c0ffc09acca1efdcda282851300524b89dae992bff1abce16e24892b2d456162825b8a0a13a1aa4009ae13a063067b26e72c20aad55ea9822a44461a3c92dc4ca89575cbe2f2b5fc311fc94c94c8dace42de8da951b8e31f16cdb2efb2890167c04916561ad9582cab7e204e2c63fb6af84aec5ead8306dd561b17a74d045da85ab767aded1d5b33fac994ba1a6df86f066aed40bbc648b03ef41bffc1b29a0115f96951a8c22b97168e9e5bbd02483aeec5c6151aa78123e728a898f42cf8d06e59379c8fd71925fe112b52310ad8b3601ee81c9c5cf689906d0eca5fadfb789da6667f8b2b3316ebf8aebebd3c6b982e46b3889dcffe4fe765ab58f51c56be13d44cff5f7784ebcffd174044d90308660853ad4f2fad463680c248cf3a46183cf721afc1e0e63000961ea7471f91c1a72c438d1d8630f1ce4db160b6c6043c888ef45a0d44cc8978b57fef1826de3928e9155075bef5cf54d02c8ea4d5d4138d4052be6baeb58314de6a7d2f3e1f28897abc50f513b0d186155698117bf720a3f46aa62eefc73464e1e121446a58fe7ad73b420109a0cc20260efe0aee58158e2824bf4ad8dd9226291ed7a4ac30d2abf71170078274ebec90744e1dda82c59e029f91a904ccddd06414682c6b5c4d63db3c8a01e3a1a11718e0f25263b1a845f87ba0f9c62e89d281ee0871998ad845331b10f0732db5017d10dda5b5b31758ccf61fa0d66b5de3db571967d3a4b56528daceb0212e64b219d30de614801bb54ead41528fb5c58836c7cd8b64259d28faafd9c89fcb7253c6fc0bddc0e6336156e63446ecc0693de7f4add79efa87d797602f34d22d2c308afd9f8021b99f38e973d202558bdff77d215c83d98e61b2166c41c9289023a7adf987b29090a1740374dff2af53ca8fa9b5b99e8ca2ee4cc4af3004c871f178aafc2db420a6f183f0a31e34b705d1ebf97293c6d5bc9af41bc186782df7e46fd918d150a604012bc24d3c495faf105a1cdea0b219457b007a614d24afe222f8f80b617c7a03b704db7919a76d17ac6abbc30b505ad2c8133349377732766d7dee71bfcb0b9a90c1be84c3e31c1a4433afc8cdefede091ed2ee200b7320a52869c744b3650a4130e9cc56aa5c9472c85ed6c0418cec7e02aad6b39ae590946329701176b86dcb3338f7a3af50bb6b76af275a9483959047a24df7404353cb7dee930e9ba2e4d1e5c1496bf96b9bded2947db3278832a1f978c86c301bf9bb250b9b5e096d9f1bb68d3c63e22bf58a0b9b6553097546237cdb780925633911208410a7c8f92c92b7d411ebc74d151e", 0x1000, 0x44000, &(0x7f0000001700)={0x11, 0x2, r3, 0x1, 0x0, 0x6, @broadcast}, 0x14) sendmsg$IPVS_CMD_ZERO(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x9c, r2, 0x10, 0x70bd25, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DEST={0x44, 0x2, [@IPVS_DEST_ATTR_TUN_TYPE={0x8, 0xd, 0x1}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x5}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e23}, @IPVS_DEST_ATTR_TUN_TYPE={0x8}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x6}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x6}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x80000001}, @IPVS_CMD_ATTR_SERVICE={0x3c, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@empty}, @IPVS_SVC_ATTR_SCHED_NAME={0xc, 0x6, 'none\x00'}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e24}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0x2}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x9}]}]}, 0x9c}, 0x1, 0x0, 0x0, 0x80}, 0x48c0) keyctl$setperm(0x5, 0x0, 0xf8ffffff) accept$packet(r1, &(0x7f0000001780)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000017c0)=0x14) clock_gettime(0x0, &(0x7f0000001840)={0x0, 0x0}) sendmsg$can_bcm(r1, &(0x7f0000001940)={&(0x7f0000001800)={0x1d, r4}, 0x10, &(0x7f0000001900)={&(0x7f0000001880)=ANY=[@ANYBLOB="0000000000000000f7ffffff00000000", @ANYRES64=0x0, @ANYRES64=0x7530, @ANYRES64=r5, @ANYRES64=r6/1000+10000, @ANYBLOB="0300002001000000040000c0007ab98be173ec0100b1e3d8d2684cb4037d86c453d039196f0048d63e17766a596dce2202e1c25ab704b3b314b3d70a2c4568789bed51722b25fb2499cfd22fea9acf7e"], 0x80}, 0x1, 0x0, 0x0, 0x20008080}, 0x0) 20:34:46 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x1, 0x0) getsockopt$bt_l2cap_L2CAP_LM(r1, 0x6, 0x3, &(0x7f0000000040), &(0x7f0000000080)=0x4) keyctl$setperm(0x5, 0x0, 0xf8ffffff) 20:34:46 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") add_key(0x0, &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) 20:34:46 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) 20:34:46 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") [ 517.520322][T21855] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 517.537076][T21855] FAULT_INJECTION: forcing a failure. [ 517.537076][T21855] name failslab, interval 1, probability 0, space 0, times 0 [ 517.605963][T21855] CPU: 0 PID: 21855 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 517.613977][T21855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 517.624032][T21855] Call Trace: [ 517.627333][T21855] dump_stack+0x1d8/0x2f8 [ 517.631691][T21855] should_fail+0x608/0x860 [ 517.636120][T21855] ? setup_fault_attr+0x2b0/0x2b0 [ 517.641160][T21855] ? __lock_acquire+0x4750/0x4750 [ 517.646198][T21855] __should_failslab+0x11a/0x160 [ 517.651139][T21855] ? __kernfs_new_node+0xd9/0x6e0 [ 517.656170][T21855] should_failslab+0x9/0x20 [ 517.660678][T21855] kmem_cache_alloc+0x56/0x2e0 [ 517.665442][T21855] __kernfs_new_node+0xd9/0x6e0 [ 517.670297][T21855] ? __kasan_check_write+0x14/0x20 [ 517.675443][T21855] ? kernfs_new_node+0x180/0x180 [ 517.680733][T21855] ? __mutex_unlock_slowpath+0x18c/0x630 [ 517.686368][T21855] ? mutex_unlock+0x10/0x10 [ 517.690875][T21855] ? mutex_unlock+0xd/0x10 [ 517.695292][T21855] ? kernfs_activate+0x213/0x230 [ 517.700252][T21855] kernfs_new_node+0x97/0x180 [ 517.705236][T21855] __kernfs_create_file+0x4a/0x2f0 [ 517.710344][T21855] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 517.715702][T21855] sysfs_merge_group+0x1f3/0x3c0 [ 517.715712][T21855] ? sysfs_remove_groups+0xb0/0xb0 [ 517.715731][T21855] dpm_sysfs_add+0xcc/0x250 [ 517.715743][T21855] device_add+0xba3/0x1570 [ 517.715755][T21855] ? device_add+0xa41/0x1570 [ 517.739498][T21855] ? dev_set_name+0x110/0x110 [ 517.744168][T21855] ? debugfs_create_dir+0x37/0x440 [ 517.749274][T21855] ? memset+0x31/0x40 20:34:46 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[], 0x0) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:34:46 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") add_key(0x0, &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) [ 517.753259][T21855] hci_register_dev+0x331/0x720 [ 517.758114][T21855] hci_uart_tty_ioctl+0x8ad/0xa20 [ 517.763318][T21855] ? hci_uart_tty_write+0x10/0x10 [ 517.768439][T21855] tty_ioctl+0xfa8/0x1610 [ 517.772769][T21855] ? tty_do_resize+0x180/0x180 [ 517.777531][T21855] ? rcu_lock_release+0x9/0x30 [ 517.782644][T21855] ? __lock_acquire+0x4750/0x4750 [ 517.787675][T21855] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 517.793406][T21855] ? tomoyo_path_number_perm+0x587/0x740 [ 517.799129][T21855] ? trace_hardirqs_on+0x74/0x80 [ 517.804071][T21855] ? tomoyo_path_number_perm+0x5f0/0x740 [ 517.809720][T21855] ? tomoyo_check_path_acl+0x180/0x180 [ 517.815180][T21855] ? smk_access+0x4f0/0x4f0 [ 517.819669][T21855] ? smk_access+0x18c/0x4f0 [ 517.824157][T21855] ? tty_do_resize+0x180/0x180 [ 517.828932][T21855] do_vfs_ioctl+0x7d4/0x18f0 [ 517.833524][T21855] ? ioctl_preallocate+0x240/0x240 [ 517.838641][T21855] ? fget_many+0x30/0x30 [ 517.842895][T21855] ? debug_smp_processor_id+0x1c/0x20 [ 517.848267][T21855] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 517.854338][T21855] ? tomoyo_file_ioctl+0x23/0x30 [ 517.859270][T21855] ? security_file_ioctl+0xa1/0xd0 [ 517.864402][T21855] __x64_sys_ioctl+0xe3/0x120 [ 517.869085][T21855] do_syscall_64+0xfe/0x140 [ 517.873591][T21855] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 517.879484][T21855] RIP: 0033:0x459829 [ 517.883375][T21855] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 517.903075][T21855] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 517.911510][T21855] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 517.919484][T21855] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 517.927544][T21855] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 517.935526][T21855] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 517.943671][T21855] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 517.952717][T21855] Bluetooth: Can't register HCI device 20:34:47 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/dsp\x00', 0x2, 0x0) ioctl$KVM_GET_IRQCHIP(r1, 0xc208ae62, &(0x7f0000000440)) r2 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r3 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r3) mq_timedreceive(r2, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r4, &(0x7f0000000880)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e8c9e0c223f025a871a67f95d153e2b2d374f389167008fffd23816ec35539679cbe04536480d04b10555af494f2200e81dc863b1b0a7cd24ad33689809bf18cf172eb5ff6db97fcbdae9f5cabed0cba68c7c0738b8040e0d13f3ff7380b928db15e5d67dc8a1f77a1b84150c126b29c7bc74b216f9314204bb38d2435dd5b94835b74e6ecf35840883251b7fd102d958552290be0591296a499fe1c89b106b1c2afa52f7c3d36db5bad15b7a52e6b0cb8c99e870c0ade70da244a0107302515bb1801a78281eabbb"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r4, r4, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r3, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:34:47 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) 20:34:47 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") add_key(&(0x7f0000000200)='rxrpc\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffb) 20:34:47 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") request_key(&(0x7f0000000080)='trusted\x00', &(0x7f00000000c0)={'syz', 0x2}, &(0x7f0000000100)='\x00', 0xfffffffffffffffc) add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) r1 = request_key(&(0x7f0000000200)='trusted\x00', &(0x7f0000000240)={'syz', 0x1}, &(0x7f0000000280)='#\x00', 0xffffffffffffffff) keyctl$setperm(0x5, r1, 0x20000) r2 = socket(0x3, 0x2, 0x4) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f0000000040)=0x1000000, 0x4) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r0, 0x9, 0x8f8, 0x7, 0xd71}) 20:34:47 executing program 3 (fault-call:2 fault-nth:33): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:34:47 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:34:47 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) 20:34:47 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") add_key(&(0x7f0000000200)='rxrpc\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffb) 20:34:47 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x410000, 0x0) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) futimesat(r1, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)={{0x0, 0x2710}, {r2, r3/1000+10000}}) syslog(0x2, 0x0, 0x0) keyctl$setperm(0x5, 0x0, 0xf8ffffff) fcntl$setflags(r0, 0x2, 0x1) r4 = dup(r0) write$cgroup_type(r4, &(0x7f0000000000)='threaded\x00', 0x9) [ 518.387002][T21891] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 518.422399][T21891] FAULT_INJECTION: forcing a failure. [ 518.422399][T21891] name failslab, interval 1, probability 0, space 0, times 0 [ 518.470149][T21891] CPU: 0 PID: 21891 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 518.478171][T21891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 518.488230][T21891] Call Trace: [ 518.491537][T21891] dump_stack+0x1d8/0x2f8 [ 518.496055][T21891] should_fail+0x608/0x860 [ 518.500659][T21891] ? setup_fault_attr+0x2b0/0x2b0 [ 518.505875][T21891] ? __lock_acquire+0x4750/0x4750 [ 518.510909][T21891] __should_failslab+0x11a/0x160 20:34:47 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r1 = getpid() ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r1, 0x4, &(0x7f0000000100)=""/99) keyctl$setperm(0x5, 0x0, 0xf8ffffff) r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x20100, 0x0) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r2, 0xc0845657, &(0x7f0000000040)={0x0, @bt={0x100, 0x8, 0x1, 0x1, 0x9, 0x7, 0xae, 0x25, 0x4, 0x4, 0x101, 0xfffffffffffffffe, 0x58a7, 0x1a, 0x10, 0x20}}) [ 518.515847][T21891] ? __kernfs_new_node+0xd9/0x6e0 [ 518.520955][T21891] should_failslab+0x9/0x20 [ 518.525456][T21891] kmem_cache_alloc+0x56/0x2e0 [ 518.530226][T21891] __kernfs_new_node+0xd9/0x6e0 [ 518.535082][T21891] ? __kasan_check_write+0x14/0x20 [ 518.540196][T21891] ? kernfs_new_node+0x180/0x180 [ 518.545234][T21891] ? __mutex_unlock_slowpath+0x18c/0x630 [ 518.550879][T21891] ? mutex_unlock+0x10/0x10 [ 518.555390][T21891] ? mutex_unlock+0xd/0x10 [ 518.559807][T21891] ? kernfs_activate+0x213/0x230 [ 518.564746][T21891] kernfs_new_node+0x97/0x180 20:34:47 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x20102, 0x0) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) keyctl$setperm(0x5, 0x0, 0xf8ffffff) 20:34:47 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") add_key(&(0x7f0000000200)='rxrpc\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffb) [ 518.569429][T21891] __kernfs_create_file+0x4a/0x2f0 [ 518.574540][T21891] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 518.579918][T21891] sysfs_merge_group+0x1f3/0x3c0 [ 518.584853][T21891] ? sysfs_remove_groups+0xb0/0xb0 [ 518.589970][T21891] dpm_sysfs_add+0xcc/0x250 [ 518.594474][T21891] device_add+0xba3/0x1570 [ 518.598944][T21891] ? device_add+0xa41/0x1570 [ 518.603535][T21891] ? dev_set_name+0x110/0x110 [ 518.608214][T21891] ? debugfs_create_dir+0x37/0x440 [ 518.613323][T21891] ? memset+0x31/0x40 [ 518.617306][T21891] hci_register_dev+0x331/0x720 [ 518.622420][T21891] hci_uart_tty_ioctl+0x8ad/0xa20 [ 518.627443][T21891] ? hci_uart_tty_write+0x10/0x10 [ 518.632476][T21891] tty_ioctl+0xfa8/0x1610 [ 518.636805][T21891] ? tty_do_resize+0x180/0x180 [ 518.641575][T21891] ? rcu_lock_release+0x9/0x30 [ 518.646451][T21891] ? __lock_acquire+0x4750/0x4750 [ 518.651474][T21891] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 518.657107][T21891] ? tomoyo_path_number_perm+0x587/0x740 [ 518.662752][T21891] ? trace_hardirqs_on+0x74/0x80 [ 518.667708][T21891] ? tomoyo_path_number_perm+0x5f0/0x740 [ 518.673346][T21891] ? tomoyo_check_path_acl+0x180/0x180 [ 518.678797][T21891] ? smk_access+0x4f0/0x4f0 [ 518.683289][T21891] ? smk_access+0x18c/0x4f0 [ 518.687790][T21891] ? tty_do_resize+0x180/0x180 [ 518.692550][T21891] do_vfs_ioctl+0x7d4/0x18f0 [ 518.697133][T21891] ? ioctl_preallocate+0x240/0x240 [ 518.702270][T21891] ? fget_many+0x30/0x30 [ 518.706501][T21891] ? debug_smp_processor_id+0x1c/0x20 [ 518.711860][T21891] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 518.718015][T21891] ? tomoyo_file_ioctl+0x23/0x30 [ 518.722958][T21891] ? security_file_ioctl+0xa1/0xd0 [ 518.728059][T21891] __x64_sys_ioctl+0xe3/0x120 [ 518.732819][T21891] do_syscall_64+0xfe/0x140 [ 518.737322][T21891] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 518.743214][T21891] RIP: 0033:0x459829 [ 518.747115][T21891] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 518.767159][T21891] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 518.775583][T21891] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 518.783548][T21891] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 518.791685][T21891] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 518.799660][T21891] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 518.807668][T21891] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 518.822380][T21891] Bluetooth: Can't register HCI device 20:34:48 executing program 2: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[], 0x0) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:34:48 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x2, 0x2) ioctl$DRM_IOCTL_GET_STATS(r1, 0x80f86406, &(0x7f0000000040)=""/241) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") add_key(&(0x7f0000000140)='trusted\x00', &(0x7f0000000180)={'syz', 0x3}, &(0x7f0000000200)="8216f9aaa2043b28a84b59c9eed4efa6c6a8202086e27f00cabde6bb83ae6a900489876b5699d170d4c8f16c", 0x2c, 0xfffffffffffffffb) request_key(&(0x7f0000000240)='pkcs7_test\x00', &(0x7f0000000280)={'syz', 0x0}, &(0x7f00000002c0)='/dev/radio#\x00', 0x0) request_key(&(0x7f0000000300)='id_resolver\x00', &(0x7f0000000340)={'syz', 0x1}, &(0x7f0000000380)='-\x00', 0xffffffffffffffff) add_key(&(0x7f00000003c0)='pkcs7_test\x00', &(0x7f0000000400)={'syz', 0x1}, &(0x7f0000000440)="a52a1a5d03a3b7cb783cc1dc96c671bace03eab36eef3a863350c0ecbe77d86aafd78d22c277f721d2aae12b8a3755939c76d1f2985e6c11f4ebbd2ec21e8468348d7d300d198066dadc63ee3d65be889bb82c233a5ee1a7c12d0ed90603c667c921f140f0758eb7ecf4b9c55e3e222bcce31aa914e967fb23f78c4a19817cb9779602d65e3efe09aa6270b3d118839073cc16fdb3e7e590547c5d85a7ce0d9275355e94a8b01d53b5cea087f08adf5bd1c53724cee826f9fcc6181bac3a417e3faefbda8c08ddc1bbc861310123e095c4f8bfe0d197444981e1473becf18b84d0d698e3c9553b9744addb0d142fe76e52e6692f5e90234e661bfd9e0bb6", 0xfe, 0xfffffffffffffffd) add_key(&(0x7f0000000540)='syzkaller\x00', &(0x7f0000000580)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffff8) add_key$user(&(0x7f00000005c0)='user\x00', &(0x7f0000000600)={'syz', 0x1}, &(0x7f0000000640)="633da34b8f9cbffb", 0x8, 0xfffffffffffffffb) r2 = request_key(&(0x7f0000000680)='ceph\x00', &(0x7f00000006c0)={'syz', 0x3}, &(0x7f0000000700)='/dev/radio#\x00', 0xfffffffffffffffc) keyctl$setperm(0x5, r2, 0x2000) 20:34:48 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) 20:34:48 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:34:48 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x7, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:34:48 executing program 3 (fault-call:2 fault-nth:34): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:34:48 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) [ 519.282848][T21928] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 519.319717][T21928] FAULT_INJECTION: forcing a failure. [ 519.319717][T21928] name failslab, interval 1, probability 0, space 0, times 0 [ 519.350818][T21928] CPU: 0 PID: 21928 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 519.358834][T21928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 519.368889][T21928] Call Trace: [ 519.372188][T21928] dump_stack+0x1d8/0x2f8 [ 519.376524][T21928] should_fail+0x608/0x860 [ 519.380938][T21928] ? setup_fault_attr+0x2b0/0x2b0 [ 519.385966][T21928] ? __lock_acquire+0x4750/0x4750 [ 519.391000][T21928] __should_failslab+0x11a/0x160 [ 519.395970][T21928] ? __kernfs_new_node+0xd9/0x6e0 20:34:48 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:34:48 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r1 = add_key(&(0x7f0000000040)='.request_key_auth\x00', &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) keyctl$read(0xb, r1, &(0x7f0000000200)=""/239, 0xef) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x40, 0x0, 0x0, 0xffbffffffffffffc}, {0x80000006}]}, 0x10) syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00') keyctl$setperm(0x5, 0x0, 0xf8ffffff) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r0, 0x6612) 20:34:48 executing program 2: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) [ 519.400995][T21928] should_failslab+0x9/0x20 [ 519.405582][T21928] kmem_cache_alloc+0x56/0x2e0 [ 519.410354][T21928] __kernfs_new_node+0xd9/0x6e0 [ 519.415213][T21928] ? __kasan_check_write+0x14/0x20 [ 519.420327][T21928] ? kernfs_new_node+0x180/0x180 [ 519.425252][T21928] ? __mutex_unlock_slowpath+0x18c/0x630 [ 519.430904][T21928] ? mutex_unlock+0x10/0x10 [ 519.435405][T21928] ? mutex_unlock+0xd/0x10 [ 519.439886][T21928] ? kernfs_activate+0x213/0x230 [ 519.444812][T21928] kernfs_new_node+0x97/0x180 [ 519.449481][T21928] __kernfs_create_file+0x4a/0x2f0 [ 519.454577][T21928] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 519.459927][T21928] sysfs_merge_group+0x1f3/0x3c0 [ 519.464853][T21928] ? sysfs_remove_groups+0xb0/0xb0 [ 519.469957][T21928] dpm_sysfs_add+0xcc/0x250 [ 519.474441][T21928] device_add+0xba3/0x1570 [ 519.478834][T21928] ? device_add+0xa41/0x1570 [ 519.483415][T21928] ? dev_set_name+0x110/0x110 [ 519.488066][T21928] ? debugfs_create_dir+0x37/0x440 [ 519.493242][T21928] ? memset+0x31/0x40 [ 519.497200][T21928] hci_register_dev+0x331/0x720 [ 519.502026][T21928] hci_uart_tty_ioctl+0x8ad/0xa20 [ 519.507206][T21928] ? hci_uart_tty_write+0x10/0x10 [ 519.512221][T21928] tty_ioctl+0xfa8/0x1610 [ 519.516526][T21928] ? tty_do_resize+0x180/0x180 [ 519.521266][T21928] ? rcu_lock_release+0x9/0x30 [ 519.526018][T21928] ? __lock_acquire+0x4750/0x4750 [ 519.531021][T21928] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 519.536629][T21928] ? tomoyo_path_number_perm+0x587/0x740 [ 519.542249][T21928] ? trace_hardirqs_on+0x74/0x80 [ 519.547189][T21928] ? tomoyo_path_number_perm+0x5f0/0x740 [ 519.552810][T21928] ? tomoyo_check_path_acl+0x180/0x180 [ 519.558246][T21928] ? smk_access+0x4f0/0x4f0 [ 519.562737][T21928] ? smk_access+0x18c/0x4f0 [ 519.567228][T21928] ? tty_do_resize+0x180/0x180 [ 519.571979][T21928] do_vfs_ioctl+0x7d4/0x18f0 [ 519.576742][T21928] ? ioctl_preallocate+0x240/0x240 [ 519.581839][T21928] ? fget_many+0x30/0x30 [ 519.586079][T21928] ? debug_smp_processor_id+0x1c/0x20 [ 519.591440][T21928] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 519.597481][T21928] ? tomoyo_file_ioctl+0x23/0x30 [ 519.602393][T21928] ? security_file_ioctl+0xa1/0xd0 [ 519.607481][T21928] __x64_sys_ioctl+0xe3/0x120 [ 519.612158][T21928] do_syscall_64+0xfe/0x140 [ 519.616663][T21928] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 519.622547][T21928] RIP: 0033:0x459829 [ 519.626422][T21928] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 519.646011][T21928] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 519.654500][T21928] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 519.662445][T21928] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 519.670401][T21928] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 519.678350][T21928] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 519.686297][T21928] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 519.694464][ C0] protocol 88fb is buggy, dev hsr_slave_0 20:34:48 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) 20:34:48 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) 20:34:48 executing program 3 (fault-call:2 fault-nth:35): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) [ 519.700242][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 519.702188][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 519.711743][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 519.719032][T21928] Bluetooth: Can't register HCI device [ 519.799469][T21957] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 519.811894][T21957] FAULT_INJECTION: forcing a failure. [ 519.811894][T21957] name failslab, interval 1, probability 0, space 0, times 0 [ 519.826179][T21957] CPU: 0 PID: 21957 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 519.834187][T21957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 519.844241][T21957] Call Trace: [ 519.847529][T21957] dump_stack+0x1d8/0x2f8 [ 519.851841][T21957] should_fail+0x608/0x860 [ 519.856236][T21957] ? setup_fault_attr+0x2b0/0x2b0 [ 519.861239][T21957] ? __lock_acquire+0x4750/0x4750 [ 519.866344][T21957] __should_failslab+0x11a/0x160 [ 519.871257][T21957] ? __kernfs_new_node+0xd9/0x6e0 [ 519.876262][T21957] should_failslab+0x9/0x20 [ 519.880752][T21957] kmem_cache_alloc+0x56/0x2e0 [ 519.885493][T21957] __kernfs_new_node+0xd9/0x6e0 [ 519.890419][T21957] ? __kasan_check_write+0x14/0x20 [ 519.895517][T21957] ? kernfs_new_node+0x180/0x180 [ 519.900609][T21957] ? __mutex_unlock_slowpath+0x18c/0x630 [ 519.906221][T21957] ? mutex_unlock+0x10/0x10 [ 519.910705][T21957] ? mutex_unlock+0xd/0x10 [ 519.915112][T21957] ? kernfs_activate+0x213/0x230 [ 519.920026][T21957] kernfs_new_node+0x97/0x180 [ 519.924680][T21957] __kernfs_create_file+0x4a/0x2f0 [ 519.929766][T21957] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 519.935117][T21957] sysfs_merge_group+0x1f3/0x3c0 [ 519.940050][T21957] ? sysfs_remove_groups+0xb0/0xb0 [ 519.945168][T21957] dpm_sysfs_add+0xcc/0x250 [ 519.949650][T21957] device_add+0xba3/0x1570 [ 519.954129][T21957] ? device_add+0xa41/0x1570 [ 519.958782][T21957] ? dev_set_name+0x110/0x110 [ 519.963523][T21957] ? debugfs_create_dir+0x37/0x440 [ 519.968697][T21957] ? memset+0x31/0x40 [ 519.972669][T21957] hci_register_dev+0x331/0x720 [ 519.977503][T21957] hci_uart_tty_ioctl+0x8ad/0xa20 [ 519.982503][T21957] ? hci_uart_tty_write+0x10/0x10 [ 519.987531][T21957] tty_ioctl+0xfa8/0x1610 [ 519.992016][T21957] ? tty_do_resize+0x180/0x180 [ 519.997108][T21957] ? rcu_lock_release+0x9/0x30 [ 520.002717][T21957] ? __lock_acquire+0x4750/0x4750 [ 520.007728][T21957] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 520.014921][T21957] ? tomoyo_path_number_perm+0x587/0x740 [ 520.020708][T21957] ? trace_hardirqs_on+0x74/0x80 [ 520.025621][T21957] ? tomoyo_path_number_perm+0x5f0/0x740 [ 520.031233][T21957] ? tomoyo_check_path_acl+0x180/0x180 [ 520.036668][T21957] ? smk_access+0x4f0/0x4f0 [ 520.041153][T21957] ? smk_access+0x18c/0x4f0 [ 520.045635][T21957] ? tty_do_resize+0x180/0x180 [ 520.050592][T21957] do_vfs_ioctl+0x7d4/0x18f0 [ 520.055421][T21957] ? ioctl_preallocate+0x240/0x240 [ 520.060512][T21957] ? fget_many+0x30/0x30 [ 520.064729][T21957] ? debug_smp_processor_id+0x1c/0x20 [ 520.070076][T21957] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 520.076129][T21957] ? tomoyo_file_ioctl+0x23/0x30 [ 520.081065][T21957] ? security_file_ioctl+0xa1/0xd0 [ 520.086156][T21957] __x64_sys_ioctl+0xe3/0x120 [ 520.090818][T21957] do_syscall_64+0xfe/0x140 [ 520.095298][T21957] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 520.101962][T21957] RIP: 0033:0x459829 [ 520.105842][T21957] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 520.125943][T21957] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 520.134588][T21957] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 520.142535][T21957] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 20:34:49 executing program 2: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:34:49 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) [ 520.150498][T21957] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 520.158455][T21957] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 520.166412][T21957] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 520.183343][T21957] Bluetooth: Can't register HCI device 20:34:49 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) clock_gettime(0x0, &(0x7f0000000480)={0x0, 0x0}) mq_timedreceive(r1, &(0x7f0000000400)=""/82, 0x100f5, 0x7f, &(0x7f0000000040)={r3, r4+30000000}) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000600)={{{@in6=@ipv4={[], [], @initdev}, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@initdev}, 0x0, @in=@dev}}, &(0x7f0000000700)=0xe8) r6 = getegid() stat(&(0x7f0000000780)='./bus\x00', &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$fuseblk(&(0x7f0000000100)='/dev/loop0\x00', &(0x7f00000004c0)='./bus\x00', &(0x7f0000000500)='fuseblk\x00', 0x41004, &(0x7f0000000900)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0xc000}, 0x2c, {'user_id', 0x3d, r5}, 0x2c, {'group_id', 0x3d, r6}, 0x2c, {[{@allow_other='allow_other'}, {@blksize={'blksize', 0x3d, 0xc00}}, {@blksize={'blksize', 0x3d, 0x800}}], [{@euid_gt={'euid>', r7}}, {@func={'func', 0x3d, 'POLICY_CHECK'}}, {@fsuuid={'fsuuid', 0x3d, {[0x37, 0x3f, 0x77, 0x3f, 0x61, 0x37, 0x67, 0x38], 0x2d, [0x7b, 0x63, 0x0, 0x39], 0x2d, [0x33, 0x74, 0x65, 0x30], 0x2d, [0x36, 0x3d, 0x3b, 0x77], 0x2d, [0x66, 0x77, 0x0, 0x32, 0x32, 0x65, 0x33, 0x7f]}}}]}}) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r8 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r8, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) setsockopt$RXRPC_SECURITY_KEYRING(r8, 0x110, 0x2, &(0x7f00000000c0)='vfat\x00', 0x5) 20:34:49 executing program 3 (fault-call:2 fault-nth:36): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:34:49 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) 20:34:49 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5"], 0x31) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:34:49 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r1 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="02f7d6d3ae2db817de33d90d5f49356221fb8b50b3c504833c0fbce01ca4c1fc4d7423f01ed82eafd06f34890e711b97968f2e3bd0599c639fc4f31e0b5cdb019e9238ea25ce225cc556c994bd0424fd91eb3a1974a27e7b799c1ef1fe86f10e9baffdbaf5908e726c4baf5e5ae134229eac099bbbc1c679c377f4f1d86311b07601fee73ab784abc4c11be36a2cfd26cd9637ebb40128dd7370bff2cd32f04db1fa55a321af586f7affc889bbbd913dfc2f186d2763ff5783246ca65893f32d1dcc227298ccdbf3598336ccfba44fc90b867938036e26a996f237446cb3b5fcf5477d93de7a9ec58d72bb2e8f07901e39ba26a5f1d977d8ff0cd5b479", 0xfd, 0xfffffffffffffffc) keyctl$setperm(0x5, r1, 0xf8ffffff) 20:34:49 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) 20:34:49 executing program 2: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, 0x0, 0x0) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:34:49 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)={r0}) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") keyctl$setperm(0x5, 0x0, 0xf8ffffff) [ 520.318754][T21974] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 520.351776][T21974] FAULT_INJECTION: forcing a failure. [ 520.351776][T21974] name fail_page_alloc, interval 1, probability 0, space 0, times 0 20:34:49 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$IP_VS_SO_GET_TIMEOUT(r0, 0x0, 0x486, &(0x7f0000000000), &(0x7f0000000040)=0xc) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") keyctl$setperm(0x5, 0x0, 0xf8ffffff) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000000c0)={{{@in=@multicast2, @in6=@ipv4={[], [], @multicast2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4}, 0x0, @in=@broadcast}}, &(0x7f0000000200)=0xe8) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_ENTRY(r1, &(0x7f0000000300)={0x90, 0xffffffffffffffff, 0x8, {0x6, 0x2, 0x6, 0x3ff, 0xfb, 0x9, {0x1, 0x1, 0x6, 0x0, 0x1, 0x80000001, 0x5, 0x81, 0x3, 0x2, 0x5, r2, r3, 0x101, 0x100000000}}}, 0x90) [ 520.365788][T21974] CPU: 0 PID: 21974 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 520.373793][T21974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 520.383885][T21974] Call Trace: [ 520.387295][T21974] dump_stack+0x1d8/0x2f8 [ 520.391630][T21974] should_fail+0x608/0x860 [ 520.396048][T21974] ? setup_fault_attr+0x2b0/0x2b0 [ 520.401078][T21974] ? console_unlock+0xd85/0xf70 [ 520.405931][T21974] ? __kasan_check_read+0x11/0x20 [ 520.411068][T21974] should_fail_alloc_page+0x55/0x60 20:34:49 executing program 1: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") keyctl$setperm(0x5, 0x0, 0xf8ffffff) 20:34:49 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-monitor\x00', 0x400, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000100)={&(0x7f0000000080)='./file0\x00', r1}, 0x10) futimesat(r1, &(0x7f0000000240)='./file0/file0\x00', &(0x7f0000000280)={{0x77359400}, {0x77359400}}) keyctl$setperm(0x5, 0x0, 0xf8ffffff) bind(r0, &(0x7f0000000000)=@pptp={0x18, 0x2, {0x3, @rand_addr=0x5c7}}, 0x80) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000140)={'broute\x00'}, &(0x7f0000000200)=0x78) [ 520.416265][T21974] prepare_alloc_pages+0x283/0x470 [ 520.421464][T21974] __alloc_pages_nodemask+0x11c/0x790 [ 520.426835][T21974] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 520.432377][T21974] ? vprintk_emit+0x21c/0x3a0 [ 520.437052][T21974] ? trace_lock_release+0x135/0x1a0 [ 520.442253][T21974] kmem_getpages+0x56/0xa20 [ 520.446765][T21974] cache_grow_begin+0x7e/0x2c0 [ 520.451529][T21974] cache_alloc_refill+0x311/0x3f0 [ 520.456581][T21974] ? check_preemption_disabled+0xb7/0x2a0 [ 520.462344][T21974] kmem_cache_alloc_trace+0x2d0/0x2f0 20:34:49 executing program 1: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r0 = memfd_create(&(0x7f0000000140)='/dev/mixer\x00', 0x4) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x101000, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000200)='/dev/dri/card#\x00', 0x5154, 0x440080) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240)='/dev/zero\x00', 0x4000, 0x0) r4 = accept$alg(0xffffffffffffffff, 0x0, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r3, 0x40045730, &(0x7f0000000300)=0x1) r5 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000280)='cgroup.procs\x00', 0x2, 0x0) poll(&(0x7f00000002c0)=[{r0, 0x400}, {r1, 0x180}, {r2, 0x20}, {r3, 0x4200}, {r4, 0x3}, {r5, 0x20}], 0x6, 0x5) r6 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x40000, 0x0) nanosleep(&(0x7f00000000c0), &(0x7f0000000100)) write$FUSE_GETXATTR(r6, &(0x7f0000000080)={0x18, 0xffffffffffffffda, 0x1, {0x1}}, 0x18) ioctl$BLKRESETZONE(r1, 0x40101283, &(0x7f0000000400)={0x6, 0x611f}) keyctl$setperm(0x5, 0x0, 0xf8ffffff) r7 = syz_open_dev$cec(&(0x7f0000000040)='/dev/cec#\x00', 0x1, 0x2) ioctl$EVIOCGKEYCODE_V2(r6, 0x80284504, &(0x7f0000000340)=""/166) fchmod(r7, 0x18) [ 520.467716][T21974] ? kobject_uevent_env+0x2cd/0x1260 [ 520.473005][T21974] ? dev_uevent_filter+0xb0/0xb0 [ 520.477947][T21974] kobject_uevent_env+0x2cd/0x1260 [ 520.483059][T21974] ? mutex_unlock+0x10/0x10 [ 520.487576][T21974] kobject_uevent+0x1f/0x30 [ 520.492075][T21974] device_add+0x105e/0x1570 [ 520.496578][T21974] ? device_add+0xa41/0x1570 [ 520.501160][T21974] ? dev_set_name+0x110/0x110 [ 520.505831][T21974] ? debugfs_create_dir+0x37/0x440 [ 520.510966][T21974] ? memset+0x31/0x40 [ 520.514950][T21974] hci_register_dev+0x331/0x720 [ 520.519832][T21974] hci_uart_tty_ioctl+0x8ad/0xa20 [ 520.524968][T21974] ? hci_uart_tty_write+0x10/0x10 [ 520.530108][T21974] tty_ioctl+0xfa8/0x1610 [ 520.534504][T21974] ? tty_do_resize+0x180/0x180 [ 520.539356][T21974] ? rcu_lock_release+0x9/0x30 [ 520.544100][T21974] ? __lock_acquire+0x4750/0x4750 [ 520.549190][T21974] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 520.554802][T21974] ? tomoyo_path_number_perm+0x587/0x740 [ 520.560847][T21974] ? trace_hardirqs_on+0x74/0x80 [ 520.565789][T21974] ? tomoyo_path_number_perm+0x5f0/0x740 [ 520.571464][T21974] ? tomoyo_check_path_acl+0x180/0x180 [ 520.577091][T21974] ? smk_access+0x4f0/0x4f0 [ 520.581584][T21974] ? smk_access+0x18c/0x4f0 [ 520.586067][T21974] ? tty_do_resize+0x180/0x180 [ 520.590831][T21974] do_vfs_ioctl+0x7d4/0x18f0 [ 520.595419][T21974] ? ioctl_preallocate+0x240/0x240 [ 520.600511][T21974] ? fget_many+0x30/0x30 [ 520.604734][T21974] ? debug_smp_processor_id+0x1c/0x20 [ 520.610081][T21974] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 520.616214][T21974] ? tomoyo_file_ioctl+0x23/0x30 [ 520.621128][T21974] ? security_file_ioctl+0xa1/0xd0 [ 520.626327][T21974] __x64_sys_ioctl+0xe3/0x120 [ 520.631071][T21974] do_syscall_64+0xfe/0x140 [ 520.636112][T21974] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 520.641982][T21974] RIP: 0033:0x459829 [ 520.645861][T21974] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 520.668502][T21974] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 520.676898][T21974] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 520.685023][T21974] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 520.692978][T21974] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 520.701042][T21974] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 520.709012][T21974] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 20:34:49 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0xc021, &(0x7f0000000040)={0x0, 0x989680}) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="83000000290000000000000100000000000000000000000000000000000000000405002e2f6275730000000000000000000000000009000000000000000007002e2f66696c6530000400000000000000000000000900000000000000df05002e2f6675730000000000000000000000000000000000000000000507002e2f66696c6530"], 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000440)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000400)={0xffffffffffffffff}, 0x13f, 0xd}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r3, &(0x7f0000000480)={0x14, 0x88, 0xfa00, {r4, 0x30, 0x0, @in6={0xa, 0x4e20, 0x8, @dev={0xfe, 0x80, [], 0x17}, 0x10000}}}, 0x90) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) [ 522.802129][T20832] Bluetooth: hci0: command 0x1003 tx timeout [ 522.808235][T19431] Bluetooth: hci0: sending frame failed (-49) [ 524.882159][ T9741] Bluetooth: hci0: command 0x1001 tx timeout [ 524.888306][T19431] Bluetooth: hci0: sending frame failed (-49) [ 526.962202][T20832] Bluetooth: hci0: command 0x1009 tx timeout 20:35:00 executing program 3 (fault-call:2 fault-nth:37): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:35:00 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") request_key(&(0x7f0000000000)='id_resolver\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)='nodevselinux\x00', 0xfffffffffffffffe) r1 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000100)={'syz', 0x1}, &(0x7f0000000140)="2bc1c1f4518491b7fbc9befcf73d9556c67f4c19bf72228a6da17a19c594abffe9e78b169e02a1209f", 0x29, 0xfffffffffffffffc) keyctl$setperm(0x5, r1, 0x0) 20:35:00 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r0 = memfd_create(&(0x7f0000000140)='/dev/mixer\x00', 0x4) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x101000, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000200)='/dev/dri/card#\x00', 0x5154, 0x440080) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240)='/dev/zero\x00', 0x4000, 0x0) r4 = accept$alg(0xffffffffffffffff, 0x0, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r3, 0x40045730, &(0x7f0000000300)=0x1) r5 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000280)='cgroup.procs\x00', 0x2, 0x0) poll(&(0x7f00000002c0)=[{r0, 0x400}, {r1, 0x180}, {r2, 0x20}, {r3, 0x4200}, {r4, 0x3}, {r5, 0x20}], 0x6, 0x5) r6 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x40000, 0x0) nanosleep(&(0x7f00000000c0), &(0x7f0000000100)) write$FUSE_GETXATTR(r6, &(0x7f0000000080)={0x18, 0xffffffffffffffda, 0x1, {0x1}}, 0x18) ioctl$BLKRESETZONE(r1, 0x40101283, &(0x7f0000000400)={0x6, 0x611f}) keyctl$setperm(0x5, 0x0, 0xf8ffffff) r7 = syz_open_dev$cec(&(0x7f0000000040)='/dev/cec#\x00', 0x1, 0x2) ioctl$EVIOCGKEYCODE_V2(r6, 0x80284504, &(0x7f0000000340)=""/166) fchmod(r7, 0x18) 20:35:00 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) 20:35:00 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5"], 0x31) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:35:00 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x100, &(0x7f0000000980)=[{&(0x7f0000000a40)="97508e3a4077811a1a1dcf6c12aa40e1fcaf6fcf4d43de0b4ef9b8326e99eb861bde0e0b2156467d5aafcb5a897a52c73a8007b0f645c557b9e5e36c2751d264837ad0d4b9ad8900b0c873bf6779f8664917f37bff5e02a8bc76", 0x0, 0x8}, {&(0x7f00000004c0)="298b419ec99e76d36bc753722fb245d757bf741a1e2cfa3828149c55786e936f8c6943e0f80bc8f9cd477724da01de7dc481880b95d254b594118d514c400ab53eca97d61971ae0278a4ed1820002e797e3b9430ac34f107a742369eb70f7e62", 0x0, 0x8}, {&(0x7f0000000600)="8d01f11c98fcc6ae441642adcbff2ed69b9f924680592bb27291741c6fffc8ceed41cfb633276e98de708d9465d4452eaf6def5835fa1faaade8b9abd9528db05dccb706b71dd8386b487b1807a52f3c63fee8810b58df837bb3d72ce09f833f0145962aafe261293c4af121b3dbfafb5575921431576bb586a51cccd2199750081050fe990c521599578f5f70efad70df27da697ab10bf73093035f3539c5f095cfb4dd3ea724c9d14e827ed76c7c801d80c2da3e5bc08e7d701f4ee1d4b67f93e0baefa550552ced93d8d5ca8f6df5212ff13a80a3", 0x0, 0x139}, {&(0x7f0000000780)="cd3680276ce94141ce3b68e21f54bb9a719ab2025cff239ea5b8e10b525baed8fd20d7a0256024c28f51752d21baea5bb3bc86ea56db681f13a22885895ce156326f1e830c3829bab27dcfa41e5e55596538154fa5ef9e9b79c01f1f4f2fbd41b5f174b481db5fa1ab0cfd21b7d8bbe7ccac26df95f44b", 0x335, 0x4}, {&(0x7f0000000880)="eda213283e302a05b704e5a205cf38729173824ff5e3ee3ec0e9e0b531e6b0e3e38ecc016093da37f5e7235787e39d167ceb8e70e935920db31482a739e5f6c07ee8b056a9f5849781770adbd4e45ce44513ea4d", 0x0, 0xffff}, {&(0x7f0000000900)="a3d51ee9d730e8da4b55c24f1083842116934efc0852f76435bf7a0a03b6ed44a1498af7e6ee8779082efba25ede54dfcbb403603713c0d2f0535794a16a597d07acbecb8f0639ee25320f45faf6642dfb297f56e70112bc2d18", 0x0, 0x5}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) arch_prctl$ARCH_SET_GS(0x1001, 0x62e9) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:35:00 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r0 = memfd_create(&(0x7f0000000140)='/dev/mixer\x00', 0x4) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x101000, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000200)='/dev/dri/card#\x00', 0x5154, 0x440080) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240)='/dev/zero\x00', 0x4000, 0x0) r4 = accept$alg(0xffffffffffffffff, 0x0, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r3, 0x40045730, &(0x7f0000000300)=0x1) r5 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000280)='cgroup.procs\x00', 0x2, 0x0) poll(&(0x7f00000002c0)=[{r0, 0x400}, {r1, 0x180}, {r2, 0x20}, {r3, 0x4200}, {r4, 0x3}, {r5, 0x20}], 0x6, 0x5) r6 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x40000, 0x0) nanosleep(&(0x7f00000000c0), &(0x7f0000000100)) write$FUSE_GETXATTR(r6, &(0x7f0000000080)={0x18, 0xffffffffffffffda, 0x1, {0x1}}, 0x18) ioctl$BLKRESETZONE(r1, 0x40101283, &(0x7f0000000400)={0x6, 0x611f}) keyctl$setperm(0x5, 0x0, 0xf8ffffff) r7 = syz_open_dev$cec(&(0x7f0000000040)='/dev/cec#\x00', 0x1, 0x2) ioctl$EVIOCGKEYCODE_V2(r6, 0x80284504, &(0x7f0000000340)=""/166) fchmod(r7, 0x18) 20:35:00 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) [ 531.420648][T22031] debugfs: Directory 'hci0' with parent 'bluetooth' already present! 20:35:00 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") userfaultfd(0x80800) r1 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0xffff, 0x1) write$nbd(r1, &(0x7f0000000200)={0x67446698, 0x1, 0x1, 0x3, 0x1, "e43ccb1072aa1a7377d50db706b53395e722657e3e41248e41755a82c3212fbc9d803301e2d441a896984c2d530c985e6b3ee2e9f6b5717d14fa57f68127ba9315281325a265c65177958fb0e9d614b82ac4886da713139271e28315e9411f22da5ed0ce681c0812efb6ea4a69d7f116ca5cbc5525705bcd745b0e3bd18e2514155d0dd095f4e75c7338876f22da47f8d9983c13a79e418c28a7ecac5a01bcabf7aa8c909d38546528d1250f49f215d1d801a87eb19e69b59a75b773518c9fd8bacf3b462e90110f2ae76eeaa668477833d28ce02adc2b48708a43ed8358aa46bc3da24f725780e53a553d70c5c92fe4c5ed4d6ff44c118902f4b01fd5800cc01291bf43e97275fcaa9d87527a6456f12f5150b7dc7514fb7a26771470820fe9da5f489a4a02846b0130b437ee4bd8d273fc8eb9484f5f70362c635348b65646fdc6b37d3f20ccd4cffe9a869255231f8216797004d02847cd98100a0769f6e15811c795bcdefee09eb55abefa8ce3309489f1253e5e1e73eb3a92d2044a4381b627bd1966769848e00922ae33f41f76677ac2ac9c5c589c1fc95c3247c89075bfa767c13a62ed4b806289467cd1a74a9f4b0e7f90e98ba669b741cb29450bd5f337ba5a196aa4ccba150e69483b190bb67d9199aab7fbd7e51706b4b230e38c2fe84896d55307ec0a65dbc77f3a537404b834e0e4c81d00325315af925036d15fdeb2e21bf436f8151993b3c1f51faf902b7c5142d9ad336b4a4d52d0daa741e6d5819129f40f8876fc97c5ce6f1b535b69305328b14cf81c1b01a32706c8d765c9949b4381e4a15e12779f051e94388dd47ca056436ff5b9a36a747076d5085b4d26ec1b1f44a01cdb4f16c03bfedd03bd8f05d7e16c3f55f9371ee0294980b1c88bd3fa7f06b40b3768e5df9da9aec09911b4cfd8f4ad423700a4d6ee88359e7aa0641163aed031af7945085b80ba3947150ed44df55f2e037873879cf381a9701a779b98fb7a5d5301aba21a5cd632b08ce0ca75381927c850e0f86e502f69c44e278d91136f0f6c87288ef929bd256cfcef3417e02f94f61136c93be64b1e9148d118392e45d257635ea1a7220fd2075c648184a9d16ecc8ce43f60ceda7fcc71aae154e8d81ad934f4ba1853db1473b6ab6d543c8013baea1a1d79b6d791feb8a2aaa997874e598bc76c56eb8dc4b23989e7540ae7950f314d2012dea6ca4d186613cc3f1a9340f6e5d8c7680459ab050261301abec693f0c099cf24d93c4b58da085c4c6d700a302669b9fcbc7c3f82d3235af03de16f8ab09c35e3a675731651d49cacc3abdcbd93faf90d0b4b17eba4343aaa7c6842ba81aeff3dd9cb01dcd1ecd32e941488c273006bcd880b9a9558d5b90ce6b5ef2606f6e69c12feefcaf35763bd18234a7783d517e4b7a92b71eb84e62d32396b9fcef01f6fe8658c2d3752216360921e3d8e07708685972d11d9bba4df97fd13228ca3ad7d16468c6276ce265163e67d36d520596c855710651b61dd2bcef0208de7259ea583c35c098cff754146e6ee81695571edba90c5de9d6ac8a9c9da63081e18a3274a6c7795547d1d4d1f0028c2f24340c16fd2469e5b3fc1ffaa64e192c6c080084fdada3d2ef770b991bb5e59be30b42380436d9e818b5454698972ad582d3290618611dac55508fb4f4f590f90cf306d717bf2146c944491656615512e0acf016858710406c379dac658b7587abcaddc40975b06b4b25812848d4ca6a39d49eb7e50966e90d8dc6e171e1ed505a49f945cab0fa399cb4b10004f24ee4d715d4c82314990834e32b65fe2b2b1a82a71d9a92f7b9a0285478091640b91c52afbf22ff5b2a5ac71b61f3cebfebfc5a60083afc7d36d2deb0640782c365d2e437188d649a637f2ad744c3b3b77491ce04f5ccaefc04c3da4dfa5d53df7244ba43cbd0b4bd897f7d7990d7b213dc1aac63ab2fa52c8db17d927efbcec8c0d0253111a403b43f07faf28991a8399d64ddf135b1cc29186ab8333f1cc4ba5797737e68cb47efc0f492b23dca3c2153a1aaf18c05414bf9bc21a5fef915e81a62fa2aed737be94592738d45f25a65dfb2af572d45a145e746537de37a15a4878f14ae186198cef350e10ffc6838ebe72105c990568bed26a91eac9195087a9cf713a88460acfc1607836780ebbdc0db7e9477f69989a1ceec5bdf8af1ea19c345fa7674aa5aa0c4c86d5b3db951a277e9130f884fdca8b0a7b667d9dd42b1205b5ab4312819f91c7c490a81e63c3a4ba324627283201ba91bcd9dba785a7da453a3b5037c2571cf79f5f074038f47b862cbc2bc155395cb1529cb6300a8f43c965584350f987b43ea93d2a8ad53922622e5bc0967151a05f525cdaf7893b1180fbeb84971f79cc1d8520c57ad7bacd0ecee924a01c7a5d997a11d4ecb706cb3352bdd6622ccca91419e0677fefba2074ea6f641da97d5cef99e8387ec3063823bbaafec2af35528d6bd6f06ff2ffb406a8a66e62ca862b71c16365684ff63b16a042ecfa8c7a9898bf99e61869a996399ea2a8f9c1fce32ef5bdc8de75d12e3bc2b948e8c1099e23b13e98bf07d6fa16f10c84a7e201b0c1ffdfe83868e1c1ca1cda1c76d493381ce357d595bbf20117a955409fbd91432b930fa0a86d87b2f12c9093aa5a7c913edfee8f3a893858826fab15f9673df21e7ce6e099a5438540b128ae5ab707de092309bbf31c094f097065dbf317cdf4e12ab07da3b70c9751a59fe496e01889930cc7a9163201842d614a484f86e0c509c165c69bb8cfdf19b30aa630ecf5125571131f500ef4c875f98c70d1b5f5a7c0ed40cf236b7cc722c8fb89a558ed6edc9ec18252025cdd8603cf061a8440bbfd119fc7bcbb98792b3e8e3223e1c696749ce43f082b643056c5b803410e4c155bb21f887776eb50c6db4c79e0b755550b67c91ced84d2cd5831348da3fc207e035a90753a1a4f4eec61d3939e34d136bed1ffa56bc62754d127b5e08534a7fec907ac71261d64c27252319b4a6f7ff2bb610b1d5c857a3f9b38abf92b44776a56fcd89eaedc266cb82ad6f6baa3748a79f430c275b3ccc21771a9acac2443125970a1a68f1f2e0f05b5b4775d92a995b972d3cee1665bc7ca98ccc817989ba9456ce76f2fbd0c46be68b1820aa6a3d86469c8a5fe8f33550cd5dfccfb6949a765f127442ae051be2dce3ddd6a58693451fe18cba45d8edef67e8892fbf6f94cc13879b90c8e13ddd87187662693505e411ed6199e7788a74814632f4f9d3e60108671d1f60ff69882139c1b2f0eb8602e3b199e7831975f3a35406a225d1445eef49f48e0f4bdf688022ff73dd84eadead94b00683ace56f792cf355d245f43f8223768f561023df51414b06cffcd3fbd62edc5dbcfb49d6114fb2a5d4653aee77929e9932eb3b601548193bb35e39a1c949498a585d63c5ec4ae7ed9bb54358958dc682b577497def28e1f80405c60f6b0463762822046b85af55335efd5d428c8137b3c69184cf35b2b7723932ad98934fc22f867168fb66a7dabea4798c2544b49624a4115740634843984034852ca6fac1b60342f5b2f93a930f4384c4b5e017cbb82b0f4e08496621f7213808c5988e290eb0d12413e23bad6ed07595a1fa6e471d16e56a15b52bb941b44b094d124a5c1dfebd76c910f846dd024b5794d6f0a3d0af5f9b92735bfe5c20fccf0e4b077f24b3cd143f95809497b7e944cbf89a107bb00b3fa9585c5f21624bbd4e0dd61409359925803ad1755bfb81528f1dceb653cc61f7a79ad8ddbe2b39c5e15b195176e65fc0ce736e22490dcb4e7f5ad0acfb2f5d4c39e31584cb2aaf2130789fe472f52ac46be94d31354283e2667a2226c54c6459299eaf640c2b5e2913634e66f01b7a8b4859f5556bb9afe81d561d2abff1fd4ceba8d61384f5ed111b6850ebf1517042ce6b0e0305ec815a1c36c163c3a8e433410e30b07c39ecd05bd31d05d22dd78be78505e7ab80dbdc5f941f7114df854d1a9f0a6c47c90dfbec3e84be20105c463763a1fb7fe64ec1686f968d0a231aa053acfecefc53a580678663aaf9b99d3ef38b0c7badcbc5c8d295e6983815e1aaab580be30ddccdcd56a95a3407e43a7fb0ff8b515905584cc5a51af584f8af1156ca0c94764771944640b7b6396d3255aafba17b039f6f88b53b5f9760c2b5b840e162d20fcdf8a9ec140ad7209814bcb556d66b67112eeea353ef1f3a93290a15ad2443f132168fb885568fd3b0864a6a7941553871564c90a601e799eb56da9090633108c9f351b166af97730d55c3293680c3af3a3945b6a92ee391789aee31e74cf6170bb280b5209a378bf5ad5fc8f063741f79872f5ced0ad0cc73a2a6b1aa3c8810de2e646f9f563f07864870a3b279b900c155334090d4a96241679ca97fb73a4ba46b7b7853314c904d28dd998e400e1271285b608f421bc60907958859bcf3ace5c49b5160bee549093a058ce6f57ab373626fb7b4f0775aed5e5024eca8cd05a41ea55f000138f4327f68324f10d996b19f167b36e498558908d4d8f6f9fdac006e6dc3ccaa844b2dd6e55dc1860a89e902c492862486872bd7ce0511b607dda2ce6cec8977e854c3c8a944f722803f8284a59d874baa4c35b82de53346ff7062374797ba0778cdf9ac155dfec2bc4ed40862ac92039ac6d0599fa64ebb5bfe5e6b79ce568da1d8cc3cf6d77f1882389afe190ae7575f83f04ed6ee68546f9f6d92aa92ab440afc36fefb00b6ffa831c0c63bba7cca0620f4d3242989d60eaeedd270ab917cc5fad29425f7a772bd26cd0e87a239b704e5847069ebda4ecc37ff41843e8d852439ad84ff2a9e41587478b2142f70e1c3c4de4644a497434d43c16f5eae3c732087a72385c3c6e828a354657704e59d0b5c0ee2d305311e0d3d4c4206acdee1ee41f2c80c5fd572a7b971c930f3aa54d29a3cd8824d69b493d757a6696decca2c6ac1ab88bd90630f0d35ef9412077f0ce0f3e51f73418b98c7b116cae6553d75177e9b532986be5a9eefeafc72f751683b73b1fd06b0d0c28a377de476b7693432eb8d1ef68cba126d1d3d1ecdbd65b844f1c652a3fbc319b45f1ab6ae51672b100a4aa9402fcd9ce0f5ba33509482edf653119f8b73e80862351287a25a144d1386b80c5aaa5d7548e8339919ca751e4e95c0c61d34ad99c8d95dc3b84c6142fa82d4496a4f5e5e35cf2eae61395e4197ec44469967165226a2ed11b385afe95a0d5efa071e50440e9904afef72e5d561ef33dd057b0123dd1edfddda36322d4874ec8c61453f207e6597a285eeeab7e7498850660cd92f8d7e0d2aa1b29faddbd432656932d4780749c75e1e6e641519c921d075666d78a32bdb4ea41330633f505c275e842b225a66d791f1daed930e1053645a23846a5afd5dbeb92d7b9c9612690fce9cbb6aab8cfc007aab3df0600aa99220ac8487c53b8a29984595ba8c0dab0b49d68c02ac38f4b83de9fbb360d8383fec872f4dff283d41ed580d40d7a2686f9e5e2026dc6a97cf19a5f4eb1d6d165e4b15f64bc3a451f1ef977c5dda7b9c984535b6e624b6f258bb0fabe5334959b2b1cebefdcbc869c149b5444a8896d754fd890f5822fceea79e7d8bd0ee3d317873dd2cff31e109a0415c48e0b806153b84783827f0db968217813b17a1c8eec856a001772fbfe9d6201b1324557c38a2eea7555da84f922c9b8376547c2228d6fcac7018397698659a818eebbc4d4ee5975d8f10cd1892d034311e9c72223361586c81586e9c7"}, 0x1010) setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000006180)=0xbb, 0x4) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000033c0)={{{@in=@local, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in=@initdev}}, &(0x7f00000034c0)=0xe8) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000006540)={'bpq0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000007c00)={'veth1_to_bond\x00', 0x0}) sendmmsg$inet6(r1, &(0x7f00000082c0)=[{{&(0x7f0000000040)={0xa, 0x4e22, 0x4, @mcast1}, 0x1c, &(0x7f0000003340)=[{&(0x7f0000001240)="7a8c20b93673293bb91bda4cf9c21174286be711d1e4cd56f53b3c2f3db0d7b6f0331fc3b61c6aae1ce2dea14b0493ec048b4899f7f206f10aa6e4a5f1e7672ea27c69a7c1cdaf538636900b32faf555fb14fa0de4094185f6b354f6d90aa222abbff7df2a9e27f5bafe3760bba55cc933a9d9a2662c8e581718d357480f1b2baaf6796399c12c15265d7657a237ab67a877688dc32603201f1014eaf4ece78d435aa76025917b4fe47365e6e4b1f8e6cbb00a9b2d209f5098bf0855145a24b7cd061cb1c2ff54ce08eb14e2687e88066f0daf01a4460a8815c2facf66d16666e67115eae94a6879cffbe063f03634b8ba0891e2682b0130c48cbe94edff3f8bbebea1bd3fdd94deb37ec79b004c86149e161e3ec08cd900c6ebd88f373bf517a81e70a987b9277f7b9ca9b54e5a5fb0e7d23855095854b153cbb7b98cdedc4db665b1d995e1bdbc9cc376a5ac9b9b4734a32703cacb96f8cfdaee33a5b65451febbefaac2817201afba439f7ab8a95d58b9437bdef2101bd4ac820c7e912631d7add0609b4b0e91c5dec24f48e36f69dc81c8df484a2191d260a396769cae704450313212168271836a7f3976a5e6a6e078f0438b417d6a2ba1f901fb80053d8e541e7fea05b194d2c78df2cffc33e2c5b0d9343900d124c126fbaee67e421612ef6f02baecc98d07237c62f0dfe417e102ff0270534b7feccbfa7dc6f1e766fe11cc1c1152a0560a4885e15ea637a4d380e02f2c09a595624be84ef4a96474d062eb0d973664ca0d977406937a4ddfdfca41a6be0d823d06646380fb5c96f3a94534028aa724098f160e9ccf1dbeddab4d4ffb3f2d14c7e7c1e2dc457fe815d3555c5d76f3074f13aa27e8f5b62b7dbce5ccc08f90d7683dece98150516e9a90787cf99749a12cfeb24dce10127d2bbc2047c852a23d1937aa83b337b01111e6462989adf89da8c7626cd5916cf1a9853e5e153b539b7925d761594318c79266d8571ae1b23637686301b4a7584a39e668f785ab795dc8ada51ed502ea27ded93f1472f66615f782387e9ee592e5eb8d7a7c3229bd0de89d1b0e714ed86c287289622593eba330f351b1df2ebfd7b31708acf93db0a33816129e9a3c835d05aaf032a32e81d8ad80762d50cc7cafd3827f649053a2be7a8c0766dbd7f9e13350f5b42af127875139e7c853b6301550fc3a289d2d8bd7e9954eabfc9c0fa97d9c4c0a8ed9d30cc745af5ce329cc94862cf2931de94ff4cd3aec395e24ebced39b2d8f547ab6105304e6a138dbb002566dc9cd8551ebfbf4f8b66cd9acec5f34906ef9dda9105edadcad50304fd2f745b40e4af35544f06d82b695118be6bdf06574e92096ae544b336877db11ed76204ca953360df2ce0ae3eb6f8046ce8921e7b7c892d1ba0a23a66ff566b87153045fa11f5dbd17f7e75825cff43a9303293bbfac8e48ac2e91531d548416357e4da062ccee661055ced1ec53ad5f34fc6607358797feee457500a3046d966f6523b584246ba400a699d37c2514ce0f92c1c3f1821e7d1c2fc69d096a57bbbc11c23650f7247d3da7731d33648f449e971361c85639efcee2e1321b2f09a3d4b47cfd7d7b37987f696e122dfd518c8d4064e917ff2b534e1a0165aff3ccd871caad9eddd34e61fdf316b867679d9472a3ab9ba2cc582c76f48a0b07523cf76bca0b82e06a380abed7469bbf8a96af37e7ca9a116bc0e75d930417a99e8bc8b6637ad6323578b06e1692371ce9c72c80870798c8a2ea7fae1fccbd30b97f93c4f946412e7f1b350ed342ce2a232c16ca833a4a882bcc555bbfbe4ac4fa60612c3d89679ad4e8e2e4255468b476979cdec8e526f87caea09c47be31d3a1fa05a96de2ceffba32105cb7f21b1e790757be4e3e62caf61ad1baf828d2521a0ba6b3fa203c3f23abdc8a04cde1ac7ab92f28e5834b99758a10206d9ac5cf12934e1c51ae1b0ec193ea9207f8f3d0b56b8c00d95e6d3021aab9702deae5407ecace3c61c3e44da752cd12c9a709cc8bcbc6baa51aa35307c475e94e2cfd80ba1dcdaac29fe5c33ffae3035f8ad9b604ef4ba0e867578d6e440c16851df6f8a2b36244be13bc2e2e5510db2acef15107c376968affa76586b02fc1c21a79d954c5782ed6f5d0664ef4d67aa31783290a666cf3f88ab43b0b292b93e8b0ef1f5a72ff0e0f3848957c811046c84174e0d586471f1ca2fe51ba6b97363059bce090888513fe148e792e89a06fa72aa9a154e7c98ecb549a97928bed1b805e6110853279abc2ade08127b432c9a2504ea147559ea9dd36dfe9ce6c580b1b58ea363090eeae7585e51887db9b65ef3f87187c72c74a8259e4a3a5c0822f08079cf83e4cdbf2248ee3929bc5ab5f0a01670b544cd961fd24b4666c246ffdd867b073234687d87cdb6a9a7885021d5c6c60620fffbc65bd23683cfd2fc8c5e492a509bfa7c3ff1de6e4d3c507c37685984bf34a2f41a3a8a72bbc5982a42add907ee41ee035404429dc7bb3e7ad23d77a81e076e9371cda72989cbe7a6acb05ae1fd56501d137fe7a6a1e7315e803da84707ab60aaae6d8aa4ab45563dea44bdfeb136b9e3daa99f2d433c96bdaadc96776a6a8bd080d1a97dd3164ae37c03c645b6220e7abc2d40d821ab3c79ac05d4f88843d9cfcfce50d360c4e7c0ff287ec144902a881dc3245d0b4d1b0517d5f840c61cecd6fb7939b7e61c62878e22421122913811b342d50589fd6b61d3a21232615ff950a29318658daac6d7fa388dd538116fa00d4813a64d81248af73caba132b2c526f6c5bc775e02588a66fb8213b72f55e1b0e14d9322acfe7c2d0bed8625b744ca89c5e8a16057e7e78f1606ad9c9be186ba3678cf4d30f27946dd2e75d09afe49ada5be77ce44029d1fc50d5fa3cfe4493fabbbf36d796a27eca55de6423c4b1a2ba9e5508d963802c6e21d07d122d194e68fa95d87809663f09733c30f2d7e135c8aa41585ae4f92c9cc84240cb6b20ecdf02eafd2b263b28dad7bf8e65c88ddaa44c88488e44de5a83714d6ee2f73caa0c352da2b38d5fc3d834fccceacf49c89d7e30968b2068e781d71c649de953e06dcc2215aceb66971f0dcdc26610dc10e789c7e8eb2ac3d29d988334ac477941cdd71108808edf3621f4d67e9ad7b5a4dd0b612333456a53cbcbb4f043bb1b00e4f241dffcbbc0ee96ae3f3ab8e4bda89d67f87cd8ea5216cbd75ad1a1a7503ecc2b411db2cb29de83f2c7762d16977969c71bf361f87e246dd4825a805037bc16b6c682f46942472d68b0370a3cbaa9511e24fb33075f67635cfae723ca87b0c0a18329cde026f6b1066cc4c7416ebcf610265232faad911d99f1214ed20c227af186bc0c42921d04164a22b7b4a33cc6519a87bca690062e88f795f3679ac5d81fb7a7bca42ce23508e1c724eca22383b67fe1f8176b040eb81f1038880df46190536460f7fa16b0e94dc20c5af160fa05a9547a5b2226d4846830e34dbc9fe4f50ce29bb2c5832fec20087248447526da0e1d57fc9ed1be0e091f81435891d723dc16f5e396e8b34fd815be102bd3948071a3a62533a312b7c0684e3900f2d6eec097528e088c38effe6fd137b27a6f52841bc91f4bcd676046498c28176bfba32cf406a9a7f2ee27e7ad87d3bfa418de2ca6a77c10b1ff4fa4232d6957c8bd2a504ecb1bca2f263cbf565c7072240e4bb789a74c5818571ce03682e0ac11238305f961598f1b6304f6fbd1336ce77e616d6afc36138e6ed9118620fb489df88587721d5e255b5b0ded1a59a40a55632e27900a3dd09a030685f3f43d3b0b1e198ff8eb5e5674774be811e71abed69ea3e9ad495a2496def32a182e2d46d163e503d57ab583fdfe9312cdf9712860eb6d3e9a267a0d48f47c5b0300aef350ab547dc1abb6c07606bbdbf4efca0bf60f08b967365dcb18c0cfb475ff11f1989fb6961d8e0cbd53b0df7a27792a4ae87b9ed7acc21560a524bb23aab74a788052815b04a9a9566cc23ddfe12041cdf5775dc75f3971fd73bea3172b69a2d4a4975abe2862686aa6603f8a5c08eb12f530b6a728381d329506800d60feadae3e4f4f686a54d12adc0b1f920d4c1a5a15d93f7766f1df7dfcefe65f774c09f0839d44e461d43f7e41f71f111bc3daa599bb1c81bb7a7cc688b856f511e5e155caf6e757f470313482a16fca4d3563fa311b446bc1f399f0730e686d37e4f43d38c72560f6f0db7729ac2815e1cdd1690c22fe6cbf7c0bbbb286f529063593360080a215fa3e535c4250d54380f0a2d277072b3675d817bace2e25cb147cfdbf6d86636d1a5f31747b020d91c1d0f071eb9e490b1078b13391d7190f5e7536c92edd8780735e8799909245c395f3fcbf9f5a609fb201487b147bcb5d602478d2a4185374bc43d05ab0c396b9d53b9475682508fe644e960b7d5e21a8d89609dde8e4f14df9b741aa6a8404f0de98b0281e91d46b32899f9e923c51681f36638555b906347e0f99d16c24d793e64b0cad0962c9eb8cdee4f17e919c423f841ba362c40b6a4cd644abecc577ad528157066315ae70ff40c9498b9e81a64d2ee2751eb5203ecc1a82b4547805643e6b51dbbb9a35905d2c046ae503bdaf36dd156e6292aa708a1ea16717bf731082aa3fe89a2fa73220370fed5f48d6c938be2badf090972322d42f8c321a1737b32e3ad35d107010b67484c7526f2c26bfee16c1d4d1a11f85c6fcae3225eae708cf9d97b59c1b22a7ed6bd08d0cee49c344e64c6bf3d8224a68c1be81cf57bf4d2b2f6ee2add2bbab1a0ee91a7f770cb8e62c2d151fbc268c710be9bc5cd9482203e0f15987bc9d100f17e7ce26a8aea72810307a9fedd814dbe00c61d01b3289600359fcb380666eef0c0d8f0f3b02fd891fb1446421f24df4498b51be1bf84a2b9710d3196b34a36a09dab26dd2d8abff309656b37d18c5d06ba555aa318ff26788f84e5e2d8730ab987fa43ad77db0475cd578007e97649cab45610414d9721182af2a7e1466eb07e52a1f6eb484f564ff0adf81869ca3516c918fcf1324ff9bb95dc935fc5816bbc4a39a9b874f1ca76b739b8371660192ecad747b850ef3905823e4d33e609b9181af35284ef01c9c069e1758b21660fa4aae2163506e3966165e54962a4dfb61238feda79b6b3c4bea9df5451aec1adc8e8aeb281039dca95818cb5f2acd9f3ea59cc1d56c37be58cd0fcfe0072ffb98a8a87a14ea3da1a4e8af8bdb3f9fd95c57f5882c2d7c570233a87150273ca93f4abdd026c9113d92fe87d74d628640e300c6ea7266f48f54087ff5c56765ebe514735eb75db1715c274e282a1eafa2656ffde2a61350c556eddeb25593ab97c97d04a37bcebdc8bcf5653742ec0a75498d29d6fd47545e8eb4e57336e9613d30b3d2ef971b06064d6b631f8df286dc6d9bf72f11756052e210d713ea73c9739870181ba0ffc5ba6d82270dd013ce9305fcd2b0322bbbec09ffbab68f44c87f3cf8996ea838d19a5c85a0cdbf8bd24e6fe8aaf6f72d882d651407efebb94c222aed55aa04df4e99771f47ad6556d1619ea4e1f9184ed027f36b2de96c7eb0939bedd7c2abbc75075bef83aceb03af1c676836b4685dae8288f153a363fd89089a1bd9c4dfeb7ba786711655430bd257b828653c483281f76abf14a79373eff74ccdbc23c3bb89f770456106b262777402cce39a066605da818da1ee1502338b8271d0cdfed99cb1c9afea9132bb019ba3d60c14df7dcc46e76e3ac958353affbfd5dfe7f2f6927ff59f88fede6a8d", 0x1000}, {&(0x7f0000000080)="653fc270c70636e4c117", 0xa}, {&(0x7f00000000c0)="574813f1a161a068c7dbdb5f364071a3750b181453f31db00d1642fb288b67786b3e4a5ed7c50c9ecd6eb82a39caf52fcf64671708232d2e369a666422545b2f24ba0177790a1c2d24e6c2dd3ceb44d007e6ce88f13154fbf605eabaca1fcc57634d4c195d7e2742617f164f0027cd1941154b22ff109bd9110df907db5e0163aa6715899a05d7961498e645eaceb1f8eb2b2a0880604a28c79123665c703025afe542148d4d810f2b50828b73d261122d9ce88f928ffb79", 0xb8}, {&(0x7f0000002240)="14420ee15d0f1dab46f7844408a9c231187d2db5db90e277fafdfb7a309ee471213ab96f6540e561a732ddf0ba5e456f45872bdf761eff85bf514ee686e68875944d65435572e0ba691c9c73e1232e850ceb354d471dc646f597b5b166bfb4b98db5c9eb086df210bb8f21b0e56d027c7a3e1496ddc2f867215c1e196b2c8254", 0x80}, {&(0x7f0000000180)="2b325f833656ae242a337ba1fe85f115da389cc0b23089ef6a6f0f35bdd5c8b0b5b768", 0x23}, {&(0x7f00000022c0)="29f0f60e68782cf78bdeed5f5d5f1ffc4c883a134b603accdf44f04c563aafb9ca38e1363597adc6c6673050d392110b81c78e04fc289fd631a41ad323d981d40d60afe49fe6d9d1ccb24191c454c73c2ddc1ea902967e6cf8f282f4ae1a74aa3a4f0502d5d1482c0045befec478535fae5533c7909a16d57c7ab7bd76abbb3cd9e97721b70ffac765458cc61d694b9eef655fe8251e5a17d8fa1bd6c2ebbca9820dd7def62cea7c46b0ddb8583ec4547082a14d63b0cf7422ed68d8ca8f9714f37151632f6f9f4bc070ca87ac44ff249a0cedf7cddb3c45d3734e959c97d84e1452b19961cb0b520acab1f7796ae875191eeb306a5f62152396cd3180b0b154922957324aea95f41639532ac3818c53dd46a00425ab745582f356589ea8bdf6c158270782038b7396d474c0b1bd51b7ddf86617d19bfbd01b2196550ad40a8a169ef4b2ebbf06dcc1757422baf1627206615ba5e98aa0a4f0980aa5de106d24bb551e7f2918e67e94c50cc40af93c74bbd6291710cfd8248b02a96865da02ed6586ec475f77df00a42e73a2e9a1b43c9c24113eb3db765738956b3cac607dd8eb70748a38a8a9cee9390d4873ab7b4e387d87b8a376412d8b280eedd50385bcd9b58a4a1094c94da1d7c9f9bb418994106da1f047a190d9042fd50b6d0eec31018ac74c3d3d20c471b2ea6d9422562a9cfad99722d76058b84e1f23d833d305128dff0e5eef6b4d4b70deeaf8c7a54809449017e703774abd0242c11cd33c1b748e2c0e07a225b26919d0185105c91a15dbc3538ad62eeb97c207d443e71400db072be1b8cf21ece5f5593315bd05937a800d04e8a895ce8c772ddc9abadc8b63fc70c41e16812c82def86705fe0db9adf56869e063e5c6c3841262feb9b307ac9c0c5eaebe969e8bbc527dfb76e684b5f38be870ff4d10a4be02977c6a76c29c4c08b1258cad42097a263090749cabb509197721b614a1c06b2ebb63e856b59e3e805c8aeca341734a26d366296333110c7c1be4266a45c8599440a4777e637e878f59ff4269f51e91f6f274b8acdb976072ec6a9754f9bf8d89ac5850cbd93774d9cfc30d53a709960677629c884488b3db62be2e638e3ab449a8798fdb99ba5aa7bf86864f38ba8889ef061cf7d7276286fae943e8f926b8ae6daf2954dd6dc675251f952939b548b9803e2c5d2e1fc63896411be54483b226dae3c61197bdd2b257ef7d9dab08e0a1f05d260db9d204019670936b041fd937960fc3f5ce11d4fdeb6d6bd77c9a3745c3204f7190ff13b4ddfaa98eb1c021115d510601fc22aaa676a776db0f8619e1bc89dedd7c23f8f1f23bc6319edb141f0541fd985700d389438f0835a967cc2f39b59f5c118bc755902b62102e431db28bad6817c8bafd54dc93c4270e743cfb7de159b31b878fc642347599a18a89cda352f191974c0bebab9513653d33ccd5fd58d39f0457be2c7c46043adfcf1784dc7ae75862f913feebf7877c056504ad04ea0324eb075b4aee61165f54679093f7fdf34df962efaec337090859ab102542900653f1d8465e97fc7feee287d56c91b412316fbb1fd59785ad6831b5629d1fa1890f1adb4de9995b67c85aad4ba2bec49a418247ff1208389545d51df0f1889cd9dd0aaad52887c19b566e3ea20b88ab35504c982bf56dad1c9674a61955261a569a7b7c30ae8f1f3c456886b3f67b76656a417994bc1008bcf2b37cd47b24034eb6464d693d69a675cef82d792f2df268a609ae9826034ec1019bea969aae0293edcdbc45e5c5dce1d5cccd76d377e8581b50679040ebcfe1b8a31bb1ba5d17ef9d46a166820c61aab526a8618838e5ae893d42d71bb768e946ae29f5eaea06de1b6a6f752fe31262cd445efa44527b6866a27397b44a31ca0c7ee55e8307afa9cee559d4dc185b8c02c7e634bd7e935be08b66b11522a54f26f7788e4dce2e3d56b923968293c6e93ba3e5fe0a17ae7d23c974830d6f20aa9f82e3373aa8dabc7169e4cdf9fb4c208f6c8ecb5ea1b2f1b74ad11ffa471cebd50cb6f82349b408636f13d1c1368893611926cdf438ed2bee574d2f889e0cbce74d4828a454a2841e3c457a2a2ca373c1118cb36b8be8f81dc81b4b54aad47ef26930733d507d63f9a61d637620acdd73c1bdfcf3ebb4038f0f7763bb8d3cb8f15be5ae325d56c6d43f4859827cb1007f94b73bb6fb5ab0479d1a2aa9121597531df2d89b3ed842c0150497684719791889cbdc8197521da6d567c352c2a73a7141805a7826ab2f83ee323ad9e9c0cb6b9608b301d5f941411bf04580712cc0c93594bc3116523260374a922e5c27df2ff50efc6ac8b6879f4fcd2282791b43efa1a79302f51ad3692a25bf716e867fff0613762e389b28b5d45993913105547a3a7db40eeea806e38f902fb7f7c60acd5ce1228ad75ce5781f8ee86947e4f0c4167bc4ec95c2fd45caa537c9e305d4179599eae669eee306663b578363c2e949de027e3c0865c503c79e43d316462aec300b3bfbe885cdb091d112d0243d425119da12220e424e7f0b3f26f2dac98120770fdb2aa9c2c0074dd305698a38a4b3fc693360ba4911f6950658945088e38f819722068ea67f4b6ead2a9bb7091b140220658a832a3fea621b4d882ea37c073eb753d2617ec77feb7e7326a8ca796e8748c21018c59688e3817352e21be2e672971df517c4dc6fa20f654a96466d8d59ebf8e771a6d2f10ec5fc0595dce8874d9bece57e5e8176ddc2da0aa33992fde465967edee16a0d0ea935abecbd071c616f3b33a14a88914940a6515c47ed0246ea2ef1b814b29f9cb6107b30301f94aa1486db9b13e5c7ba4db2a6e98ea457faccd393c125604dea343553cf835155d7aa6020eefa1c10d4e7998bf0011b37a3292e85aff1e93dc363934959b79e5c78e7cf4b103a30a6cc3bc7c4fe96b0cf68a0b42fcc2de1fc4cc8fe310dfef9b640b0d4bf48b267da11e05a0268ce7a4dbff4d47283f2a02568d2234b47947cdcd2fe13503f87b94f62c5d6dac4e694d8ededeab028275206c84400efd8a94a0d26c2febd6bc80c33a30e2a8667796f00d94a325bcd5985f1733a78ad63105ef758356c90398f4ca859d217beadcf4d2a07a7141391ade16fa9179bc3ca6ea4290597666c771f2385fe5429a7d8ac863db01da15186d3aac0dbdc6f03783c76e3104355f7a840b4016dbe398a96731fc13b3d177cf66f7c10ec7abf212d698dab6b70fb0b2fe9da34a77dc5665824fd8cd38bb84ec8f4deaba0049e9051fbcf7718c6b406e1956a09cbacccda2d497cb5d83cd3650e0e7ffb4b0404abcad3ad466852871d1eb0344738a44b61f4f647d8b8bfecdd240db62e7855b4714893baab58fbefbdf751a232f77ba247888ae596b7e52122938d06c58f89b8b0a446060ce8c9179473e92ea0dacdae8b287c5d47765a22b9077dbfa13afba27b0e4b08f097fb50c1024ca4f49f9ed62fb77e246117bebff0ba797aafc3a75b45622ad68be25b7a7591582dccee1c3e448e43dd2c72c8a87f310ea8060772a60bc3bb93f8d5cd13b81662424dcf41260649e6cacfce092ac79d7b32c3c669c4ce667ffa6d5d282295da77e559d2c784625ac067721001eed9ed99f6e9dddd29b12460405ffb0ebf5999518627ec4755fbd73ffd156247b76d1b933506bfdc27fd0b4dde26ca5f176f78f4d63a48feabee3a6e2ba7133ce548427ffe1f7c6df71ae5464c1f8218dfdbd7401d8a1511e0a47264ca5dd487809fafe18e66958ac4fbff27e75d7d8630325cc434d300574db64755166ead9cf9e3c254e67b68d9ffbb8922329df74b196b6c6e57d18294fd0a498998c8e56c6dd4b3a2720dc6c2e91dc4335bf7602b0eff7774c9dc759982202bf702c478cc0ca29ce45ef511ee0b16edd85104ee708614483e414b1532f80d8433bb6d430729e0119b54b68847ef8a16a8dd23043b996456e9248b95dd28719db3a90215713bb343bce78e716e8a4ed1ffe96d0a766d66f9101ff53d0784025eab9df17d9d60452d431162045b4ace374d220d59b83e60adcf95a3c5f866be702b0e1a63e1db0edef504c2b50820d857c81996180e4714311cb4a59d41d4503fe3d31fab3b67a8d0b5ecbe8eb4a1329f42dce323898d623519ea5a126265f1457bdcbf9a51eb3e41dcbf80d70503178af49b7ec134b91794f69c1e20b43bf4b2d1faea5de3283e79229dcf263606469e0334f1c3d42a652556d46a88680a72a8a9ca12dc824da28d7d3a59652d4a26663204eb8d90617f8ccb8539c3bf7934924a20c85e11298d9107e07c46b7ad07598d23526993c92b2db68ff3545e77a6093b09f4e1c42c54ded099e733f0238b9b743f8b5d8fe6cd0b7189d5abafb21892af2b5c35b2f69f74a1172667e31248bdf2a372be905576a76f91e0a32b6193b4011df117837fdbdcdf925b0c8ac7cd3d6b986b428577b686c44fd789396b7b98be3a2a9707e834ae28069182c7f3f8b07f42cf2e6a9400f956ddd905e4af78719c583f2bdbf6a8f66b20aa363a5f703e24a1a71fb2c064321717087f82f33d86b69caebba77cfb979216188c18cf203afef07d033dbf007f97adb2e006da78ab686109784474d946b4bc69f44d640999900747990db5aa66c1503bb0b3e4917b7da1b287867324d47247ed12c27a0356c4e81714787c96fce9d8621144c2f690f15608bfd6677ccd9fc455b63e7c3bda64326a20f0c3a3c9a7ac0f81b5104e839e38b8586a3283b16a679ac4b7c5a0f1e4b31accbbc73eddb6ed2c585ff1977b785fe77ae7706612fc261a2893b6773b9224222cb0e7d5c5006b283935fb6481e76daddc7e39bb726e53c04614883c7a822b44a1056ee145cd1d439906c951a34e70bf6c8eafc2440ab8e13450b3e7c694aab1f76a3ca3788b0ee6a39df9cf9c4d3e0489fac09f5937dacc109f5a4b05a04cb5bc02bcae184b37b35a61680e040e1e9bb86be58fb56b553b6781387abb874c859205a7aaf2310ecfcc5a3eaa85764fa298844bf68625412740b3cb6f8616fb62e6419e081a719167a24db72dd450af45fb3cb7f5b899b8ff99178b60fac5e31adde93c8dd2a1094dbec0b025e5a4770eec6e9250210301123cccdc77818789c648b9eabe4e36a32a593eeb58eb11ac122bf6495946be3234e405674b259fcbc87a43139d1da1ef7b789f39bfb2458706e65905c6a55fe89e195cc097d9c172cb3dc34b442cfb43fe70f92c1beca6de61f797a5e2835cf48427ab4f864347c02f50c1045731d6eb5c0d96e468e8e385c234774618830be61b706a6b363b34b8808a01b04763a80f64057b1af30940cae4bca4376ad61eddb97a4d5a188d47dd4c064d6cdfe592455b2016faaa1713c6776188ae9d1512db45092bcb7dce261d6e5459e87e0d9e2ec1aa34f1522522c5b70a633c359a30891d7f716df12bc4ceb383ba3c368c654c9906738f36c95cce5b5f52c283418f0bfe9a23ca4ab5edec101ca218f812713eb1c5215d57f42239114cbcddbe309624b5edd441411dd328c08ba88c45421f204378a6fcf73d7ba88b9fe2c0e03de1f7a5b9f5db1424e5afa7f6aafcce6e526e6a5429ab43351279cb356f46fdaf939508b536991dffa0c0ab1cbed5839970894de41943cbffa32f3b17c028165358f013efc30d1ffa0d05b2731c4c0c19ee3320506cceec1ea8e295fec3bc23b5b66855788eb8957635846bea2a867c38f46276c0439efe67fe0749dab50fb0e99e7479abd3fec03ec2c4bee19e2c272824f87ee2", 0x1000}, {&(0x7f00000032c0)="ca0c2aa66914f841b6e86a3e60057ff6f272d881b9c6115580d2e4e37fe87f72004a60861e6849f2a2e2a1b31b3eee4abe15e1616106fcb5b44f5ed759d9ce4fc0058f859567989f1e54997f659191e46ef0852052eac4f82fc1fdc703a4021592cc1923fd439d", 0x67}], 0x7, &(0x7f0000003500)=[@pktinfo={{0x24, 0x29, 0x32, {@ipv4={[], [], @remote}, r2}}}, @hoplimit={{0x14, 0x29, 0x34, 0x400}}], 0x40}}, {{&(0x7f0000003540)={0xa, 0x4e22, 0x1, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, 0x1c, &(0x7f0000004580)=[{&(0x7f0000003580)="6e534b64686acb6caa7f2a5e45b842d369b32982c0658213ec0b78e3f26b018d4c7c1003a8ad91741f584908e91ef9b4d94ea4a9a53b55967c028f0d09d92d79892210cae246272e570bdf0d4187d4fa820f8f3be7a3c484f93527b7b0320f3f68e84d39369c838db4a71a5b5beac54c70ba7bf88936bc569526f131e7745d8c5e31d9000db9dd9666d48a472f85e73dc1ca15e9055e848d43ea10a312c78f94670324569d76de73e3de7de6a63d4c1544b356e3b60733a78f838f1f5f29b9df7d3871962eda607f9cdd3a7a2aaa2b94242dea3bd1528b7cf5d8375fb0218e46c8da31b4cfaea4ab103e2e800e8f10202acd9487964e05d0247e63de5d2b5809abc488e2ab58566b3f942faa5a3a620f1d154f43a1e312560b8c3f0b9c26b0e88d5e8e3da7a615290a9608465144d96be276275339bb275caa8e9e46b77db4016a0fe8c2a845fc01b33bd813a67a637a5da265dbc9857563451733f6609977e8ea451daf36f4a977f7168134d09f652f8fd4b73a57df7e188c78643d1112531bc4fe72106fbfbb2841bfad6e6adcd6d44ca1cfd7680cc027711ce33a31cdfa61e995c8d628c822426ee11637cc37c00e776afe8b21aaa185ddf8d6bf9d8ea78b7649334dd628dfb4615594e4a0310d9d5e65b8e396783be69d05262c1d0c4cdfaf631c35f9e634ecddfbd5ec130080669fa1a88175d53d2a4078d7cd9f62298f86bc5e78f686d425220f425b0e1f29200c4fc69d7478727a698232748954591b6a211c4600c17998cbe8fcd28de455674ff7784ff5429ab13f92922618c0a985a11218531ff893e8e1cabb337a0a3ba4480b9d6df053f8e8a31853f454731fd1cda907cd4594f11fe26f7679afa36de09c13c8de15b80895826ff9749fd12cb2aba0d860e8e9539e70d6804d5b0ac72c6969a7184cc455382bd0cdb64897555ff65d6cb11e8f3a1732512925c206c87c7179d0af7aec4c1c779698c769db7729f6c5a33527a537552cf75432a963db1745f241bc84937f74db52877c58febd6bce3866c69c740fa1ba284d56b1044a0da9c54c21937e7378d7ee9fe7b4a395e769c4f846f753492108be5f7e0aeb786d43dca0147f292e63a8b12fa285c7fea7587de6f478d4f80e57a3fc5c1fb5e97d49555ced998c3e6e700247adf31c2a1e4181ac48fd9aeeabf06e13a0b529e1d452359aaea224c8b86745a9195fd314e669d0ed48c547bf377dd3c3ad2fb6823ce61deda8b158eafdab217b12a0608cfa3e2b506f852ae2122c8ab64bb9793c0e29d2f4111b0f45fd2d0f1d37ca100b313b522b505d48c5097303e37431ab11b2025b38353793f37f2f66488abf39efb3c28f2906a423634332f9ca6866cf0a06feae00fb14a6bdc4ce91346545fc7e9f16b803b07c3fbbc03488c1f1582fd20a0d9d10ced25c9b81be9e637e23ac6634a3729b74e9b6c1e25aed256b1f74b20c5268501af098d82619df7efc0db276eeb6762a763d5ede8fb93d96cfd393655d0c11607c6db3bb96147ecf19696b9498e1658a56d4ce791b6a46ef5bad7482cabfea02221e3bc42f23c83bb202dfb96791b0ae90357649ebc7a9a0b73888f32036306e62c137c228b9af484d0288d2ed5e0363ee6a2af0b5e5a8f408f6f5c7dcf2b77a46b21fdb21a5bfb1cf0c63fede2141261309aef827c7e843974205b4543dd8bf1ca356316921c6f838e7517ddf5c09297eca29b2d5efa5e0f82d2c1a8bc68a6d3ebeadb9e6b32c6d6a3a9282b5a7d60ee8e468442e9a4ede906f0c29e809bed04f75d277e791013f0989ad8fc968794f2e5e0d74ced2e8c42585ec28d7ae7322166136d23979f2b58e46969da9d2f59e77c028ee051d6e12285fe8cabce0f833ae09bcd2b9e240baefcd91ff339673d7fdf07c5576be61d4811eb3793e5e2d871ed447465009092ea3ff425cec8eb831fa76675ccded8246469e7b4dfc4431c52dba63daf29df74c267f372f4c9e1c24e736b9461accb60c6702eb061c42bbf1fc7aa89961b82d55e7242113095d9f0078e0a0cacc90b95f66f8ed375114bcefc937d2675f6c7102a26b57ec1d242a218464638dae3ce57327ee6a8d64fc49b2dad6b4265ef76ab88058ba2759b617faf268a0c0e5716a7827e377a1ab889be729f72a65713eb786a9a07b3e643a350e2e983adbebeb747671b49a609124a0af87c1528da3351b72835e749fea67d77ac739c4790532435b1b5e509d9b57d2f1b31e7decbc9652d45725dd88e075e3a9afeec57d0742a332121ea09c0cd1a742aa598cfd141521e0f82d84e81cb0faa271d4952aa03e2f744d18b14fae54dfd321934e8d76ac6c7e53f9156903736ea7028c98f3933033c620b9e4953c5dff98919bf24f5b989ccf75d39684e781cd11c5caf3c403a7a789025ca7ecd3f460c11eb4a5cfee94cb6b6246b155c801c24d243f81bd2f090d283b2a5f77224d938de2bc268c475e843375afc157ec6760371d05c76a0c06eb73ae7520961a11315dac1244c265a42239848ae155c3edafaff1d8f0512d5a814fc8af55cf7b3df952b184c9a4fdb1e3ac5dc2327abd9b4d1e79b074287c481513a0af79ff6675d4163974f2ab2d32a0ad96ade006447266bad61b62ac870a75e343644ec6919f45331e8266ac0e0881acbbc0ad69048621d5a1b7ce5ad0fcd94666e4565c9690d31003a7a7cea393f3bebae3b65b21a3f356934a8154abe5be94de3bc3d24afca71cb1bf5f52d6d4ea2294b1b8172caf35fc890ef1680dbc6d1dee294dd4e21409ece60d1144ce0cd64b8945b8937a8c265a37851072bd70da120add93ae99fac7f0078819745a265533a8725aac153f727ac39c024058fe6aec3561b5dd9aa8595db2c59e29223a5cd398d0892af3b912a93e4cdd10521e04893271c2336a7fdc78e6c3404fbe9e5c23bb1f9c73f4a65e7eb6151177e0e2250a9bc7509677074d28f52ed7d31fe700956b5ad7d2b67d6fc77fda35d81c97aac7910d4f8c8fe05990b20080d4ea3e911f83bfa2b200c6ad73cb595d5197827ef36156213f8ea536a897f344718feb6f5ca5da8440c36e0a9a4ac821ac01e7ee0e1c0b8151b2f395a67411373eebfdb916b9bcc3a4472ea5560a763c66947906fc41354ec5e9d3f2e056150b057d2e9d664b73116a85ddb77ac17c38b182fd8023633a9466e8596047ed8613871f29ef2e0b1f47972108a1ca7c9f7bada48eed75ed8c08960a14d80415b6eb5dd9f4cee0bfcce59c5f68ba1e28a68aa2d1cac35e2f3fbc5c1e547b305de41ccba41e8a67cfe3c78b352ccc01b868816f58cbc7984e1a97bec18833413adda159d664159bb95d1f3cfed73e6a2dbd98e4d90b5aaf0b8cf0f1e3e7da1cdac39c9b7d3ed12e52736313793e8f4b68a252ae2f6c8e59ced98f1eeffa185ff794fd5a027a2fdcb594d0dedadcc4af580c1bc1b9a4fe0f0c1ed9eab69884440f3d734edfa29584bcfd11c5c418ad6bc1d7bebe4960e1fd7a088255438c61c4d870224a6e1626c2bdee9e534c0aa89397246fdc015775034ba2cfa7fa58eebb21684adb4475bb3b071996b50adbb0f4926fdbbe6cdebece69cef19293c8245389dbf151818eb18127a6a434463f116113061ef81a4712bc090da0c8b16855a02c39ea58aea7154ca4e8d337e944aeb3b66e57da3c7f30954562916085fc1dd389d2dcdc96aeff6f0aa8c6adfe3402f7dd3d1dfa5740514bfc6f3abae45734f130cbe6bb1e35dff37f94b6e4aaf5911969b7d4efba82c703a014a6cd9256b7760ea9f1104d8c8f49796a4d83c54e78cf74090cde3d2884cba4052a47e52804badd2fdf3ba8ba3a6a69e4f190672560031e441690e6896a26920c89a1a61ea95f6b42aca9fdda8064bc1dba821cf0002d1d36c2b9cded098818de2e2df882b24087dc95ffc771b41adecfe3931505f3388343154cc23384d846886b48a89f812505c9aec6bc26f4788a2d7339c0381f2fc9c64186cb888bf2b6756b8e07381f67761f0c9c27b8ad5e2f1b7726a569e3161c64eb6d552fca7887384ebb91498c9c39caf676032bad3cb58cf9b36827c69973057f806a8323edfc123ed1c2d63918adc99bf7ef25211117e20b99239f765d97ba6db885e2940f323cf1d5382626eefd8583790e44e997e7679fdbfa5f576fde90194adc1424dd6411290e0cf990b2ac1663e24353c33e28c341281f249331777613b947036a45f65ad5d47742413bc7bbdf93ceb7b7bc99f51f02e036691201bdf1db158b344e3e4b3caa7c3550f8c11b90c434fdc9bf1ce9bd0809bc310b4ca29e4fa4c680c139b7ba992c9a490276f792f4ee58b840d5584e2f61560a43fdc488f8279d236f800c83b7c622fcf8a0ec11b09df24b48e155c9b898b0ccb78be6fb0ef39cbcf900ffc2727f9324047f67402fe3116ad2921eee5897413d1f0c15896354c2fa170aa71e8c7b8d7a50746557010e1b054b93a1478410d3374c1fccc2b63e02e22a1eb8aabd02783fa29681121c5f9b2f39f70673da1ae7d9dd5d545fbff83fd92ef978c724d71732e142ba6caff8db842e852bbe27430ef16ef0ca11bb23949ec0ad637e26805415c3fd5d3132ee26f6eadaad3f80ca085babf29caa991696bb57d040c2b15997ac77bbf3cd3e67a4d5aeb98bcf02f9f504c402cefaceedb9c86dc44731a3310d760f3a2cdd470ade31eaa52a4722bf8c9e68478c87797e587e4a4d5ff9f44d0ab57685a96d85d2a702df8d3b8f9fa8c64f1a2e62a5de9da77a63270f82c13a4af0539421e6c27fa8b79ac9e492d87872cca84894b4036367e9b15afd6696f8196743e8bbdb4589493a84447ee0dfc59bbd4316b6eb228a990ebbc1ff2f4ebd303bae6b2b68e96eec60114596df5026e58e5c0681ee684b2a14b77246c20424a78413a853ca63eba67b8fbbf32c304c9eb0a6e6c13bd6331cc88041c4fc81fd7c279e378bc100e145a5b6a2b9fda1c5f6b1ad7e6b15b71483362926cc8278a6f1f758307615b9deff2da2be701bbc10b0078b08d43da9538b8239bfe29adbfb89a7b1db65b13d21b0f7f131067050c7c43fee854ee5244a742428447afebf6401c86623262056303515183f6c62d92bb61cb7347784831007f6412bc9e60cd4f8bf1136bf27dadb6666974de4188b7e6c553df533708a89ff69f052837dbf72c275429fda89a25b1ba8bf09a92dc8ec035d640771b303e3acb9bb90c835a601c2935d2f27668915d5e2ef108ab7c7fe89e8c69466395c862be5611008095ee44bea0dc447b1d27ab6fca6d5609e594661c6912831b61f25e5bd8636d980a7bec6ee250b3dc349f238675c2288480d5435c8466bf9420002c36fc36e4d77ff1a0598482f9188755344bd2d2f9aa79d5f80ce54ad90350ef8b82e271b8695f3d44391494674843685d7ba08647e0addeaecf8987cec20d5d1bf71a554af2df0a5dd883d4cb781d44b415fffd584fbc9c7bfacbb02cdc036eceb8de559011dbb70d72ed8ab02b5ec28e6b5afccfacbdf01d9bdc1df308d1493a4d42ade7e884999f57b9069d37a7b69bae90e1a9aa53c4c112abccf265307fbda65f51e029d7ad3a279e30e75f686aae68c46f62067de6c50ddc1c0d5060330903909ff934bf112efdd7ce87a29b9043dc5af45a3e181d1b1f332a2784a1439636757a43cf79673aea5af4c047740696069020416b945437b0a05dbf6604de300f3285b51d6063d90e33372d3e3b1ed63d5b55a4d9e9de4a8629fca1efad4a067fb2f74f29ecb44e49376a878f421b47347e91a47b7e191", 0x1000}], 0x1, &(0x7f00000045c0)=[@dstopts_2292={{0x88, 0x29, 0x4, {0x32, 0xd, [], [@generic={0x6, 0x59, "118b2f243eec021a7675135f5151f3e6568b07a9616f9657816b86cb58fca1babe18dc3118879f36198e4c5575be2e6b786337ace9ac0877aa1f759166d6c769a98b9826916daec58b9605304ecf500ed9e301df4ef8c4f08d"}, @padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @pad1, @pad1, @pad1, @pad1]}}}], 0x88}}, {{&(0x7f0000004680)={0xa, 0x4e23, 0x1, @ipv4={[], [], @rand_addr=0x5}, 0x3}, 0x1c, &(0x7f0000005ac0)=[{&(0x7f00000046c0)="3cd62b621381e7b0e26a962786ee181eca5d682cd3af5905b2b86d2d1732c363534446f4920d2b1ba52fe123", 0x2c}, {&(0x7f0000004700)="04e49ad013ad2000075aec231bfaca3abcba08d6d93a2d427f7522c5f004b21218d5902557789aac306adcd3c4e6be63ac82e8cfb626e67bf0748a9c0dd18f124ce52d0b75bba85f981a0772f97dc39aef76a880aaf4b5cecb3defbaaa7a84156e543d2158f629663eefc58a3ae461d6516cf87e9eba9831d7c2da15af9a2072f55b218913c66d67267f576440a9d3ea689272fdc2a9ab311f31e032b284f39b44c1b46141078547663f6e3630eab55e3e742d96162fb9602243064f8cb7b284e221c9eacf791ba4266970caf64ca67f3b", 0xd1}, {&(0x7f0000004800)="c805b00f7f20ed4350f4b2dcbc2d1693ed42440efb44863fc106057661b8bfd9f996a72ad46e6da27c47b1d800af656e03c3b96133177f94d741739e4cd88614b321221786b2417869121b3218290ae59899103346b0055bcff097fe042bc46d", 0x60}, {&(0x7f0000004880)="c36534a7a1820a899fe57d34db02589e309029d8f2f4b10d86a9bf94d3bac2c01f9f017a7175fd947ce032f2b28686eb151caf3ee3e306cc5b1babe42155cbca0d172c529a409432ff7335145a1e69d893057729d644238dbf3e3940b500bc3e6188dbf29e4e5bf08accfa175c75cd2af6e87280392e7fe6f3a39dd340916545724981b6e449903c075125cbb89ebf9128f77ac571d55810ae259de0e2c70091a2435c82fe164cc165aea7c5039775ee5c18f7cb0db8e15b88a325d6a12c13d3b2bdc1cf1d45f254d4c67091a3dbd9e59fefc4fb50d005600be13ec4dcbce7b336e57027723938c24f677dc8e1c20db51a1e13", 0xf3}, {&(0x7f0000004980)="7aee476eef556df91981c115b1462ce2bd08b6c86293f1415298f8761ea2d4b9b5cdedf329c4286e0f84bad5bf0bfb63", 0x30}, {&(0x7f00000049c0)="6b4390a780dbc2c7798c25966c3f385136e808cbedb3c86b8a3e752ee79619e431acd13b99f077fb77f4ff1780fef8de825c05cb8105e4c807901437a7d436d9a56c44b571a91bd67b904deb1c11f5df00747bc1512a9cf634d82d2bb4b2945447e1bf2b37bbcc84610f0bf0c8aa668d734aa3697337f169ebd18f750cf6cb050a4727f3a83468b8219ac0c3a7e9372af720a487ad43a60e8ef9297d92ac7d9f4a578717a9b15b3af22bf70007fb509348f407a7d3943a08e3f51488088389432cab289356d78bd99f563a1ebfdfb8fd9c08de91e6721d353b0c56a35ce256ab74848342af3e277d059cf00832e734696e883b8d88e87d6c67e4c01e1c6a8dce9d5898c7eb2870b7d15554e33dd692ceeaf15744c9a2f24879bb058ea88772517a41cea065fee60e1b909a441f7e941d10f519747a8db4dd2f1f9582220a9edd5bb6380724203574f2e08208e8b55ae099393fff7831c8bbd8f601c2e9b08ed612f32701473c40b8a573bb1132800eb0002c0215f701c8e4b0b4a94b85faaadac388a5c2d34bcaf6e014a8d49999b5093e4afd28b0e796f09314390e1e987403250f7c1955d7398f800f3258fc789f213d1d97187dee23a5bba81041904303a1b813ada56764bd3182a866e9e11831afe10c8eef94e87ace352254516a804466a4610c7507d4cf352c06190f85b76bf9d14a26af5682f0e53ed4b936fa87bbfbd9ff2b17666d876c30633491237d756f0c613454ae9e5e5628f9c88e1bff26fa4cb3d21a527ebd115ccd23350897cee040d0afc8bae7bffcc062bc7c0227355d7fa3e75ac713862afbd2f44e37f0f791061fdea717a8da0b34fedce6fd6bc7c52429e0bfdb3af84247fd8c6d022102c5bf1abf15b410a8cbf71aa2a2a74b653f5cd2689c056ffc40d8b0cc2a497dd92c36c85426c7b714d287f54b4fa8cf725a7583006ed1cbbd1181e1ff562014787577a0d0cd44f1ce6e67ae3ae60b91cce702fc49ced3497385b4c699d8ecf6d076eb5c7d20dc58cea903121e72dfac1d3cf708ff3724fca09c68f6e6fc3aa2ab3c8649e9b9b8ade25e2e5684abbb0357b5515862cf61b2bde21035d4c1314a1b04efe1a7ffaca0756a6145ec3c14acc0a11b34f48b2c3978feac6317876ed4fcc2022b45b98c6fb3f81eb37080175f424265c3135e06e264c499b06aef633691a3e5bb306f43447fed0fbbf010b9c4be94e99fe7cacf8760ab6189e119bd903ab2b77b6ea961cd8372fd4c8c35f474727c078ebb25139b1fc45b915fc1213b6875357547e329b94c2c5f6e33ee34e75a34e26fcf7846fd2c06b30afd340403af0c93b58378a09987950882a4e907aeeb8a689fa2180a84a973e122bf6d671941cc13051140d09c2e23395e111ed396d094ff901f506ca74faebdabe7b70c95b65c87f431af1ebaed33b0a2050594afa5d04b03633e91f23d636d61ae81235a2594d2e971dfbe8557788b2077650534ebd4189d860e636ad1f813c82ecd54465ba1aea9248973a708ad2001b48208b33aa1240ea04c8e5ca5e0fe38c2f6388358148d8c7369e0f7c7a39953e764771f316ba211d296ddcab0b050434c148e2f33caf61ef496692dde88a52917fd18e38a87668a96c0281edfdf3f208195cdc255b34db656760cd297df26170e61e85699e7191dd00ef6b0e448ff53bd6ade2c796154c116e621210861048ff0fba0ccc9d33674745eb398dcce9295efa60b0974aaa527b45629b24fa08e83c566b8cc599d9f7ca117afcddc06d405885b9cacc2075c54b7e6088079d6a409fa8f867fef2ce08763027bdbcc6e15b0f8251a0c241d711cd1a72f5f61a412a848b912f04227911bb84429310a0b3e24f9635cd5abd73196be62673213d40b323a0e7a728252aaade14885134371a307fdef25b3efc1eb0dc859fa70bbd33783e37df98f39aa6cef5bd51c9ddad8d96d1418af9324214c49107e37523512f53c8061c14ed14effeaaa21cfe12b8aecbdb085d114a68db2ab43232fdc17fd92b0a199f40f05bb7660145c58719731909107729879f97fa34a8d1453769df304f064762f9cc163003b8ce56e81cd69ebe5a8ad8bda7e814fa41ed62c360bd91b1ecae41b7e867b39614cc7f14877aa32ed44e6a220418f13e65fcbd0fcfa3c7507f3bc43f7e1a5772cccfde335872ce0a23eff93368b83e16300039c0271d4f0b999ffd405978dbc1335db2cd9d342c6d115afd354bd562da35c89e1575444695043cdf92d6aab6850e72a0ab6e0d07ff2e947a331ce0a47db5dff037347f313a80c929ecb843bc44e4b594c37d42935e50407d81e240c94ddcf195a731665f850d3194c9b683cbfd25874e8084a49da240ad5a71df07ff824741dc8d88f4c8ca040b9380bb6ca9c52f8d27fd4bc163554a6d91d4d249247eacaf5541f14308477f67f91c9e49c9075e16ade0426ee375104f2a66367b782f4d1f5134c0a729302e2c0911561e50ce56446f40c164afa9db397a77131d3318fd7599a89289ec2404e2d3d3c085bade4f4557bb544fa903272d2e9bc5835678e13ed1fec968cbbd19ddecb5c0ac1f856c1b49b78d10469e060a40948b03cb470695e8e7c7a61c68b38ce7b2df15cd2ceba0c57be5e2949f1acdf7abc35c6ff1f37efab838d85da7a8270c6935dae92aaded9dbcfe15ca40cce269fc3e8f55795f67ab8aedbe7d17d9f16f81a46b5274c22f94a647f558af2b32feff87299d37d35bfa6fbdd557b153384472a709a2dd96dfa310c493353898f656c28cda1d764acf2433aa8f39919d2a06956f79082a2bfe6932ef8ed9e9890a512b6eb30e5a1f418bd14161c2bb8b2c64177b166a22c16a1d73fd7f6304388b4d537a31390500893220c09a8fa9b36a8a7ac2ca83446ec2fca31bab92fcab3e6a637bbaba53af848cc18a949eaf5a9a16eaa205971f474826fec568171637f28b94ade5a65162ceeeba752ec2334c57b228fc4e99d01385ba70527ac4e0b72dbeebdbd054231998b0851fad3303daeefd65b62acf3cb1d1b2533b06e27197915a652173f1193ad7adc4ca4d2153d0ca22c3650a5088d7122548bf1a2b8e72c736ab570735884d503509fa8e8a5cdbfad5c59a3dbeabaa83f7687cc5c48655cd7b51534b7768bd9706d79005ddb601c2e30f16392f023bdf9291763ddd99d21abbe8d628b6d52bc1959a994f03d71b2dc417af2aa023e16dc21085ef041358d59e331f6aa8b164ade79668b639770fdc1c08b023f6689228868df223ffda17454f5cb3f7492fe3b404fde623e30264945b08ad34c2186a5d74cf207e09aefe84f04d561a24e42e987ce7a5fe9845424103e1a2fea3fca5d21fa01f14c89d7cc6ced5462f679745ad2e5d0a4eaed9d38b017f7196ae9378715404d4c8b05a31097ac2f90ca3a06b93c07bbbf6c3fc4f84572b1141095d34749f3ad510eb375e215ebdd72051672ec009fceedb72ef1b5a8a15c11434113902cc1aec9f2da51ad396a9120a2fb22aa53c3040ca7d7cad5236a13c4c6615464b4404fd6a469aa87bbf119e6bb27e69d75a705fe355b79b419c505438ad8904b077ed8fe1ee3f1a1a1d5b414c62838febdd8fe5eda0574bad48453cc2384f8107ceac299dfed27d569ea8d2ddaa3137b65c310d3bb59d041deaaec5bc21752e5ce6f47cb00d7c0cc5cfb9cbbb9ee159f62ec620f32994cb529c6b63c03ce64e4c1c6a6718f2d0d08f948e12ec03a485d802d04aaece7c07f73191afc963c65a42404a089d3b4a184dee7d3a3bea5e27f532ee9963680ae447e41cc8901beae8828295d3d30d0bfecb18f500b7a26c2c133f0459a744378f105a4b0c70f064ece9305c67a3bc2a0cda4665e615474db9e997ebc82fa3089418495cd3e136e183dcf86737234c050df7c758253d6590fce4101e421ece2764db4f142beee499909f10198a7b71d88ec1fcf36789b0ead939ca727c1a4eca39ffefb788fff80d0777545a45aa63f624b70eab90a43af5d687ef5ea1f75400955065b4e1f1dfd600ca47c27eeac597b7b006b0d78c914d36c3f7803380972899d0dd7ee46bef704f1c06a4a53506726a6985bbd61c71a19435d27520a08ff2acec8844b2094495cd0c65f5044a78e5c14743f588e8f9577a5f40367dfb9fafde63569ba1fc4454ab9cc4635ca302669fe4954a36ed744a83657a38846c285f4d02accbf3a4b4483e3bc34e291234b0fe5df5907a640846121b363aab068d9fa50e59c7fc84b8bfcf0dee7ca48879d4021edb3259778192755458b46dfb2f8b996522e8992e8aaa158c1ee52f3d562c48b39916447d5613599a8c0ee50d5a9d3318d7be079baae9fda554a701a9cf599dc098f1b1b8a212a243a79524c32701585b683ae7f6c971311a8cdcb8e891fc7c54720410947039ad6b4a97b5c4a250e954105ae98505a60dbea1876221cfb142b72c1ebb46ef6f6c1cabec92458c422fb2aeb28e1e5bf2b952d20c131f72fd594b956b225c3a8c4c193d7320c9d78cf3abf619b1ba5e17a46153cce68b67ac659e2d124740dd9e4ada52f5667637ddb92c50091a73d3c2869fcfd141773cf8eed190cfa7f7593a20411c0dfcf79e4ca83fef9569ee2a528862653ec7d64095ed937b83f3e6e2d0b501ec77e01c936e2bf63b93c275627a2507ea2c976b071e56a26a23903b9aa6bd4490789c6364e54ca30e958744d232fc89f6e3b2a1375767897ebdd34ee964d385912cd6b4a25371e72d7cd2e89a35ffaabaeec860d825092fb38d684d97b6655138defb870ff6d7bb68ade3052e00c8cd74d51337ad2122d64777e4aa7feedfc8311d91a0fbf9a1227eb50eb343f6e6b076f196f64ba1092e5e3f66b904228a98a184037710185dcef0775cf2223b4693ebac5df6519f3d0a6cdd9652f794db9be1874d8da4018d330d018e36c12cba518ef82a6cf892374ee826159c2567f86914e081c179e9e5672642c8fc9d16468646104875dd6f93ec25788e5335a4b1d898d32a67862f09442f2d70383b9e6d8965491ae2732342b140628146cfe5df9f307e98bfca4410f36e5dd84483d8e28092b98ac1146333323388f99f8af45e32c491fa3030dc65b1417b428c0eb872b20245b54088b4724d1986e4648b1f8a485f18e9f7ec619a2c085cbbf2e7bd428436581c41a358ba60d1bd1b391887ab44cc59e26dc4e039fa944f139f946d94347f32b7610a89ca4a14207db0c5f63a8e559bb4be07a40c61694636203a454d17656a7ca5639c6cdfc3010bcd2bdfa6913ba170f0573ae34d6546529bf905538d1353b90d3ee6c8b951c8487d962d39563e114db6bf1844e5f16644619edecada65280004ced3257ac2489f0378e93f83f976da2ff2d11b89f5d722dc7ada0605958f5e9213ebcd2656767e5dd68668c07edbbf42c02c5fa2ba5ae655194675af7081f5d5b8a915a1c31655318ea419fe8e8fa1291dcc9322d7ad6723f21356b3619c784ad62e7fe1453552355cc3ba6f39e25248bea4baade0ebfc56eea0277464f683e1163313f45fa88856a9a4f1d2fcc2cb7136effbc8f668f1fd7c150192388f0b19c53c69b8b8679e0d0467f3256145e769c48c70e7b6f71917e6b5a0e57d2dfc8ce300c3bffed193dde69f9675e650e17c9c4b47d57db61639ddf49d1b764ed92e217a112ac549f0c28ad8cd849ab504a4f6d019376e607b9c747cedb047d5078967c846a315682f488419676c5e789f201d2c9215f22f3ab14ecf7d2b20476d3bbf2fdb78579c2a2a715675f79cd30d02a3912eda27e4bd3f7", 0x1000}, {&(0x7f00000059c0)="7b89948b7e4f76b37c8cfe70bcd01bf8a9ff2537fbfae003bf48c02e257c52a500ec7058e88a1a8b89b55f09cc8a3ebef969bf3fe69ef629f1eb57d9dc3ca4d2fa844d4c57c0165fb006232cc3cce3f67f30db64e253736725227ed1c2f8c25949c7793efe47a123f41fff87ce1ca47d63422bf4bf62afdab240af3acb57", 0x7e}, {&(0x7f0000005a40)="b1696702e36c98a6eab6b9427710df00e5715e8fe7d3cdc0caac47b8b2913dcddf2a294d556ac298288ff3ec18949697558bcae0e5b64a579e8e985301f0d3cb752160f3eb12a3d67ec114192af0b434c0c831f2d642", 0x56}], 0x8, &(0x7f0000005b40)=[@rthdr={{0x38, 0x29, 0x39, {0x7f, 0x4, 0x3, 0x1000, 0x0, [@mcast1, @rand_addr="27d40ceba38132fc4d3994b45e03bf96"]}}}, @rthdr={{0x88, 0x29, 0x39, {0x3b, 0xe, 0x2, 0xffff, 0x0, [@remote, @local, @empty, @ipv4={[], [], @multicast1}, @remote, @mcast2, @loopback]}}}, @dontfrag={{0x14}}], 0xd8}}, {{&(0x7f0000005c40)={0xa, 0x4e23, 0x80, @local, 0x101}, 0x1c, &(0x7f0000006000)=[{&(0x7f0000005c80)="a3705c9158d1344242c8acbfb579794f1cba41045e6b74c12b27dafe9e8d36ee74ae8f988a7696bb0497ab4244da0b1ac779cf9dca913fa90388db962ac7d956a661c32e0863050706fd643e7cd5f4524d8d4aa766af25a444ef572f682483c2c02718c7495016e208d0c00afa973d974c11fa28284866b43d31b71e8706", 0x7e}, {&(0x7f0000005d00)="8142d1d17e5eded23347e82aecbea8bafa8d13470f40807339488614899761ff11418717d298ee92457072dc847ba4e046f7a1b3d37ca6b2df0d707a5cf692e87cd328abf7cb2fbfd497e4e4ffae71c0293b8e11e1cd6c04a642eeb109fa7c016ecf2d4cd55c59f41f42a9d51c0143ed4fb1af1bf44de3b48b2796b341496284b2c834ab9e8a3d1ecc656547bf7d1b919113dbdc2bc8dd50c144355341f8c8c6cf37ce03cf28", 0xa6}, {&(0x7f0000005dc0)="d0da23d68930cf786dd858b99b120daa9897b29cc29535520284fdd35ec9e7c28145566a", 0x24}, {&(0x7f0000005e00)="d052af86e24041abd9f7e98bc82cb568ac3e51cb9272f2873b6e870acc07d635284c3b461a120fa5611988833895843970051a28af168358ba95fa4a7bc68acd813383800c49b54f728af851", 0x4c}, {&(0x7f0000005e80)="1553a077ca0152b790533a2df872187f34ccd20c345f8b4b7fd012509d05d1d00fa2df2030a6c0943a497662fb453ddc4932d471b7434acc1f92a00d0645f29a8363ffba4f26fbf85db8da02b7e2fcd1be9c6c65e6d26e396b01ecaf5ab548cae3b3a2218ee25c5b39c017f1ab2e88b38958beb3d72dd0878a586119c44a7e13df399b3be20161931bc122d49a53befb669d9a17a11b2cd0c29e6ffbd995fab783", 0xa1}, {&(0x7f0000005f40)="11507653879fe606252123bdd8f03bfe67258bcbb57fd8709837e851e8a962aa80ba2482095898ad630418486faab19dbc3f539e1962390d1540bb7b84c5c0d7b1dcd516a750a35d628f525cfe080dcfac67581a0b3451bfc124d16ceb90b03ce6851350b3b4b106cd46e43c2f60fb0626efa596a6e782a2517b34d9a64c931b5c4b42931b40da0ce8db9d1ee20acb0768975bfdc6f268fe692363e35d8c03a6f015221d00667acbfac4eead94117647c98fa66e32", 0xb5}], 0x6}}, {{&(0x7f0000006080)={0xa, 0x4e20, 0x80, @local, 0xcef0}, 0x1c, &(0x7f00000064c0)=[{&(0x7f00000060c0)="0f3a4631924ea2c170305d806aaba25c8f5b223c461973bc3f3d1bc7ad1cb06e653a5eb0d3de95cfc06935cae7edfd7421ef05474418dbd9e806340cbcaa5e332bdfae369a476f83a76fa124e69cf262aa981ae51f2f16527ae2fb843ed6489874444e8debee5bccde18a678b46ce48430c2ea3d5ce39e718af4f19d19914cefe3c03fe855fa2424", 0x88}, {&(0x7f0000006180)}, {&(0x7f00000061c0)="0a3140dc8d79a7296f9b1e3d3d3f361e27c6bf29aa9e3ccffafb4de96db1c69899e12dd2156e8d6f58516a01f388da366e5ae8f435c85e457e5fd68ee724f3b77e1ab3b75becb37930ad3065910f84b23acb72908a5fcc5de9660300358841481b4736c26cd33761a4ce78c8b50c58e4c2ca40d1912d11cf04a66accf0fb85fcb5a0c359b1a82dd78b7e0ba304cf37aef66e7c22fc2f438b0c0d40a33cd616d317a8cc", 0xa3}, {&(0x7f0000006280)="67b5da668e5dd69ab1b95c37df22dcb4a1fa60a5bc9ca8559b9f07b96cecf6a0e1c9cf230dff2e55fb136d79ec02fa34a96aae2a32b37e36664037dcb3356623273fad56337bb3be1acf99b547ce32e517f1dd55f5e794a7ae6908a07783a745", 0x60}, {&(0x7f0000006300)="e2fd78eafff52f2ed6e6bfb5fd12df12c184c89fe8c0f142a9d017c258", 0x1d}, {&(0x7f0000006340)="436af79a0a6e06ec37fb900b2284cd2ad4d62fc2cb39b70b85023898932aed98db5ddf9bb7d15a0f9826e8081baed74b9c98c115cdf609c68b7e2641902d1242269663fb3baf30edb2ed1e450e25b2967d74c55cd068a32755e581ac9e15ec6c23887497f7631c57b267b5c1af12503b6fdc97a7abbf4dd0136ee39dc72a0879b9a2511a839fa67986db715d04ecb6f9d6498d815bd2307a5db6bb97a5e777548ab597f1fe4ba62716f4b21d89ee838a40536a8098009d70fdd50e3f404d1d27ee674e7a2b5316ae9d1711e53a01bd0f6ec068469aac1844baa44c1577fdf2cac65c29f351510d", 0xe7}, {&(0x7f0000006440)="25b9418d7dfac4519e9dd19ce791d96f01a5d52d29328ca47f4cddbe0889b6ee1fa5ae475c0dc65c11704f77528b1cfae5cd6806223fb4c8c7cddc5c85a7ef464121ee8d4f11208a5e6da65adb8c5075b362b0451e736ad9d6014ceb1dd085b529c57d60270d8f0f0315c2d448121b84028cd27e7d04007e684d3606d7fe0f", 0x7f}], 0x7, &(0x7f0000007c40)=[@rthdrdstopts={{0x58, 0x29, 0x37, {0x0, 0x7, [], [@enc_lim={0x4, 0x1, 0x3}, @enc_lim={0x4, 0x1, 0x8ba51a6}, @jumbo={0xc2, 0x4, 0x7fffffff}, @generic={0x7, 0x25, "136e7dbad7da5bccbbedb049474494659084729efe9ada4095fabb2f47e9a875ec1dbe56a5"}, @padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}]}}}, @pktinfo={{0x24, 0x29, 0x32, {@rand_addr="a55b4a617a0295e35839b847f60cec1f", r3}}}, @pktinfo={{0x24, 0x29, 0x32, {@remote, r4}}}, @hopopts={{0x1f8, 0x29, 0x36, {0x2d, 0x3b, [], [@calipso={0x7, 0x58, {0x8000, 0x14, 0x1, 0x4, [0xfff, 0x9, 0x2, 0x8, 0xfffffffffffffff8, 0x3, 0x1, 0x2, 0x5, 0x0]}}, @pad1, @generic={0xea5, 0xda, "30403386ed125d0048e3ae73f77b6eaa234d276ae6be7b5ef372de504c74df962dea3b9c3423859669e68a6f7b683904e1b613898cba6ddbce8e566947fc0ef937fbcf037d67ebe03cdbe5fe95e10fa533ee9df69352b3aea031556e9a9ceade2d8a03f905180a7bcfbd99688a4614cdb9ab27c43778f19aec19305e03e9b26c2b4df2d628ce6605df7327e92fc6e84d1f5304ca36186fbabc3cffb41e969df5724418f4365507378d1aaa836c67c9bab4ba4d08cacd94fc4ed28f448afd6374a988aa7ca363caac1f01a4c8d624aad55e8faec189e398a5432b"}, @enc_lim={0x4, 0x1, 0xff}, @hao={0xc9, 0x10, @loopback}, @padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @generic={0xafa, 0x83, "767f567dcac6e5b5c04225c823cc0dc889f8f985d653dd7bf378f72b33e05c1aa2fe1c900c9401a34269d13cc3099bf90990f48146720ef0125522236fbfdeb96c2f3727ba05a93abf2e64ea9789f74808f678e8d29ed5f2de5b60d4e74cfc8c618531d5da7c7635fa85e6c892e224c115cd794cd8cb5e1d7142a67db09808bf4cd3b6"}]}}}], 0x2a0}}, {{0x0, 0x0, &(0x7f0000008240)=[{&(0x7f0000007f00)="1126be7cf9c4cea59307f47f25283ae231ae96ef875c516bc527326b2289954dc81c9cd54c853ef3b2caffcb7d03df601787602e212b814dabfc60ea42412709cc9c76de97cf5b5ed94b4c738a475028c01f7f20ad9a2f0bad80fe84f387a72e21b816266eac0cdadd1e9f1a4fecb71b09c63b71", 0x74}, {&(0x7f0000007f80)="02a1cf2b04abe73e8ba90440b9f02824a62c337574af03d10b030f13bdd70c4fd75a831895de26c8a8be5c510fac14f878127a62", 0x34}, {&(0x7f0000007fc0)="7391c99836e7f418346e68f2ca0bf8e41e1bc3cab27b4fb710322bf0745581a646b141f5223202017ff2167941a952ac8081046c017d3a272dcd950c1fe8387dbe19a9f9dd43018d480e3c385f0a532952904f93f2f2902e36aa8870ea8578b4c594fe80a226b5fea585b91d93aeed01f7c9399bf692fe80934c3ac8a5995602c57132c7b27de5f1b92d91a85e527e2ca311b58521fc1900590c51a40178f5bd10e4a23527bdf2658907869e83c46525346a59", 0xb3}, {&(0x7f0000008080)="d31ac57cfd83a8cdeaf9661b550ae7dd0fbbcb60dfa854b8890aa8f41bbde5d10f43d9781a9605800ce37558352d70a783abdcdef335fd4208ac51a49a479910214bb6d882d6267b608b45ca4d863376b981738727d304458dd8f69fc1dd45965877c66bb4623c33", 0x68}, {&(0x7f0000008100)="d31ba168755fd32d9088a8ba3b3a376789d70a18ee40ca8b77ec9c4f9486ce9ff9792f9fe1d954c92bea2619b4eadbbf27eae5bce7dffa96d802be7ed218443ba7b37302b2d0499b65e1af2af02eb374f4f8e9182b1efe06", 0x58}, {&(0x7f0000008180)="ef3284dfdf522a0e82438f8ae2197e10a321108cfd4b57fb5994a2a60686a6dd8129b09c9de6b73336ba05d84d2cc2b3981fd3a332210b61b12081c00a1d0e7a1ea9eda0076519ef0faac524858aa330eecb5680462f38f1df34624eaf7e2ade73d1bb696ac07b7bec06fd919185757b8048c133ec41f5ac0b0777de09b62a3fa8878a59d511c3196847aa50566359815b1a0307b9678363ada122c65c51a5c6ed", 0xa1}], 0x6}}], 0x6, 0x1) ioctl$sock_proto_private(r0, 0x89e3, &(0x7f0000006580)="675e6d88c021ccb0ff1468fecacdc976b6375fff7266ee5269e17bc6555505ac977565b5e91b1b1b2d9ef11d163f4a42de0461e3be2b8bbd6abc5878259ef8db9ecfa5a644353e5a22eab4") keyctl$setperm(0x5, 0x0, 0xf8ffffff) [ 531.480655][T22031] FAULT_INJECTION: forcing a failure. [ 531.480655][T22031] name failslab, interval 1, probability 0, space 0, times 0 [ 531.561878][T22031] CPU: 1 PID: 22031 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 531.569888][T22031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 531.579943][T22031] Call Trace: [ 531.583244][T22031] dump_stack+0x1d8/0x2f8 [ 531.587583][T22031] should_fail+0x608/0x860 [ 531.592004][T22031] ? setup_fault_attr+0x2b0/0x2b0 [ 531.597033][T22031] __should_failslab+0x11a/0x160 [ 531.601969][T22031] should_failslab+0x9/0x20 [ 531.606471][T22031] kmem_cache_alloc_node_trace+0x6e/0x2d0 [ 531.612197][T22031] ? __kmalloc_node_track_caller+0x3c/0x60 [ 531.617589][T22024] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 531.617998][T22031] __kmalloc_node_track_caller+0x3c/0x60 [ 531.618010][T22031] ? alloc_uevent_skb+0x7f/0x230 [ 531.618025][T22031] __alloc_skb+0xe8/0x500 [ 531.626738][T22024] FAT-fs (loop4): Filesystem has been set read-only [ 531.632204][T22031] alloc_uevent_skb+0x7f/0x230 [ 531.632215][T22031] kobject_uevent_env+0xcbb/0x1260 [ 531.632226][T22031] ? mutex_unlock+0x10/0x10 [ 531.632239][T22031] kobject_uevent+0x1f/0x30 [ 531.632252][T22031] device_add+0x105e/0x1570 [ 531.632266][T22031] ? device_add+0xa41/0x1570 [ 531.638747][T22024] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 531.641494][T22031] ? dev_set_name+0x110/0x110 [ 531.641508][T22031] ? debugfs_create_dir+0x37/0x440 [ 531.641518][T22031] ? memset+0x31/0x40 [ 531.641530][T22031] hci_register_dev+0x331/0x720 [ 531.641546][T22031] hci_uart_tty_ioctl+0x8ad/0xa20 20:35:00 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5"], 0x31) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:35:00 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0b") getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) [ 531.651199][T22024] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 531.652855][T22031] ? hci_uart_tty_write+0x10/0x10 [ 531.652869][T22031] tty_ioctl+0xfa8/0x1610 [ 531.652878][T22031] ? tty_do_resize+0x180/0x180 [ 531.652890][T22031] ? rcu_lock_release+0x9/0x30 [ 531.652910][T22031] ? __lock_acquire+0x4750/0x4750 [ 531.658893][T22024] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 531.662476][T22031] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 531.662490][T22031] ? tomoyo_path_number_perm+0x587/0x740 [ 531.662498][T22031] ? trace_hardirqs_on+0x74/0x80 [ 531.662508][T22031] ? tomoyo_path_number_perm+0x5f0/0x740 [ 531.662521][T22031] ? tomoyo_check_path_acl+0x180/0x180 [ 531.662542][T22031] ? smk_access+0x4f0/0x4f0 [ 531.676211][T22031] ? smk_access+0x18c/0x4f0 [ 531.676224][T22031] ? tty_do_resize+0x180/0x180 [ 531.676236][T22031] do_vfs_ioctl+0x7d4/0x18f0 [ 531.676246][T22031] ? ioctl_preallocate+0x240/0x240 [ 531.676263][T22031] ? fget_many+0x30/0x30 [ 531.697950][T22031] ? debug_smp_processor_id+0x1c/0x20 [ 531.697966][T22031] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 531.815182][T22031] ? tomoyo_file_ioctl+0x23/0x30 [ 531.820113][T22031] ? security_file_ioctl+0xa1/0xd0 [ 531.825201][T22031] __x64_sys_ioctl+0xe3/0x120 [ 531.829871][T22031] do_syscall_64+0xfe/0x140 [ 531.834362][T22031] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 531.840232][T22031] RIP: 0033:0x459829 [ 531.844104][T22031] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 531.863686][T22031] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 531.872080][T22031] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 531.880036][T22031] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 531.888005][T22031] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 531.895991][T22031] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 531.903959][T22031] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 20:35:01 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r0 = memfd_create(&(0x7f0000000140)='/dev/mixer\x00', 0x4) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x101000, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000200)='/dev/dri/card#\x00', 0x5154, 0x440080) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240)='/dev/zero\x00', 0x4000, 0x0) r4 = accept$alg(0xffffffffffffffff, 0x0, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r3, 0x40045730, &(0x7f0000000300)=0x1) r5 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000280)='cgroup.procs\x00', 0x2, 0x0) poll(&(0x7f00000002c0)=[{r0, 0x400}, {r1, 0x180}, {r2, 0x20}, {r3, 0x4200}, {r4, 0x3}, {r5, 0x20}], 0x6, 0x5) r6 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x40000, 0x0) nanosleep(&(0x7f00000000c0), &(0x7f0000000100)) write$FUSE_GETXATTR(r6, &(0x7f0000000080)={0x18, 0xffffffffffffffda, 0x1, {0x1}}, 0x18) ioctl$BLKRESETZONE(r1, 0x40101283, &(0x7f0000000400)={0x6, 0x611f}) keyctl$setperm(0x5, 0x0, 0xf8ffffff) r7 = syz_open_dev$cec(&(0x7f0000000040)='/dev/cec#\x00', 0x1, 0x2) ioctl$EVIOCGKEYCODE_V2(r6, 0x80284504, &(0x7f0000000340)=""/166) fchmod(r7, 0x18) [ 531.914976][T21541] Bluetooth: hci0: Frame reassembly failed (-84) [ 532.158768][T22054] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 532.168793][T22054] FAT-fs (loop4): Filesystem has been set read-only [ 532.177216][T22054] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 532.188876][T22054] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 532.201683][T22054] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 533.922355][ T22] Bluetooth: hci0: command 0x1003 tx timeout [ 533.928462][T19431] Bluetooth: hci0: sending frame failed (-49) [ 536.002235][T20832] Bluetooth: hci0: command 0x1001 tx timeout [ 536.008336][T19431] Bluetooth: hci0: sending frame failed (-49) [ 538.082491][ T22] Bluetooth: hci0: command 0x1009 tx timeout 20:35:11 executing program 3 (fault-call:2 fault-nth:38): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:35:11 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x103, 0x0) ioctl(r0, 0x7, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") ioctl$SG_GET_RESERVED_SIZE(r1, 0x2272, &(0x7f0000000080)) keyctl$setperm(0x5, 0x0, 0xf8ffffff) ioctl$KDDISABIO(r1, 0x4b37) socket$isdn_base(0x22, 0x3, 0x0) fcntl$setpipe(r1, 0x407, 0x71ab) 20:35:11 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0b") getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) 20:35:11 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r0 = memfd_create(&(0x7f0000000140)='/dev/mixer\x00', 0x4) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x101000, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000200)='/dev/dri/card#\x00', 0x5154, 0x440080) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240)='/dev/zero\x00', 0x4000, 0x0) r4 = accept$alg(0xffffffffffffffff, 0x0, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r3, 0x40045730, &(0x7f0000000300)=0x1) r5 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000280)='cgroup.procs\x00', 0x2, 0x0) poll(&(0x7f00000002c0)=[{r0, 0x400}, {r1, 0x180}, {r2, 0x20}, {r3, 0x4200}, {r4, 0x3}, {r5, 0x20}], 0x6, 0x5) r6 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x40000, 0x0) nanosleep(&(0x7f00000000c0), &(0x7f0000000100)) write$FUSE_GETXATTR(r6, &(0x7f0000000080)={0x18, 0xffffffffffffffda, 0x1, {0x1}}, 0x18) ioctl$BLKRESETZONE(r1, 0x40101283, &(0x7f0000000400)={0x6, 0x611f}) keyctl$setperm(0x5, 0x0, 0xf8ffffff) syz_open_dev$cec(&(0x7f0000000040)='/dev/cec#\x00', 0x1, 0x2) ioctl$EVIOCGKEYCODE_V2(r6, 0x80284504, &(0x7f0000000340)=""/166) 20:35:11 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff"], 0x4a) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:35:11 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000400)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000002240)=ANY=[@ANYBLOB="83000000290000000000000100000000000000000000000000000000000000000405002e2f6275730000000000000000000000000009000000000000000007002e2f66696c654200040000051a1aac00000000000900000000000000df05002e2f6275730000000000000000000000000000000000000000000507002e2f66696c6530b665a0bc1ccdfdb945c0f9dd64c3815b736277"], 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000600)={{{@in=@loopback, @in6=@ipv4={[], [], @dev}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@dev}}, &(0x7f0000000480)=0xe8) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000880)={{{@in6=@mcast1, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in6=@mcast1}}, &(0x7f00000004c0)=0xe8) stat(&(0x7f0000000500)='./file0\x00', &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000980)={{{@in, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@empty}}, &(0x7f0000000700)=0xe8) r8 = getuid() r9 = request_key(&(0x7f0000000f40)='pkcs7_test\x00', &(0x7f0000000f80)={'syz', 0x1}, &(0x7f0000000fc0)='vfat\x00', 0xffffffffffffffff) r10 = add_key(&(0x7f00000011c0)='pkcs7_test\x00', &(0x7f0000001200)={'syz', 0x3}, &(0x7f0000001240)="501383110bd4b66972f0c543056d0bdaa538dddfb57a4af01d90e65fbbbcefed8f3243624858107c8d9b4d33cff6b72b66a5b8c198805d72fcd200f3d62932d36d2dccbc1b205910e5b48ad91c7fdd9da2c255f36dfe09f22b5ceeaddbb0f438e254a3e642ebdc3433ae19facc0c2b323034f951dc0dc8ca25eb291a33056d1fa0484bcab3090a5a51d7840c92ee6674aab933970f8fcfa5e42e3aa50e5e280b554cab6947f00537995e6db0be6024a495fa9410c65a75d57a0723e357f9f76dbfb6c2c29e917530f34a4069fa6d3845e4ed5fc38a80dbbad41df96ae0f2da0668dcd563593c7ba5990f4cd199459019bd18c494310419b2e2ca7ac91375b5d16db3eb4876e9d9a92c650cae98f939c8b3a9b1b90496692f3282f9ea0c07280f42a6d70f91f5a25f43c32534c421acb5afc553ffe2fb4974d974dbfa89a73951d401d2f644878a0989294703cb5e3326fa807960e85e9568ef8fe14297920a194fa06f1cb97ef8547f099ff898f1ebbbf1ac9aee78ef5e3935a380030f36fbfb35517b867e236b95b376cc550bf5e2f6911617b794ccf4e8d56102112ff69e55d8bc731d9c88c6368dca6cd901ce2016be4eb742d152e4ca40cb174d5afdf19732d0239307b0817737d838c6d108d95f91629a6be763c0a8a2e6a77a8269e48c6f4238bc8c7f928d260fbfee39d9b9159871c4916e16ab5b21c5c02ac9aa96c6dcd11e785e8b2201f00489264df0e1828062b27b0c1912c2e427b75b4c996271f6e0587c94ea1b29303c3871ce60609b3d400035b712350bf44bbbc0ac34e6741aca68be531ca54c6a3217753e6e795e8d4e7a0195fda15c90589d34a7f650843a7e9285359fc80758b5d3e7b0a36caf512d7f2597036e16e465695ab488de7bee350ee347886becd582d64ff9c76261a0ee131306db966767b36aa27e3dc94f245ed332d7eddcd99c603b1f900c9341182eafe11ca67af1927b78488af507026a6235fa2dae87177959c6e45a853022cc2b2100a0d07ba66360f26ccb3f2879a8dc2d4d75f2be117f27f23969e8dd8e46a3da474b5c2577bc60b5ce4d62e50f6243da0b82734e44ba8e767e8aee4e2cc170e1e4d3d4609c0813e7e120445ea0384225500d8249050d2490b1c985df465e55a3e2fd70a4f0472aa61863a866c87713a35a7232b7cf1a411d54063c4da38ddf5f9ac36ccf8716e4fc2bebf340e7127996f0ea6fa7cdc19c06362ee0bf032eec38961c9fcefa89529fdfefd9b2ae55283d101a3963b2d90a9a2d7c613e8d404135f0df91fc4461b17d60f63218366373e5579a91e51f91afb73600b263c3d09dbebb916c56cb697ea2d3b19a25e3e1874a695f15fafafb3274113a76b1f9af0551ade98ce7bcbaf95dd51a5580657347b1a0230c652e1d2fb6fd61ae35ba90bf94c11969da93738238212f073eb64abac176d01193b341293ab79d6d78a35e1a85ac5e673e8f10d1dcd07c7c8580fce403e995544b977441dab9eafaa4ef03d3ae0db4cd2aececb49f131bae124e89961130628ffdcb000719e0f21dbeff393ca411711d8dd995db6be6ff9d022974ab57be26e56ebf8ca00b491ccc76c049c4f4a309fd318bf578f852cf9052b6e48768cc8138c9fe36c2c46d3f4f74f0ef565ef4234f4458fd95cb466162d65958a900880d84dd67777827bbce6f91a585dd747a543ced75772ee45e2d51379e426323f45b5974ae803c6553761e4a771161ade26ccd2bdf5f648c289a18f29f2ebde998365479bc3f9048579c7db72154865bb87bba73cde288d1353a2afe5a1863f26baff54276f3aea1c92ec34957e4fa9bdd1d4a03252fba72c5ada470e3059314b35ae57eb7e9d7b53655ac9e51ac1ee5a4b910fbaff867aea5f813734ccc302123ff73deaa13deee08fcf83c58f164de5d8d8806b92cb6d56642d72d214314472785bf6247670b59f5d44dc9c49a568f2b92868177d373812b8e7a6daf036f15012553033eb0852ac2d8afd7b10c8869653d25281029dddb2816a618ec0392b1d026db1f5f991ae9d182af056338b744c3f5dd0cf44b74a412af0f56a31e1cce5fe9fb0aae127d64123fed55668a7bf93f932954fe011f1b542c29cca0a04e72c71bd07f05eaf9920889d8a633e163aec8293399da6ebcf13e8ab5b41b9439def64961d9057c99bed2e79eeecef8d71e83d805c0abf59682526354a72bde2f63fbf31744fe57a3ccac3b5e9d1fe95641fd4042a239b046acd08cd61211995dbe09b01f3f18deae6510542ecd030b60f23a8cda06512d4c001e103baf8713b2dbae6f203b48e2676d73d4bb7b8b3bc9c0a58ec34e721843dbd6715acec5a89d3f247fde1ef6b8ad2d6b2532697082b27ccacf503feff34f994570eafd60481db8ccf53af1291842bdce45d4a65228a8a422eeb4b4b43a0401e86e85d97a0f90756aa9639c989457bdc0de25d0a06813c0d85d1b87ff270bd034a291a33aedf2487b775d288ac0c58d5ba4a119bbf6fe42951660297d9ab53ff46a6032fedce2ebbc4d079a11529577c0ad1b5a39f809b4333336d6503360f8ec241f3c31311bcc7adc4db341e85aeaf970adcbb88c8b11d0c91ef7a462e4cb66c42dfeccddd2ef7851b9ffe2caf89d494d43f76698f5163ac324ec21a0afe3a03a5289e667fdcca130cf50fa00ce152fe25a929482af90f8f972456a03542c1a18449f811f4f7c1b8b0d7a374acd7a31820fac7be48e42f9357a8d165e6753267e997e36a1a3d57c3dadfb53cee258953ead43efc4267b4554fcf31edfeda9ffa572f6e96670d029e250fb1bbf94fad536384973d09fbb08f02adb700c15834c3a4bd4d4107e15e62b605a378551cda9e37a42afc2575885a0a06d51679beda302bc8d1d4ea8cf697036c0c2988487c2a370c46bb621a5e19959fbe685f7a726cf04bf7955c7699e2f3de4e9ce987337d97985c7ac2b5b5fa4304bb46103af16223d4e6b07ff532da14924e19ef4ed553f6b60df2f8c9a18abeb936d9ebb3628fe015f8ca077ec5f9b9c2969bb5f82cb3e292081bd8581a5a6f17b469182217883898571c3e5aa83103e709d0dcf006879b66488d7614dbc5e2e462a7ef79e0607952145d9a297f21874936bc5c377a7544c9d8a9693de625644ff289fce0169d1ed3556a19fd5ea659045d6864c617dbb21fe31b327165eed30c3145f9a6a6b3005fdf21110c43be60f21941e3981a97ea4bb56868c48e4366b504e861e963d93e1da8acd7b234ebf92c9859425693378a90eb6c6f3cabe1d24eafbc7996cf6477cebd3fc2c8b4f4436f2903e43b7854c9fa5278c159fc6b9b63c0bf49fcc16c87db372b9f4a6d3bcccbb0b7aee5f53b83cf9456a49956a8ecac6be97dee857b571693dc11b48e72045fce602167be443593a589554aa1f9572ed5dcab34ca6ea7b5b529d89005df25a3263a07b7b92264f4212fdd5b674a207e2d382d935c5967782425ac7d99f765d1010221c40eb4afffcba3befdd5a170596341ba963b2fade32048863340e32a63f00f6b4fee3c36381b7053298ce5cabfb482bb36779c25aa21e812f43a26b67680de2dacced7bdc80e2805309f9b674257ffb725f0043fdda5dfa5b08869231be1e30dfb4d5ebd6d09fb148c1784ab3b1a9733d240fa66e927527961dac0e1940a98fc26fa32e91f0bb73b8347c791fa7fea6c18ff1d12074b6a5a2fbca2614edc15dc148b0900b2d76c9127a47742a1e23a767926210465a48ed3ab205a04e8d5f421ea08cc87adc205f67fce2401c2c81ddaa3d4ae902d3901ffef2d95c7a5bbbf53deb26207042087ef9e9a48e3d0f936750929ed074bb4912500357bdc6e980c76f2e7430f757b2cef5e0848a09cbaecb59443feca98c9c31274e79f6406e52949e75a2dc1a5fef8a0909daffadecd083182d816d49d4459db0b5a80ccd4908172b1be12f27e37a7fceeca1d0b291e70480e0d3839d215a851746226e49e0eb42721ab44ce08770f0d8be5eca925a5ded314885c2202d713f863226088f8a37f6d4bae030a4a0459c3df50addd22ea043fa2e9fa92c8301cc37f31b8b9ab3c538276a0e958d77fa42ee863235766274e0f3ffdb916b95faf1ed6139da3db0b348119a0b0b1ffc203bb7f8d02a8a4955f8af14e808b34dd84ceab6411833ac6ac4943089ea8f2a60a5bec5ac909886505ac253b3a3d4e2fcfc24cca6714a498982c7a44adac9ba2593a7ba92228485805fb0c7e4e59a3519cd17dc00ca86efcec4473e8898270122f1db46e4ebe39d3806e045601e376dfd798a67fb3432118d4bfeaa54d1b05cd11b542458afefa0cbe24df1b258b1693d41586d62fee0c2b403456c2bd37f575c4962715d27057efb95a62414927ee510d424e7f0050a925111eb150ce844d833a4d7548fd203d8b5ea5d4e7d3bd3c32175dfdf617145e0107a10e7a97b2a0e0354d631a990b11aaf389828ad0b70ea71564b741964f395935494c9ebb2610a4743b265aced8be724f06d21407a9e9423b7586307e96b33d91768534279f96fc09081673061bf32522b548601a95f45cf02a189ebc07d5ae312a373e4bfd04aac0f766c40d0906df1f01429b4903512a76046ad5ae0afe3c79fff3c8f5ec2bb9481caf91d1cf707cd780192278b6bb72120e3b5a25e479f9376f10665d0613febf6622ff53944c579dedd9d7ac98cf96e221fabe11e9970683b11c122aab064383221ddf76cca8f8e0e488458d55f1c888498db689d9557129a0a48002ff26e7019ddffe79ef2da15693f6d8356bd8a75e35a7f615c1c0cefe1063e7da41e4d42ef6281af13032de4915be36b469d84931b9bf8a0f3709d5d21524d748e93e1da4a14aa3fabbe5182c59d1a8b0bdfd349cd75d96e3c77c2ddf9ab4d52e51ae33161ac6240d9170c77d44508fc6ffcfa3bf8849df2cb15856a7a96621c8e215988bd88d3bf6223f23bd7127f044f55cb3c9970b0467e8143b5028b2034d38d554d5e5816d7e42a04dc77b4e74543ac9a087f380b1250c961cc61a88b7cb6b5cb5ddfe690453be598fa55c9a4a93ab35d3c10c209a03f83cd48408327784483b18d15dcb1ce66a319cf1802f5a7bddfc9314f0f21a87e5c9854d54cd01d80d6810d64ca7cc74c3bce5df2df6b67379cefe7fb80d93419af80251413933e33b28fa6c908b22f50fde8ee3dd3b8972f0e5c8e9b5dc57f90d6b8312afd86b7ea9efacef68df81fa5726c32034666dff374a3b5ff3104b0493d0f636edaa903d0e41378212105ac72142dac3b47288925a83c5911400dd486b9288687bcef83277d004f11292e2da4e5c4bd03a2446d8c7992afd332a138b3f8b646d0a0fd3166599c0eeeff1c9ed265a6332224cc9ad268b10ca6c260004318041c44caf7603fb26d2b89e6686cd2821b8d20e8aa35dcfb85ceff68d251c396c9aa9dc8ad647a845f6db37c03da30ac74be5d6937b8ad562a12d3c236927d496bb9ce5592546a78744bfc492c3e9f8529105667735b8938f8a2f11a6ddb0fecce444ef9443bc87788e54a2a761278df285f03b18e5cca2d20b1c575ead0c8c16523fffff5624893468faf7954324a2064c679ae565b1606267e66d1f596b5fd84063d4c4696d261e4bc93ff18a2a3235279a2db5effc05b59f7d2a18362c87e040eb27ac4cda772eb2bbc92f020d8b49ebae26b273621ab111bea0ac9219d4143e5105017d3006d53ddc37e714df6047a7ce4ea2c09113aa36984c86e581694439fdf7076b1b5b69912b9090339174f8fd8614cc7665d39ee65", 0x1000, 0x0) keyctl$instantiate_iov(0x14, r9, &(0x7f0000001180)=[{&(0x7f0000001000)="8eafcefeba3af1129386df250c959ec0589e35f28b9578c8100924c902ba0468009f31b13f271553a5954e6466f0c5c13521bc7fb2f1635de640ad56d84399a99b2c3d82ee0aac162d7502d8880af426134b932c43740edfaa2db8be758a3bb1fdadc6c610f94a8cde4209ea153bc7b8c9464a91ac735d0070d1ea1469eed00321468c2d475dcde851e02bf0c1dd897176ce6bc918eadd7b102b8c", 0x9b}, {&(0x7f00000010c0)="ef6411b9e904783666e7e63d9f5bc0c1edb3f96a96680bf3c50931b8dfa93f91728d3a28fef7ea2602625e31a2eeb1e06724a2e3a924c52e3371f25c3a196e76542a5e4a5cc9f511b16c3aa2f5cff9c73b9108e7bc0abd6ee07b2bb1ddf7115036c21305b3c9591de73d22bfac83dc6cccaef4ff8fc4a229e93afa514f9e0068372d2daecadae584bf010ab677e35358722efe5a5ea78140689407f79a776fc4c7651ba36a533aa902f659a39a43e4", 0xaf}], 0x2, r10) fstat(r2, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000b00)={{{@in=@initdev, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@initdev}, 0x0, @in6=@initdev}}, &(0x7f0000000c00)=0xe8) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000000c40)={{{@in6=@mcast2, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in=@empty}}, &(0x7f0000000d40)=0xe8) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000d80)={0x0, 0x0, 0x0}, &(0x7f0000000dc0)=0xc) stat(&(0x7f0000000e00)='./bus\x00', &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setxattr$system_posix_acl(&(0x7f0000000200)='./file0\x00', &(0x7f0000000440)='system.posix_acl_default\x00', &(0x7f0000000ec0)={{}, {0x1, 0x7}, [{0x2, 0x7, r4}, {0x2, 0x0, r5}, {0x2, 0x2, r6}, {0x2, 0x3, r7}, {0x2, 0x6, r8}, {0x2, 0x7, r11}, {0x2, 0x4, r12}, {0x2, 0x3, r13}], {0x4, 0x1}, [{0x8, 0x4, r14}, {0x8, 0x3, r15}], {0x10, 0x2}, {0x20, 0x5}}, 0x74, 0x1) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioperm(0x551, 0x8, 0x8) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:35:11 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r0 = memfd_create(&(0x7f0000000140)='/dev/mixer\x00', 0x4) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x101000, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000200)='/dev/dri/card#\x00', 0x5154, 0x440080) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240)='/dev/zero\x00', 0x4000, 0x0) r4 = accept$alg(0xffffffffffffffff, 0x0, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r3, 0x40045730, &(0x7f0000000300)=0x1) r5 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000280)='cgroup.procs\x00', 0x2, 0x0) poll(&(0x7f00000002c0)=[{r0, 0x400}, {r1, 0x180}, {r2, 0x20}, {r3, 0x4200}, {r4, 0x3}, {r5, 0x20}], 0x6, 0x5) r6 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x40000, 0x0) nanosleep(&(0x7f00000000c0), &(0x7f0000000100)) write$FUSE_GETXATTR(r6, &(0x7f0000000080)={0x18, 0xffffffffffffffda, 0x1, {0x1}}, 0x18) ioctl$BLKRESETZONE(r1, 0x40101283, &(0x7f0000000400)={0x6, 0x611f}) keyctl$setperm(0x5, 0x0, 0xf8ffffff) syz_open_dev$cec(&(0x7f0000000040)='/dev/cec#\x00', 0x1, 0x2) 20:35:11 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0b") getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) [ 542.326522][T22071] debugfs: Directory 'hci0' with parent 'bluetooth' already present! 20:35:11 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cachefiles\x00', 0x400, 0x0) connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e21, 0xff, @remote, 0x2}, 0x1c) keyctl$setperm(0x5, 0x0, 0xf8ffffff) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fd\x00') finit_module(r0, &(0x7f0000000080)='\x00', 0x1) connect$bt_rfcomm(r2, &(0x7f0000000040)={0x1f, {0x8, 0x8, 0x6, 0x286, 0x6, 0x1}, 0x6}, 0xa) [ 542.367829][T22071] FAULT_INJECTION: forcing a failure. [ 542.367829][T22071] name failslab, interval 1, probability 0, space 0, times 0 [ 542.406786][T22071] CPU: 1 PID: 22071 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 20:35:11 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47b") getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) [ 542.415093][T22071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 542.425792][T22071] Call Trace: [ 542.429104][T22071] dump_stack+0x1d8/0x2f8 [ 542.433444][T22071] should_fail+0x608/0x860 [ 542.433455][T22071] ? setup_fault_attr+0x2b0/0x2b0 [ 542.433466][T22071] ? lock_acquire+0x158/0x250 [ 542.433476][T22071] ? kzalloc+0x26/0x40 [ 542.433489][T22071] __should_failslab+0x11a/0x160 [ 542.433502][T22071] ? kzalloc+0x26/0x40 [ 542.443016][T22071] should_failslab+0x9/0x20 20:35:11 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) connect$pptp(r0, &(0x7f0000000000)={0x18, 0x2, {0x3, @broadcast}}, 0x1e) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") keyctl$setperm(0x5, 0x0, 0xf8ffffff) [ 542.443027][T22071] __kmalloc+0x7a/0x340 [ 542.443035][T22071] kzalloc+0x26/0x40 [ 542.443042][T22071] kobject_get_path+0xa7/0x1d0 [ 542.443051][T22071] kobject_uevent_env+0x2f2/0x1260 [ 542.443061][T22071] ? mutex_unlock+0x10/0x10 [ 542.443073][T22071] kobject_uevent+0x1f/0x30 [ 542.443085][T22071] device_add+0x105e/0x1570 [ 542.443095][T22071] ? device_add+0xa41/0x1570 [ 542.443107][T22071] ? dev_set_name+0x110/0x110 [ 542.506201][T22071] ? debugfs_create_dir+0x37/0x440 [ 542.511318][T22071] ? __mutex_unlock_slowpath+0x18c/0x630 20:35:11 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47b") getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) [ 542.516957][T22071] hci_register_dev+0x331/0x720 [ 542.521817][T22071] hci_uart_tty_ioctl+0x8ad/0xa20 [ 542.526842][T22071] ? hci_uart_tty_write+0x10/0x10 [ 542.531870][T22071] tty_ioctl+0xfa8/0x1610 [ 542.536206][T22071] ? tty_do_resize+0x180/0x180 [ 542.541065][T22071] ? rcu_lock_release+0x9/0x30 [ 542.541081][T22071] ? __lock_acquire+0x4750/0x4750 [ 542.550830][T22071] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 542.556464][T22071] ? tomoyo_path_number_perm+0x587/0x740 [ 542.562619][T22071] ? trace_hardirqs_on+0x74/0x80 [ 542.567564][T22071] ? tomoyo_path_number_perm+0x5f0/0x740 [ 542.573284][T22071] ? tomoyo_check_path_acl+0x180/0x180 [ 542.578746][T22071] ? smk_access+0x4f0/0x4f0 [ 542.583249][T22071] ? smk_access+0x18c/0x4f0 [ 542.587750][T22071] ? tty_do_resize+0x180/0x180 [ 542.592513][T22071] do_vfs_ioctl+0x7d4/0x18f0 [ 542.597104][T22071] ? ioctl_preallocate+0x240/0x240 [ 542.602241][T22071] ? fget_many+0x30/0x30 [ 542.606479][T22071] ? debug_smp_processor_id+0x1c/0x20 [ 542.611848][T22071] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 542.617916][T22071] ? tomoyo_file_ioctl+0x23/0x30 [ 542.623030][T22071] ? security_file_ioctl+0xa1/0xd0 [ 542.628145][T22071] __x64_sys_ioctl+0xe3/0x120 [ 542.632823][T22071] do_syscall_64+0xfe/0x140 [ 542.637416][T22071] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 542.643304][T22071] RIP: 0033:0x459829 [ 542.647450][T22071] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 542.647456][T22071] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 542.647469][T22071] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 542.679116][T22065] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 542.684418][T22071] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 542.684424][T22071] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 542.684428][T22071] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 542.684432][T22071] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 542.719586][T22065] FAT-fs (loop4): Filesystem has been set read-only [ 542.737197][ T9428] Bluetooth: hci0: Frame reassembly failed (-84) [ 542.743671][T22065] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 542.760151][T22065] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 542.769965][T22065] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 544.802219][T20832] Bluetooth: hci0: command 0x1003 tx timeout [ 544.808730][T19431] Bluetooth: hci0: sending frame failed (-49) [ 546.882291][T20832] Bluetooth: hci0: command 0x1001 tx timeout [ 546.888793][T19431] Bluetooth: hci0: sending frame failed (-49) [ 548.962350][ T9741] Bluetooth: hci0: command 0x1009 tx timeout 20:35:22 executing program 3 (fault-call:2 fault-nth:39): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:35:22 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff"], 0x4a) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:35:22 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r0 = memfd_create(&(0x7f0000000140)='/dev/mixer\x00', 0x4) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x101000, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000200)='/dev/dri/card#\x00', 0x5154, 0x440080) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240)='/dev/zero\x00', 0x4000, 0x0) r4 = accept$alg(0xffffffffffffffff, 0x0, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r3, 0x40045730, &(0x7f0000000300)=0x1) r5 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000280)='cgroup.procs\x00', 0x2, 0x0) poll(&(0x7f00000002c0)=[{r0, 0x400}, {r1, 0x180}, {r2, 0x20}, {r3, 0x4200}, {r4, 0x3}, {r5, 0x20}], 0x6, 0x5) r6 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x40000, 0x0) nanosleep(&(0x7f00000000c0), &(0x7f0000000100)) write$FUSE_GETXATTR(r6, &(0x7f0000000080)={0x18, 0xffffffffffffffda, 0x1, {0x1}}, 0x18) ioctl$BLKRESETZONE(r1, 0x40101283, &(0x7f0000000400)={0x6, 0x611f}) keyctl$setperm(0x5, 0x0, 0xf8ffffff) 20:35:22 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47b") getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) 20:35:22 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") keyctl$setperm(0x5, 0x0, 0xf8ffffff) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x88003, 0x0) setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000040), 0x4) 20:35:22 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) getsockopt$inet_buf(r0, 0x0, 0x0, &(0x7f0000000440)=""/149, &(0x7f0000000500)=0x95) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) getsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f00000006c0), &(0x7f0000000700)=0x8) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/dsp\x00', 0x2, 0x0) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) ioctl$TCSETX(r4, 0x5433, &(0x7f0000000780)={0x0, 0x0, [0x1f, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0x10001], 0xef6}) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) setsockopt$inet_buf(r1, 0x0, 0x29, &(0x7f0000000600)="53cab596462769e22a29d3e07cba358d77435074e2907d25f5a6b34212c5969ed121d28ee2743a134accd63298138b49e39942d2845b77e5a9b47e32c149df3c6c3432522349678c361991b24f0223ff84d0d35fb06d41e16b12f4db04018688811281f690e5c8b7692211d41c7907a9e22a6f930974462c772f0a47a323530ec72ebb8a0667e9568deefded24b2c58b8974e06d43417ee607f99b5af110aa53c6dd8af340d61794", 0xa8) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:35:22 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf0") getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) 20:35:22 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x101, &(0x7f0000000280)="11dca50d5e0bcfe47bf070") r1 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video0\x00', 0x2, 0x0) ioctl$VIDIOC_SUBDEV_S_FMT(r1, 0xc0585605, &(0x7f00000003c0)={0x1, 0x0, {0x7159, 0x8000, 0x5001, 0x0, 0x7, 0x4, 0x3, 0x6}}) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/mixer\x00', 0x4000, 0x0) ioctl$VIDIOC_G_PARM(r2, 0xc0cc5615, &(0x7f00000002c0)={0x3, @output={0x1000, 0x0, {0x1, 0x7}, 0x4, 0x5}}) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r2, 0x84, 0x1b, &(0x7f00000006c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="be000000dc774340b96029200dced36b60526a96d2778e5b12053c5996347e01d517f624ed9e4ebda0d1a74eba4f1a9cc1b7d491466f16c5bf864c93da4a60c9995be8e15204b058208e4c88f003f590f3c0464717f13abd7ca39e853ab046f588421ad35b7955dc1708e6fcc3f55c4fedbd81d90768508752e664b4f83a145da128271caef915708fb7362bfc5c3dbbabea10432cd9db37f3340b80f54249b0905ffd021bc924712db754ae5b32637e4d8f3a4ac1dde84c776c90d3bf392362af183e"], &(0x7f0000000540)=0xc6) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r2, 0x84, 0x70, &(0x7f0000000580)={r3, @in={{0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}}, [0x8, 0x9, 0x3, 0x100000001, 0x1a6, 0x4, 0x1, 0xffff, 0xfff, 0x2, 0x9, 0x6, 0xfffffffffffff801, 0xfb, 0x2]}, &(0x7f0000000680)=0x100) keyctl$setperm(0x5, 0x0, 0xf8ffffff) r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x400, 0x0) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000200)=r4, 0x4) r5 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) getsockopt$IP_VS_SO_GET_DAEMON(r0, 0x0, 0x487, &(0x7f0000000080), &(0x7f00000000c0)=0xffffffffffffffc8) r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='cgroup.controllers\x00', 0x0, 0x0) ioctl$EVIOCSKEYCODE_V2(r6, 0x40284504, &(0x7f0000000140)={0x7, 0x3, 0x7, 0x2, "835310980e72f0d0f66adad1cc674974517f116b2da2221da8b3e08e9b443252"}) keyctl$setperm(0x5, r5, 0x1) socket$unix(0x1, 0x5, 0x0) 20:35:22 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r0 = memfd_create(&(0x7f0000000140)='/dev/mixer\x00', 0x4) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x101000, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000200)='/dev/dri/card#\x00', 0x5154, 0x440080) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240)='/dev/zero\x00', 0x4000, 0x0) r4 = accept$alg(0xffffffffffffffff, 0x0, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r3, 0x40045730, &(0x7f0000000300)=0x1) r5 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000280)='cgroup.procs\x00', 0x2, 0x0) poll(&(0x7f00000002c0)=[{r0, 0x400}, {r1, 0x180}, {r2, 0x20}, {r3, 0x4200}, {r4, 0x3}, {r5, 0x20}], 0x6, 0x5) r6 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x40000, 0x0) nanosleep(&(0x7f00000000c0), &(0x7f0000000100)) write$FUSE_GETXATTR(r6, &(0x7f0000000080)={0x18, 0xffffffffffffffda, 0x1, {0x1}}, 0x18) ioctl$BLKRESETZONE(r1, 0x40101283, &(0x7f0000000400)={0x6, 0x611f}) [ 553.175860][T22113] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 553.195043][T22113] FAULT_INJECTION: forcing a failure. [ 553.195043][T22113] name failslab, interval 1, probability 0, space 0, times 0 [ 553.247291][T22113] CPU: 0 PID: 22113 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 553.255400][T22113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 553.265588][T22113] Call Trace: [ 553.268899][T22113] dump_stack+0x1d8/0x2f8 [ 553.273247][T22113] should_fail+0x608/0x860 [ 553.277771][T22113] ? setup_fault_attr+0x2b0/0x2b0 [ 553.283158][T22113] __should_failslab+0x11a/0x160 [ 553.288224][T22113] should_failslab+0x9/0x20 [ 553.292908][T22113] kmem_cache_alloc_node_trace+0x6e/0x2d0 [ 553.298779][T22113] ? __kmalloc_node_track_caller+0x3c/0x60 [ 553.304691][T22113] __kmalloc_node_track_caller+0x3c/0x60 [ 553.310340][T22113] ? alloc_uevent_skb+0x7f/0x230 [ 553.315300][T22113] __alloc_skb+0xe8/0x500 [ 553.319650][T22113] alloc_uevent_skb+0x7f/0x230 [ 553.324602][T22113] kobject_uevent_env+0xcbb/0x1260 [ 553.329825][T22113] ? mutex_unlock+0x10/0x10 [ 553.334607][T22113] kobject_uevent+0x1f/0x30 [ 553.339128][T22113] device_add+0x105e/0x1570 [ 553.343648][T22113] ? device_add+0xa41/0x1570 [ 553.348255][T22113] ? dev_set_name+0x110/0x110 [ 553.353032][T22113] ? debugfs_create_dir+0x37/0x440 [ 553.358577][T22113] ? memset+0x31/0x40 [ 553.363355][T22113] hci_register_dev+0x331/0x720 [ 553.368464][T22113] hci_uart_tty_ioctl+0x8ad/0xa20 [ 553.374196][T22113] ? hci_uart_tty_write+0x10/0x10 [ 553.379888][T22113] tty_ioctl+0xfa8/0x1610 [ 553.384408][T22113] ? tty_do_resize+0x180/0x180 [ 553.389808][T22113] ? rcu_lock_release+0x9/0x30 20:35:22 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000200)="11dca50d5e0bcfe47bf070f9359b98a9f892a1f4aaac203714edc1b5c412796bd1919a22aa8718812aa70b5b94be377d22c375f4263cddb2c600c305d9ed3346aa857de5737de5987f7d54994524c0b8b93d0c2f7c0172f93544ccacbfcd1654726ee618bff7d77254084c0ca1278e8f5c38e950c776a27f0355202f7c106cd6e285a1e879b227ca2b2a996e924f7c9245801a177d9d71") keyctl$setperm(0x5, 0x0, 0xf8ffffff) mount$9p_tcp(&(0x7f0000000000)='127.0.0.1\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='9p\x00', 0x800810, &(0x7f00000000c0)={'trans=tcp,', {'port', 0x3d, 0x4e22}, 0x2c, {[{@loose='loose'}, {@cache_fscache='cache=fscache'}], [{@smackfsfloor={'smackfsfloor'}}]}}) 20:35:22 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r0 = memfd_create(&(0x7f0000000140)='/dev/mixer\x00', 0x4) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x101000, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000200)='/dev/dri/card#\x00', 0x5154, 0x440080) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240)='/dev/zero\x00', 0x4000, 0x0) r4 = accept$alg(0xffffffffffffffff, 0x0, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r3, 0x40045730, &(0x7f0000000300)=0x1) r5 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000280)='cgroup.procs\x00', 0x2, 0x0) poll(&(0x7f00000002c0)=[{r0, 0x400}, {r1, 0x180}, {r2, 0x20}, {r3, 0x4200}, {r4, 0x3}, {r5, 0x20}], 0x6, 0x5) r6 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x40000, 0x0) nanosleep(&(0x7f00000000c0), &(0x7f0000000100)) write$FUSE_GETXATTR(r6, &(0x7f0000000080)={0x18, 0xffffffffffffffda, 0x1, {0x1}}, 0x18) 20:35:22 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf0") getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) [ 553.394582][T22113] ? __lock_acquire+0x4750/0x4750 [ 553.399729][T22113] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 553.405549][T22113] ? tomoyo_path_number_perm+0x587/0x740 [ 553.411552][T22113] ? trace_hardirqs_on+0x74/0x80 [ 553.416566][T22113] ? tomoyo_path_number_perm+0x5f0/0x740 [ 553.422370][T22113] ? tomoyo_check_path_acl+0x180/0x180 [ 553.426612][T22105] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 553.428296][T22113] ? smk_access+0x4f0/0x4f0 [ 553.428305][T22113] ? smk_access+0x18c/0x4f0 [ 553.428317][T22113] ? tty_do_resize+0x180/0x180 [ 553.428330][T22113] do_vfs_ioctl+0x7d4/0x18f0 [ 553.428343][T22113] ? ioctl_preallocate+0x240/0x240 [ 553.428362][T22113] ? fget_many+0x30/0x30 [ 553.428371][T22113] ? debug_smp_processor_id+0x1c/0x20 [ 553.428382][T22113] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 553.428394][T22113] ? tomoyo_file_ioctl+0x23/0x30 [ 553.428406][T22113] ? security_file_ioctl+0xa1/0xd0 [ 553.428416][T22113] __x64_sys_ioctl+0xe3/0x120 [ 553.428437][T22113] do_syscall_64+0xfe/0x140 [ 553.428451][T22113] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 553.428460][T22113] RIP: 0033:0x459829 [ 553.428471][T22113] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 553.428476][T22113] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 553.428485][T22113] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 553.428490][T22113] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 553.428495][T22113] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 553.428500][T22113] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 553.428505][T22113] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 553.478315][T22105] FAT-fs (loop4): Filesystem has been set read-only [ 553.505565][T22105] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 553.556792][T22105] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 553.604591][T22105] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 553.622707][ T175] Bluetooth: hci0: Frame reassembly failed (-84) [ 555.682169][T20832] Bluetooth: hci0: command 0x1003 tx timeout [ 555.688260][T19431] Bluetooth: hci0: sending frame failed (-49) [ 557.762179][ T22] Bluetooth: hci0: command 0x1001 tx timeout [ 557.768409][T19431] Bluetooth: hci0: sending frame failed (-49) [ 559.842202][T20832] Bluetooth: hci0: command 0x1009 tx timeout 20:35:33 executing program 3 (fault-call:2 fault-nth:40): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:35:33 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff"], 0x4a) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:35:33 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x0, @local, 0x1}}}, &(0x7f0000000580)=0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f00000005c0)={0x4, 0x46, 0x8f1031e4cff67275, 0x400, 0x2, 0x9, 0xffffffffffffff80, 0xe4, r4}, 0x20) write$binfmt_aout(r3, &(0x7f0000000400)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8efa620a0484d21ae3d72a0a8e8ef8c409c19adf9b5fd3b84a112cb65dc1df"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r1, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./bus\x00', 0x1) 20:35:33 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x2, &(0x7f0000000200)="1116a4c3f20300000000000000ffce78320144c4de629aedb04d57b85760b703be124d5c3c52913d0f240800000000000000507e385de112c0b265d0ba26b4634bc3afcc51f06fb9940eaa1d94b5f9036923e9fd7c257625499fd60100ea3befd4c4fcb11ef52b61337cb8adfeb0f0fe71f52ede7694770ba0d10dd662ab61") keyctl$setperm(0x5, 0x0, 0xf8ffffff) 20:35:33 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r0 = memfd_create(&(0x7f0000000140)='/dev/mixer\x00', 0x4) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x101000, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000200)='/dev/dri/card#\x00', 0x5154, 0x440080) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240)='/dev/zero\x00', 0x4000, 0x0) r4 = accept$alg(0xffffffffffffffff, 0x0, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r3, 0x40045730, &(0x7f0000000300)=0x1) r5 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000280)='cgroup.procs\x00', 0x2, 0x0) poll(&(0x7f00000002c0)=[{r0, 0x400}, {r1, 0x180}, {r2, 0x20}, {r3, 0x4200}, {r4, 0x3}, {r5, 0x20}], 0x6, 0x5) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x40000, 0x0) nanosleep(&(0x7f00000000c0), &(0x7f0000000100)) 20:35:33 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf0") getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) 20:35:33 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) 20:35:33 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r0 = memfd_create(&(0x7f0000000140)='/dev/mixer\x00', 0x4) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x101000, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000200)='/dev/dri/card#\x00', 0x5154, 0x440080) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240)='/dev/zero\x00', 0x4000, 0x0) r4 = accept$alg(0xffffffffffffffff, 0x0, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r3, 0x40045730, &(0x7f0000000300)=0x1) r5 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000280)='cgroup.procs\x00', 0x2, 0x0) poll(&(0x7f00000002c0)=[{r0, 0x400}, {r1, 0x180}, {r2, 0x20}, {r3, 0x4200}, {r4, 0x3}, {r5, 0x20}], 0x6, 0x5) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x40000, 0x0) [ 564.065919][T22149] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 564.099095][T22149] FAULT_INJECTION: forcing a failure. [ 564.099095][T22149] name failslab, interval 1, probability 0, space 0, times 0 [ 564.142398][T22149] CPU: 0 PID: 22149 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 564.150430][T22149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 564.160497][T22149] Call Trace: [ 564.163845][T22149] dump_stack+0x1d8/0x2f8 [ 564.168202][T22149] should_fail+0x608/0x860 [ 564.172644][T22149] ? setup_fault_attr+0x2b0/0x2b0 [ 564.177695][T22149] __should_failslab+0x11a/0x160 [ 564.182660][T22149] should_failslab+0x9/0x20 [ 564.187187][T22149] kmem_cache_alloc_node_trace+0x6e/0x2d0 [ 564.192928][T22149] ? __kmalloc_node_track_caller+0x3c/0x60 [ 564.198815][T22149] __kmalloc_node_track_caller+0x3c/0x60 [ 564.204465][T22149] ? alloc_uevent_skb+0x7f/0x230 [ 564.209427][T22149] __alloc_skb+0xe8/0x500 [ 564.213788][T22149] alloc_uevent_skb+0x7f/0x230 [ 564.218576][T22149] kobject_uevent_env+0xcbb/0x1260 [ 564.223706][T22149] ? mutex_unlock+0x10/0x10 [ 564.228275][T22149] kobject_uevent+0x1f/0x30 [ 564.232801][T22149] device_add+0x105e/0x1570 [ 564.237328][T22149] ? device_add+0xa41/0x1570 [ 564.241947][T22149] ? dev_set_name+0x110/0x110 [ 564.246645][T22149] ? debugfs_create_dir+0x37/0x440 [ 564.251787][T22149] ? memset+0x31/0x40 [ 564.255797][T22149] hci_register_dev+0x331/0x720 [ 564.260668][T22149] hci_uart_tty_ioctl+0x8ad/0xa20 [ 564.265709][T22149] ? hci_uart_tty_write+0x10/0x10 [ 564.270763][T22149] tty_ioctl+0xfa8/0x1610 [ 564.275152][T22149] ? tty_do_resize+0x180/0x180 [ 564.280043][T22149] ? rcu_lock_release+0x9/0x30 [ 564.284831][T22149] ? __lock_acquire+0x4750/0x4750 [ 564.289877][T22149] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 564.295541][T22149] ? tomoyo_path_number_perm+0x587/0x740 [ 564.301208][T22149] ? trace_hardirqs_on+0x74/0x80 [ 564.306871][T22149] ? tomoyo_path_number_perm+0x5f0/0x740 [ 564.312535][T22149] ? tomoyo_check_path_acl+0x180/0x180 [ 564.318017][T22149] ? smk_access+0x4f0/0x4f0 [ 564.322550][T22149] ? smk_access+0x18c/0x4f0 [ 564.327071][T22149] ? tty_do_resize+0x180/0x180 [ 564.331865][T22149] do_vfs_ioctl+0x7d4/0x18f0 [ 564.336487][T22149] ? ioctl_preallocate+0x240/0x240 20:35:33 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r0 = memfd_create(&(0x7f0000000140)='/dev/mixer\x00', 0x4) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x101000, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000200)='/dev/dri/card#\x00', 0x5154, 0x440080) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240)='/dev/zero\x00', 0x4000, 0x0) r4 = accept$alg(0xffffffffffffffff, 0x0, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r3, 0x40045730, &(0x7f0000000300)=0x1) r5 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000280)='cgroup.procs\x00', 0x2, 0x0) poll(&(0x7f00000002c0)=[{r0, 0x400}, {r1, 0x180}, {r2, 0x20}, {r3, 0x4200}, {r4, 0x3}, {r5, 0x20}], 0x6, 0x5) 20:35:33 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r0 = memfd_create(&(0x7f0000000140)='/dev/mixer\x00', 0x4) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x101000, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000200)='/dev/dri/card#\x00', 0x5154, 0x440080) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240)='/dev/zero\x00', 0x4000, 0x0) r4 = accept$alg(0xffffffffffffffff, 0x0, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r3, 0x40045730, &(0x7f0000000300)=0x1) poll(&(0x7f00000002c0)=[{r0, 0x400}, {r1, 0x180}, {r2, 0x20}, {r3, 0x4200}, {r4, 0x3}, {0xffffffffffffffff, 0x20}], 0x6, 0x5) [ 564.341631][T22149] ? fget_many+0x30/0x30 [ 564.345901][T22149] ? debug_smp_processor_id+0x1c/0x20 [ 564.351327][T22149] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 564.357416][T22149] ? tomoyo_file_ioctl+0x23/0x30 [ 564.362370][T22149] ? security_file_ioctl+0xa1/0xd0 [ 564.367504][T22149] __x64_sys_ioctl+0xe3/0x120 [ 564.372205][T22149] do_syscall_64+0xfe/0x140 [ 564.376815][T22149] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 564.382717][T22149] RIP: 0033:0x459829 20:35:33 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r0 = memfd_create(&(0x7f0000000140)='/dev/mixer\x00', 0x4) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x101000, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000200)='/dev/dri/card#\x00', 0x5154, 0x440080) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240)='/dev/zero\x00', 0x4000, 0x0) r4 = accept$alg(0xffffffffffffffff, 0x0, 0x0) poll(&(0x7f00000002c0)=[{r0, 0x400}, {r1, 0x180}, {r2, 0x20}, {r3, 0x4200}, {r4, 0x3}, {0xffffffffffffffff, 0x20}], 0x6, 0x5) [ 564.386638][T22149] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 564.406254][T22149] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 564.414779][T22149] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 564.423141][T22149] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 564.431135][T22149] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 20:35:33 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000200)='/dev/loop-control\x00', 0x1, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r3 = syz_open_dev$radio(&(0x7f00000002c0)='/dev/radio#\x00', 0x2, 0x2) ioctl$EVIOCGUNIQ(r3, 0x80404508, &(0x7f00000000c0)=""/212) sendmsg$tipc(r3, &(0x7f0000000400)={&(0x7f0000000080)=@id={0x1e, 0x3, 0x3, {0x4e24}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="d58da18e0bf3dd4192cfe9bc3441e5f62d119b6ae4f2695ceec1fc87e5ff245d2a83fd4a3f66bcc756a259513c1ea09e1af9e6eeb006b4cab82275d0f89fa7b1635789afe1258e7c8879ee807f6359e1e8472e0d617edf6db4c023ea022d186197951eb6d091d92acf849e", 0x6b}, {&(0x7f0000000280)="b7a9226e0e", 0x5}, {&(0x7f0000000380)="10e3a8ce7ecc9a448fad08020ed6e41b33b15eb4b64b83c927d62a98a7c20874705c49aa4f5703dd", 0x28}], 0x3, &(0x7f0000000500)="55e5ccdb52e1cc2032e3d2d24dd48ad710b465b25f4f472410e0a265d6bee533bc0b89f9765d7eb672f41a2f3ff476136469b754941988200a624b021fca209a26bd85b939705a5bc5898cee66c2f15dba4734011be08946fe1fc474f4d84d7eb9e0a53f1013d5449d330258b1e260046c172283ff7e129fa54b6896c8525761cc87983fcde8744db23df3b1e205af3c4b80d74eb6cce68659d1a921b2c5154042860421ad6e8fb5ad2f0bc8dc8c5a5fc088e27697255156ec79a1631700abc291fecc3654203e949ac87ba0201d", 0xce, 0x4008000}, 0x1) ioctl$int_out(r0, 0x2, &(0x7f0000000240)) r4 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x1, 0x2) ioctl$SIOCRSACCEPT(r4, 0x89e3) setsockopt$inet_sctp_SCTP_RECVNXTINFO(r4, 0x84, 0x21, &(0x7f0000000040)=0x6, 0x4) keyctl$setperm(0x5, 0x0, 0xf8ffffff) getsockopt$inet_mreqn(r3, 0x0, 0x24, &(0x7f0000000440)={@empty, @empty, 0x0}, &(0x7f0000000480)=0xc) connect$can_bcm(r3, &(0x7f00000004c0)={0x1d, r5}, 0x10) socket$inet_udplite(0x2, 0x2, 0x88) [ 564.439126][T22149] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 564.447107][T22149] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 566.562218][T20832] Bluetooth: hci0: command 0x1003 tx timeout [ 566.568380][T19431] Bluetooth: hci0: sending frame failed (-49) [ 568.642253][T20832] Bluetooth: hci0: command 0x1001 tx timeout [ 568.648456][T19431] Bluetooth: hci0: sending frame failed (-49) [ 570.722207][ T9741] Bluetooth: hci0: command 0x1009 tx timeout 20:35:44 executing program 3 (fault-call:2 fault-nth:41): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:35:44 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) 20:35:44 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r0 = memfd_create(&(0x7f0000000140)='/dev/mixer\x00', 0x4) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x101000, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000200)='/dev/dri/card#\x00', 0x5154, 0x440080) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240)='/dev/zero\x00', 0x4000, 0x0) poll(&(0x7f00000002c0)=[{r0, 0x400}, {r1, 0x180}, {r2, 0x20}, {r3, 0x4200}, {0xffffffffffffffff, 0x3}, {0xffffffffffffffff, 0x20}], 0x6, 0x5) 20:35:44 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r1 = semget(0x1, 0x7, 0x40) semctl$IPC_INFO(r1, 0x0, 0x3, &(0x7f0000000000)=""/106) keyctl$setperm(0x5, 0x0, 0xf8ffffff) 20:35:44 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb"], 0x56) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:35:44 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="83000000290000000000000100000000000000000000000000000000000000000405002e466275730000000000000000000000000009000000000000000007002e2f66696c6530000400000000000000000000000900000000000000df05002e2f6275730000000000000000000000000000000000000000000507002e2f66696c6530"], 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) socket$packet(0x11, 0x3, 0x300) 20:35:44 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, r1) 20:35:44 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2) fcntl$setflags(r0, 0x2, 0x1) keyctl$setperm(0x5, 0x0, 0xf8ffdfff) 20:35:44 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r0 = memfd_create(&(0x7f0000000140)='/dev/mixer\x00', 0x4) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x101000, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000200)='/dev/dri/card#\x00', 0x5154, 0x440080) poll(&(0x7f00000002c0)=[{r0, 0x400}, {r1, 0x180}, {r2, 0x20}, {0xffffffffffffffff, 0x4200}, {0xffffffffffffffff, 0x3}, {0xffffffffffffffff, 0x20}], 0x6, 0x5) [ 574.971839][T22187] debugfs: Directory 'hci0' with parent 'bluetooth' already present! 20:35:44 executing program 1: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x2, 0x0) ioctl$BLKZEROOUT(r0, 0x127f, &(0x7f0000000080)={0x9, 0x5f800000}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0xd4, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syncfs(r1) keyctl$setperm(0x5, 0x0, 0xf8ffffff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='gretap0\x00', 0x10) 20:35:44 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r0 = memfd_create(&(0x7f0000000140)='/dev/mixer\x00', 0x4) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x101000, 0x0) poll(&(0x7f00000002c0)=[{r0, 0x400}, {r1, 0x180}, {0xffffffffffffffff, 0x20}, {0xffffffffffffffff, 0x4200}, {0xffffffffffffffff, 0x3}, {0xffffffffffffffff, 0x20}], 0x6, 0x5) [ 575.050452][T22187] FAULT_INJECTION: forcing a failure. [ 575.050452][T22187] name failslab, interval 1, probability 0, space 0, times 0 20:35:44 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") keyctl$setperm(0x5, 0x0, 0xf8ffffff) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/dsp\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000500)={0x0, 0x1}, &(0x7f0000000540)=0x8) setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r1, 0x84, 0x23, &(0x7f0000000580)={r2, 0x9}, 0x8) r3 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x480) getsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r3, 0x84, 0x8, &(0x7f0000000040), &(0x7f0000000080)=0x4) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r3, 0xc0145401, &(0x7f00000005c0)={0x3, 0x3, 0x5, 0x1, 0x3ff}) syz_mount_image$f2fs(&(0x7f00000000c0)='f2fs\x00', &(0x7f00000006c0)='./file0\x00', 0x1, 0x4, &(0x7f0000000440)=[{&(0x7f0000000140)="0152df6d503ddb3ef1c93a9317636092d6ada934ced7f05635e479395ec40715e27c34", 0x23}, {&(0x7f0000000600)="b72af43b1320ba875a4511472c75f0369242e23a1b80c89ffe4aa13b689ff50922606a17723ad5d0920863cc7951355f9bb4bd4ecc6a25d7d949850629b82a76dab92e581ae8d13f798461c0d6748cc2ea057f4f16639ee7a07e09d1aa8726d0a9d6db1a4a860ed515aa530ed73d795b7adb3121b6c02a6cadfa499612e0dbf450445185a86089fe6617585b273eaa4662e21be338594d0d2dabf8968898efb2fafac27dc148666524b6b8a70997e0f7aee585c8408c85ed32efdc1806b0990b", 0xc0, 0x416}, {&(0x7f00000002c0)="0c594354818b5b90d771ee392eb3a92bac5ebb3e6a989e1e0475f8fe126814d1cb0a850f400da9c4da16832506cb86f6b387b7969546f74e7efcf8096d945e95b686130f4e7b3ecac99a867bb783dab1a6decfc5b5be1e078f94770f31aaa5ad86ecbb3fedabd509e6c3e81c5b8796a848a6537e72e2cd2b6a6a7dd832026333a8458f0b2ec29b2c0f1bd2bc4be9402446f2bea3", 0x94, 0xc3f}, {&(0x7f0000000380)="05dd9c6961f7e2309867f7d9d17a7afb3ffa35f43d810e75f653d7a3a7e5e8109a2b74209bfa3f0ca8badfb9f38ef72517f8e06c680abcfb058d0e7c5408973381e09fae2b7f17f70a76da0585dfb4ee4b242472f7542e145b51cfabaf1d8d7734ba2bd8d8c74e80a87b3389fe6e548627dbfa4290195a1afcf0712de08d7563ddeacf77721b57983ae9fc7b08114d3e49ab25fd391c6ede6e6124c4369a991074e3f1da284ce6ed3dc3f12866203c8c8e536e53b30a515632a556b7c61a5b", 0xbf, 0x1}], 0x1080, &(0x7f0000000180)={[{@grpquota={'grpquota', 0x3d, '/dev/input/mice\x00'}}], [{@audit='audit'}, {@obj_user={'obj_user', 0x3d, '[%!'}}]}) [ 575.094768][T22187] CPU: 1 PID: 22187 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 575.103583][T22187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 575.113652][T22187] Call Trace: [ 575.116974][T22187] dump_stack+0x1d8/0x2f8 [ 575.121316][T22187] should_fail+0x608/0x860 [ 575.125779][T22187] ? setup_fault_attr+0x2b0/0x2b0 [ 575.130907][T22187] ? __lock_acquire+0x4750/0x4750 [ 575.136028][T22187] __should_failslab+0x11a/0x160 [ 575.141315][T22187] ? skb_clone+0x1cc/0x380 [ 575.145743][T22187] should_failslab+0x9/0x20 [ 575.150260][T22187] kmem_cache_alloc+0x56/0x2e0 [ 575.155148][T22187] skb_clone+0x1cc/0x380 [ 575.159389][T22187] netlink_broadcast_filtered+0x619/0x1090 [ 575.165383][T22187] ? __kasan_check_write+0x14/0x20 [ 575.170597][T22187] netlink_broadcast+0x3a/0x50 [ 575.175594][T22187] kobject_uevent_env+0xcf0/0x1260 [ 575.180827][T22187] ? mutex_unlock+0x10/0x10 [ 575.185479][T22187] kobject_uevent+0x1f/0x30 [ 575.190114][T22187] device_add+0x105e/0x1570 [ 575.195548][T22187] ? device_add+0xa41/0x1570 [ 575.200529][T22187] ? dev_set_name+0x110/0x110 [ 575.205638][T22187] ? debugfs_create_dir+0x37/0x440 [ 575.210736][T22187] ? memset+0x31/0x40 [ 575.214858][T22187] hci_register_dev+0x331/0x720 [ 575.219704][T22187] hci_uart_tty_ioctl+0x8ad/0xa20 [ 575.224830][T22187] ? hci_uart_tty_write+0x10/0x10 [ 575.230062][T22187] tty_ioctl+0xfa8/0x1610 [ 575.234403][T22187] ? tty_do_resize+0x180/0x180 [ 575.239235][T22187] ? rcu_lock_release+0x9/0x30 [ 575.244002][T22187] ? __lock_acquire+0x4750/0x4750 [ 575.249019][T22187] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 575.254745][T22187] ? tomoyo_path_number_perm+0x587/0x740 [ 575.260477][T22187] ? trace_hardirqs_on+0x74/0x80 [ 575.265521][T22187] ? tomoyo_path_number_perm+0x5f0/0x740 [ 575.271359][T22187] ? tomoyo_check_path_acl+0x180/0x180 [ 575.276964][T22187] ? smk_access+0x4f0/0x4f0 [ 575.281465][T22187] ? smk_access+0x18c/0x4f0 [ 575.285990][T22187] ? tty_do_resize+0x180/0x180 [ 575.290860][T22187] do_vfs_ioctl+0x7d4/0x18f0 [ 575.295557][T22187] ? ioctl_preallocate+0x240/0x240 [ 575.300733][T22187] ? fget_many+0x30/0x30 [ 575.305199][T22187] ? debug_smp_processor_id+0x1c/0x20 [ 575.310642][T22187] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 575.317021][T22187] ? tomoyo_file_ioctl+0x23/0x30 [ 575.322082][T22187] ? security_file_ioctl+0xa1/0xd0 [ 575.327260][T22187] __x64_sys_ioctl+0xe3/0x120 [ 575.331948][T22187] do_syscall_64+0xfe/0x140 [ 575.336649][T22187] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 575.342768][T22187] RIP: 0033:0x459829 [ 575.346657][T22187] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 575.366957][T22187] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 575.375360][T22187] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 575.383506][T22187] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 575.391759][T22187] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 575.400950][T22187] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 575.409065][T22187] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 575.423308][T21541] Bluetooth: hci0: Frame reassembly failed (-84) [ 575.522102][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 575.528072][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 575.533920][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 575.539972][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 575.545825][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 575.551547][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 575.557367][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 575.563167][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 577.442117][ T9866] Bluetooth: hci0: command 0x1003 tx timeout [ 577.449336][T19431] Bluetooth: hci0: sending frame failed (-49) [ 579.522139][ T9866] Bluetooth: hci0: command 0x1001 tx timeout [ 579.528238][T19431] Bluetooth: hci0: sending frame failed (-49) [ 581.602110][ T9866] Bluetooth: hci0: command 0x1009 tx timeout 20:35:54 executing program 3 (fault-call:2 fault-nth:42): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:35:54 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r0 = memfd_create(&(0x7f0000000140)='/dev/mixer\x00', 0x4) poll(&(0x7f00000002c0)=[{r0, 0x400}, {0xffffffffffffffff, 0x180}, {0xffffffffffffffff, 0x20}, {0xffffffffffffffff, 0x4200}, {0xffffffffffffffff, 0x3}, {0xffffffffffffffff, 0x20}], 0x6, 0x5) 20:35:54 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, &(0x7f0000000300)) keyctl$chown(0x4, 0x0, 0x0, 0x0) 20:35:54 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x4000, 0x0) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) ioctl$VIDIOC_PREPARE_BUF(r1, 0xc058565d, &(0x7f0000000200)={0x5, 0xf, 0x4, 0x20020000, {r2, r3/1000+30000}, {0x1, 0xc, 0xfffffffffffffff8, 0x7, 0x6, 0x511c, "5c8a50fb"}, 0xfffffffffffffff7, 0x4, @planes=&(0x7f0000000180)={0xffff, 0x100000001, @fd, 0x8}, 0x4}) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r4 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x10000, 0x0) sendto$x25(r4, &(0x7f0000000040)="35524fc1cee591248c93b5ca989e33fbb070afa8ef8c72856cd98a3b717d503db9b3bb9ec4f901dce9876cbb9d803621813b60bdfd18d3aa872d9aa20ed580580f62ce5292fd67bec36f", 0x4a, 0x80, &(0x7f00000000c0)={0x9, @remote={[], 0x2}}, 0x12) keyctl$setperm(0x5, 0x0, 0xf8ffffff) 20:35:54 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb"], 0x56) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:35:54 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:35:55 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r0 = memfd_create(&(0x7f0000000140)='/dev/mixer\x00', 0x4) poll(&(0x7f00000002c0)=[{r0, 0x400}, {0xffffffffffffffff, 0x180}, {0xffffffffffffffff, 0x20}, {0xffffffffffffffff, 0x4200}, {0xffffffffffffffff, 0x3}, {0xffffffffffffffff, 0x20}], 0x6, 0x5) 20:35:55 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, &(0x7f0000000300)) keyctl$chown(0x4, 0x0, 0x0, 0x0) 20:35:55 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") write$binfmt_misc(r0, &(0x7f0000000000)={'syz0', "cc8ad7af9093d445f603d60e77c666856e2ee0b54c481a2eb855aed6941e1f7c40ce1ff50365c1a907870c46d5f2e6b6edaf0e95ef6b775a8bd5b0cf9c9ff5b7e3b1f5154ef514421883e828c6be629f068ff4c4ce93707dbee5a6fbc730196b54ea2466e69eeb37f9bf6459a4b2f56be1ac84b37dec9f2c3d36664b0c9528b21e611c82ae84acd82759d8c96d02ed9e785dc19619754a83c32e6f6d939fd983de33bb862b29d4bed942010ff77300f74085af401bdd3ecb034f939d5936f7d36659abefbd"}, 0xc9) r1 = syz_open_dev$mouse(&(0x7f0000000100)='/dev/input/mouse#\x00', 0x100000001, 0x800) write$P9_RATTACH(r1, &(0x7f0000000280)={0x14, 0x69, 0x1, {0x4, 0x2, 0x7}}, 0x14) ioctl$MON_IOCX_GET(r1, 0x40189206, &(0x7f0000000180)={&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000200)=""/108, 0x6c}) keyctl$setperm(0x5, 0x0, 0xf8ffffff) [ 585.865590][T22222] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 585.904610][T22222] FAULT_INJECTION: forcing a failure. 20:35:55 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000400)=ANY=[], 0x12b) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x1, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:35:55 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r0 = memfd_create(&(0x7f0000000140)='/dev/mixer\x00', 0x4) poll(&(0x7f00000002c0)=[{r0, 0x400}, {0xffffffffffffffff, 0x180}, {0xffffffffffffffff, 0x20}, {0xffffffffffffffff, 0x4200}, {0xffffffffffffffff, 0x3}, {0xffffffffffffffff, 0x20}], 0x6, 0x5) [ 585.904610][T22222] name failslab, interval 1, probability 0, space 0, times 0 20:35:55 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, &(0x7f0000000300)) keyctl$chown(0x4, 0x0, 0x0, 0x0) [ 585.974965][T22222] CPU: 1 PID: 22222 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 585.982024][T22215] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 585.982969][T22222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 585.982983][T22222] Call Trace: [ 586.002111][T22215] FAT-fs (loop4): Filesystem has been set read-only [ 586.005143][T22222] dump_stack+0x1d8/0x2f8 [ 586.005157][T22222] should_fail+0x608/0x860 [ 586.005169][T22222] ? setup_fault_attr+0x2b0/0x2b0 [ 586.026917][T22222] ? __lock_acquire+0x4750/0x4750 [ 586.027227][T22215] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 586.031967][T22222] __should_failslab+0x11a/0x160 [ 586.031980][T22222] should_failslab+0x9/0x20 [ 586.031992][T22222] kmem_cache_alloc_node_trace+0x6e/0x2d0 [ 586.032003][T22222] ? __kmalloc_node_track_caller+0x3c/0x60 [ 586.060883][T22222] __kmalloc_node_track_caller+0x3c/0x60 [ 586.062932][T22215] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 586.066508][T22222] ? devm_led_trigger_register+0xc0/0xc0 [ 586.066520][T22222] __devres_alloc_node+0x42/0x130 [ 586.066528][T22222] ? devm_led_trigger_register+0x16/0xc0 [ 586.066538][T22222] devm_led_trigger_register+0x38/0xc0 [ 586.066554][T22222] hci_leds_init+0xd9/0x180 [ 586.086112][T22215] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 586.091416][T22222] hci_register_dev+0x34e/0x720 [ 586.091432][T22222] hci_uart_tty_ioctl+0x8ad/0xa20 [ 586.091447][T22222] ? hci_uart_tty_write+0x10/0x10 [ 586.125334][T22222] tty_ioctl+0xfa8/0x1610 [ 586.129671][T22222] ? tty_do_resize+0x180/0x180 [ 586.134441][T22222] ? rcu_lock_release+0x9/0x30 [ 586.139210][T22222] ? __lock_acquire+0x4750/0x4750 [ 586.144228][T22222] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 586.149939][T22222] ? tomoyo_path_number_perm+0x587/0x740 [ 586.155561][T22222] ? trace_hardirqs_on+0x74/0x80 [ 586.160489][T22222] ? tomoyo_path_number_perm+0x5f0/0x740 [ 586.166120][T22222] ? tomoyo_check_path_acl+0x180/0x180 [ 586.171566][T22222] ? smk_access+0x4f0/0x4f0 [ 586.176059][T22222] ? smk_access+0x18c/0x4f0 [ 586.180552][T22222] ? tty_do_resize+0x180/0x180 [ 586.185311][T22222] do_vfs_ioctl+0x7d4/0x18f0 [ 586.189898][T22222] ? ioctl_preallocate+0x240/0x240 [ 586.195007][T22222] ? fget_many+0x30/0x30 [ 586.199239][T22222] ? debug_smp_processor_id+0x1c/0x20 [ 586.204605][T22222] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 586.210663][T22222] ? tomoyo_file_ioctl+0x23/0x30 [ 586.215592][T22222] ? security_file_ioctl+0xa1/0xd0 [ 586.220691][T22222] __x64_sys_ioctl+0xe3/0x120 [ 586.225361][T22222] do_syscall_64+0xfe/0x140 [ 586.229857][T22222] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 586.235739][T22222] RIP: 0033:0x459829 [ 586.239624][T22222] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 586.259220][T22222] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 586.267627][T22222] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 586.275587][T22222] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 586.283552][T22222] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 586.291510][T22222] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 586.299468][T22222] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 586.334327][T21541] Bluetooth: hci0: Frame reassembly failed (-84) [ 586.341130][ T9428] Bluetooth: hci0: Frame reassembly failed (-84) [ 588.402166][ T9866] Bluetooth: hci0: command 0x1003 tx timeout [ 588.410716][T19431] Bluetooth: hci0: sending frame failed (-49) [ 590.482219][ T9866] Bluetooth: hci0: command 0x1001 tx timeout [ 590.488292][T19431] Bluetooth: hci0: sending frame failed (-49) [ 592.562184][ T9866] Bluetooth: hci0: command 0x1009 tx timeout 20:36:05 executing program 3 (fault-call:2 fault-nth:43): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:36:05 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff"], 0x4a) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:36:05 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0xc01, &(0x7f0000000080)="1119370d5e0b259976cfe47bf070") keyctl$setperm(0x5, 0x0, 0xf8ffffff) 20:36:05 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x101000, 0x0) poll(&(0x7f00000002c0)=[{0xffffffffffffffff, 0x400}, {r0, 0x180}, {0xffffffffffffffff, 0x20}, {0xffffffffffffffff, 0x4200}, {0xffffffffffffffff, 0x3}, {0xffffffffffffffff, 0x20}], 0x6, 0x5) 20:36:05 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) keyctl$chown(0x4, 0x0, 0x0, r1) 20:36:05 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000400)={0x800, {{0x2, 0x4e20, @multicast1}}, 0x0, 0x1, [{{0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1c}}}]}, 0x110) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:36:05 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) keyctl$chown(0x4, 0x0, 0x0, r1) 20:36:05 executing program 2: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x101000, 0x0) poll(&(0x7f00000002c0)=[{0xffffffffffffffff, 0x400}, {r0, 0x180}, {0xffffffffffffffff, 0x20}, {0xffffffffffffffff, 0x4200}, {0xffffffffffffffff, 0x3}, {0xffffffffffffffff, 0x20}], 0x6, 0x5) 20:36:05 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") r1 = syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x200, 0x101800) ioctl$VIDIOC_PREPARE_BUF(r1, 0xc058565d, &(0x7f0000000040)={0x6, 0xf, 0x4, 0x0, {0x0, 0x2710}, {0x7, 0xf, 0x7, 0x9, 0xff, 0x3, "19a439d7"}, 0xc61, 0x4, @offset=0x9, 0x4}) keyctl$setperm(0x5, 0x0, 0xf8ffffff) [ 596.751821][T22254] debugfs: Directory 'hci0' with parent 'bluetooth' already present! 20:36:06 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) keyctl$chown(0x4, 0x0, 0x0, r1) 20:36:06 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)="4925fee253aabcf7bffd2d74377455a1fc0e1c3d762ef712d26c4f2fe4d4d6dc4944f721b5af8f911d9b1eb41c67eae5a49ec3c64d5ee5d7fea3e99f6fd4ba31bc30400b2ab5dd369fc084ce0b64293c000b5b", 0x53, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb) keyctl$setperm(0x5, r1, 0xf8ffffff) 20:36:06 executing program 2: r0 = openat$dlm_plock(0xffffffffffffff9c, 0x0, 0x101000, 0x0) poll(&(0x7f00000002c0)=[{0xffffffffffffffff, 0x400}, {r0, 0x180}, {0xffffffffffffffff, 0x20}, {0xffffffffffffffff, 0x4200}, {0xffffffffffffffff, 0x3}, {0xffffffffffffffff, 0x20}], 0x6, 0x5) [ 596.851625][T22254] FAULT_INJECTION: forcing a failure. [ 596.851625][T22254] name failslab, interval 1, probability 0, space 0, times 0 [ 596.896282][T22254] CPU: 0 PID: 22254 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 596.904298][T22254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 596.914365][T22254] Call Trace: [ 596.917674][T22254] dump_stack+0x1d8/0x2f8 [ 596.922014][T22254] should_fail+0x608/0x860 [ 596.926430][T22254] ? setup_fault_attr+0x2b0/0x2b0 [ 596.931544][T22254] ? lock_acquire+0x158/0x250 [ 596.944045][T22254] __should_failslab+0x11a/0x160 [ 596.948991][T22254] should_failslab+0x9/0x20 [ 596.953504][T22254] kmem_cache_alloc_node_trace+0x6e/0x2d0 [ 596.959229][T22254] ? __kmalloc_node_track_caller+0x3c/0x60 [ 596.965117][T22254] ? device_add+0xa41/0x1570 [ 596.969712][T22254] __kmalloc_node_track_caller+0x3c/0x60 [ 596.975357][T22254] devm_kmalloc+0x6b/0x180 [ 596.979777][T22254] hci_leds_init+0x39/0x180 [ 596.984278][T22254] hci_register_dev+0x34e/0x720 [ 596.989116][T22254] hci_uart_tty_ioctl+0x8ad/0xa20 [ 596.989128][T22254] ? hci_uart_tty_write+0x10/0x10 [ 596.989142][T22254] tty_ioctl+0xfa8/0x1610 [ 596.989150][T22254] ? tty_do_resize+0x180/0x180 [ 596.989161][T22254] ? rcu_lock_release+0x9/0x30 [ 596.989174][T22254] ? __lock_acquire+0x4750/0x4750 [ 596.989185][T22254] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 596.989194][T22254] ? tomoyo_path_number_perm+0x587/0x740 [ 596.989202][T22254] ? trace_hardirqs_on+0x74/0x80 [ 596.989212][T22254] ? tomoyo_path_number_perm+0x5f0/0x740 [ 596.989223][T22254] ? tomoyo_check_path_acl+0x180/0x180 [ 596.989237][T22254] ? smk_access+0x4f0/0x4f0 [ 597.051356][T22254] ? smk_access+0x18c/0x4f0 [ 597.055865][T22254] ? tty_do_resize+0x180/0x180 [ 597.060644][T22254] do_vfs_ioctl+0x7d4/0x18f0 [ 597.065245][T22254] ? ioctl_preallocate+0x240/0x240 [ 597.070368][T22254] ? fget_many+0x30/0x30 [ 597.074610][T22254] ? debug_smp_processor_id+0x1c/0x20 [ 597.079985][T22254] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 597.086054][T22254] ? tomoyo_file_ioctl+0x23/0x30 [ 597.090990][T22254] ? security_file_ioctl+0xa1/0xd0 [ 597.095964][T22244] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 597.096099][T22254] __x64_sys_ioctl+0xe3/0x120 [ 597.096115][T22254] do_syscall_64+0xfe/0x140 [ 597.113856][T22254] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 597.119760][T22254] RIP: 0033:0x459829 [ 597.123673][T22254] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 597.126687][T22244] FAT-fs (loop4): Filesystem has been set read-only [ 597.143361][T22254] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 597.143372][T22254] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 597.143377][T22254] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 597.143383][T22254] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 597.143388][T22254] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 597.143392][T22254] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 597.159274][T22244] FAT-fs (loop4): error, fat_free_clusters: deleting FAT entry beyond EOF [ 597.209622][T22244] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 597.227453][T22244] FAT-fs (loop4): error, fat_free_clusters: deleting FAT entry beyond EOF [ 597.240944][T21541] Bluetooth: hci0: Frame reassembly failed (-84) [ 599.292095][ T9866] Bluetooth: hci0: command 0x1003 tx timeout [ 599.299631][T19431] Bluetooth: hci0: sending frame failed (-49) [ 601.362115][ T9866] Bluetooth: hci0: command 0x1001 tx timeout [ 601.368186][T19431] Bluetooth: hci0: sending frame failed (-49) [ 603.442107][ T9866] Bluetooth: hci0: command 0x1009 tx timeout 20:36:16 executing program 3 (fault-call:2 fault-nth:44): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:36:16 executing program 2: r0 = openat$dlm_plock(0xffffffffffffff9c, 0x0, 0x101000, 0x0) poll(&(0x7f00000002c0)=[{0xffffffffffffffff, 0x400}, {r0, 0x180}, {0xffffffffffffffff, 0x20}, {0xffffffffffffffff, 0x4200}, {0xffffffffffffffff, 0x3}, {0xffffffffffffffff, 0x20}], 0x6, 0x5) 20:36:16 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180), &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, 0x0) 20:36:16 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:36:16 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff"], 0x4a) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:36:16 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000880)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b0fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e156f8e4c15aca9e0c83b4916c1aa42adac86b1b7a9a402c48606607f4f15c5d79e14a9d3a2aa534fe7d46815f339e4657742ef736079088e3fdd3bc87c2542f963e78a106c4cb7328221b0423e16956aa843e5f7d22c86e4c372e14b64c88ff55c47f140c3b50b9c228759bcf52844030000003ffe5b6a1b0837e24becccb2335f0aa0b0a60fcca64e4fc5de462359b222a4cd5b0e13fc225635c993fc34a4589d705a836f7b6bb08321bf4b61"], 0x71) accept4$packet(r2, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000500)=0x14, 0x800) recvfrom(r3, &(0x7f0000000400)=""/134, 0x86, 0x2000, &(0x7f0000000600)=@xdp={0x2c, 0x7, r4, 0x26}, 0x80) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) write$UHID_INPUT2(r0, &(0x7f0000000580)={0xc, 0x31, "d8f74203da2e518863aed19d7864bc8631393d9cdef21be6085056db014e727343bc72d7b46cc7efef1067b774426cce6d"}, 0x37) 20:36:16 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180), &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, 0x0) 20:36:16 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:36:16 executing program 2: r0 = openat$dlm_plock(0xffffffffffffff9c, 0x0, 0x101000, 0x0) poll(&(0x7f00000002c0)=[{0xffffffffffffffff, 0x400}, {r0, 0x180}, {0xffffffffffffffff, 0x20}, {0xffffffffffffffff, 0x4200}, {0xffffffffffffffff, 0x3}, {0xffffffffffffffff, 0x20}], 0x6, 0x5) [ 607.638410][T22289] debugfs: Directory 'hci0' with parent 'bluetooth' already present! 20:36:16 executing program 2: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x0, 0x0) poll(&(0x7f00000002c0)=[{0xffffffffffffffff, 0x400}, {r0, 0x180}, {0xffffffffffffffff, 0x20}, {0xffffffffffffffff, 0x4200}, {0xffffffffffffffff, 0x3}, {0xffffffffffffffff, 0x20}], 0x6, 0x5) 20:36:16 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="11dca50d5e0bcfe47bf070") getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180), &(0x7f0000000300)=0xc) keyctl$chown(0x4, 0x0, 0x0, 0x0) [ 607.734212][T22278] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 607.750298][T22289] FAULT_INJECTION: forcing a failure. [ 607.750298][T22289] name failslab, interval 1, probability 0, space 0, times 0 [ 607.775986][T22278] FAT-fs (loop4): Filesystem has been set read-only 20:36:17 executing program 0: clone(0x7fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="d3d238f19c0443cd80"], 0x9}}, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="eabe9f303b222957eecbc624877c825255f910c28f5e87a64820546a1ebed56adb3b91e7e29856aeab56ad8e39808e0b0000bf7a301ffe8dac0726906da58a5d1ab066f24351eda628769d37", @ANYRESOCT=0x0, @ANYPTR64, @ANYPTR64=&(0x7f0000000040)=ANY=[@ANYRESOCT, @ANYRESHEX, @ANYRESDEC=0x0, @ANYRESOCT, @ANYRESOCT], @ANYRESHEX, @ANYBLOB="e6c55c669eb82eec510100019b3d7280437a74620100000000000000ca44f937d0492482ba837296d961244e2e0c734057548c402cc43b3897cc275fd87f335dc73efdc40dd887fc8dc4872bf5b65c87e940b30eecd4f9ad4c079521dfdaf3d0fef515586de3c101e4f8d1b12b1894ef983d0cfcdfbb1118c5ae060bb6ae2af877735be7b03b5278b53fe125393d6b6adf7f"], 0x0, 0x117}, 0x20) tkill(r0, 0x3b) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 607.795640][T22278] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 607.825092][T22278] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 607.842743][T22289] CPU: 1 PID: 22289 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 607.850746][T22289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 607.852862][T22278] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 607.860790][T22289] Call Trace: [ 607.860813][T22289] dump_stack+0x1d8/0x2f8 [ 607.860835][T22289] should_fail+0x608/0x860 [ 607.880794][T22289] ? setup_fault_attr+0x2b0/0x2b0 [ 607.885809][T22289] ? __lock_acquire+0x4750/0x4750 [ 607.890821][T22289] ? kzalloc+0x1f/0x40 [ 607.894895][T22289] __should_failslab+0x11a/0x160 [ 607.899844][T22289] ? kzalloc+0x1f/0x40 [ 607.903914][T22289] should_failslab+0x9/0x20 [ 607.908412][T22289] __kmalloc+0x7a/0x340 [ 607.912574][T22289] kzalloc+0x1f/0x40 [ 607.916468][T22289] rfkill_alloc+0x96/0x2a0 [ 607.920879][T22289] hci_register_dev+0x36d/0x720 [ 607.925818][T22289] hci_uart_tty_ioctl+0x8ad/0xa20 [ 607.930831][T22289] ? hci_uart_tty_write+0x10/0x10 [ 607.935860][T22289] tty_ioctl+0xfa8/0x1610 [ 607.940179][T22289] ? tty_do_resize+0x180/0x180 [ 607.944934][T22289] ? rcu_lock_release+0x9/0x30 [ 607.949687][T22289] ? __lock_acquire+0x4750/0x4750 [ 607.954707][T22289] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 607.960330][T22289] ? tomoyo_path_number_perm+0x587/0x740 [ 607.965953][T22289] ? trace_hardirqs_on+0x74/0x80 [ 607.970883][T22289] ? tomoyo_path_number_perm+0x5f0/0x740 [ 607.976508][T22289] ? tomoyo_check_path_acl+0x180/0x180 [ 607.981964][T22289] ? smk_access+0x4f0/0x4f0 [ 607.986462][T22289] ? smk_access+0x18c/0x4f0 [ 607.990951][T22289] ? tty_do_resize+0x180/0x180 [ 607.995710][T22289] do_vfs_ioctl+0x7d4/0x18f0 [ 608.000297][T22289] ? ioctl_preallocate+0x240/0x240 [ 608.005418][T22289] ? fget_many+0x30/0x30 [ 608.009920][T22289] ? debug_smp_processor_id+0x1c/0x20 [ 608.015290][T22289] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 608.021346][T22289] ? tomoyo_file_ioctl+0x23/0x30 [ 608.026274][T22289] ? security_file_ioctl+0xa1/0xd0 [ 608.031373][T22289] __x64_sys_ioctl+0xe3/0x120 [ 608.036052][T22289] do_syscall_64+0xfe/0x140 [ 608.040590][T22289] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 608.046470][T22289] RIP: 0033:0x459829 [ 608.050358][T22289] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 608.070125][T22289] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 608.078525][T22289] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 608.086487][T22289] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 608.094716][T22289] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 608.102680][T22289] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 608.110640][T22289] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 608.133460][T21541] Bluetooth: hci0: Frame reassembly failed (-84) [ 608.147415][T22302] ptrace attach of "/root/syz-executor.0"[22301] was attempted by "/root/syz-executor.0"[22302] [ 610.162082][ T9866] Bluetooth: hci0: command 0x1003 tx timeout [ 610.168507][T19431] Bluetooth: hci0: sending frame failed (-49) [ 612.242127][ T9866] Bluetooth: hci0: command 0x1001 tx timeout [ 612.248195][T19431] Bluetooth: hci0: sending frame failed (-49) [ 614.322082][ T9866] Bluetooth: hci0: command 0x1009 tx timeout 20:36:27 executing program 3 (fault-call:2 fault-nth:45): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:36:27 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:36:27 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff"], 0x4a) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:36:27 executing program 2: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x0, 0x0) poll(0x0, 0x0, 0x5) 20:36:27 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xfffffffffffffccf, &(0x7f0000000100), 0x0, 0x0) 20:36:27 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000400)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0xfc, 0x8}}, 0x50) fcntl$setstatus(r2, 0x4, 0x4800) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) [ 618.480561][T22317] debugfs: Directory 'hci0' with parent 'bluetooth' already present! 20:36:27 executing program 2: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x0, 0x0) poll(0x0, 0x0, 0x5) 20:36:27 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) [ 618.525194][T22317] FAULT_INJECTION: forcing a failure. [ 618.525194][T22317] name failslab, interval 1, probability 0, space 0, times 0 [ 618.616876][T22317] CPU: 0 PID: 22317 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 618.624901][T22317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 618.634966][T22317] Call Trace: [ 618.638272][T22317] dump_stack+0x1d8/0x2f8 [ 618.642611][T22317] should_fail+0x608/0x860 [ 618.647037][T22317] ? setup_fault_attr+0x2b0/0x2b0 [ 618.652068][T22317] ? __lock_acquire+0x4750/0x4750 [ 618.657091][T22317] ? kzalloc+0x1f/0x40 [ 618.661161][T22317] __should_failslab+0x11a/0x160 [ 618.666096][T22317] ? kzalloc+0x1f/0x40 [ 618.670160][T22317] should_failslab+0x9/0x20 [ 618.674656][T22317] __kmalloc+0x7a/0x340 [ 618.678811][T22317] kzalloc+0x1f/0x40 [ 618.682703][T22317] rfkill_alloc+0x96/0x2a0 [ 618.687126][T22317] hci_register_dev+0x36d/0x720 [ 618.691979][T22317] hci_uart_tty_ioctl+0x8ad/0xa20 [ 618.697011][T22317] ? hci_uart_tty_write+0x10/0x10 [ 618.702032][T22317] tty_ioctl+0xfa8/0x1610 [ 618.706360][T22317] ? tty_do_resize+0x180/0x180 [ 618.711125][T22317] ? rcu_lock_release+0x9/0x30 [ 618.715893][T22317] ? __lock_acquire+0x4750/0x4750 [ 618.720908][T22317] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 618.720921][T22317] ? tomoyo_path_number_perm+0x587/0x740 [ 618.720929][T22317] ? trace_hardirqs_on+0x74/0x80 [ 618.720940][T22317] ? tomoyo_path_number_perm+0x5f0/0x740 [ 618.720955][T22317] ? tomoyo_check_path_acl+0x180/0x180 [ 618.737449][T22317] ? smk_access+0x4f0/0x4f0 [ 618.737458][T22317] ? smk_access+0x18c/0x4f0 [ 618.737472][T22317] ? tty_do_resize+0x180/0x180 [ 618.737486][T22317] do_vfs_ioctl+0x7d4/0x18f0 [ 618.737499][T22317] ? ioctl_preallocate+0x240/0x240 [ 618.737518][T22317] ? fget_many+0x30/0x30 [ 618.737528][T22317] ? debug_smp_processor_id+0x1c/0x20 [ 618.737539][T22317] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 618.737552][T22317] ? tomoyo_file_ioctl+0x23/0x30 [ 618.737565][T22317] ? security_file_ioctl+0xa1/0xd0 [ 618.737575][T22317] __x64_sys_ioctl+0xe3/0x120 [ 618.737590][T22317] do_syscall_64+0xfe/0x140 [ 618.737602][T22317] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 618.737612][T22317] RIP: 0033:0x459829 20:36:28 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:36:28 executing program 2: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x0, 0x0) poll(0x0, 0x0, 0x5) [ 618.737622][T22317] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 618.737634][T22317] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 618.790039][T22314] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 618.792587][T22317] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 618.792593][T22317] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 20:36:28 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:36:28 executing program 2: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x0, 0x0) poll(&(0x7f00000002c0)=[{0xffffffffffffffff, 0x400}, {r0, 0x180}, {0xffffffffffffffff, 0x20}, {0xffffffffffffffff, 0x4200}, {0xffffffffffffffff, 0x3}], 0x5, 0x5) [ 618.792599][T22317] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 618.792605][T22317] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 618.792610][T22317] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 618.810244][T22311] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 618.826974][ T9428] Bluetooth: hci0: Frame reassembly failed (-84) [ 618.917320][T22311] FAT-fs (loop4): Filesystem has been set read-only [ 618.957182][T22311] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 618.996960][T22311] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 619.015409][T22311] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 620.882147][ T9741] Bluetooth: hci0: command 0x1003 tx timeout [ 620.888313][T19431] Bluetooth: hci0: sending frame failed (-49) [ 622.962102][ T9741] Bluetooth: hci0: command 0x1001 tx timeout [ 622.968193][T19431] Bluetooth: hci0: sending frame failed (-49) [ 625.042149][ T9741] Bluetooth: hci0: command 0x1009 tx timeout 20:36:38 executing program 3 (fault-call:2 fault-nth:46): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:36:38 executing program 2: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x0, 0x0) poll(&(0x7f00000002c0)=[{0xffffffffffffffff, 0x400}, {r0, 0x180}, {0xffffffffffffffff, 0x20}, {0xffffffffffffffff, 0x4200}], 0x4, 0x5) 20:36:38 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:36:38 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xfffffffffffffccf, &(0x7f0000000100), 0x0, 0x0) 20:36:38 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2"], 0x50) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:36:38 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r1 = open(&(0x7f0000000200)='./file0\x00', 0x80000000000000, 0x0) fchdir(r1) write$P9_RREADDIR(r0, &(0x7f0000000300)=ANY=[], 0x1f6) r2 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$cgroup_int(r0, &(0x7f0000000040)=0x3, 0x12) write$P9_RSETATTR(r0, &(0x7f00000000c0)={0x7, 0x1b, 0x2}, 0x7) write$binfmt_aout(r2, &(0x7f0000000400)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf00ffff0000000000007fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00c0e7de441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef008025df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r2, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r1, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:36:38 executing program 2: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x0, 0x0) poll(&(0x7f00000002c0)=[{0xffffffffffffffff, 0x400}, {r0, 0x180}, {0xffffffffffffffff, 0x20}], 0x3, 0x5) 20:36:38 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:36:38 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) [ 629.398473][T22347] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 629.427856][T22347] FAULT_INJECTION: forcing a failure. [ 629.427856][T22347] name failslab, interval 1, probability 0, space 0, times 0 20:36:38 executing program 2: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x0, 0x0) poll(&(0x7f00000002c0)=[{0xffffffffffffffff, 0x400}, {r0, 0x180}], 0x2, 0x5) [ 629.481504][T22347] CPU: 0 PID: 22347 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 629.489605][T22347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 629.499658][T22347] Call Trace: [ 629.502955][T22347] dump_stack+0x1d8/0x2f8 [ 629.507292][T22347] should_fail+0x608/0x860 [ 629.511713][T22347] ? setup_fault_attr+0x2b0/0x2b0 [ 629.516743][T22347] ? __lock_acquire+0x4750/0x4750 [ 629.521770][T22347] ? kzalloc+0x1f/0x40 [ 629.525838][T22347] __should_failslab+0x11a/0x160 [ 629.530775][T22347] ? kzalloc+0x1f/0x40 [ 629.534841][T22347] should_failslab+0x9/0x20 [ 629.539341][T22347] __kmalloc+0x7a/0x340 [ 629.543496][T22347] kzalloc+0x1f/0x40 [ 629.547385][T22347] rfkill_alloc+0x96/0x2a0 [ 629.551875][T22347] hci_register_dev+0x36d/0x720 [ 629.556734][T22347] hci_uart_tty_ioctl+0x8ad/0xa20 [ 629.561761][T22347] ? hci_uart_tty_write+0x10/0x10 [ 629.566784][T22347] tty_ioctl+0xfa8/0x1610 [ 629.571286][T22347] ? tty_do_resize+0x180/0x180 [ 629.576047][T22347] ? rcu_lock_release+0x9/0x30 [ 629.580796][T22347] ? __lock_acquire+0x4750/0x4750 [ 629.580808][T22347] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 629.580819][T22347] ? tomoyo_path_number_perm+0x587/0x740 [ 629.580827][T22347] ? trace_hardirqs_on+0x74/0x80 [ 629.580837][T22347] ? tomoyo_path_number_perm+0x5f0/0x740 [ 629.580849][T22347] ? tomoyo_check_path_acl+0x180/0x180 [ 629.580859][T22347] ? smk_access+0x4f0/0x4f0 [ 629.580868][T22347] ? smk_access+0x18c/0x4f0 [ 629.580877][T22347] ? tty_do_resize+0x180/0x180 20:36:38 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:36:38 executing program 2: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x0, 0x0) poll(&(0x7f00000002c0)=[{0xffffffffffffffff, 0x400}], 0x1, 0x5) [ 629.580888][T22347] do_vfs_ioctl+0x7d4/0x18f0 [ 629.580901][T22347] ? ioctl_preallocate+0x240/0x240 [ 629.580919][T22347] ? fget_many+0x30/0x30 [ 629.580929][T22347] ? debug_smp_processor_id+0x1c/0x20 [ 629.580940][T22347] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 629.580952][T22347] ? tomoyo_file_ioctl+0x23/0x30 [ 629.580965][T22347] ? security_file_ioctl+0xa1/0xd0 [ 629.580974][T22347] __x64_sys_ioctl+0xe3/0x120 [ 629.580988][T22347] do_syscall_64+0xfe/0x140 [ 629.581002][T22347] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 629.581011][T22347] RIP: 0033:0x459829 [ 629.581021][T22347] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 629.581026][T22347] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 629.581036][T22347] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 629.581041][T22347] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 629.581045][T22347] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 629.581050][T22347] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 629.581055][T22347] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 629.772767][T22340] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 629.781647][T21541] Bluetooth: hci0: Frame reassembly failed (-84) [ 629.800051][T22341] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 629.811994][T22341] FAT-fs (loop4): Filesystem has been set read-only [ 629.820395][T22341] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 629.834238][T22341] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 629.846558][T22341] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 631.842122][ T22] Bluetooth: hci0: command 0x1003 tx timeout [ 631.849334][T19431] Bluetooth: hci0: sending frame failed (-49) [ 633.922106][ T22] Bluetooth: hci0: command 0x1001 tx timeout [ 633.928197][T19431] Bluetooth: hci0: sending frame failed (-49) [ 636.002101][ T22] Bluetooth: hci0: command 0x1009 tx timeout 20:36:49 executing program 3 (fault-call:2 fault-nth:47): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:36:49 executing program 2: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x0, 0x0) poll(&(0x7f00000002c0)=[{0xffffffffffffffff, 0x400}], 0x1, 0x5) 20:36:49 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:36:49 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2"], 0x50) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:36:49 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xfffffffffffffccf, &(0x7f0000000100), 0x0, 0x0) 20:36:49 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101002, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) accept4(r0, 0x0, &(0x7f0000000040), 0x80000) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = getpgrp(0x0) mq_notify(r0, &(0x7f0000000400)={0x0, 0x1b, 0x2, @tid=r1}) r2 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r3 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r3) mq_timedreceive(r2, &(0x7f00000000c0)=""/82, 0x34e, 0x7f, &(0x7f0000000440)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r4, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x100000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r4, r4, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r3, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:36:49 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:36:49 executing program 2: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x0, 0x0) poll(&(0x7f00000002c0)=[{0xffffffffffffffff, 0x400}], 0x1, 0x5) [ 640.257749][T22377] debugfs: Directory 'hci0' with parent 'bluetooth' already present! 20:36:49 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) [ 640.303744][T22377] FAULT_INJECTION: forcing a failure. [ 640.303744][T22377] name failslab, interval 1, probability 0, space 0, times 0 [ 640.375952][T22377] CPU: 0 PID: 22377 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 640.383965][T22377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 640.394026][T22377] Call Trace: [ 640.397341][T22377] dump_stack+0x1d8/0x2f8 [ 640.401683][T22377] should_fail+0x608/0x860 [ 640.406205][T22377] ? setup_fault_attr+0x2b0/0x2b0 [ 640.411238][T22377] __should_failslab+0x11a/0x160 [ 640.416187][T22377] should_failslab+0x9/0x20 [ 640.420695][T22377] kmem_cache_alloc_trace+0x5d/0x2f0 [ 640.425986][T22377] ? device_add+0x111/0x1570 [ 640.430582][T22377] device_add+0x111/0x1570 [ 640.435002][T22377] ? kobject_set_name_vargs+0xd0/0x120 [ 640.440464][T22377] ? dev_set_name+0xc8/0x110 [ 640.445057][T22377] ? lockdep_init_map+0x2a/0x680 [ 640.449996][T22377] ? rfkill_register+0x60/0x9f0 [ 640.454937][T22377] ? virtual_device_parent+0x50/0x50 [ 640.460230][T22377] ? __init_waitqueue_head+0x42/0x90 [ 640.465519][T22377] ? dev_set_name+0x110/0x110 [ 640.470198][T22377] ? pm_runtime_init+0x295/0x370 [ 640.475144][T22377] rfkill_register+0x18b/0x9f0 [ 640.479494][T22368] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 640.479906][T22377] hci_register_dev+0x3ac/0x720 [ 640.479923][T22377] hci_uart_tty_ioctl+0x8ad/0xa20 [ 640.498335][T22377] ? hci_uart_tty_write+0x10/0x10 [ 640.500456][T22368] FAT-fs (loop4): Filesystem has been set read-only [ 640.503355][T22377] tty_ioctl+0xfa8/0x1610 [ 640.503366][T22377] ? tty_do_resize+0x180/0x180 [ 640.503378][T22377] ? rcu_lock_release+0x9/0x30 [ 640.503390][T22377] ? __lock_acquire+0x4750/0x4750 [ 640.503402][T22377] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 640.503411][T22377] ? tomoyo_path_number_perm+0x587/0x740 [ 640.503423][T22377] ? trace_hardirqs_on+0x74/0x80 [ 640.513392][T22368] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 640.514652][T22377] ? tomoyo_path_number_perm+0x5f0/0x740 [ 640.514665][T22377] ? tomoyo_check_path_acl+0x180/0x180 [ 640.514680][T22377] ? smk_access+0x4f0/0x4f0 [ 640.523479][T22368] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 640.524163][T22377] ? smk_access+0x18c/0x4f0 [ 640.524176][T22377] ? tty_do_resize+0x180/0x180 [ 640.524190][T22377] do_vfs_ioctl+0x7d4/0x18f0 [ 640.524202][T22377] ? ioctl_preallocate+0x240/0x240 [ 640.524220][T22377] ? fget_many+0x30/0x30 [ 640.524230][T22377] ? debug_smp_processor_id+0x1c/0x20 [ 640.524242][T22377] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 640.524255][T22377] ? tomoyo_file_ioctl+0x23/0x30 [ 640.524268][T22377] ? security_file_ioctl+0xa1/0xd0 20:36:49 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:36:49 executing program 2: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x0, 0x0) poll(&(0x7f00000002c0)=[{0xffffffffffffffff, 0x400}, {0xffffffffffffffff, 0x180}], 0x2, 0x5) [ 640.524278][T22377] __x64_sys_ioctl+0xe3/0x120 [ 640.524293][T22377] do_syscall_64+0xfe/0x140 [ 640.524307][T22377] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 640.524317][T22377] RIP: 0033:0x459829 [ 640.524327][T22377] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 640.524332][T22377] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 640.524342][T22377] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 640.524346][T22377] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 640.524351][T22377] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 640.524357][T22377] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 640.524362][T22377] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 20:36:49 executing program 2: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x0, 0x0) poll(&(0x7f00000002c0)=[{0xffffffffffffffff, 0x400}, {0xffffffffffffffff, 0x180}], 0x2, 0x5) [ 640.724361][T22368] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 640.741076][T21541] Bluetooth: hci0: Frame reassembly failed (-84) [ 640.775679][T22374] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 642.802110][ T9741] Bluetooth: hci0: command 0x1003 tx timeout [ 642.808264][T19431] Bluetooth: hci0: sending frame failed (-49) [ 644.882098][ T9741] Bluetooth: hci0: command 0x1001 tx timeout [ 644.888182][T19431] Bluetooth: hci0: sending frame failed (-49) [ 646.962132][ T9741] Bluetooth: hci0: command 0x1009 tx timeout 20:37:00 executing program 3 (fault-call:2 fault-nth:48): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:37:00 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:37:00 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2"], 0x50) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:37:00 executing program 2: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x0, 0x0) poll(&(0x7f00000002c0)=[{0xffffffffffffffff, 0x400}, {0xffffffffffffffff, 0x180}], 0x2, 0x5) 20:37:00 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xfffffffffffffccf, &(0x7f0000000100), 0x0, 0x0) 20:37:00 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$netlink(r1, 0x10e, 0x5, &(0x7f0000000880)=""/4096, &(0x7f0000000400)=0x1000) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:37:00 executing program 2: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x0, 0x0) poll(&(0x7f00000002c0)=[{0xffffffffffffffff, 0x400}, {r0}], 0x2, 0x5) 20:37:00 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) [ 651.185627][T22407] debugfs: Directory 'hci0' with parent 'bluetooth' already present! 20:37:00 executing program 2: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x0, 0x0) poll(&(0x7f00000002c0)=[{r0}], 0x1, 0x5) [ 651.255494][T22407] FAULT_INJECTION: forcing a failure. [ 651.255494][T22407] name failslab, interval 1, probability 0, space 0, times 0 20:37:00 executing program 1: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) [ 651.321715][T22407] CPU: 1 PID: 22407 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 651.329748][T22407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 651.329753][T22407] Call Trace: [ 651.329777][T22407] dump_stack+0x1d8/0x2f8 [ 651.329795][T22407] should_fail+0x608/0x860 [ 651.351887][T22407] ? setup_fault_attr+0x2b0/0x2b0 [ 651.356935][T22407] __should_failslab+0x11a/0x160 [ 651.358059][T22400] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 651.361883][T22407] ? kvasprintf_const+0x5e/0x180 [ 651.361896][T22407] should_failslab+0x9/0x20 [ 651.361909][T22407] __kmalloc_track_caller+0x79/0x340 [ 651.361922][T22407] ? rfkill_register+0x3a/0x9f0 [ 651.361935][T22407] kvasprintf+0xd0/0x180 [ 651.375408][T22407] ? bust_spinlocks+0xe0/0xe0 [ 651.375420][T22407] ? __mutex_lock_common+0x5c6/0x2990 [ 651.375433][T22407] kvasprintf_const+0x5e/0x180 [ 651.375445][T22407] kobject_set_name_vargs+0x63/0x120 [ 651.375459][T22407] dev_set_name+0xc8/0x110 [ 651.375471][T22407] ? lockdep_init_map+0x2a/0x680 [ 651.375487][T22407] ? rfkill_register+0x60/0x9f0 [ 651.383328][T22400] FAT-fs (loop4): Filesystem has been set read-only [ 651.385229][T22407] ? virtual_device_parent+0x50/0x50 [ 651.385241][T22407] ? __init_waitqueue_head+0x42/0x90 [ 651.385253][T22407] ? pm_runtime_init+0x295/0x370 [ 651.385269][T22407] rfkill_register+0xc0/0x9f0 [ 651.405298][T22400] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 651.409062][T22407] hci_register_dev+0x3ac/0x720 [ 651.409080][T22407] hci_uart_tty_ioctl+0x8ad/0xa20 [ 651.409095][T22407] ? hci_uart_tty_write+0x10/0x10 [ 651.415283][T22405] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 651.418781][T22407] tty_ioctl+0xfa8/0x1610 [ 651.418792][T22407] ? tty_do_resize+0x180/0x180 [ 651.418805][T22407] ? rcu_lock_release+0x9/0x30 [ 651.418820][T22407] ? __lock_acquire+0x4750/0x4750 [ 651.418839][T22407] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 651.426967][T22400] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 651.428584][T22407] ? tomoyo_path_number_perm+0x587/0x740 [ 651.428597][T22407] ? trace_hardirqs_on+0x74/0x80 [ 651.428608][T22407] ? tomoyo_path_number_perm+0x5f0/0x740 [ 651.428627][T22407] ? tomoyo_check_path_acl+0x180/0x180 [ 651.438844][T22400] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 651.440452][T22407] ? smk_access+0x4f0/0x4f0 [ 651.440461][T22407] ? smk_access+0x18c/0x4f0 [ 651.440474][T22407] ? tty_do_resize+0x180/0x180 [ 651.440486][T22407] do_vfs_ioctl+0x7d4/0x18f0 [ 651.440499][T22407] ? ioctl_preallocate+0x240/0x240 20:37:00 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a396"], 0x53) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:37:00 executing program 2: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x0, 0x0) poll(&(0x7f00000002c0)=[{}], 0x1, 0x5) [ 651.570912][T22407] ? fget_many+0x30/0x30 [ 651.575148][T22407] ? debug_smp_processor_id+0x1c/0x20 [ 651.580601][T22407] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 651.586673][T22407] ? tomoyo_file_ioctl+0x23/0x30 [ 651.591778][T22407] ? security_file_ioctl+0xa1/0xd0 [ 651.596898][T22407] __x64_sys_ioctl+0xe3/0x120 [ 651.601798][T22407] do_syscall_64+0xfe/0x140 [ 651.606304][T22407] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 651.612196][T22407] RIP: 0033:0x459829 [ 651.616102][T22407] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 651.636062][T22407] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 651.644482][T22407] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 651.652535][T22407] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 651.660504][T22407] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 651.668587][T22407] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 651.676548][T22407] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 651.691435][ T7] Bluetooth: hci0: Frame reassembly failed (-84) [ 651.988742][T22422] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 652.000248][T22422] FAT-fs (loop4): Filesystem has been set read-only [ 652.010070][T22422] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 652.024816][T22422] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 652.037202][T22422] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 653.762103][ T22] Bluetooth: hci0: command 0x1003 tx timeout [ 653.768215][T19431] Bluetooth: hci0: sending frame failed (-49) [ 655.842102][ T22] Bluetooth: hci0: command 0x1001 tx timeout [ 655.848184][T19431] Bluetooth: hci0: sending frame failed (-49) [ 657.922089][ T22] Bluetooth: hci0: command 0x1009 tx timeout 20:37:11 executing program 3 (fault-call:2 fault-nth:49): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:37:11 executing program 1: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:37:11 executing program 2: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x0, 0x0) poll(&(0x7f00000002c0)=[{}], 0x1, 0x5) 20:37:11 executing program 0: syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xfffffffffffffccf, &(0x7f0000000100), 0x0, 0x0) 20:37:11 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000400)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:37:11 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a396"], 0x53) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:37:11 executing program 2: openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x0, 0x0) poll(&(0x7f00000002c0)=[{}], 0x1, 0x5) 20:37:11 executing program 1: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) [ 662.040872][T22439] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 662.080764][T22439] FAULT_INJECTION: forcing a failure. 20:37:11 executing program 2: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x0, 0x0) poll(&(0x7f00000002c0)=[{r0}], 0x1, 0x0) [ 662.080764][T22439] name failslab, interval 1, probability 0, space 0, times 0 [ 662.103420][T22437] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 662.130626][T22439] CPU: 1 PID: 22439 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 662.138728][T22439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 662.148791][T22439] Call Trace: [ 662.152092][T22439] dump_stack+0x1d8/0x2f8 [ 662.156441][T22439] should_fail+0x608/0x860 [ 662.156581][T22434] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 662.160884][T22439] ? setup_fault_attr+0x2b0/0x2b0 [ 662.160899][T22439] ? __lock_acquire+0x4750/0x4750 [ 662.160916][T22439] __should_failslab+0x11a/0x160 [ 662.160931][T22439] ? __kernfs_new_node+0xd9/0x6e0 [ 662.185990][T22434] FAT-fs (loop4): Filesystem has been set read-only [ 662.189613][T22439] should_failslab+0x9/0x20 [ 662.189627][T22439] kmem_cache_alloc+0x56/0x2e0 [ 662.189640][T22439] __kernfs_new_node+0xd9/0x6e0 [ 662.189654][T22439] ? kernfs_new_node+0x180/0x180 [ 662.211635][T22434] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 662.215548][T22439] ? vprintk_emit+0x21c/0x3a0 [ 662.215563][T22439] ? __kasan_check_write+0x14/0x20 [ 662.215574][T22439] ? irq_work_queue+0xf8/0x110 [ 662.215583][T22439] ? vprintk_emit+0x2dd/0x3a0 [ 662.215595][T22439] kernfs_new_node+0x97/0x180 [ 662.215607][T22439] kernfs_create_dir_ns+0x44/0x130 [ 662.242788][T22434] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 662.247385][T22439] sysfs_create_dir_ns+0x161/0x310 [ 662.247396][T22439] ? sysfs_warn_dup+0xb0/0xb0 [ 662.247413][T22439] ? do_raw_spin_unlock+0x49/0x260 [ 662.266391][T22434] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 662.270803][T22439] kobject_add_internal+0x459/0xd50 [ 662.270816][T22439] kobject_add+0x138/0x200 [ 662.270831][T22439] ? device_add+0x46f/0x1570 [ 662.270840][T22439] ? kobject_init+0x1e0/0x1e0 [ 662.270856][T22439] ? refcount_inc_checked+0x1e/0x50 [ 662.307911][T22439] ? get_device_parent+0x146/0x4e0 [ 662.313033][T22439] device_add+0x508/0x1570 [ 662.317447][T22439] ? rfkill_register+0x60/0x9f0 [ 662.322289][T22439] ? __init_waitqueue_head+0x42/0x90 [ 662.327568][T22439] ? dev_set_name+0x110/0x110 [ 662.332237][T22439] ? pm_runtime_init+0x295/0x370 [ 662.337171][T22439] rfkill_register+0x18b/0x9f0 [ 662.342014][T22439] hci_register_dev+0x3ac/0x720 [ 662.346861][T22439] hci_uart_tty_ioctl+0x8ad/0xa20 [ 662.351875][T22439] ? hci_uart_tty_write+0x10/0x10 [ 662.356902][T22439] tty_ioctl+0xfa8/0x1610 [ 662.361223][T22439] ? tty_do_resize+0x180/0x180 [ 662.365984][T22439] ? rcu_lock_release+0x9/0x30 [ 662.370740][T22439] ? __lock_acquire+0x4750/0x4750 [ 662.375757][T22439] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 662.381384][T22439] ? tomoyo_path_number_perm+0x587/0x740 [ 662.387011][T22439] ? trace_hardirqs_on+0x74/0x80 [ 662.391945][T22439] ? tomoyo_path_number_perm+0x5f0/0x740 [ 662.397572][T22439] ? tomoyo_check_path_acl+0x180/0x180 [ 662.403025][T22439] ? smk_access+0x4f0/0x4f0 [ 662.407520][T22439] ? smk_access+0x18c/0x4f0 [ 662.412014][T22439] ? tty_do_resize+0x180/0x180 [ 662.416780][T22439] do_vfs_ioctl+0x7d4/0x18f0 [ 662.421373][T22439] ? ioctl_preallocate+0x240/0x240 [ 662.426498][T22439] ? fget_many+0x30/0x30 [ 662.430756][T22439] ? debug_smp_processor_id+0x1c/0x20 [ 662.436125][T22439] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 662.442184][T22439] ? tomoyo_file_ioctl+0x23/0x30 [ 662.447115][T22439] ? security_file_ioctl+0xa1/0xd0 [ 662.452223][T22439] __x64_sys_ioctl+0xe3/0x120 [ 662.456897][T22439] do_syscall_64+0xfe/0x140 [ 662.461391][T22439] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 662.467278][T22439] RIP: 0033:0x459829 [ 662.471259][T22439] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 20:37:11 executing program 2: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x0, 0x0) poll(&(0x7f00000002c0)=[{r0}], 0x1, 0x0) 20:37:11 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) [ 662.491029][T22439] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 662.499616][T22439] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 662.507602][T22439] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 662.515576][T22439] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 662.523545][T22439] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 662.531520][T22439] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 20:37:11 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a396"], 0x53) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) [ 662.552255][T22439] kobject_add_internal failed for rfkill30 (error: -12 parent: hci0) [ 662.568888][ T9428] Bluetooth: hci0: Frame reassembly failed (-84) [ 662.839148][T22455] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 662.848050][T22455] FAT-fs (loop4): Filesystem has been set read-only [ 662.858357][T22455] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 662.869383][T22455] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 662.881686][T22455] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 664.642145][ T9741] Bluetooth: hci0: command 0x1003 tx timeout [ 664.648411][T19431] Bluetooth: hci0: sending frame failed (-49) [ 666.722137][ T9741] Bluetooth: hci0: command 0x1001 tx timeout [ 666.729207][T19431] Bluetooth: hci0: sending frame failed (-49) [ 668.802146][ T9741] Bluetooth: hci0: command 0x1009 tx timeout 20:37:22 executing program 3 (fault-call:2 fault-nth:50): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:37:22 executing program 2: clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) tkill(r0, 0x38) ptrace$cont(0x18, r0, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x20000000, 0x9f}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 20:37:22 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x0, 0x0) 20:37:22 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:37:22 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) ioctl(r0, 0x4, &(0x7f0000000400)="27a41bddeba01747217e1a8e62e041264d9d52ba9cda953dd174896d43ed3445ea7ecf072b15a5dfb012dd8eb749a31b79fe3a01437fbcec367bbb92f9345696cbaaf3949333f93c282062baaf5d3c991573e4e2bfabd41437cc3483544466552d3ae2eedf01b8348912a06e68b8884e74253bc1608f9dda6c28b2f1f3dbd8897e6af61728bd463ad37fca71f0d8f2804302e6b42c30dd50a8436085429f05bfa7a2b051356b48e573fc07f5e16e6825718c15e41ef9") r2 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r3 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r3) mq_timedreceive(r2, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r4, 0xc0605345, &(0x7f0000000600)={0x4, 0x1, {0x1, 0x2, 0x323, 0x3, 0x1}}) write$binfmt_aout(r4, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe300feff006ab24aceca18abaea81ed43d91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r4, r4, &(0x7f0000000000), 0x8080fffffffe) ioctl$EVIOCSKEYCODE_V2(r4, 0x40284504, &(0x7f00000004c0)={0x3c1e0084, 0x10, 0xc19, 0x5d0f, "c1d98dc8cf56b5541af375143d91e2f4d1f2f0520579550fd268f0125d9c0c0a"}) write$FUSE_INIT(r3, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:37:22 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:37:22 executing program 2: clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) tkill(r0, 0x38) ptrace$cont(0x18, r0, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x20000000, 0x9f}) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)="39fa") ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 20:37:22 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) [ 672.900568][T22474] debugfs: Directory 'hci0' with parent 'bluetooth' already present! 20:37:22 executing program 0: syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0x0) 20:37:22 executing program 2: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc) add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, r1) [ 672.946964][T22474] FAULT_INJECTION: forcing a failure. [ 672.946964][T22474] name failslab, interval 1, probability 0, space 0, times 0 [ 673.034186][T22474] CPU: 0 PID: 22474 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 673.042204][T22474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 673.052272][T22474] Call Trace: [ 673.055587][T22474] dump_stack+0x1d8/0x2f8 [ 673.056766][T22466] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 673.059917][T22474] should_fail+0x608/0x860 [ 673.059929][T22474] ? setup_fault_attr+0x2b0/0x2b0 [ 673.059942][T22474] ? __lock_acquire+0x4750/0x4750 [ 673.059959][T22474] __should_failslab+0x11a/0x160 [ 673.083921][T22466] FAT-fs (loop4): Filesystem has been set read-only [ 673.087990][T22474] ? __kernfs_new_node+0xd9/0x6e0 [ 673.088002][T22474] should_failslab+0x9/0x20 [ 673.088013][T22474] kmem_cache_alloc+0x56/0x2e0 [ 673.088024][T22474] __kernfs_new_node+0xd9/0x6e0 [ 673.109640][T22466] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 673.113797][T22474] ? kernfs_new_node+0x180/0x180 [ 673.113808][T22474] ? trace_lock_release+0x135/0x1a0 [ 673.113822][T22474] kernfs_new_node+0x97/0x180 [ 673.113834][T22474] kernfs_create_link+0xbb/0x210 [ 673.113844][T22474] sysfs_do_create_link_sd+0x89/0x120 [ 673.113859][T22474] sysfs_create_link+0x68/0x80 [ 673.134816][T22466] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 673.136605][T22474] device_add+0x62a/0x1570 [ 673.136625][T22474] ? rfkill_register+0x60/0x9f0 [ 673.136640][T22474] ? __init_waitqueue_head+0x42/0x90 [ 673.142767][T22466] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 673.146941][T22474] ? dev_set_name+0x110/0x110 [ 673.146953][T22474] ? pm_runtime_init+0x295/0x370 [ 673.146972][T22474] rfkill_register+0x18b/0x9f0 [ 673.197100][T22474] hci_register_dev+0x3ac/0x720 [ 673.201957][T22474] hci_uart_tty_ioctl+0x8ad/0xa20 [ 673.206982][T22474] ? hci_uart_tty_write+0x10/0x10 [ 673.212018][T22474] tty_ioctl+0xfa8/0x1610 [ 673.216340][T22474] ? tty_do_resize+0x180/0x180 [ 673.221120][T22474] ? rcu_lock_release+0x9/0x30 [ 673.225880][T22474] ? __lock_acquire+0x4750/0x4750 [ 673.230903][T22474] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 673.236527][T22474] ? tomoyo_path_number_perm+0x587/0x740 [ 673.242153][T22474] ? trace_hardirqs_on+0x74/0x80 [ 673.247107][T22474] ? tomoyo_path_number_perm+0x5f0/0x740 [ 673.252737][T22474] ? tomoyo_check_path_acl+0x180/0x180 [ 673.258193][T22474] ? smk_access+0x4f0/0x4f0 [ 673.262689][T22474] ? smk_access+0x18c/0x4f0 [ 673.267187][T22474] ? tty_do_resize+0x180/0x180 [ 673.271946][T22474] do_vfs_ioctl+0x7d4/0x18f0 [ 673.276535][T22474] ? ioctl_preallocate+0x240/0x240 [ 673.281648][T22474] ? fget_many+0x30/0x30 [ 673.285882][T22474] ? debug_smp_processor_id+0x1c/0x20 [ 673.291250][T22474] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 673.297323][T22474] ? tomoyo_file_ioctl+0x23/0x30 [ 673.302363][T22474] ? security_file_ioctl+0xa1/0xd0 [ 673.307471][T22474] __x64_sys_ioctl+0xe3/0x120 [ 673.312148][T22474] do_syscall_64+0xfe/0x140 [ 673.316743][T22474] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 673.322715][T22474] RIP: 0033:0x459829 [ 673.326612][T22474] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 673.346209][T22474] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 673.354614][T22474] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 673.362582][T22474] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 673.370542][T22474] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 20:37:22 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:37:22 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) [ 673.378596][T22474] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 673.386593][T22474] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 673.406245][ T7] Bluetooth: hci0: Frame reassembly failed (-84) [ 673.418122][ T7] Bluetooth: hci0: Frame reassembly failed (-84) [ 673.619318][T22493] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 673.670760][T22493] FAT-fs (loop4): Filesystem has been set read-only [ 673.763753][T22491] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 673.778327][T22491] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 675.442424][ T9741] Bluetooth: hci0: command 0x1003 tx timeout [ 675.449593][T19431] Bluetooth: hci0: sending frame failed (-49) [ 677.522351][ T9741] Bluetooth: hci0: command 0x1001 tx timeout [ 677.528436][T19431] Bluetooth: hci0: sending frame failed (-49) [ 679.602347][ T9741] Bluetooth: hci0: command 0x1009 tx timeout 20:37:32 executing program 3 (fault-call:2 fault-nth:51): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:37:32 executing program 2: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x20, &(0x7f0000000300)={[], [{@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@context={'context', 0x3d, 'sysadm_u'}}]}) 20:37:32 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:37:32 executing program 0: syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 20:37:32 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:37:32 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r3 = open(&(0x7f0000000480)='./file1\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(r2, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r4, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe3ff01000000000000cad550fe908897edbc64affb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r4, r4, &(0x7f0000000000), 0x8080fffffffe) ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f0000000200)=0x0) ioctl$sock_FIOGETOWN(r4, 0x8903, &(0x7f0000000440)=0x0) tgkill(r5, r6, 0x11) write$FUSE_INIT(r3, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:37:32 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:37:33 executing program 2: r0 = gettid() sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f00000021c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000a40)=ANY=[@ANYBLOB="28ce0f34"], 0x4}}, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f0000001a40)=[{{0x0, 0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000340)}], 0x3}}], 0x0, 0x0) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="9feb01007300d8000000490927030000000000020000000002004b01fa36d7d1070b41f8a32f95f13bd04551469b0e40c53cb64b66a8439bd175f8f608c9522b08c53d350f52b5122308fbc3b475befd1b75dcb16d42dde1ec9f80212f8c8c58ae5e9e8cd6b619011b5ed423843fb10707225b551d26a47ee57bd6e69ced3298f808000000204af5435542f23eabdec19088541c36c105258ffab89783919ea2abd5348935285eaeeeb6d3936b054919550e141586b231d4baac26189265d5f313c19d4c0500000000000000cb7623df48df09c5b1db3337287349960897d3746369aae329f259"], 0x0, 0xe7}, 0x20) wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x38) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 683.803338][T22510] debugfs: Directory 'hci0' with parent 'bluetooth' already present! 20:37:33 executing program 0: clone(0x7fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="d3d2b93c38f19c0400cd8034"], 0xc}}, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="eabe9f303b222957eecbc624877c825255f910c28f5e87a64820", @ANYRESHEX, @ANYPTR64, @ANYRESOCT, @ANYRES64, @ANYPTR, @ANYRES32, @ANYBLOB="e6c55c5d9eba2ee451cf84e06729a741efca44f937d0492482ba837296d961244e2e0c098fbdcdec851b005eb01c84c3", @ANYRES16], 0x0, 0x91}, 0x20) tkill(r0, 0x7) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:37:33 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:37:33 executing program 0: socket$inet_udp(0x2, 0x2, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe2(0x0, 0x0) clone(0x2100001ff8, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) add_key$keyring(&(0x7f0000000440)='keyring\x00', &(0x7f0000000480)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x1, 0x20, 0x8, 0x0, 0x8, 0x2800, 0xa, 0x0, 0x5, 0x3f, 0x401, 0x0, 0x9b6e, 0x8, 0x7e, 0x9, 0x8, 0x100000001, 0xb6db, 0x80, 0x2, 0x1, 0x4, 0x2, 0x1, 0x0, 0x9, 0x5c00000000000000, 0x0, 0xffffffffffffff96, 0x7, 0x985, 0x7, 0xe0f2, 0x5, 0x0, 0xf000000000000000, 0x0, @perf_config_ext={0x7, 0xffffffff88af76a8}, 0x6102, 0x1f, 0x4, 0x0, 0x0, 0x4, 0x8001}, r1, 0xd, r0, 0x1) timer_create(0x0, &(0x7f0000000280)={0x0, 0x36, 0x0, @thr={&(0x7f0000000500), &(0x7f0000000600)="0148a534fa338d7177e9527070eac0e1f66216b476822560c18b47a1ba351b9e691349ebda81728ec63ec2250e9131377f781dad53c7c8a8a069b9935593b7458ab1788322a2fe775a5d34d3cab8a2737e59f4fccc7666522d4ddc31f1c8eab236f5f0186c76604f96f16ec814b84347593b02d5a6ce0dc4d6bc4354a3f2e388672193c97c4415d50f0cde7bb5a54dad"}}, 0x0) timer_getoverrun(0x0) r3 = dup3(r2, r0, 0x80000) sendfile(r3, r0, &(0x7f0000000140), 0x0) fsetxattr$security_evm(0xffffffffffffffff, &(0x7f00000003c0)='security.evm\x00', &(0x7f0000000240)=ANY=[], 0x0, 0x0) getuid() ptrace(0x4218, r1) ioctl$TIOCGPGRP(r3, 0x540f, 0x0) ioctl$sock_SIOCBRDELBR(r3, 0x89a1, &(0x7f0000000340)='veth0_to_hsr\x00') chown(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$FIBMAP(0xffffffffffffffff, 0x1, 0x0) ioctl$EVIOCGKEYCODE_V2(r4, 0x80284504, &(0x7f0000000940)=""/202) ioctl$LOOP_SET_STATUS64(r4, 0x4c04, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x1b, 0x11, 0x5, "ccb019f5a0daf9630a5b1959e5e7194a98cb434d2056a3876d6de9a7857363eec461f2e3e2a4b3bfd60a0a0f5edb7b8221db219b1b36ec9bb80aab6e3f71c9ea", "cb693d02d25bb350febb0bdb5aed83348c1d9309c6c43e240eac1f05b37509431cecb79658c1e15db5c4c7dcf98d3ef2b4cca4c6360b18c6d2e410e20c5862ee", "b952b6e006bb98bd0202fb04c88b24897ca8735548608d04d70496c845947b22"}) r5 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x40800000, 0x1, &(0x7f0000000100)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x3a, 0x400}], 0x1, 0x0) dup(r5) ioctl$EVIOCGMTSLOTS(r5, 0x8040450a, &(0x7f00000002c0)=""/123) rename(&(0x7f00000004c0)='./file0\x00', 0x0) ioctl$RTC_PIE_OFF(r5, 0x7006) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 683.891794][T22510] FAULT_INJECTION: forcing a failure. [ 683.891794][T22510] name failslab, interval 1, probability 0, space 0, times 0 [ 683.904379][T22517] ptrace attach of "/root/syz-executor.0"[22516] was attempted by "/root/syz-executor.0"[22517] [ 683.942394][T22504] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 683.952140][T22510] CPU: 0 PID: 22510 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 683.960394][T22510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 683.970453][T22510] Call Trace: [ 683.973754][T22510] dump_stack+0x1d8/0x2f8 [ 683.978102][T22510] should_fail+0x608/0x860 [ 683.982526][T22510] ? setup_fault_attr+0x2b0/0x2b0 [ 683.987571][T22510] ? __kernfs_new_node+0x99/0x6e0 [ 683.992615][T22510] __should_failslab+0x11a/0x160 [ 683.997567][T22510] ? __kernfs_new_node+0x99/0x6e0 [ 684.004376][T22510] should_failslab+0x9/0x20 [ 684.008887][T22510] __kmalloc_track_caller+0x79/0x340 [ 684.014273][T22510] kstrdup_const+0x55/0x90 [ 684.018715][T22510] __kernfs_new_node+0x99/0x6e0 [ 684.023599][T22510] ? __kasan_check_write+0x14/0x20 [ 684.028714][T22510] ? kernfs_new_node+0x180/0x180 [ 684.033656][T22510] ? trace_lock_release+0x135/0x1a0 [ 684.038867][T22510] kernfs_new_node+0x97/0x180 [ 684.043589][T22510] kernfs_create_link+0xbb/0x210 [ 684.048824][T22510] sysfs_do_create_link_sd+0x89/0x120 [ 684.054304][T22510] sysfs_create_link+0x68/0x80 [ 684.059076][T22510] device_add+0xa32/0x1570 [ 684.063497][T22510] ? rfkill_register+0x60/0x9f0 [ 684.068457][T22510] ? __init_waitqueue_head+0x42/0x90 [ 684.073752][T22510] ? dev_set_name+0x110/0x110 [ 684.078480][T22510] ? pm_runtime_init+0x295/0x370 [ 684.083428][T22510] rfkill_register+0x18b/0x9f0 [ 684.088289][T22510] hci_register_dev+0x3ac/0x720 [ 684.093585][T22510] hci_uart_tty_ioctl+0x8ad/0xa20 [ 684.098616][T22510] ? hci_uart_tty_write+0x10/0x10 [ 684.103648][T22510] tty_ioctl+0xfa8/0x1610 [ 684.107984][T22510] ? tty_do_resize+0x180/0x180 [ 684.113273][T22510] ? rcu_lock_release+0x9/0x30 [ 684.118043][T22510] ? __lock_acquire+0x4750/0x4750 [ 684.123342][T22510] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 684.129072][T22510] ? tomoyo_path_number_perm+0x587/0x740 [ 684.134802][T22510] ? trace_hardirqs_on+0x74/0x80 [ 684.139740][T22510] ? tomoyo_path_number_perm+0x5f0/0x740 [ 684.146198][T22510] ? tomoyo_check_path_acl+0x180/0x180 [ 684.151747][T22510] ? smk_access+0x4f0/0x4f0 [ 684.156256][T22510] ? smk_access+0x18c/0x4f0 [ 684.160767][T22510] ? tty_do_resize+0x180/0x180 [ 684.165536][T22510] do_vfs_ioctl+0x7d4/0x18f0 [ 684.170844][T22510] ? ioctl_preallocate+0x240/0x240 [ 684.176314][T22510] ? fget_many+0x30/0x30 [ 684.180841][T22510] ? debug_smp_processor_id+0x1c/0x20 [ 684.186337][T22510] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 684.192408][T22510] ? tomoyo_file_ioctl+0x23/0x30 [ 684.197440][T22510] ? security_file_ioctl+0xa1/0xd0 [ 684.202847][T22510] __x64_sys_ioctl+0xe3/0x120 [ 684.207532][T22510] do_syscall_64+0xfe/0x140 [ 684.212050][T22510] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 684.217940][T22510] RIP: 0033:0x459829 [ 684.221926][T22510] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 684.242173][T22510] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 20:37:33 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) [ 684.250611][T22510] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 684.258715][T22510] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 684.266703][T22510] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 684.274692][T22510] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 684.282766][T22510] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 684.296969][T22504] FAT-fs (loop4): Filesystem has been set read-only [ 684.337000][T22504] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 684.352943][ T7] Bluetooth: hci0: Frame reassembly failed (-84) [ 684.369630][T22524] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 684.379533][T22524] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 684.412573][T22524] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 684.420722][T22504] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 684.438053][T22504] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 684.442481][T22524] EXT4-fs error (device loop0): ext4_fill_super:4457: inode #2: comm syz-executor.0: iget: root inode unallocated [ 684.459633][T22524] EXT4-fs (loop0): get root inode failed [ 684.465685][T22524] EXT4-fs (loop0): mount failed [ 686.402125][T20832] Bluetooth: hci0: command 0x1003 tx timeout [ 686.408362][T19431] Bluetooth: hci0: sending frame failed (-49) [ 688.482210][T20832] Bluetooth: hci0: command 0x1001 tx timeout [ 688.488313][T19431] Bluetooth: hci0: sending frame failed (-49) [ 690.562121][T20832] Bluetooth: hci0: command 0x1009 tx timeout 20:37:43 executing program 3 (fault-call:2 fault-nth:52): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:37:43 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:37:43 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a39664"], 0x54) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:37:43 executing program 0: socket$inet_udp(0x2, 0x2, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe2(0x0, 0x0) clone(0x2100001ff8, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) add_key$keyring(&(0x7f0000000440)='keyring\x00', &(0x7f0000000480)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x1, 0x20, 0x8, 0x0, 0x8, 0x2800, 0xa, 0x0, 0x5, 0x3f, 0x401, 0x0, 0x9b6e, 0x8, 0x7e, 0x9, 0x8, 0x100000001, 0xb6db, 0x80, 0x2, 0x1, 0x4, 0x2, 0x1, 0x0, 0x9, 0x5c00000000000000, 0x0, 0xffffffffffffff96, 0x7, 0x985, 0x7, 0xe0f2, 0x5, 0x0, 0xf000000000000000, 0x0, @perf_config_ext={0x7, 0xffffffff88af76a8}, 0x6102, 0x1f, 0x4, 0x0, 0x0, 0x4, 0x8001}, r1, 0xd, r0, 0x1) timer_create(0x0, &(0x7f0000000280)={0x0, 0x36, 0x0, @thr={&(0x7f0000000500), &(0x7f0000000600)="0148a534fa338d7177e9527070eac0e1f66216b476822560c18b47a1ba351b9e691349ebda81728ec63ec2250e9131377f781dad53c7c8a8a069b9935593b7458ab1788322a2fe775a5d34d3cab8a2737e59f4fccc7666522d4ddc31f1c8eab236f5f0186c76604f96f16ec814b84347593b02d5a6ce0dc4d6bc4354a3f2e388672193c97c4415d50f0cde7bb5a54dad"}}, 0x0) timer_getoverrun(0x0) r3 = dup3(r2, r0, 0x80000) sendfile(r3, r0, &(0x7f0000000140), 0x0) fsetxattr$security_evm(0xffffffffffffffff, &(0x7f00000003c0)='security.evm\x00', &(0x7f0000000240)=ANY=[], 0x0, 0x0) getuid() ptrace(0x4218, r1) ioctl$TIOCGPGRP(r3, 0x540f, 0x0) ioctl$sock_SIOCBRDELBR(r3, 0x89a1, &(0x7f0000000340)='veth0_to_hsr\x00') chown(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$FIBMAP(0xffffffffffffffff, 0x1, 0x0) ioctl$EVIOCGKEYCODE_V2(r4, 0x80284504, &(0x7f0000000940)=""/202) ioctl$LOOP_SET_STATUS64(r4, 0x4c04, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x1b, 0x11, 0x5, "ccb019f5a0daf9630a5b1959e5e7194a98cb434d2056a3876d6de9a7857363eec461f2e3e2a4b3bfd60a0a0f5edb7b8221db219b1b36ec9bb80aab6e3f71c9ea", "cb693d02d25bb350febb0bdb5aed83348c1d9309c6c43e240eac1f05b37509431cecb79658c1e15db5c4c7dcf98d3ef2b4cca4c6360b18c6d2e410e20c5862ee", "b952b6e006bb98bd0202fb04c88b24897ca8735548608d04d70496c845947b22"}) r5 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x40800000, 0x1, &(0x7f0000000100)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x3a, 0x400}], 0x1, 0x0) dup(r5) ioctl$EVIOCGMTSLOTS(r5, 0x8040450a, &(0x7f00000002c0)=""/123) rename(&(0x7f00000004c0)='./file0\x00', 0x0) ioctl$RTC_PIE_OFF(r5, 0x7006) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 20:37:43 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x7) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000400)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0x840000000e004, 0x7, &(0x7f0000001980)=[{&(0x7f0000000480)="482dc9d5f7e420a08243fa7d5673149fb3614e41b9fad3e60edce7a2457ff7dee4f713796522fb01caae1ad6f705af14b962ad3985beeeab44e0af734459f4b37d73f17bfbeec69a81f0322790fc3d263cced8b9ac8250ea99ab35365df5ba9a52", 0x61, 0x3}, {&(0x7f0000000600)="af167d6ab7a54601337b52fc8f4ab1832be27070ded0ee3c9cd94d5fd2e8c954a691b069c2bdbfd45347bd358351f349f739e045f3f99344657d042b9b4f7fc461102b942dd54e08d6150d95d52233bda5f867ee0a9d9a8d0fb5572ad33e0ff4437059292d75433cec5c7ff89cafc4c44f3d650a95903585fb097cc744bc65c23a4d3b3307cbaa4954d548610a1e4acd2a6b5a4852d30f2233ef44ce0adf0f07aadc2aec3c5a729287b9badfba15de56a1095c7cf40f88030bc63db4e32f2530447d29cd4f5a2aa51a0e4bed3911fd06416d8c1cc6", 0xd5, 0x140000000000}, {&(0x7f0000000880)="86bd02fa34ca67ba6e31455f67c26eeb40cc13d6000490810e9ac248d9971f44899761d048d8ed143a731d29aec8bb7d51ab07742703859850c61802e07564fb9584d02f7cf3914aa5bd79dbf5ad67ca6276eea94ff374edf723875bee2e70a4d537eddfdba416d595fc0632c0227c59b674c3b0386efaeee37cbd7febbb6dc30f44b98b6af4ef11f4895b9e8014df8206ef92cfa45fa05ead11fbe6dd8c6b28bbc628da9f646a835ee6df330f38130fe14dcd6cc06124d209aae306c8aae8f3ae0c68e3f1a39e788d963f7bd3a3db46eef54e339a3777f0f859eb44940a13e18aaf93f9acf8d6a0801315dcf3d15d5f2f9fecad13059fa72ebcea95643e0829eac01c293a1d8ce21730557809d312d1d6efebe740adcd911cb65f0f355ea78e8cc30f0d535677a420c1fc108a9291f22b987448728e58e5f21f6b30a213ebb67f1b59214b1f0934ad0a29c53b653352a7d9647fa3c14d85fe22316a57f09c2d64e46720d0e0efb21334f260149ab1c08f6fe22216389ad170e78b6c1ce12d6d2e668b401bef1440f016f70f7b7b051e473b262afb49c4dd4e9163a8fe52fda8d6ac804239671d60320159b81b60de5e71b3ff081f935efdc8c363e35eab8893d4435df800ee3772dbe0c0f09c9ecd1cb05405cfd2fb4138069c4b96a6a7e2ea3a3266a75cc8adba2de4b66a3c30b9d7a5daedf80442890b267c1c91a3388ec32269ed27e01ad04af0839232f66e5c53f6142c77728cf09b054a209a4613b322d981cb15d47d084023a4701aeeef7386e42dcc6c8a476500a72b8839c56dc1b7236f169d16c2e8828a0d2db71edc24e8bdc189e53e11c2f2e8085a52344e77b910a9d4994a0a7cbbb74482982dc5dcdcf978ba67246161fd4dd67ccbf834df3a58f03f2afb034dd5458d113935d75e7e1935dab344a08865070819d784e0779aa2176ba31d8d936a9bc76c5856651d5f1ec556cf36ae541584ba5c48e78b05b4955f93dbad3669f3facef62406db053f0897f49567fbdc1aee985fabab0961dd6169df6fc3c10d35c2623bcbab8529e8d9cc020a06fd265bcc28ca93f7a859759eceb48c5c6ec5e7f205af2bcab7477010f0d6ad8904ecdaf4d3895bdddf620b5f5ef81e1a11057e3244c6f43d2259a21828b4664d4b6e009a0fe8052401d0fd357726796461e8e613bc077b0b23cdf0560f1c29a2b669173f75a391f527050fa8daebc302caf4d9223e81642646204ea8fb911547189c98721753b7f7d55468a009860ebd9c0581bf49e6075d8a260bd3cc39b1b953e840f4b0beb34d208ede9a735726d24dd5356f30ce553cb8331e7407970e656a12918ccc32c449f293824486e527af25606849761a71e2994c95237781a9144707d9db853b1206344933a594d80f857c3bcc31e6a8db27b128a8188793dbb8889f5bc7250b391ea82d00955a0f3b71245d585c25e1e6f4d607cb289ed6d31fbb6c8eab56e90ed7524a1cb36de9d79bc177c8bab5c425f9aafb125f642eca195b4a0b1a7dda6c9b1f0d94d47ecf112efb069be5507a2536ded976d7236f2bbbee6d0e622f4eabb49ae6ef5a4437fd4373005a9ad2a79900517afb24d5515d50f366f92443d8c877d969f9cf741166925058bf3ce23141a76b5b39966d751155239dacad4783ac741f414a7ae9695073a2d6734d2167dd9072094b9f235895379540be3eca8302a3b47144c849a1e119e126cad50f65608926cf8cfafeee0a881123ae3ec64113a5c2d3a58662a27cac611c4c67ecbf70ea65b362697f471db00de143d54bbd2cbc9e4bcabf832bb1684bf23a23347e619f3b084cc5eb2a45eac639e113b86dc972fa8a9d2abb79830a89ae665ca27bf0e9dc9153b3a80350d278dc66601a616f2e5a885c7c3fd4f28b27910c6d564986f2c407e760d789d60e5456d2c4afe472ce8f5378448cafcc9981d55f14125b1862fc0af6df30f1c102304ef52e242d8578625dda5a1cf36b6f5571993dea3716ead17c812184da5eb10051f2cf25e85643776991b1bde7da723e09b069b5c38fcf410f985997130c07ddba15e8f1b35d049581b2258ae75b602b6e63fcbf2ea949c4031a3f5a5ee9f9b57998e129c75c35de8f6f96800caca78d93e3f825cd9f9dcccda771c0145cd095a111fd259f0c9178434dd6c1a5196b86435073a4a0fae4f0bdc0d25792901c7bdd7f0755f8c85332be4cd3ab12d96b4b2e82572e295062be8fae14ac648ecb116289ec98b48125331036e78cb789cc0e450e4c08f688205603a0e4101a8c7a2b835832788f682f20c59d417013fafa6badb3f7a695d848d55b7c171a5fcf87060f81b6fe20336aad18be64c9078d8279f908aaf24926307475bc3f89e70dc7b9618c171857d235f7655000f1950959b79c3642494b1e351ded40b421e8a2c8df4d6ce0b7617729b5316adc90945680073754e78f8ab3ae7f91a58776e8384fc72593a6d488a683b2bed28e51c0f0395175b67b136a6ec7901725dc0b9162cf4439412a7cd141bfdf164890db1088fea608ef326503307e9bc4e2712f56ddaeab44821bf6a744ae563485097438ab714246b38f6cb582ee22bfb84bc1b59aeb8ff96d499941cf1236641610b72911efe85ec975ab099ee7d8967ab62fa96796ae511b5a0935b3276c21c3240fc283d86d65a68db1d92fa4376d8a886bb5fdc1344cc06c657007d2d2728538919e6a59366c6c2331ef0a0ffc01cb66671ad9055fdf59230b627881b8d1f1fc137b733458c5cfe2609e4a973ddec62789c8a35db08a61e626bb19ad889532cc64ed82249e3f627e3bcfc47334ac119ace519787cefd6578151502160c5aecc27ae2578ec160627dddeb7277ff34e05668af71f18b4444dc636aaee63022c9e2c3e604a1d9f5a2f6ed0ba083cf776fe0a3e71765b8bbf0e0e6c208c5004de96d598bb7091d0e4042499ff008b17074df685e3261ebdb28dc57c9eb607d925539586d5c277e72f2921638df9be0ddd5d62513f9a790f95cef15b79b172a266c3b5c4914eedaffc4bffa041aa3e42df41ab79fdeffb6ed6cfc85792d61628440359a452148f0b7a4ee96b5d2c6628087319d1f697bbbbf5804d8b3143d2032e8581ef0e6e84a6e2b62199383ce8459b50216a0f59eb8b1f84772c9cd6a5cda1f363a84c30e0b6381087cff03ef0905ac4c2c347588331ff5619f6e3a728bf211daa25cd41080d6a758c23b45768bc89975a987a910ef4e777bd5af206add4f34d1eb7109298ec1868d27829fcbd471d6eaca66aee3ee45d55a58653456b539540075fa681f9d0da3806a99718756a5d5605591da7e2eb1b415caef22a3c784ffc59f599884d6a2563b47c5907c78a36f60cbba3da061bf9d6e6358f7beb1296eb0e7ad129fb0802cc1f2453636db0d989b9239f8bf325c1aba663fb371d86a376852621121456a7cd9b207684f211bcf02eb3530b0425d003d3065c8092a78913f5aaf0e51da8535040e779aedd39ae918018687953965c83598ccbbeff0487dc4c49a7963035f3ea921a26d05d8e6638bec3845f75bcccfe77884d2d6618e3d3deb968dacf5a0432650a97e3773575979f47c6134f0daf9b3ba3abdfe477dc4adf01cbc02d6bf31d81a1f475e49a377be9a8fcfb9b3f0a8ad4841302860063e3bd84c8a4c2351c4112a1cd86903c7d323520c82361d0386b8966db07de242675043ad1f9cde912e91003c6721d8a7db6775114b23c81a7ebaa6f5acc19e41853346cf5c169504b68a7904dcc63621091198fe13ca5aa0601284fb0b3684c57bf126494216ce739e635a574864e14c499fc785c3fcfc6d46d3a29e68e6e27654276f475cae2234ef16760f00a9e6004fb65253569f4b36744bbca98ec41340d6456116746294fd25c33ab3709f1de4623464a2993050705cc4224f04d08a181cfdd00d8135ae00bb659c4b4b3557e9c0db5d5512486c4ea51bda64e79f6a5caf776adb64aca21c3d13473e084257fd7fdb4ee6ba74b4cf06a4a1e88aa33969dab2425d9edb1d35f825ad4c30392e0d536b6f4ed5be6c18b26380648e645b15a2767f261d030dc55b48f4dbe43c467cb810d8edbd0fea560c044121a744710d79c7d97e3ad9e54fa7a63c46c08033752c5099f5b34b5c6b5e0ef0ae5b91008a217e0c001eb0d8fd21caacf58261dc5925d08301c871c7828968537dfb0fe9e012e9f85f09999e53a98d99331ae18951d720e2ace8be6dbfa2536f6ecdb1d255b1366465f3061f77f86790f2df6ad2abdb687f59d6a6beaeb88b02ed244809544db59775c4de9acc490ecb8b9f25eb591a073200bec392af3eebca655476ade8281b8a6ba7edcda152b3927452bb3a5374b0fdf1719d126a52d5df022ef98ad5c24475c849bed4f27828460fed638a9cf4c7eb8854faa7ec1c70a97f2292c76c4b3e02fcfaca5eb03f020dfe9b02bbb58e97f2e15a0ddd07781682b1da2cb90b29a82d94ef94ce1b2e27248880f0e8e9cb1356a937eec98dfdefe76c6e218772b0049d2442d69c207c882ac8175f59d3ae738a8f373cb35eb6b7385c7265a443aa687da29da702f6148aa5bb9fd3b6c44887fb4382d1b31d0d4f8345f5b8230f841eef3fc37ec3234a1c584b3503d2db674a3578304da77f8a7c629b29642f4d9d02b2c16fa41a5d1213e34b51069553f4143a5b72c04be1a0ecad3471819b40818a4f8fafe1f882c6b5facb0e3b76fc9f7b6fe10bf22442ec0e5c213965fb1099d5c67254059b372d8c8950a14bddec0a27e70ff9992e30b79b774adf777ba69ac4d56cbd03fa6252b9bbf4b4797b8847a8931545661803cb1967f59e065e6a2cf873568dfd2a1b1abf548bf3312939e6788ee709a463d5bfd00faf2cb95ac39c0d70f4855424c2b2aa3c17a59c2edadd1f5272e3afee4e84fcedb92d7374fb492d9aa89244010fa7aa931c98b8e15c5482563bb287fd0ffa56ac4dff11e02f8b2205361d67205bc3499543c6282e4f5f1e13a28a1fe921323acbb4dd358ef45a734b5328084bc94a3671e5fd06be541e20037a333627a3c66590de5b3be7a73ded7343f51114f56f391fc715fad272606437384e1ca19bd63524c87de090283204e062e72a691ca97d013c8b0b11d779182f9d1913b353c33079ae98aba02ba2a19cabed9366783e8326166fcbd196aecdc5933050b3394e1d1e106b6262a3a3d1143a0213086bb75e8db9b0d859d21b2aeae4f4a0677cf1fac182847e06eb7e5c41d8a5dd96dcfe06dffc12b6564e8a8795c5ef2d4141325c2a5eaa6d097a18e01c4c3d415f2e5191fb89bbe82802923c0ef5b5704c7925295b6d4852c30b05811645d080a32b361fdf2c3ee8faac43e2cc3d24e7f51e4babb604654e9bde53fc435679264066aa5d03e31336093c68e5028290dc6701808293e44aa24a68bd9bc2a021352c3c2e6c212fb112ff302f3831f615a82e2144f27f14803809579150a4fbb61140ebb72e8159cc4fbcf772677c10af8faaf3990c192ba0ba58aed92cd99f413370c566a77ccbb42dff9440dcfc0f6c39740664ebb797980a0b5321fe5d747528d379ee48e92c4be25f021e12b31f2c2655f579147fc61face9f2a8e29d3ee98fd894097a4a63ce626b1012656b3a72d40d4e777650bf748e5df0135ff453c9e99094faee51dfd825f55022acf562b256452a47b887998f195355fb05939cf2e08b66387ab54f9e718caa83946920e9345663fb45ce0be698ab97b9b3d7529249a9a8c887c25ba1942878fea56f26056875c462981631568832536a", 0x1000, 0x1}, {&(0x7f00000002c0)="ac149f2b9d2bff9eea13d775281e", 0xe, 0x7}, {&(0x7f0000000500)="92428b53356e4e5d3604f26bda36463dae886975a5f32e1aa033732683e25e8f5a44166bbdbba518fb58f52a0bf117315e0f77cedca60dd668d7372bf785d706", 0x40, 0x4}, {&(0x7f0000001880)="20802ee34084b3cd926a7d6cb85836ab9116c3a9af1210660ddb0a9207ff749b499643ff727b500ad23084630ad87fb6519de29cc58228e30f6e8e0db2af1059cdd84c4cd19d8dbf8a46240bbed8f324a47c23deb219febc413bc8982236e6f875bac1fc89d5723772e9ec6f80e5ea873c595c7c61fafd3acda55d0a07c56c0ffd80105469db42e1c13de6351f4f78c67fd48adc04f2e56dc9aa0e41591af2ac686496c6565d21d2197f8bc48f78f84305130a12380881e77e603704200159a7f6cc4a7b467106f7093b3e856e2072933653544f9d21df9b94d88cdb66b8fb6c555b06ded02a66f6959897acfc6e3f4b82", 0xf1, 0x40}, {&(0x7f0000000780)="c7cd12917dc84302a505a44c2737e906cc0475b2aa359a4ea173d6bf9833069cc10ebc5c53edbdd1027bd7306cdcb6c9d37cfa830f242af48add0b8ca6f1c52bde5e8fe477c1e9c2624943414edd100e02cfeaafbe7d9342dfb138883525ca9699450a1b4c684c77f511269b464a9ea13de7abd556131ecbaf3b10", 0x7b, 0xd373}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="83000000290000000000000100000000000000000000000000000000000000000405002e2f6275730000000000000000000000000009000000000000000007002e2f66696c6530000400000000000000e60000000900000000000000df05002e2f6275730000000000000000000000000000000000000000000507002e2f66696c6530"], 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:37:43 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:37:43 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) [ 694.675829][T22551] debugfs: Directory 'hci0' with parent 'bluetooth' already present! 20:37:43 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)) socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) [ 694.719191][T22551] FAULT_INJECTION: forcing a failure. [ 694.719191][T22551] name failslab, interval 1, probability 0, space 0, times 0 [ 694.719523][T22544] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 694.776600][T22551] CPU: 0 PID: 22551 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 694.784616][T22551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 694.794677][T22551] Call Trace: [ 694.797982][T22551] dump_stack+0x1d8/0x2f8 [ 694.802411][T22551] should_fail+0x608/0x860 [ 694.806838][T22551] ? setup_fault_attr+0x2b0/0x2b0 [ 694.811883][T22551] ? __lock_acquire+0x4750/0x4750 [ 694.816913][T22551] __should_failslab+0x11a/0x160 [ 694.821879][T22551] ? __kernfs_new_node+0xd9/0x6e0 [ 694.827001][T22551] should_failslab+0x9/0x20 [ 694.831509][T22551] kmem_cache_alloc+0x56/0x2e0 [ 694.832025][T22544] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 694.836279][T22551] __kernfs_new_node+0xd9/0x6e0 [ 694.836296][T22551] ? __kasan_check_write+0x14/0x20 [ 694.836306][T22551] ? kernfs_new_node+0x180/0x180 [ 694.836326][T22551] ? trace_lock_release+0x135/0x1a0 [ 694.866154][T22551] kernfs_new_node+0x97/0x180 [ 694.870860][T22551] kernfs_create_link+0xbb/0x210 [ 694.875896][T22551] sysfs_do_create_link_sd+0x89/0x120 [ 694.881450][T22551] sysfs_create_link+0x68/0x80 [ 694.886221][T22551] device_add+0xa32/0x1570 [ 694.890658][T22551] ? rfkill_register+0x60/0x9f0 [ 694.891509][T22546] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 694.895509][T22551] ? __init_waitqueue_head+0x42/0x90 [ 694.895523][T22551] ? dev_set_name+0x110/0x110 [ 694.895534][T22551] ? pm_runtime_init+0x295/0x370 [ 694.895547][T22551] rfkill_register+0x18b/0x9f0 20:37:44 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)) socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) [ 694.895560][T22551] hci_register_dev+0x3ac/0x720 [ 694.895576][T22551] hci_uart_tty_ioctl+0x8ad/0xa20 [ 694.895587][T22551] ? hci_uart_tty_write+0x10/0x10 [ 694.895600][T22551] tty_ioctl+0xfa8/0x1610 [ 694.895610][T22551] ? tty_do_resize+0x180/0x180 [ 694.895622][T22551] ? rcu_lock_release+0x9/0x30 [ 694.895635][T22551] ? __lock_acquire+0x4750/0x4750 [ 694.895647][T22551] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 694.895657][T22551] ? tomoyo_path_number_perm+0x587/0x740 [ 694.895666][T22551] ? trace_hardirqs_on+0x74/0x80 20:37:44 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)) socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) [ 694.895677][T22551] ? tomoyo_path_number_perm+0x5f0/0x740 [ 694.895689][T22551] ? tomoyo_check_path_acl+0x180/0x180 [ 694.895698][T22551] ? smk_access+0x4f0/0x4f0 [ 694.895707][T22551] ? smk_access+0x18c/0x4f0 [ 694.895715][T22551] ? tty_do_resize+0x180/0x180 [ 694.895726][T22551] do_vfs_ioctl+0x7d4/0x18f0 [ 694.895739][T22551] ? ioctl_preallocate+0x240/0x240 [ 694.895756][T22551] ? fget_many+0x30/0x30 [ 694.895774][T22551] ? debug_smp_processor_id+0x1c/0x20 20:37:44 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0b") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) [ 694.905377][T22544] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 694.909902][T22551] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 694.909917][T22551] ? tomoyo_file_ioctl+0x23/0x30 [ 694.909930][T22551] ? security_file_ioctl+0xa1/0xd0 [ 694.909943][T22551] __x64_sys_ioctl+0xe3/0x120 [ 694.909959][T22551] do_syscall_64+0xfe/0x140 [ 694.922588][T22546] FAT-fs (loop4): Filesystem has been set read-only [ 694.924375][T22551] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 694.924385][T22551] RIP: 0033:0x459829 [ 694.924395][T22551] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 694.924400][T22551] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 694.924409][T22551] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 694.924414][T22551] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 694.924419][T22551] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 694.924424][T22551] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 694.924429][T22551] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 695.125802][T22544] EXT4-fs error (device loop0): ext4_fill_super:4457: inode #2: comm syz-executor.0: iget: root inode unallocated [ 695.162422][T22546] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 695.164334][T22544] EXT4-fs (loop0): get root inode failed 20:37:44 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) [ 695.177019][T21541] Bluetooth: hci0: Frame reassembly failed (-84) [ 695.189343][T22546] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 695.202632][T22546] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 695.219290][T22544] EXT4-fs (loop0): mount failed [ 697.202103][ T9746] Bluetooth: hci0: command 0x1003 tx timeout [ 697.208205][T19431] Bluetooth: hci0: sending frame failed (-49) [ 699.282145][ T9746] Bluetooth: hci0: command 0x1001 tx timeout [ 699.288232][T19431] Bluetooth: hci0: sending frame failed (-49) [ 701.362115][ T9746] Bluetooth: hci0: command 0x1009 tx timeout 20:37:54 executing program 3 (fault-call:2 fault-nth:53): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:37:54 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a39664"], 0x54) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:37:54 executing program 0: socket$inet_udp(0x2, 0x2, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe2(0x0, 0x0) clone(0x2100001ff8, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) add_key$keyring(&(0x7f0000000440)='keyring\x00', &(0x7f0000000480)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = gettid() r2 = perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x1, 0x20, 0x8, 0x0, 0x8, 0x2800, 0xa, 0x0, 0x5, 0x3f, 0x401, 0x0, 0x9b6e, 0x8, 0x7e, 0x9, 0x8, 0x100000001, 0xb6db, 0x80, 0x2, 0x1, 0x4, 0x2, 0x1, 0x0, 0x9, 0x5c00000000000000, 0x0, 0xffffffffffffff96, 0x7, 0x985, 0x7, 0xe0f2, 0x5, 0x0, 0xf000000000000000, 0x0, @perf_config_ext={0x7, 0xffffffff88af76a8}, 0x6102, 0x1f, 0x4, 0x0, 0x0, 0x4, 0x8001}, r1, 0xd, r0, 0x1) timer_create(0x0, &(0x7f0000000280)={0x0, 0x36, 0x0, @thr={&(0x7f0000000500), &(0x7f0000000600)="0148a534fa338d7177e9527070eac0e1f66216b476822560c18b47a1ba351b9e691349ebda81728ec63ec2250e9131377f781dad53c7c8a8a069b9935593b7458ab1788322a2fe775a5d34d3cab8a2737e59f4fccc7666522d4ddc31f1c8eab236f5f0186c76604f96f16ec814b84347593b02d5a6ce0dc4d6bc4354a3f2e388672193c97c4415d50f0cde7bb5a54dad"}}, 0x0) timer_getoverrun(0x0) r3 = dup3(r2, r0, 0x80000) sendfile(r3, r0, &(0x7f0000000140), 0x0) fsetxattr$security_evm(0xffffffffffffffff, &(0x7f00000003c0)='security.evm\x00', &(0x7f0000000240)=ANY=[], 0x0, 0x0) getuid() ptrace(0x4218, r1) ioctl$TIOCGPGRP(r3, 0x540f, 0x0) ioctl$sock_SIOCBRDELBR(r3, 0x89a1, &(0x7f0000000340)='veth0_to_hsr\x00') chown(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$FIBMAP(0xffffffffffffffff, 0x1, 0x0) ioctl$EVIOCGKEYCODE_V2(r4, 0x80284504, &(0x7f0000000940)=""/202) ioctl$LOOP_SET_STATUS64(r4, 0x4c04, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x1b, 0x11, 0x5, "ccb019f5a0daf9630a5b1959e5e7194a98cb434d2056a3876d6de9a7857363eec461f2e3e2a4b3bfd60a0a0f5edb7b8221db219b1b36ec9bb80aab6e3f71c9ea", "cb693d02d25bb350febb0bdb5aed83348c1d9309c6c43e240eac1f05b37509431cecb79658c1e15db5c4c7dcf98d3ef2b4cca4c6360b18c6d2e410e20c5862ee", "b952b6e006bb98bd0202fb04c88b24897ca8735548608d04d70496c845947b22"}) r5 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x40800000, 0x1, &(0x7f0000000100)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x3a, 0x400}], 0x1, 0x0) dup(r5) ioctl$EVIOCGMTSLOTS(r5, 0x8040450a, &(0x7f00000002c0)=""/123) rename(&(0x7f00000004c0)='./file0\x00', 0x0) ioctl$RTC_PIE_OFF(r5, 0x7006) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 20:37:54 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0b") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:37:54 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:37:54 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r2, 0xc00c642e, &(0x7f0000000400)={0x0, 0x0, r2}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000440)={r3, 0x80000, r1}) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r4, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r4, r4, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:37:54 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0b") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) [ 705.498224][T22583] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 705.516822][T22583] FAULT_INJECTION: forcing a failure. [ 705.516822][T22583] name failslab, interval 1, probability 0, space 0, times 0 [ 705.555202][T22583] CPU: 1 PID: 22583 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 705.563215][T22583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 705.573270][T22583] Call Trace: [ 705.576570][T22583] dump_stack+0x1d8/0x2f8 [ 705.580895][T22583] should_fail+0x608/0x860 [ 705.585321][T22583] ? setup_fault_attr+0x2b0/0x2b0 [ 705.590350][T22583] ? __lock_acquire+0x4750/0x4750 [ 705.595380][T22583] __should_failslab+0x11a/0x160 [ 705.600312][T22583] ? __kernfs_new_node+0xd9/0x6e0 [ 705.605599][T22583] should_failslab+0x9/0x20 [ 705.610103][T22583] kmem_cache_alloc+0x56/0x2e0 [ 705.614873][T22583] __kernfs_new_node+0xd9/0x6e0 [ 705.619721][T22583] ? kernfs_new_node+0x180/0x180 [ 705.624651][T22583] ? trace_lock_release+0x135/0x1a0 [ 705.629845][T22583] kernfs_new_node+0x97/0x180 [ 705.634519][T22583] kernfs_create_link+0xbb/0x210 [ 705.639449][T22583] sysfs_do_create_link_sd+0x89/0x120 [ 705.644814][T22583] sysfs_create_link+0x68/0x80 [ 705.649574][T22583] device_add+0x62a/0x1570 [ 705.653988][T22583] ? rfkill_register+0x60/0x9f0 [ 705.658838][T22583] ? __init_waitqueue_head+0x42/0x90 [ 705.664125][T22583] ? dev_set_name+0x110/0x110 [ 705.668803][T22583] ? pm_runtime_init+0x295/0x370 [ 705.673746][T22583] rfkill_register+0x18b/0x9f0 [ 705.678511][T22583] hci_register_dev+0x3ac/0x720 [ 705.683375][T22583] hci_uart_tty_ioctl+0x8ad/0xa20 [ 705.688410][T22583] ? hci_uart_tty_write+0x10/0x10 [ 705.693439][T22583] tty_ioctl+0xfa8/0x1610 [ 705.697768][T22583] ? tty_do_resize+0x180/0x180 20:37:54 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47b") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:37:54 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47b") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:37:54 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47b") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) [ 705.702527][T22583] ? rcu_lock_release+0x9/0x30 [ 705.707295][T22583] ? __lock_acquire+0x4750/0x4750 [ 705.712327][T22583] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 705.717969][T22583] ? tomoyo_path_number_perm+0x587/0x740 [ 705.723604][T22583] ? trace_hardirqs_on+0x74/0x80 [ 705.728543][T22583] ? tomoyo_path_number_perm+0x5f0/0x740 [ 705.734266][T22583] ? tomoyo_check_path_acl+0x180/0x180 [ 705.739732][T22583] ? smk_access+0x4f0/0x4f0 [ 705.744233][T22583] ? smk_access+0x18c/0x4f0 [ 705.748729][T22583] ? tty_do_resize+0x180/0x180 20:37:55 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf0") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) [ 705.753494][T22583] do_vfs_ioctl+0x7d4/0x18f0 [ 705.758096][T22583] ? ioctl_preallocate+0x240/0x240 [ 705.763221][T22583] ? fget_many+0x30/0x30 [ 705.767457][T22583] ? debug_smp_processor_id+0x1c/0x20 [ 705.772831][T22583] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 705.778900][T22583] ? tomoyo_file_ioctl+0x23/0x30 [ 705.783844][T22583] ? security_file_ioctl+0xa1/0xd0 [ 705.788960][T22583] __x64_sys_ioctl+0xe3/0x120 [ 705.793642][T22583] do_syscall_64+0xfe/0x140 [ 705.798148][T22583] entry_SYSCALL_64_after_hwframe+0x49/0xbe 20:37:55 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf0") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) [ 705.804038][T22583] RIP: 0033:0x459829 [ 705.807928][T22583] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 705.827528][T22583] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 705.835976][T22583] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 705.843947][T22583] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 705.851920][T22583] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 705.859917][T22583] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 705.867887][T22583] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 705.878496][T22572] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 705.902028][T22572] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 705.905711][T19431] Bluetooth: hci0: sending frame failed (-49) [ 705.926706][T22572] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 705.945876][T22572] EXT4-fs error (device loop0): ext4_fill_super:4457: inode #2: comm syz-executor.0: iget: root inode unallocated [ 705.959412][T22572] EXT4-fs (loop0): get root inode failed [ 705.966145][T22572] EXT4-fs (loop0): mount failed [ 707.922142][ T22] Bluetooth: hci0: command 0x1003 tx timeout [ 707.928270][T19431] Bluetooth: hci0: sending frame failed (-49) [ 710.002125][ T22] Bluetooth: hci0: command 0x1001 tx timeout [ 710.008215][T19431] Bluetooth: hci0: sending frame failed (-49) [ 712.082104][ T9866] Bluetooth: hci0: command 0x1009 tx timeout 20:38:05 executing program 3 (fault-call:2 fault-nth:54): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:38:05 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf0") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:38:05 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x809) 20:38:05 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syslog(0x3, &(0x7f00000000c0)=""/147, 0x37a8ec531be3c41f) open(&(0x7f0000000e00)='./file0\x00', 0x0, 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000180)=ANY=[], &(0x7f0000026ff8)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') preadv(r0, &(0x7f0000000480)=[{&(0x7f0000001e40)=""/4096, 0x1000}], 0x1, 0x0) 20:38:05 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a39664"], 0x54) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:38:05 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fsetxattr$security_evm(r0, &(0x7f0000000400)='security.evm\x00', &(0x7f0000000440)=@v2={0x5, 0x3, 0x1, 0x7, 0x4c, "2f46c1157ded90b4d2f838457205dcdffb1cd6607d802fbd518b81d5de00d4ca206976e65bbd7ec7ec01af890307dd6e8ea9ed17e98c68b81ab1e1ea06a5e7882a37df5d6d67c92b92203ae4"}, 0x56, 0x1) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="83000000f16ceeabaf236fe800000000000000000000000000000000000000000405002e2f627573000000000000000000000600e70800000000000000696c6530000400000000000000000000000900000000000000df05002ea4d850d4a2ad3b36f10862757300004c36ded00000000000000000000000000005000000002e2f66696c6530000000000000"], 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:38:05 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x0, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) [ 716.410118][T22614] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 716.421559][T22614] FAULT_INJECTION: forcing a failure. [ 716.421559][T22614] name failslab, interval 1, probability 0, space 0, times 0 [ 716.475552][T22614] CPU: 1 PID: 22614 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 716.483730][T22614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 716.493780][T22614] Call Trace: [ 716.497086][T22614] dump_stack+0x1d8/0x2f8 [ 716.501421][T22614] should_fail+0x608/0x860 [ 716.505839][T22614] ? setup_fault_attr+0x2b0/0x2b0 [ 716.510864][T22614] ? __lock_acquire+0x4750/0x4750 [ 716.515890][T22614] __should_failslab+0x11a/0x160 [ 716.520826][T22614] ? __kernfs_new_node+0xd9/0x6e0 [ 716.525850][T22614] should_failslab+0x9/0x20 [ 716.530351][T22614] kmem_cache_alloc+0x56/0x2e0 [ 716.535115][T22614] __kernfs_new_node+0xd9/0x6e0 [ 716.539966][T22614] ? __kasan_check_write+0x14/0x20 [ 716.545074][T22614] ? kernfs_new_node+0x180/0x180 [ 716.550009][T22614] ? trace_lock_release+0x135/0x1a0 [ 716.552831][T22609] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 716.555201][T22614] kernfs_new_node+0x97/0x180 [ 716.555214][T22614] kernfs_create_link+0xbb/0x210 [ 716.555226][T22614] sysfs_do_create_link_sd+0x89/0x120 [ 716.555242][T22614] sysfs_create_link+0x68/0x80 [ 716.581335][T22609] FAT-fs (loop4): Filesystem has been set read-only [ 716.583558][T22614] device_add+0xa32/0x1570 [ 716.583577][T22614] ? rfkill_register+0x60/0x9f0 [ 716.583590][T22614] ? __init_waitqueue_head+0x42/0x90 [ 716.583597][T22614] ? dev_set_name+0x110/0x110 [ 716.583609][T22614] ? pm_runtime_init+0x295/0x370 [ 716.583621][T22614] rfkill_register+0x18b/0x9f0 [ 716.583633][T22614] hci_register_dev+0x3ac/0x720 [ 716.583648][T22614] hci_uart_tty_ioctl+0x8ad/0xa20 [ 716.583659][T22614] ? hci_uart_tty_write+0x10/0x10 [ 716.583671][T22614] tty_ioctl+0xfa8/0x1610 [ 716.583682][T22614] ? tty_do_resize+0x180/0x180 [ 716.594032][T22609] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 716.594636][T22614] ? rcu_lock_release+0x9/0x30 [ 716.594650][T22614] ? __lock_acquire+0x4750/0x4750 [ 716.594668][T22614] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 716.666268][T22614] ? tomoyo_path_number_perm+0x587/0x740 [ 716.671902][T22614] ? trace_hardirqs_on+0x74/0x80 [ 716.676839][T22614] ? tomoyo_path_number_perm+0x5f0/0x740 [ 716.682469][T22614] ? tomoyo_check_path_acl+0x180/0x180 [ 716.687917][T22614] ? smk_access+0x4f0/0x4f0 [ 716.692420][T22614] ? smk_access+0x18c/0x4f0 [ 716.696921][T22614] ? tty_do_resize+0x180/0x180 [ 716.701689][T22614] do_vfs_ioctl+0x7d4/0x18f0 [ 716.706278][T22614] ? ioctl_preallocate+0x240/0x240 [ 716.711388][T22614] ? fget_many+0x30/0x30 [ 716.715624][T22614] ? debug_smp_processor_id+0x1c/0x20 [ 716.720991][T22614] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 716.727065][T22614] ? tomoyo_file_ioctl+0x23/0x30 [ 716.731990][T22614] ? security_file_ioctl+0xa1/0xd0 [ 716.737100][T22614] __x64_sys_ioctl+0xe3/0x120 [ 716.741859][T22614] do_syscall_64+0xfe/0x140 [ 716.746354][T22614] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 716.752237][T22614] RIP: 0033:0x459829 [ 716.756126][T22614] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 20:38:06 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) [ 716.775735][T22614] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 716.784141][T22614] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 716.792126][T22614] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 716.800089][T22614] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 716.808052][T22614] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 716.816013][T22614] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 716.833313][T21541] Bluetooth: hci0: Frame reassembly failed (-84) 20:38:06 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x0, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:38:06 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x809) 20:38:06 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syslog(0x3, &(0x7f00000000c0)=""/147, 0x37a8ec531be3c41f) open(&(0x7f0000000e00)='./file0\x00', 0x0, 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000180)=ANY=[], &(0x7f0000026ff8)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') preadv(r0, &(0x7f0000000480)=[{&(0x7f0000001e40)=""/4096, 0x1000}], 0x1, 0x0) [ 716.948350][T22626] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 716.971275][T22626] FAT-fs (loop4): Filesystem has been set read-only [ 716.978741][T22626] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) 20:38:06 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) [ 717.242615][T22640] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 717.251249][T22640] FAT-fs (loop4): Filesystem has been set read-only [ 717.278398][T22640] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 718.882158][ T9746] Bluetooth: hci0: command 0x1003 tx timeout [ 718.888283][T19431] Bluetooth: hci0: sending frame failed (-49) [ 720.962132][ T9746] Bluetooth: hci0: command 0x1001 tx timeout [ 720.968224][T19431] Bluetooth: hci0: sending frame failed (-49) [ 723.042167][ T9746] Bluetooth: hci0: command 0x1009 tx timeout 20:38:16 executing program 3 (fault-call:2 fault-nth:55): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:38:16 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x0, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:38:16 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x809) 20:38:16 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:38:16 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syslog(0x3, &(0x7f00000000c0)=""/147, 0x37a8ec531be3c41f) open(&(0x7f0000000e00)='./file0\x00', 0x0, 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000180)=ANY=[], &(0x7f0000026ff8)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') preadv(r0, &(0x7f0000000480)=[{&(0x7f0000001e40)=""/4096, 0x1000}], 0x1, 0x0) 20:38:16 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) [ 727.301860][T22659] debugfs: Directory 'hci0' with parent 'bluetooth' already present! 20:38:16 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) [ 727.344171][T22653] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 727.354486][T22659] FAULT_INJECTION: forcing a failure. [ 727.354486][T22659] name failslab, interval 1, probability 0, space 0, times 0 [ 727.370002][T22653] FAT-fs (loop4): Filesystem has been set read-only [ 727.377213][T22659] CPU: 1 PID: 22659 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 727.385201][T22659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 727.395261][T22659] Call Trace: [ 727.398555][T22659] dump_stack+0x1d8/0x2f8 [ 727.403039][T22659] should_fail+0x608/0x860 [ 727.407545][T22659] ? setup_fault_attr+0x2b0/0x2b0 [ 727.412575][T22659] ? __lock_acquire+0x4750/0x4750 [ 727.417605][T22659] __should_failslab+0x11a/0x160 [ 727.422554][T22659] ? __kernfs_new_node+0xd9/0x6e0 [ 727.427668][T22659] should_failslab+0x9/0x20 [ 727.432173][T22659] kmem_cache_alloc+0x56/0x2e0 [ 727.436933][T22659] __kernfs_new_node+0xd9/0x6e0 [ 727.441793][T22659] ? kernfs_new_node+0x180/0x180 [ 727.446736][T22659] ? kernfs_activate+0x213/0x230 [ 727.451705][T22659] ? __lock_acquire+0x4750/0x4750 [ 727.456781][T22659] kernfs_new_node+0x97/0x180 [ 727.461474][T22659] __kernfs_create_file+0x4a/0x2f0 [ 727.466584][T22659] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 727.471959][T22659] internal_create_group+0x511/0xdf0 [ 727.477265][T22659] ? sysfs_create_group+0x30/0x30 [ 727.482292][T22659] sysfs_create_groups+0x75/0x130 [ 727.487322][T22659] device_add+0xaef/0x1570 [ 727.491827][T22659] ? rfkill_register+0x60/0x9f0 [ 727.496684][T22659] ? __init_waitqueue_head+0x42/0x90 [ 727.501972][T22659] ? dev_set_name+0x110/0x110 [ 727.506777][T22659] ? pm_runtime_init+0x295/0x370 [ 727.511721][T22659] rfkill_register+0x18b/0x9f0 [ 727.516493][T22659] hci_register_dev+0x3ac/0x720 [ 727.521347][T22659] hci_uart_tty_ioctl+0x8ad/0xa20 [ 727.526457][T22659] ? hci_uart_tty_write+0x10/0x10 [ 727.531476][T22659] tty_ioctl+0xfa8/0x1610 [ 727.535800][T22659] ? tty_do_resize+0x180/0x180 [ 727.540571][T22659] ? rcu_lock_release+0x9/0x30 [ 727.545342][T22659] ? __lock_acquire+0x4750/0x4750 [ 727.550364][T22659] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 727.555998][T22659] ? tomoyo_path_number_perm+0x587/0x740 [ 727.561625][T22659] ? trace_hardirqs_on+0x74/0x80 [ 727.566565][T22659] ? tomoyo_path_number_perm+0x5f0/0x740 [ 727.572395][T22659] ? tomoyo_check_path_acl+0x180/0x180 [ 727.577852][T22659] ? smk_access+0x4f0/0x4f0 [ 727.582345][T22659] ? smk_access+0x18c/0x4f0 [ 727.586958][T22659] ? tty_do_resize+0x180/0x180 [ 727.591892][T22659] do_vfs_ioctl+0x7d4/0x18f0 [ 727.596485][T22659] ? ioctl_preallocate+0x240/0x240 [ 727.601690][T22659] ? fget_many+0x30/0x30 [ 727.605927][T22659] ? debug_smp_processor_id+0x1c/0x20 [ 727.611295][T22659] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 727.617363][T22659] ? tomoyo_file_ioctl+0x23/0x30 [ 727.622298][T22659] ? security_file_ioctl+0xa1/0xd0 [ 727.627400][T22659] __x64_sys_ioctl+0xe3/0x120 [ 727.632075][T22659] do_syscall_64+0xfe/0x140 [ 727.636571][T22659] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 727.642453][T22659] RIP: 0033:0x459829 [ 727.646338][T22659] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 727.665935][T22659] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 727.674339][T22659] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 727.682303][T22659] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 20:38:16 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) [ 727.690278][T22659] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 727.698416][T22659] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 727.706388][T22659] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 727.727956][T22653] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) 20:38:16 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") r1 = socket$inet6(0xa, 0x3, 0x20000000021) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @local, 0x9}, 0x1c) 20:38:17 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x809) [ 727.788920][ T9428] Bluetooth: hci0: Frame reassembly failed (-84) 20:38:17 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:38:17 executing program 0: [ 727.937658][T22674] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 727.960768][T22681] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 727.974513][T22674] FAT-fs (loop4): Filesystem has been set read-only [ 727.981479][T22674] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 729.842117][ T22] Bluetooth: hci0: command 0x1003 tx timeout [ 729.849419][T19431] Bluetooth: hci0: sending frame failed (-49) [ 731.922097][ T22] Bluetooth: hci0: command 0x1001 tx timeout [ 731.929573][T19431] Bluetooth: hci0: sending frame failed (-49) [ 734.002099][ T22] Bluetooth: hci0: command 0x1009 tx timeout 20:38:27 executing program 3 (fault-call:2 fault-nth:56): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:38:27 executing program 0: 20:38:27 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:38:27 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:38:27 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x809) 20:38:27 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$IMSETDEVNAME(r0, 0x80184947, &(0x7f0000000400)={0x8, 'syz0\x00'}) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:38:27 executing program 0: [ 738.156893][T22699] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 738.188507][T22699] FAULT_INJECTION: forcing a failure. [ 738.188507][T22699] name failslab, interval 1, probability 0, space 0, times 0 20:38:27 executing program 0: [ 738.205765][T22692] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 738.217506][T22699] CPU: 1 PID: 22699 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 738.225501][T22699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 738.235540][T22699] Call Trace: [ 738.235564][T22699] dump_stack+0x1d8/0x2f8 [ 738.235579][T22699] should_fail+0x608/0x860 [ 738.235590][T22699] ? setup_fault_attr+0x2b0/0x2b0 [ 738.235603][T22699] ? __lock_acquire+0x4750/0x4750 [ 738.235619][T22699] __should_failslab+0x11a/0x160 [ 738.235629][T22699] ? __kernfs_new_node+0xd9/0x6e0 [ 738.235640][T22699] should_failslab+0x9/0x20 [ 738.235651][T22699] kmem_cache_alloc+0x56/0x2e0 [ 738.235664][T22699] __kernfs_new_node+0xd9/0x6e0 [ 738.248023][T22692] FAT-fs (loop4): Filesystem has been set read-only [ 738.252659][T22699] ? __kasan_check_write+0x14/0x20 [ 738.252671][T22699] ? kernfs_new_node+0x180/0x180 [ 738.252684][T22699] ? __mutex_unlock_slowpath+0x18c/0x630 [ 738.252692][T22699] ? mutex_unlock+0x10/0x10 [ 738.252702][T22699] ? mutex_unlock+0xd/0x10 [ 738.252708][T22699] ? kernfs_activate+0x213/0x230 [ 738.252722][T22699] kernfs_new_node+0x97/0x180 [ 738.272224][T22692] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 738.276960][T22699] __kernfs_create_file+0x4a/0x2f0 [ 738.276971][T22699] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 738.276986][T22699] internal_create_group+0x511/0xdf0 [ 738.346148][T22699] ? sysfs_create_group+0x30/0x30 [ 738.351169][T22699] sysfs_create_groups+0x75/0x130 [ 738.356192][T22699] device_add+0xaef/0x1570 [ 738.360619][T22699] ? rfkill_register+0x60/0x9f0 [ 738.365469][T22699] ? __init_waitqueue_head+0x42/0x90 [ 738.365487][T22699] ? dev_set_name+0x110/0x110 [ 738.375411][T22699] ? pm_runtime_init+0x295/0x370 [ 738.375429][T22699] rfkill_register+0x18b/0x9f0 [ 738.375440][T22699] hci_register_dev+0x3ac/0x720 [ 738.375456][T22699] hci_uart_tty_ioctl+0x8ad/0xa20 [ 738.375466][T22699] ? hci_uart_tty_write+0x10/0x10 [ 738.375477][T22699] tty_ioctl+0xfa8/0x1610 [ 738.375489][T22699] ? tty_do_resize+0x180/0x180 [ 738.409341][T22699] ? rcu_lock_release+0x9/0x30 [ 738.414121][T22699] ? __lock_acquire+0x4750/0x4750 [ 738.419141][T22699] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 738.424860][T22699] ? tomoyo_path_number_perm+0x587/0x740 [ 738.430566][T22699] ? trace_hardirqs_on+0x74/0x80 [ 738.435507][T22699] ? tomoyo_path_number_perm+0x5f0/0x740 [ 738.441144][T22699] ? tomoyo_check_path_acl+0x180/0x180 [ 738.446598][T22699] ? smk_access+0x4f0/0x4f0 [ 738.451094][T22699] ? smk_access+0x18c/0x4f0 [ 738.455681][T22699] ? tty_do_resize+0x180/0x180 [ 738.460439][T22699] do_vfs_ioctl+0x7d4/0x18f0 [ 738.465029][T22699] ? ioctl_preallocate+0x240/0x240 [ 738.470145][T22699] ? fget_many+0x30/0x30 [ 738.474383][T22699] ? debug_smp_processor_id+0x1c/0x20 [ 738.479749][T22699] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 738.485818][T22699] ? tomoyo_file_ioctl+0x23/0x30 [ 738.490748][T22699] ? security_file_ioctl+0xa1/0xd0 [ 738.495853][T22699] __x64_sys_ioctl+0xe3/0x120 [ 738.500523][T22699] do_syscall_64+0xfe/0x140 [ 738.505026][T22699] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 738.510907][T22699] RIP: 0033:0x459829 [ 738.514798][T22699] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 738.534393][T22699] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 738.542796][T22699] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 738.550852][T22699] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 20:38:27 executing program 0: 20:38:27 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) [ 738.558825][T22699] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 738.566794][T22699] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 738.574765][T22699] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 20:38:27 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:38:27 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x809) [ 738.622770][ T9428] Bluetooth: hci0: Frame reassembly failed (-84) [ 738.637614][ T9428] Bluetooth: hci0: Frame reassembly failed (-84) [ 740.642171][ T22] Bluetooth: hci0: command 0x1003 tx timeout [ 740.648312][T19431] Bluetooth: hci0: sending frame failed (-49) [ 742.722129][ T9347] Bluetooth: hci0: command 0x1001 tx timeout [ 742.728345][T19431] Bluetooth: hci0: sending frame failed (-49) [ 744.802099][ T9347] Bluetooth: hci0: command 0x1009 tx timeout 20:38:38 executing program 3 (fault-call:2 fault-nth:57): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:38:38 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:38:38 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0xffffffff) r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x809) 20:38:38 executing program 0: 20:38:38 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:38:38 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) semget(0x1, 0x51d6ec70a75482aa, 0x200) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:38:38 executing program 0: r0 = timerfd_create(0x0, 0x0) readv(r0, &(0x7f00000001c0)=[{&(0x7f0000000000)=""/14, 0xe}], 0x1) ioctl$VHOST_GET_VRING_ENDIAN(0xffffffffffffffff, 0x4008af14, 0x0) timerfd_settime(r0, 0x0, &(0x7f0000000040)={{0x77359400}, {0x0, 0x1c9c380}}, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x80000003, 0x8031, 0xffffffffffffffff, 0x0) r1 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffa000/0x3000)=nil) shmat(r1, &(0x7f0000ffa000/0x3000)=nil, 0xff26690544f57169) 20:38:38 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, 0x0) preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) [ 749.066889][T22726] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 749.099075][T22726] FAULT_INJECTION: forcing a failure. [ 749.099075][T22726] name failslab, interval 1, probability 0, space 0, times 0 [ 749.104623][T22727] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) 20:38:38 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, 0x0) preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) [ 749.139202][T22726] CPU: 0 PID: 22726 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 749.147210][T22726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 749.157265][T22726] Call Trace: [ 749.160567][T22726] dump_stack+0x1d8/0x2f8 [ 749.166008][T22726] should_fail+0x608/0x860 [ 749.170425][T22726] ? setup_fault_attr+0x2b0/0x2b0 [ 749.170887][T22718] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 749.175450][T22726] ? __lock_acquire+0x4750/0x4750 [ 749.175465][T22726] __should_failslab+0x11a/0x160 [ 749.175476][T22726] ? __kernfs_new_node+0xd9/0x6e0 [ 749.175486][T22726] should_failslab+0x9/0x20 [ 749.175497][T22726] kmem_cache_alloc+0x56/0x2e0 [ 749.175506][T22726] __kernfs_new_node+0xd9/0x6e0 [ 749.175517][T22726] ? __kasan_check_write+0x14/0x20 [ 749.175525][T22726] ? kernfs_new_node+0x180/0x180 [ 749.175539][T22726] ? __mutex_unlock_slowpath+0x18c/0x630 [ 749.175548][T22726] ? mutex_unlock+0x10/0x10 [ 749.175559][T22726] ? mutex_unlock+0xd/0x10 [ 749.175571][T22726] ? kernfs_activate+0x213/0x230 [ 749.184935][T22718] FAT-fs (loop4): Filesystem has been set read-only [ 749.189136][T22726] kernfs_new_node+0x97/0x180 [ 749.189148][T22726] __kernfs_create_file+0x4a/0x2f0 [ 749.189157][T22726] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 749.189169][T22726] internal_create_group+0x511/0xdf0 [ 749.189182][T22726] ? sysfs_create_group+0x30/0x30 [ 749.189194][T22726] sysfs_create_groups+0x75/0x130 [ 749.189208][T22726] device_add+0xaef/0x1570 [ 749.189224][T22726] ? rfkill_register+0x60/0x9f0 [ 749.196992][T22718] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 749.199137][T22726] ? __init_waitqueue_head+0x42/0x90 [ 749.199151][T22726] ? dev_set_name+0x110/0x110 [ 749.199162][T22726] ? pm_runtime_init+0x295/0x370 [ 749.199180][T22726] rfkill_register+0x18b/0x9f0 [ 749.199193][T22726] hci_register_dev+0x3ac/0x720 [ 749.199210][T22726] hci_uart_tty_ioctl+0x8ad/0xa20 [ 749.199219][T22726] ? hci_uart_tty_write+0x10/0x10 [ 749.199233][T22726] tty_ioctl+0xfa8/0x1610 [ 749.335834][T22726] ? tty_do_resize+0x180/0x180 [ 749.340610][T22726] ? rcu_lock_release+0x9/0x30 [ 749.345377][T22726] ? __lock_acquire+0x4750/0x4750 [ 749.350403][T22726] ? trace_hardirqs_on+0x34/0x80 [ 749.355340][T22726] ? kfree+0x1a3/0x200 [ 749.359412][T22726] ? tomoyo_path_number_perm+0x5f0/0x740 [ 749.365132][T22726] ? tomoyo_check_path_acl+0x180/0x180 [ 749.370767][T22726] ? smk_access+0x4f0/0x4f0 [ 749.375270][T22726] ? smk_access+0x18c/0x4f0 [ 749.379771][T22726] ? tty_do_resize+0x180/0x180 [ 749.384619][T22726] do_vfs_ioctl+0x7d4/0x18f0 [ 749.389215][T22726] ? ioctl_preallocate+0x240/0x240 [ 749.394337][T22726] ? fget_many+0x30/0x30 [ 749.398585][T22726] ? debug_smp_processor_id+0x1c/0x20 [ 749.403956][T22726] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 749.410030][T22726] ? tomoyo_file_ioctl+0x23/0x30 [ 749.414976][T22726] ? security_file_ioctl+0xa1/0xd0 [ 749.420100][T22726] __x64_sys_ioctl+0xe3/0x120 [ 749.424781][T22726] do_syscall_64+0xfe/0x140 [ 749.429303][T22726] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 749.435199][T22726] RIP: 0033:0x459829 [ 749.439092][T22726] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 749.458716][T22726] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 749.467134][T22726] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 749.475112][T22726] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 749.483082][T22726] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 20:38:38 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0xffffffff) r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x809) 20:38:38 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) [ 749.491058][T22726] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 749.499031][T22726] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 20:38:38 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, 0x0) preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) [ 749.675276][T22742] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 749.702141][T22742] FAT-fs (loop4): Filesystem has been set read-only [ 749.776075][T22738] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 749.806214][T22738] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 749.828325][ T175] Bluetooth: hci0: Frame reassembly failed (-84) [ 751.842100][ T9347] Bluetooth: hci0: command 0x1003 tx timeout [ 751.848173][T19431] Bluetooth: hci0: sending frame failed (-49) [ 753.922149][ T9347] Bluetooth: hci0: command 0x1001 tx timeout [ 753.928484][T19431] Bluetooth: hci0: sending frame failed (-49) [ 756.002159][ T9347] Bluetooth: hci0: command 0x1009 tx timeout 20:38:49 executing program 3 (fault-call:2 fault-nth:58): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:38:49 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:38:49 executing program 0: ioctl$EVIOCGKEYCODE_V2(0xffffffffffffffff, 0x80284504, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x89a1, &(0x7f0000000000)={@remote}) ioctl$sock_inet6_SIOCADDRT(r0, 0x89a0, &(0x7f0000000100)={@local={0xfe, 0x80, [0x0, 0xfeff0000]}, @empty, @loopback, 0x0, 0x2}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0) openat$vcs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$DRM_IOCTL_GET_SAREA_CTX(0xffffffffffffffff, 0xc010641d, &(0x7f00000000c0)={0x0, 0x0}) readv(0xffffffffffffffff, &(0x7f00000013c0)=[{&(0x7f0000000100)=""/145, 0x91}, {0x0}, {0x0}, {0x0}], 0x4) 20:38:49 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0xffffffff) r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x809) 20:38:49 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) socket$inet_smc(0x2b, 0x1, 0x0) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:38:49 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:38:49 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) [ 759.943925][T22758] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 759.995025][T22758] FAULT_INJECTION: forcing a failure. [ 759.995025][T22758] name failslab, interval 1, probability 0, space 0, times 0 [ 760.020061][T22754] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 760.022832][T22758] CPU: 1 PID: 22758 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 760.036306][T22754] FAT-fs (loop4): Filesystem has been set read-only [ 760.036654][T22758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 760.047648][T22754] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 760.053280][T22758] Call Trace: [ 760.053312][T22758] dump_stack+0x1d8/0x2f8 [ 760.053325][T22758] should_fail+0x608/0x860 [ 760.053335][T22758] ? setup_fault_attr+0x2b0/0x2b0 [ 760.053346][T22758] ? __lock_acquire+0x4750/0x4750 [ 760.053362][T22758] __should_failslab+0x11a/0x160 [ 760.064592][T22758] ? __kernfs_new_node+0xd9/0x6e0 [ 760.064605][T22758] should_failslab+0x9/0x20 [ 760.064620][T22758] kmem_cache_alloc+0x56/0x2e0 [ 760.073324][T22758] __kernfs_new_node+0xd9/0x6e0 [ 760.073339][T22758] ? __kasan_check_write+0x14/0x20 [ 760.073349][T22758] ? kernfs_new_node+0x180/0x180 [ 760.073361][T22758] ? __mutex_unlock_slowpath+0x18c/0x630 [ 760.073373][T22758] ? mutex_unlock+0x10/0x10 [ 760.127591][T22758] ? mutex_unlock+0xd/0x10 [ 760.132006][T22758] ? kernfs_activate+0x213/0x230 [ 760.136930][T22758] kernfs_new_node+0x97/0x180 [ 760.141606][T22758] __kernfs_create_file+0x4a/0x2f0 [ 760.146713][T22758] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 760.152084][T22758] internal_create_group+0x511/0xdf0 [ 760.157363][T22758] ? sysfs_create_group+0x30/0x30 [ 760.162382][T22758] sysfs_create_groups+0x75/0x130 [ 760.167400][T22758] device_add+0xaef/0x1570 [ 760.171816][T22758] ? rfkill_register+0x60/0x9f0 [ 760.176663][T22758] ? __init_waitqueue_head+0x42/0x90 [ 760.181945][T22758] ? dev_set_name+0x110/0x110 [ 760.186615][T22758] ? pm_runtime_init+0x295/0x370 [ 760.191549][T22758] rfkill_register+0x18b/0x9f0 [ 760.196308][T22758] hci_register_dev+0x3ac/0x720 [ 760.201155][T22758] hci_uart_tty_ioctl+0x8ad/0xa20 [ 760.206170][T22758] ? hci_uart_tty_write+0x10/0x10 [ 760.211195][T22758] tty_ioctl+0xfa8/0x1610 [ 760.215514][T22758] ? tty_do_resize+0x180/0x180 [ 760.220272][T22758] ? rcu_lock_release+0x9/0x30 [ 760.225042][T22758] ? __lock_acquire+0x4750/0x4750 [ 760.230068][T22758] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 760.235693][T22758] ? tomoyo_path_number_perm+0x587/0x740 [ 760.241409][T22758] ? trace_hardirqs_on+0x74/0x80 [ 760.246341][T22758] ? tomoyo_path_number_perm+0x5f0/0x740 [ 760.251973][T22758] ? tomoyo_check_path_acl+0x180/0x180 [ 760.257447][T22758] ? smk_access+0x4f0/0x4f0 [ 760.261944][T22758] ? smk_access+0x18c/0x4f0 [ 760.266453][T22758] ? tty_do_resize+0x180/0x180 [ 760.271301][T22758] do_vfs_ioctl+0x7d4/0x18f0 [ 760.275888][T22758] ? ioctl_preallocate+0x240/0x240 [ 760.281002][T22758] ? fget_many+0x30/0x30 [ 760.285240][T22758] ? debug_smp_processor_id+0x1c/0x20 [ 760.290602][T22758] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 760.296703][T22758] ? tomoyo_file_ioctl+0x23/0x30 [ 760.301990][T22758] ? security_file_ioctl+0xa1/0xd0 [ 760.307096][T22758] __x64_sys_ioctl+0xe3/0x120 [ 760.311768][T22758] do_syscall_64+0xfe/0x140 [ 760.316270][T22758] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 760.322153][T22758] RIP: 0033:0x459829 [ 760.326047][T22758] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 20:38:49 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:38:49 executing program 0: getpid() perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x14e24}, 0x1c) recvmmsg(r0, &(0x7f0000000200), 0x38c, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e24, 0x0, @ipv4={[], [], @loopback}}, 0x1c) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0) fchownat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1100) [ 760.345914][T22758] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 760.354318][T22758] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 760.362283][T22758] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 760.370245][T22758] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 760.378217][T22758] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 760.386359][T22758] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 20:38:49 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 20:38:49 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0xffffffff) r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x809) [ 760.417034][ T9428] Bluetooth: hci0: Frame reassembly failed (-84) 20:38:49 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, 0x0, 0x0, 0x10400003) [ 760.570973][T22779] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 760.589582][T22773] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 760.598919][T22779] FAT-fs (loop4): Filesystem has been set read-only [ 760.608800][T22773] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 762.482210][T20832] Bluetooth: hci0: command 0x1003 tx timeout [ 762.489428][T19431] Bluetooth: hci0: sending frame failed (-49) [ 764.562231][T20832] Bluetooth: hci0: command 0x1001 tx timeout [ 764.568325][T19431] Bluetooth: hci0: sending frame failed (-49) [ 766.642173][T20832] Bluetooth: hci0: command 0x1009 tx timeout 20:38:59 executing program 3 (fault-call:2 fault-nth:59): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:38:59 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0xffffffff) r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x809) 20:38:59 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:38:59 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, 0x0, 0x0, 0x10400003) 20:38:59 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x50000}]}) 20:38:59 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000400)=ANY=[@ANYBLOB="d3ed1b9fbb1213f95b00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657f9ffbffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb786"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:39:00 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, 0x0, 0x0, 0x10400003) [ 770.835526][T22794] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 770.877038][T22794] FAULT_INJECTION: forcing a failure. [ 770.877038][T22794] name failslab, interval 1, probability 0, space 0, times 0 [ 770.911685][T22787] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) 20:39:00 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0xffffffff) r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x809) 20:39:00 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 770.933323][T22787] FAT-fs (loop4): Filesystem has been set read-only [ 770.952158][T22794] CPU: 0 PID: 22794 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 770.960514][T22794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 770.970567][T22794] Call Trace: [ 770.973878][T22794] dump_stack+0x1d8/0x2f8 [ 770.978218][T22794] should_fail+0x608/0x860 [ 770.982637][T22794] ? setup_fault_attr+0x2b0/0x2b0 [ 770.987736][T22794] ? __lock_acquire+0x4750/0x4750 [ 770.992750][T22794] __should_failslab+0x11a/0x160 [ 770.997678][T22794] ? __kernfs_new_node+0xd9/0x6e0 [ 771.004172][T22794] should_failslab+0x9/0x20 [ 771.008746][T22794] kmem_cache_alloc+0x56/0x2e0 [ 771.013488][T22794] __kernfs_new_node+0xd9/0x6e0 [ 771.018325][T22794] ? __kasan_check_write+0x14/0x20 [ 771.023422][T22794] ? kernfs_new_node+0x180/0x180 [ 771.028349][T22794] ? __mutex_unlock_slowpath+0x18c/0x630 [ 771.035006][T22794] ? mutex_unlock+0x10/0x10 [ 771.039753][T22794] ? mutex_unlock+0xd/0x10 [ 771.044165][T22794] ? kernfs_activate+0x213/0x230 [ 771.049079][T22794] kernfs_new_node+0x97/0x180 [ 771.053826][T22794] __kernfs_create_file+0x4a/0x2f0 [ 771.058927][T22794] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 771.064301][T22794] internal_create_group+0x511/0xdf0 [ 771.069661][T22794] ? sysfs_create_group+0x30/0x30 [ 771.074663][T22794] sysfs_create_groups+0x75/0x130 [ 771.079667][T22794] device_add+0xaef/0x1570 [ 771.084814][T22794] ? rfkill_register+0x60/0x9f0 [ 771.090075][T22794] ? __init_waitqueue_head+0x42/0x90 [ 771.095335][T22794] ? dev_set_name+0x110/0x110 [ 771.100086][T22794] ? pm_runtime_init+0x295/0x370 [ 771.105004][T22794] rfkill_register+0x18b/0x9f0 [ 771.109746][T22794] hci_register_dev+0x3ac/0x720 [ 771.114759][T22794] hci_uart_tty_ioctl+0x8ad/0xa20 [ 771.119758][T22794] ? hci_uart_tty_write+0x10/0x10 [ 771.124863][T22794] tty_ioctl+0xfa8/0x1610 [ 771.129183][T22794] ? tty_do_resize+0x180/0x180 [ 771.133927][T22794] ? rcu_lock_release+0x9/0x30 [ 771.138686][T22794] ? __lock_acquire+0x4750/0x4750 [ 771.143703][T22794] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 771.149323][T22794] ? tomoyo_path_number_perm+0x587/0x740 [ 771.154931][T22794] ? trace_hardirqs_on+0x74/0x80 [ 771.159844][T22794] ? tomoyo_path_number_perm+0x5f0/0x740 [ 771.167039][T22794] ? tomoyo_check_path_acl+0x180/0x180 [ 771.172487][T22794] ? smk_access+0x4f0/0x4f0 [ 771.176961][T22794] ? smk_access+0x18c/0x4f0 [ 771.181442][T22794] ? tty_do_resize+0x180/0x180 [ 771.186202][T22794] do_vfs_ioctl+0x7d4/0x18f0 [ 771.191140][T22794] ? ioctl_preallocate+0x240/0x240 [ 771.196418][T22794] ? fget_many+0x30/0x30 [ 771.200643][T22794] ? debug_smp_processor_id+0x1c/0x20 [ 771.205991][T22794] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 771.212036][T22794] ? tomoyo_file_ioctl+0x23/0x30 [ 771.216950][T22794] ? security_file_ioctl+0xa1/0xd0 [ 771.222040][T22794] __x64_sys_ioctl+0xe3/0x120 [ 771.226697][T22794] do_syscall_64+0xfe/0x140 [ 771.231267][T22794] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 771.237307][T22794] RIP: 0033:0x459829 [ 771.241180][T22794] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 771.260847][T22794] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 771.269619][T22794] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 20:39:00 executing program 0: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) timer_create(0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000180)='stat\x00') preadv(r0, &(0x7f0000000480), 0x1000000000000237, 0x0) [ 771.277566][T22794] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 771.285704][T22794] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 771.293739][T22794] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 771.301685][T22794] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 771.318364][T22787] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) 20:39:00 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 771.345006][T22787] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 771.370223][T22787] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) 20:39:00 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) [ 771.578495][ T9428] Bluetooth: hci0: Frame reassembly failed (-84) [ 771.626706][T22813] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 771.635473][T22813] FAT-fs (loop4): Filesystem has been set read-only [ 771.645391][T22813] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 773.602106][T20832] Bluetooth: hci0: command 0x1003 tx timeout [ 773.608193][T19431] Bluetooth: hci0: sending frame failed (-49) [ 775.682155][T20832] Bluetooth: hci0: command 0x1001 tx timeout [ 775.688257][T19431] Bluetooth: hci0: sending frame failed (-49) [ 777.762106][T20832] Bluetooth: hci0: command 0x1009 tx timeout 20:39:10 executing program 3 (fault-call:2 fault-nth:60): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:39:10 executing program 0: r0 = add_key(&(0x7f0000000080)='big_key\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000240)='W', 0x31d, 0xfffffffffffffffd) keyctl$revoke(0x3, r0) 20:39:10 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x221f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/raw\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x0) 20:39:10 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) getsockopt$IP6T_SO_GET_REVISION_MATCH(r3, 0x29, 0x44, &(0x7f0000000400)={'ipvs\x00'}, &(0x7f0000000440)=0x1e) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:39:10 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:39:10 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:39:10 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) 20:39:10 executing program 1: sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) writev(r0, &(0x7f0000000300), 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(anubis)\x00'}, 0x58) bpf$OBJ_GET_MAP(0x7, 0x0, 0x0) getsockname$packet(0xffffffffffffff9c, 0x0, &(0x7f0000000540)) socket$vsock_stream(0x28, 0x1, 0x0) accept4$vsock_stream(0xffffffffffffffff, 0x0, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, 0x0, &(0x7f0000000800)) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(0xffffffffffffffff, 0x84, 0x78, &(0x7f0000000840), 0x4) accept4(r0, &(0x7f0000000140)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}, &(0x7f00000001c0)=0x80, 0x80000) r1 = accept4(r0, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="285474dae6badf3a960eca58356ed2eb", 0x10) sendmmsg$alg(r1, &(0x7f0000000380)=[{0x2000000ffffff8d, 0x0, &(0x7f0000001500)=[{&(0x7f0000001380), 0x55911c}], 0x1}, {0x0, 0x1000000, 0x0, 0x0, 0x0, 0xffffffffffffff46}, {0x0, 0x0, 0x0}], 0x492492492492494, 0x0) [ 781.660776][T22830] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 781.735654][T22830] FAULT_INJECTION: forcing a failure. [ 781.735654][T22830] name failslab, interval 1, probability 0, space 0, times 0 [ 781.753289][T22834] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 20:39:11 executing program 2: r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:39:11 executing program 0: r0 = socket$inet(0x2, 0x3, 0x2) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000040)=ANY=[], 0x7c774aac) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x2, 0x11, r1, 0x0) getsockopt(r0, 0x0, 0xcf, &(0x7f0000001400)=""/203, &(0x7f0000000040)=0xcb) [ 781.824596][T22830] CPU: 0 PID: 22830 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 781.832619][T22830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 781.842696][T22830] Call Trace: [ 781.846002][T22830] dump_stack+0x1d8/0x2f8 [ 781.850340][T22830] should_fail+0x608/0x860 [ 781.854767][T22830] ? setup_fault_attr+0x2b0/0x2b0 [ 781.859823][T22830] ? __lock_acquire+0x4750/0x4750 [ 781.859841][T22830] __should_failslab+0x11a/0x160 [ 781.859855][T22830] ? __kernfs_new_node+0xd9/0x6e0 [ 781.874941][T22830] should_failslab+0x9/0x20 [ 781.879518][T22830] kmem_cache_alloc+0x56/0x2e0 [ 781.884471][T22830] __kernfs_new_node+0xd9/0x6e0 [ 781.889308][T22830] ? __kasan_check_write+0x14/0x20 [ 781.894411][T22830] ? kernfs_new_node+0x180/0x180 [ 781.899329][T22830] ? __mutex_unlock_slowpath+0x18c/0x630 [ 781.904949][T22830] ? mutex_unlock+0x10/0x10 [ 781.909444][T22830] ? mutex_unlock+0xd/0x10 [ 781.913837][T22830] ? kernfs_activate+0x213/0x230 [ 781.919458][T22830] kernfs_new_node+0x97/0x180 [ 781.925799][T22830] __kernfs_create_file+0x4a/0x2f0 [ 781.932535][T22830] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 781.938405][T22830] internal_create_group+0x511/0xdf0 [ 781.943678][T22830] ? sysfs_create_group+0x30/0x30 [ 781.948679][T22830] sysfs_create_groups+0x75/0x130 [ 781.953681][T22830] device_add+0xaef/0x1570 [ 781.958079][T22830] ? rfkill_register+0x60/0x9f0 [ 781.962923][T22830] ? __init_waitqueue_head+0x42/0x90 [ 781.968291][T22830] ? dev_set_name+0x110/0x110 [ 781.972944][T22830] ? pm_runtime_init+0x295/0x370 [ 781.977956][T22830] rfkill_register+0x18b/0x9f0 [ 781.982699][T22830] hci_register_dev+0x3ac/0x720 [ 781.987528][T22830] hci_uart_tty_ioctl+0x8ad/0xa20 [ 781.992548][T22830] ? hci_uart_tty_write+0x10/0x10 [ 781.997727][T22830] tty_ioctl+0xfa8/0x1610 [ 782.002034][T22830] ? tty_do_resize+0x180/0x180 [ 782.007907][T22830] ? rcu_lock_release+0x9/0x30 [ 782.012664][T22830] ? __lock_acquire+0x4750/0x4750 [ 782.017664][T22830] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 782.023271][T22830] ? tomoyo_path_number_perm+0x587/0x740 [ 782.028888][T22830] ? trace_hardirqs_on+0x74/0x80 [ 782.033822][T22830] ? tomoyo_path_number_perm+0x5f0/0x740 [ 782.039446][T22830] ? tomoyo_check_path_acl+0x180/0x180 [ 782.044882][T22830] ? smk_access+0x4f0/0x4f0 [ 782.049370][T22830] ? smk_access+0x18c/0x4f0 [ 782.053848][T22830] ? tty_do_resize+0x180/0x180 [ 782.058607][T22830] do_vfs_ioctl+0x7d4/0x18f0 [ 782.063551][T22830] ? ioctl_preallocate+0x240/0x240 [ 782.068643][T22830] ? fget_many+0x30/0x30 [ 782.073045][T22830] ? debug_smp_processor_id+0x1c/0x20 [ 782.078393][T22830] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 782.084436][T22830] ? tomoyo_file_ioctl+0x23/0x30 [ 782.089352][T22830] ? security_file_ioctl+0xa1/0xd0 [ 782.094439][T22830] __x64_sys_ioctl+0xe3/0x120 [ 782.099114][T22830] do_syscall_64+0xfe/0x140 [ 782.103609][T22830] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 782.109475][T22830] RIP: 0033:0x459829 [ 782.113349][T22830] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 782.132931][T22830] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 782.141314][T22830] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 782.149260][T22830] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 782.157207][T22830] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 782.165153][T22830] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 782.173887][T22830] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 782.199270][T22822] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) 20:39:11 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) [ 782.234480][T22822] FAT-fs (loop4): Filesystem has been set read-only [ 782.252763][ T9428] Bluetooth: hci0: Frame reassembly failed (-84) [ 782.259930][T22822] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 782.318243][T22822] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 782.339600][T22822] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) 20:39:11 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) [ 782.360158][T22850] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 784.322169][T20832] Bluetooth: hci0: command 0x1003 tx timeout [ 784.328418][T19431] Bluetooth: hci0: sending frame failed (-49) [ 786.402178][T20832] Bluetooth: hci0: command 0x1001 tx timeout [ 786.408545][T19431] Bluetooth: hci0: sending frame failed (-49) [ 788.482166][T20832] Bluetooth: hci0: command 0x1009 tx timeout 20:39:21 executing program 3 (fault-call:2 fault-nth:61): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:39:21 executing program 2: r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:39:21 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) 20:39:21 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r1) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) ioctl$TIOCSSERIAL(r2, 0x541f, &(0x7f00000004c0)={0xffff, 0x9, 0x4, 0x6, 0x7, 0x280, 0xfff, 0x0, 0x1, 0x6, 0x1ff, 0x3c, 0xdfa, 0x8, &(0x7f0000000400)=""/173, 0x400, 0x80000001, 0x2}) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:39:21 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:39:21 executing program 0: r0 = socket$inet(0x2, 0x3, 0x2) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000040)=ANY=[], 0x7c774aac) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x2, 0x11, r1, 0x0) getsockopt(r0, 0x0, 0xcf, &(0x7f0000001400)=""/203, &(0x7f0000000040)=0xcb) [ 792.510064][T22866] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 792.545764][T22870] debugfs: Directory 'hci0' with parent 'bluetooth' already present! 20:39:21 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) 20:39:21 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) [ 792.572824][T22870] FAULT_INJECTION: forcing a failure. [ 792.572824][T22870] name failslab, interval 1, probability 0, space 0, times 0 [ 792.618418][T22870] CPU: 0 PID: 22870 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 792.626440][T22870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 792.636502][T22870] Call Trace: [ 792.639809][T22870] dump_stack+0x1d8/0x2f8 [ 792.644144][T22870] should_fail+0x608/0x860 [ 792.648562][T22870] ? setup_fault_attr+0x2b0/0x2b0 [ 792.653586][T22870] ? __lock_acquire+0x4750/0x4750 [ 792.658620][T22870] __should_failslab+0x11a/0x160 [ 792.663563][T22870] ? __kernfs_new_node+0xd9/0x6e0 [ 792.668584][T22870] should_failslab+0x9/0x20 [ 792.673090][T22870] kmem_cache_alloc+0x56/0x2e0 [ 792.677865][T22870] __kernfs_new_node+0xd9/0x6e0 [ 792.682720][T22870] ? __kasan_check_write+0x14/0x20 [ 792.687838][T22870] ? kernfs_new_node+0x180/0x180 [ 792.692959][T22870] ? __mutex_unlock_slowpath+0x18c/0x630 [ 792.698693][T22870] ? mutex_unlock+0x10/0x10 [ 792.703383][T22870] ? mutex_unlock+0xd/0x10 [ 792.707805][T22870] ? kernfs_activate+0x213/0x230 [ 792.712751][T22870] kernfs_new_node+0x97/0x180 [ 792.717441][T22870] __kernfs_create_file+0x4a/0x2f0 [ 792.722559][T22870] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 792.728033][T22870] internal_create_group+0x511/0xdf0 [ 792.733330][T22870] ? sysfs_create_group+0x30/0x30 [ 792.738365][T22870] sysfs_create_groups+0x75/0x130 [ 792.743623][T22870] device_add+0xaef/0x1570 [ 792.748227][T22870] ? rfkill_register+0x60/0x9f0 [ 792.753088][T22870] ? __init_waitqueue_head+0x42/0x90 [ 792.758383][T22870] ? dev_set_name+0x110/0x110 [ 792.763068][T22870] ? pm_runtime_init+0x295/0x370 [ 792.768020][T22870] rfkill_register+0x18b/0x9f0 [ 792.772788][T22870] hci_register_dev+0x3ac/0x720 [ 792.777645][T22870] hci_uart_tty_ioctl+0x8ad/0xa20 [ 792.782680][T22870] ? hci_uart_tty_write+0x10/0x10 [ 792.787809][T22870] tty_ioctl+0xfa8/0x1610 [ 792.792227][T22870] ? tty_do_resize+0x180/0x180 [ 792.796991][T22870] ? rcu_lock_release+0x9/0x30 [ 792.801763][T22870] ? __lock_acquire+0x4750/0x4750 [ 792.806791][T22870] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 792.812438][T22870] ? tomoyo_path_number_perm+0x587/0x740 [ 792.818172][T22870] ? trace_hardirqs_on+0x74/0x80 [ 792.823118][T22870] ? tomoyo_path_number_perm+0x5f0/0x740 [ 792.828755][T22870] ? tomoyo_check_path_acl+0x180/0x180 [ 792.834222][T22870] ? smk_access+0x4f0/0x4f0 [ 792.838732][T22870] ? smk_access+0x18c/0x4f0 [ 792.843241][T22870] ? tty_do_resize+0x180/0x180 [ 792.848010][T22870] do_vfs_ioctl+0x7d4/0x18f0 [ 792.852614][T22870] ? ioctl_preallocate+0x240/0x240 [ 792.857749][T22870] ? fget_many+0x30/0x30 [ 792.861996][T22870] ? debug_smp_processor_id+0x1c/0x20 [ 792.867373][T22870] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 792.873458][T22870] ? tomoyo_file_ioctl+0x23/0x30 [ 792.878415][T22870] ? security_file_ioctl+0xa1/0xd0 [ 792.883712][T22870] __x64_sys_ioctl+0xe3/0x120 [ 792.888409][T22870] do_syscall_64+0xfe/0x140 [ 792.892925][T22870] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 792.898811][T22870] RIP: 0033:0x459829 [ 792.902705][T22870] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 792.922402][T22870] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 792.930828][T22870] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 792.938810][T22870] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 792.947144][T22870] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 792.955129][T22870] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 20:39:22 executing program 2: r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) [ 792.963118][T22870] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 792.984874][T22874] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 20:39:22 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) 20:39:22 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:39:22 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) [ 793.081774][T22881] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 793.120315][ T9428] Bluetooth: hci0: Frame reassembly failed (-84) [ 795.122091][T20832] Bluetooth: hci0: command 0x1003 tx timeout [ 795.128181][T19431] Bluetooth: hci0: sending frame failed (-49) [ 797.202130][ T9746] Bluetooth: hci0: command 0x1001 tx timeout [ 797.208230][T19431] Bluetooth: hci0: sending frame failed (-49) [ 799.282108][ T9746] Bluetooth: hci0: command 0x1009 tx timeout 20:39:32 executing program 3 (fault-call:2 fault-nth:62): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:39:32 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:39:32 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:39:32 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) 20:39:32 executing program 0: r0 = socket$inet(0x2, 0x3, 0x2) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000040)=ANY=[], 0x7c774aac) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x2, 0x11, r1, 0x0) getsockopt(r0, 0x0, 0xcf, &(0x7f0000001400)=""/203, &(0x7f0000000040)=0xcb) 20:39:32 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) fsetxattr$trusted_overlay_nlink(r2, &(0x7f0000000400)='trusted.overlay.nlink\x00', &(0x7f0000000440)={'L-', 0x9}, 0x28, 0x1) 20:39:32 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) [ 803.459843][T22902] debugfs: Directory 'hci0' with parent 'bluetooth' already present! 20:39:32 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) [ 803.535233][T22902] FAULT_INJECTION: forcing a failure. [ 803.535233][T22902] name failslab, interval 1, probability 0, space 0, times 0 [ 803.562195][T22902] CPU: 1 PID: 22902 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 803.570226][T22902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 803.580296][T22902] Call Trace: 20:39:32 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:39:32 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) [ 803.583607][T22902] dump_stack+0x1d8/0x2f8 [ 803.587953][T22902] should_fail+0x608/0x860 [ 803.592381][T22902] ? setup_fault_attr+0x2b0/0x2b0 [ 803.597419][T22902] ? __lock_acquire+0x4750/0x4750 [ 803.602464][T22902] __should_failslab+0x11a/0x160 [ 803.607411][T22902] ? __kernfs_new_node+0xd9/0x6e0 [ 803.612443][T22902] should_failslab+0x9/0x20 [ 803.616955][T22902] kmem_cache_alloc+0x56/0x2e0 [ 803.622030][T22902] __kernfs_new_node+0xd9/0x6e0 [ 803.626914][T22902] ? __kasan_check_write+0x14/0x20 [ 803.632100][T22902] ? kernfs_new_node+0x180/0x180 [ 803.637028][T22902] ? __mutex_unlock_slowpath+0x18c/0x630 [ 803.642662][T22902] ? mutex_unlock+0x10/0x10 [ 803.647317][T22902] ? mutex_unlock+0xd/0x10 [ 803.651707][T22902] ? kernfs_activate+0x213/0x230 [ 803.656648][T22902] kernfs_new_node+0x97/0x180 [ 803.661304][T22902] __kernfs_create_file+0x4a/0x2f0 [ 803.666394][T22902] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 803.671758][T22902] internal_create_group+0x511/0xdf0 [ 803.677036][T22902] ? sysfs_create_group+0x30/0x30 [ 803.682043][T22902] sysfs_create_groups+0x75/0x130 [ 803.687070][T22902] device_add+0xaef/0x1570 [ 803.691465][T22902] ? rfkill_register+0x60/0x9f0 [ 803.696299][T22902] ? __init_waitqueue_head+0x42/0x90 [ 803.701556][T22902] ? dev_set_name+0x110/0x110 [ 803.706212][T22902] ? pm_runtime_init+0x295/0x370 [ 803.711125][T22902] rfkill_register+0x18b/0x9f0 [ 803.715866][T22902] hci_register_dev+0x3ac/0x720 [ 803.720717][T22902] hci_uart_tty_ioctl+0x8ad/0xa20 [ 803.725733][T22902] ? hci_uart_tty_write+0x10/0x10 [ 803.730745][T22902] tty_ioctl+0xfa8/0x1610 [ 803.735052][T22902] ? tty_do_resize+0x180/0x180 [ 803.739796][T22902] ? rcu_lock_release+0x9/0x30 [ 803.744551][T22902] ? __lock_acquire+0x4750/0x4750 [ 803.749565][T22902] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 803.755258][T22902] ? tomoyo_path_number_perm+0x587/0x740 [ 803.760866][T22902] ? trace_hardirqs_on+0x74/0x80 [ 803.765885][T22902] ? tomoyo_path_number_perm+0x5f0/0x740 [ 803.771579][T22902] ? tomoyo_check_path_acl+0x180/0x180 [ 803.777015][T22902] ? smk_access+0x4f0/0x4f0 [ 803.781491][T22902] ? smk_access+0x18c/0x4f0 [ 803.785967][T22902] ? tty_do_resize+0x180/0x180 [ 803.790733][T22902] do_vfs_ioctl+0x7d4/0x18f0 [ 803.795392][T22902] ? ioctl_preallocate+0x240/0x240 [ 803.800499][T22902] ? fget_many+0x30/0x30 [ 803.804714][T22902] ? debug_smp_processor_id+0x1c/0x20 [ 803.810062][T22902] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 803.816107][T22902] ? tomoyo_file_ioctl+0x23/0x30 [ 803.821023][T22902] ? security_file_ioctl+0xa1/0xd0 [ 803.826133][T22902] __x64_sys_ioctl+0xe3/0x120 [ 803.830788][T22902] do_syscall_64+0xfe/0x140 [ 803.835289][T22902] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 803.841158][T22902] RIP: 0033:0x459829 [ 803.845027][T22902] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 803.864785][T22902] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 803.873516][T22902] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 803.881462][T22902] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 803.889407][T22902] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 803.897447][T22902] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 803.905397][T22902] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 803.918405][T22911] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 20:39:33 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) 20:39:33 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, 0x0, 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) [ 803.991068][T21541] Bluetooth: hci0: Frame reassembly failed (-84) [ 804.053166][T22916] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 806.002118][ T9746] Bluetooth: hci0: command 0x1003 tx timeout [ 806.008252][T19431] Bluetooth: hci0: sending frame failed (-49) [ 808.082114][ T9746] Bluetooth: hci0: command 0x1001 tx timeout [ 808.088385][T19431] Bluetooth: hci0: sending frame failed (-49) [ 810.162142][ T9746] Bluetooth: hci0: command 0x1009 tx timeout 20:39:43 executing program 3 (fault-call:2 fault-nth:63): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:39:43 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) 20:39:43 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, 0x0, 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:39:43 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptmx\x00', 0x84080, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:39:43 executing program 0: r0 = socket$inet(0x2, 0x3, 0x2) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000040)=ANY=[], 0x7c774aac) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x2, 0x11, r1, 0x0) getsockopt(r0, 0x0, 0xcf, &(0x7f0000001400)=""/203, &(0x7f0000000040)=0xcb) 20:39:43 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) [ 814.276855][T22934] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 20:39:43 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, 0x0, 0x8080fffffffe) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:39:43 executing program 1: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) [ 814.341929][T22936] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 814.394695][T22936] FAULT_INJECTION: forcing a failure. [ 814.394695][T22936] name failslab, interval 1, probability 0, space 0, times 0 [ 814.424852][T22940] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 814.435357][T22936] CPU: 0 PID: 22936 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 814.443355][T22936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 814.453411][T22936] Call Trace: [ 814.456722][T22936] dump_stack+0x1d8/0x2f8 [ 814.461065][T22936] should_fail+0x608/0x860 [ 814.465493][T22936] ? setup_fault_attr+0x2b0/0x2b0 [ 814.470523][T22936] ? __lock_acquire+0x4750/0x4750 [ 814.475551][T22936] __should_failslab+0x11a/0x160 [ 814.480487][T22936] ? __kernfs_new_node+0xd9/0x6e0 [ 814.485609][T22936] should_failslab+0x9/0x20 [ 814.490122][T22936] kmem_cache_alloc+0x56/0x2e0 [ 814.494888][T22936] __kernfs_new_node+0xd9/0x6e0 [ 814.499746][T22936] ? __kasan_check_write+0x14/0x20 [ 814.504952][T22936] ? kernfs_new_node+0x180/0x180 [ 814.509895][T22936] ? __mutex_unlock_slowpath+0x18c/0x630 [ 814.516402][T22936] ? mutex_unlock+0x10/0x10 [ 814.521167][T22936] ? mutex_unlock+0xd/0x10 [ 814.525625][T22936] ? kernfs_activate+0x213/0x230 [ 814.530570][T22936] kernfs_new_node+0x97/0x180 [ 814.535252][T22936] __kernfs_create_file+0x4a/0x2f0 [ 814.540387][T22936] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 814.545858][T22936] sysfs_merge_group+0x1f3/0x3c0 [ 814.550798][T22936] ? sysfs_remove_groups+0xb0/0xb0 [ 814.555916][T22936] dpm_sysfs_add+0xcc/0x250 [ 814.560423][T22936] device_add+0xba3/0x1570 [ 814.564842][T22936] ? device_add+0xa41/0x1570 [ 814.569442][T22936] ? dev_set_name+0x110/0x110 [ 814.574122][T22936] ? pm_runtime_init+0x295/0x370 [ 814.579063][T22936] rfkill_register+0x18b/0x9f0 [ 814.583824][T22936] hci_register_dev+0x3ac/0x720 [ 814.588685][T22936] hci_uart_tty_ioctl+0x8ad/0xa20 [ 814.593803][T22936] ? hci_uart_tty_write+0x10/0x10 [ 814.598831][T22936] tty_ioctl+0xfa8/0x1610 [ 814.603161][T22936] ? tty_do_resize+0x180/0x180 [ 814.607925][T22936] ? rcu_lock_release+0x9/0x30 [ 814.612728][T22936] ? __lock_acquire+0x4750/0x4750 [ 814.617870][T22936] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 814.623595][T22936] ? tomoyo_path_number_perm+0x587/0x740 [ 814.629752][T22936] ? trace_hardirqs_on+0x74/0x80 [ 814.634702][T22936] ? tomoyo_path_number_perm+0x5f0/0x740 [ 814.640361][T22936] ? tomoyo_check_path_acl+0x180/0x180 [ 814.645837][T22936] ? smk_access+0x4f0/0x4f0 [ 814.650509][T22936] ? smk_access+0x18c/0x4f0 [ 814.655008][T22936] ? tty_do_resize+0x180/0x180 [ 814.659765][T22936] do_vfs_ioctl+0x7d4/0x18f0 [ 814.664356][T22936] ? ioctl_preallocate+0x240/0x240 [ 814.669481][T22936] ? fget_many+0x30/0x30 [ 814.673729][T22936] ? debug_smp_processor_id+0x1c/0x20 [ 814.679100][T22936] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 814.685284][T22936] ? tomoyo_file_ioctl+0x23/0x30 [ 814.690224][T22936] ? security_file_ioctl+0xa1/0xd0 [ 814.695335][T22936] __x64_sys_ioctl+0xe3/0x120 [ 814.700011][T22936] do_syscall_64+0xfe/0x140 [ 814.704513][T22936] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 814.710398][T22936] RIP: 0033:0x459829 [ 814.714290][T22936] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 814.733915][T22936] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 20:39:43 executing program 0: r0 = socket$inet(0x2, 0x3, 0x2) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000040)=ANY=[], 0x7c774aac) getsockopt(r0, 0x0, 0xcf, &(0x7f0000001400)=""/203, &(0x7f0000000040)=0xcb) 20:39:44 executing program 1: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) [ 814.742327][T22936] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 814.750298][T22936] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 814.758534][T22936] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 814.767064][T22936] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 814.775227][T22936] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 20:39:44 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:39:44 executing program 1: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) [ 814.842604][T22945] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 814.925945][T22951] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 816.802111][ T9746] Bluetooth: hci0: command 0x1003 tx timeout [ 816.810643][T19431] Bluetooth: hci0: sending frame failed (-49) [ 818.882089][ T9746] Bluetooth: hci0: command 0x1001 tx timeout [ 818.888175][T19431] Bluetooth: hci0: sending frame failed (-49) [ 820.962088][ T9746] Bluetooth: hci0: command 0x1009 tx timeout 20:39:54 executing program 3 (fault-call:2 fault-nth:64): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:39:54 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x0) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:39:54 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) 20:39:54 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:39:54 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000400)=ANY=[@ANYBLOB="8300000e290000000000000100000000000000000000000000000000000000fd600f96e190285a7d000405002e2f6275730000000000000000000000cbad09070000000000000007002e2f66696c6530000400000037d343f400000000000000000900000000fd0000df0500050000007300000000000000000000000000000000000000000507002e2f66696c653000"], 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000880)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500f966428eb4cb7860c131aef785f25df8e215082fac6756e2e738f88c16733e502889b55c65d7c2784867fe37c2a92746c52bcbb665d58718005ebf3bc0142ec8756e17b5f05256eedf9231886f5f5481054be49a5e2138f579f8f92ef98952b0db5098f5871f9ed26c5d37e6d49a178c58626d3e62c7600e945b3b2541757ddc53dacadd75700faeb000000000000000000000000000000ed80d05665b081df1a36c74a795b65a1166ec9839f445ee6bd7a07a5fb49d0c92dee6625a53935addb6eac8309e4a401ea6a890b6f3860bc76f5a98ab2648c4bb2fc385fe5f11f641e7ee928d45335a3ac3c4d0285bd32bd7e316184bd0e8c7586c7c17e3bbabdfa2236b5167c7e220e8cbee97875cffd6f94e057094bb8383a59e97b2923625d92c88832b71d34bf4463855cdb004704f8ba18e8ce2117098ff2a3e54704544c9bad823299c5cce1b8fa884544083d33b190ef5d8b5169f574ba5d43d6c24015794a9f0efc016a28e37dbf69fb0b49e1d76fa5716998dc2e550f860cda5a5ef3425aea3a"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:39:54 executing program 0: r0 = socket$inet(0x2, 0x3, 0x2) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) getsockopt(r0, 0x0, 0xcf, &(0x7f0000001400)=""/203, &(0x7f0000000040)=0xcb) 20:39:54 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x0) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:39:54 executing program 0: r0 = socket$inet(0x2, 0x3, 0x2) getsockopt(r0, 0x0, 0xcf, &(0x7f0000001400)=""/203, &(0x7f0000000040)=0xcb) [ 825.161356][T22962] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 825.191659][T22969] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 825.238319][T22969] FAULT_INJECTION: forcing a failure. [ 825.238319][T22969] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 825.251734][T22969] CPU: 1 PID: 22969 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 825.259802][T22969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 825.269875][T22969] Call Trace: [ 825.273179][T22969] dump_stack+0x1d8/0x2f8 [ 825.277523][T22969] should_fail+0x608/0x860 [ 825.281942][T22969] ? setup_fault_attr+0x2b0/0x2b0 [ 825.286965][T22969] ? stack_trace_save+0x111/0x1e0 [ 825.291997][T22969] ? trace_lock_acquire+0x1d0/0x1d0 [ 825.297195][T22969] should_fail_alloc_page+0x55/0x60 [ 825.302388][T22969] prepare_alloc_pages+0x283/0x470 [ 825.307691][T22969] __alloc_pages_nodemask+0x11c/0x790 [ 825.313060][T22969] ? kernfs_new_node+0x97/0x180 [ 825.317925][T22969] ? __kernfs_create_file+0x4a/0x2f0 [ 825.323210][T22969] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 825.328753][T22969] ? trace_lock_release+0x135/0x1a0 [ 825.333958][T22969] kmem_getpages+0x56/0xa20 [ 825.338464][T22969] ? trace_lock_acquire+0x159/0x1d0 [ 825.343752][T22969] cache_grow_begin+0x7e/0x2c0 [ 825.348535][T22969] cache_alloc_refill+0x311/0x3f0 [ 825.353554][T22969] ? check_preemption_disabled+0xb7/0x2a0 [ 825.359267][T22969] kmem_cache_alloc+0x2b9/0x2e0 [ 825.364122][T22969] ? __kernfs_new_node+0xd9/0x6e0 [ 825.369143][T22969] __kernfs_new_node+0xd9/0x6e0 [ 825.374248][T22969] ? __kasan_check_write+0x14/0x20 [ 825.379360][T22969] ? kernfs_new_node+0x180/0x180 [ 825.384358][T22969] ? __mutex_unlock_slowpath+0x18c/0x630 [ 825.389984][T22969] ? mutex_unlock+0x10/0x10 [ 825.394482][T22969] ? mutex_unlock+0xd/0x10 [ 825.398947][T22969] ? kernfs_activate+0x213/0x230 [ 825.403898][T22969] kernfs_new_node+0x97/0x180 [ 825.408572][T22969] __kernfs_create_file+0x4a/0x2f0 [ 825.413685][T22969] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 825.419055][T22969] sysfs_merge_group+0x1f3/0x3c0 [ 825.424008][T22969] ? sysfs_remove_groups+0xb0/0xb0 [ 825.429120][T22969] dpm_sysfs_add+0xcc/0x250 [ 825.433625][T22969] device_add+0xba3/0x1570 [ 825.438041][T22969] ? device_add+0xa41/0x1570 [ 825.442631][T22969] ? dev_set_name+0x110/0x110 [ 825.447326][T22969] ? pm_runtime_init+0x295/0x370 [ 825.452449][T22969] rfkill_register+0x18b/0x9f0 [ 825.457215][T22969] hci_register_dev+0x3ac/0x720 [ 825.462066][T22969] hci_uart_tty_ioctl+0x8ad/0xa20 [ 825.467092][T22969] ? hci_uart_tty_write+0x10/0x10 [ 825.472132][T22969] tty_ioctl+0xfa8/0x1610 [ 825.476551][T22969] ? tty_do_resize+0x180/0x180 [ 825.481495][T22969] ? rcu_lock_release+0x9/0x30 [ 825.486256][T22969] ? __lock_acquire+0x4750/0x4750 [ 825.491291][T22969] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 825.497018][T22969] ? tomoyo_path_number_perm+0x587/0x740 [ 825.502650][T22969] ? trace_hardirqs_on+0x74/0x80 [ 825.502663][T22969] ? tomoyo_path_number_perm+0x5f0/0x740 [ 825.502673][T22969] ? tomoyo_check_path_acl+0x180/0x180 [ 825.502683][T22969] ? smk_access+0x4f0/0x4f0 [ 825.502690][T22969] ? smk_access+0x18c/0x4f0 [ 825.502701][T22969] ? tty_do_resize+0x180/0x180 [ 825.502715][T22969] do_vfs_ioctl+0x7d4/0x18f0 [ 825.513337][T22969] ? ioctl_preallocate+0x240/0x240 [ 825.513354][T22969] ? fget_many+0x30/0x30 [ 825.513363][T22969] ? debug_smp_processor_id+0x1c/0x20 [ 825.513373][T22969] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 825.513385][T22969] ? tomoyo_file_ioctl+0x23/0x30 [ 825.513401][T22969] ? security_file_ioctl+0xa1/0xd0 [ 825.568288][T22969] __x64_sys_ioctl+0xe3/0x120 [ 825.572945][T22969] do_syscall_64+0xfe/0x140 [ 825.577440][T22969] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 825.583582][T22969] RIP: 0033:0x459829 [ 825.587468][T22969] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 825.607165][T22969] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 825.615553][T22969] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 825.623505][T22969] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 825.631544][T22969] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 20:39:54 executing program 0: getsockopt(0xffffffffffffffff, 0x0, 0xcf, &(0x7f0000001400)=""/203, &(0x7f0000000040)=0xcb) 20:39:54 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) [ 825.639492][T22969] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 825.647452][T22969] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 825.663008][T21541] Bluetooth: hci0: Frame reassembly failed (-84) 20:39:54 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:39:54 executing program 0: getsockopt(0xffffffffffffffff, 0x0, 0xcf, &(0x7f0000001400)=""/203, &(0x7f0000000040)=0xcb) [ 825.692594][T22975] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 827.682482][T22967] Bluetooth: hci0: command 0x1003 tx timeout [ 827.688707][T19431] Bluetooth: hci0: sending frame failed (-49) [ 829.762403][T22967] Bluetooth: hci0: command 0x1001 tx timeout [ 829.768495][T19431] Bluetooth: hci0: sending frame failed (-49) [ 831.842262][T22967] Bluetooth: hci0: command 0x1009 tx timeout 20:40:05 executing program 3 (fault-call:2 fault-nth:65): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:40:05 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x0) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:40:05 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) 20:40:05 executing program 0: getsockopt(0xffffffffffffffff, 0x0, 0xcf, &(0x7f0000001400)=""/203, &(0x7f0000000040)=0xcb) 20:40:05 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:40:05 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0xfffffffffffffe, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{0x0, 0xfffffffffffffffe}, 0xfffffffffffffffe, 0x5, 0x7, './file0'}]}}, 0x83) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) futex(&(0x7f0000000400)=0x1, 0x89, 0x2, &(0x7f0000000480)={r3, r4+10000000}, &(0x7f00000004c0)=0x1, 0x1) r5 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r5, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r5, r5, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:40:05 executing program 0: r0 = socket$inet(0x2, 0x0, 0x2) getsockopt(r0, 0x0, 0xcf, &(0x7f0000001400)=""/203, &(0x7f0000000040)=0xcb) [ 836.043853][T22995] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 836.063797][T22998] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 836.075557][T22998] FAULT_INJECTION: forcing a failure. [ 836.075557][T22998] name failslab, interval 1, probability 0, space 0, times 0 [ 836.136000][T22998] CPU: 0 PID: 22998 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 836.144044][T22998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 836.154115][T22998] Call Trace: [ 836.157413][T22998] dump_stack+0x1d8/0x2f8 [ 836.162708][T22998] should_fail+0x608/0x860 [ 836.167130][T22998] ? setup_fault_attr+0x2b0/0x2b0 [ 836.172154][T22998] ? __lock_acquire+0x4750/0x4750 [ 836.177190][T22998] __should_failslab+0x11a/0x160 [ 836.182133][T22998] ? __kernfs_new_node+0xd9/0x6e0 [ 836.187161][T22998] should_failslab+0x9/0x20 [ 836.191664][T22998] kmem_cache_alloc+0x56/0x2e0 [ 836.196428][T22998] __kernfs_new_node+0xd9/0x6e0 [ 836.201494][T22998] ? __kasan_check_write+0x14/0x20 [ 836.206614][T22998] ? kernfs_new_node+0x180/0x180 [ 836.211549][T22998] ? __mutex_unlock_slowpath+0x18c/0x630 [ 836.217264][T22998] ? mutex_unlock+0x10/0x10 [ 836.221767][T22998] ? mutex_unlock+0xd/0x10 [ 836.226177][T22998] ? kernfs_activate+0x213/0x230 [ 836.231108][T22998] kernfs_new_node+0x97/0x180 [ 836.235787][T22998] __kernfs_create_file+0x4a/0x2f0 [ 836.240894][T22998] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 836.246277][T22998] sysfs_merge_group+0x1f3/0x3c0 [ 836.251215][T22998] ? sysfs_remove_groups+0xb0/0xb0 [ 836.256330][T22998] dpm_sysfs_add+0xcc/0x250 [ 836.260830][T22998] device_add+0xba3/0x1570 [ 836.265246][T22998] ? device_add+0xa41/0x1570 [ 836.269829][T22998] ? dev_set_name+0x110/0x110 [ 836.274501][T22998] ? pm_runtime_init+0x295/0x370 [ 836.279444][T22998] rfkill_register+0x18b/0x9f0 [ 836.284301][T22998] hci_register_dev+0x3ac/0x720 [ 836.289151][T22998] hci_uart_tty_ioctl+0x8ad/0xa20 [ 836.294176][T22998] ? hci_uart_tty_write+0x10/0x10 [ 836.299198][T22998] tty_ioctl+0xfa8/0x1610 [ 836.303523][T22998] ? tty_do_resize+0x180/0x180 [ 836.308280][T22998] ? rcu_lock_release+0x9/0x30 [ 836.313046][T22998] ? __lock_acquire+0x4750/0x4750 [ 836.318152][T22998] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 836.323782][T22998] ? tomoyo_path_number_perm+0x587/0x740 [ 836.329534][T22998] ? trace_hardirqs_on+0x74/0x80 [ 836.334469][T22998] ? tomoyo_path_number_perm+0x5f0/0x740 [ 836.340100][T22998] ? tomoyo_check_path_acl+0x180/0x180 [ 836.345563][T22998] ? smk_access+0x4f0/0x4f0 [ 836.350058][T22998] ? smk_access+0x18c/0x4f0 [ 836.354554][T22998] ? tty_do_resize+0x180/0x180 [ 836.359324][T22998] do_vfs_ioctl+0x7d4/0x18f0 [ 836.363918][T22998] ? ioctl_preallocate+0x240/0x240 [ 836.369090][T22998] ? fget_many+0x30/0x30 [ 836.373329][T22998] ? debug_smp_processor_id+0x1c/0x20 [ 836.378696][T22998] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 836.384934][T22998] ? tomoyo_file_ioctl+0x23/0x30 [ 836.389866][T22998] ? security_file_ioctl+0xa1/0xd0 [ 836.394974][T22998] __x64_sys_ioctl+0xe3/0x120 [ 836.399647][T22998] do_syscall_64+0xfe/0x140 [ 836.404148][T22998] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 836.410033][T22998] RIP: 0033:0x459829 [ 836.413922][T22998] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 20:40:05 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) 20:40:05 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) [ 836.433516][T22998] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 836.442020][T22998] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 836.450262][T22998] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 836.458231][T22998] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 836.466209][T22998] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 836.474192][T22998] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 20:40:05 executing program 0: r0 = socket$inet(0x2, 0x0, 0x2) getsockopt(r0, 0x0, 0xcf, &(0x7f0000001400)=""/203, &(0x7f0000000040)=0xcb) 20:40:05 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) [ 836.500069][ T9428] Bluetooth: hci0: Frame reassembly failed (-84) [ 836.518683][T23009] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 20:40:05 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) [ 836.654271][T23021] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 836.800208][T23017] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 836.809791][T23017] FAT-fs (loop4): Filesystem has been set read-only [ 836.823296][T23017] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 836.842000][T23017] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 836.855598][T23017] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 838.562193][ T9347] Bluetooth: hci0: command 0x1003 tx timeout [ 838.568319][T19431] Bluetooth: hci0: sending frame failed (-49) [ 840.642194][T22967] Bluetooth: hci0: command 0x1001 tx timeout [ 840.648440][T19431] Bluetooth: hci0: sending frame failed (-49) [ 842.722225][T22967] Bluetooth: hci0: command 0x1009 tx timeout 20:40:16 executing program 3 (fault-call:2 fault-nth:66): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:40:16 executing program 0: r0 = socket$inet(0x2, 0x0, 0x2) getsockopt(r0, 0x0, 0xcf, &(0x7f0000001400)=""/203, &(0x7f0000000040)=0xcb) 20:40:16 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:40:16 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) 20:40:16 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802300063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fbed96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) remap_file_pages(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0xc8, 0x4000000) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:40:16 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) [ 846.910104][T23028] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 846.939727][T23035] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 846.975437][T23035] FAULT_INJECTION: forcing a failure. [ 846.975437][T23035] name failslab, interval 1, probability 0, space 0, times 0 [ 847.032381][T23035] CPU: 0 PID: 23035 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 847.040393][T23035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 847.050799][T23035] Call Trace: [ 847.054113][T23035] dump_stack+0x1d8/0x2f8 [ 847.058455][T23035] should_fail+0x608/0x860 [ 847.062889][T23035] ? setup_fault_attr+0x2b0/0x2b0 [ 847.067916][T23035] ? __lock_acquire+0x4750/0x4750 [ 847.072950][T23035] __should_failslab+0x11a/0x160 [ 847.077983][T23035] ? __kernfs_new_node+0xd9/0x6e0 [ 847.083012][T23035] should_failslab+0x9/0x20 [ 847.087539][T23035] kmem_cache_alloc+0x56/0x2e0 [ 847.092310][T23035] __kernfs_new_node+0xd9/0x6e0 [ 847.097165][T23035] ? __kasan_check_write+0x14/0x20 [ 847.102280][T23035] ? kernfs_new_node+0x180/0x180 [ 847.107229][T23035] ? __mutex_unlock_slowpath+0x18c/0x630 [ 847.112872][T23035] ? mutex_unlock+0x10/0x10 [ 847.117382][T23035] ? mutex_unlock+0xd/0x10 [ 847.121837][T23035] ? kernfs_activate+0x213/0x230 [ 847.126785][T23035] kernfs_new_node+0x97/0x180 [ 847.131486][T23035] __kernfs_create_file+0x4a/0x2f0 [ 847.136611][T23035] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 847.142160][T23035] sysfs_merge_group+0x1f3/0x3c0 [ 847.147107][T23035] ? sysfs_remove_groups+0xb0/0xb0 [ 847.152227][T23035] dpm_sysfs_add+0xcc/0x250 [ 847.156742][T23035] device_add+0xba3/0x1570 [ 847.161176][T23035] ? device_add+0xa41/0x1570 [ 847.165774][T23035] ? dev_set_name+0x110/0x110 [ 847.170455][T23035] ? pm_runtime_init+0x295/0x370 [ 847.175397][T23035] rfkill_register+0x18b/0x9f0 [ 847.180174][T23035] hci_register_dev+0x3ac/0x720 [ 847.185031][T23035] hci_uart_tty_ioctl+0x8ad/0xa20 [ 847.190093][T23035] ? hci_uart_tty_write+0x10/0x10 [ 847.195236][T23035] tty_ioctl+0xfa8/0x1610 [ 847.199572][T23035] ? tty_do_resize+0x180/0x180 [ 847.204339][T23035] ? rcu_lock_release+0x9/0x30 [ 847.209105][T23035] ? __lock_acquire+0x4750/0x4750 [ 847.214171][T23035] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 847.219804][T23035] ? tomoyo_path_number_perm+0x587/0x740 [ 847.225526][T23035] ? trace_hardirqs_on+0x74/0x80 [ 847.230473][T23035] ? tomoyo_path_number_perm+0x5f0/0x740 [ 847.236123][T23035] ? tomoyo_check_path_acl+0x180/0x180 [ 847.241594][T23035] ? smk_access+0x4f0/0x4f0 [ 847.246099][T23035] ? smk_access+0x18c/0x4f0 [ 847.250613][T23035] ? tty_do_resize+0x180/0x180 [ 847.255383][T23035] do_vfs_ioctl+0x7d4/0x18f0 [ 847.260255][T23035] ? ioctl_preallocate+0x240/0x240 [ 847.265382][T23035] ? fget_many+0x30/0x30 [ 847.269631][T23035] ? debug_smp_processor_id+0x1c/0x20 [ 847.275024][T23035] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 847.281112][T23035] ? tomoyo_file_ioctl+0x23/0x30 [ 847.286051][T23035] ? security_file_ioctl+0xa1/0xd0 [ 847.291200][T23035] __x64_sys_ioctl+0xe3/0x120 [ 847.295886][T23035] do_syscall_64+0xfe/0x140 [ 847.300391][T23035] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 847.306636][T23035] RIP: 0033:0x459829 [ 847.310540][T23035] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 20:40:16 executing program 0: r0 = socket$inet(0x2, 0x3, 0x0) getsockopt(r0, 0x0, 0xcf, &(0x7f0000001400)=""/203, &(0x7f0000000040)=0xcb) 20:40:16 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) [ 847.330324][T23035] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 847.338746][T23035] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 847.346734][T23035] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 847.354716][T23035] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 847.362704][T23035] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 847.370681][T23035] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 20:40:16 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) [ 847.459705][T23033] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 847.471214][T23033] FAT-fs (loop4): Filesystem has been set read-only [ 847.491880][T23033] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) 20:40:16 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:40:16 executing program 0: r0 = socket$inet(0x2, 0x3, 0x0) getsockopt(r0, 0x0, 0xcf, &(0x7f0000001400)=""/203, &(0x7f0000000040)=0xcb) [ 847.502834][T23050] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 847.523161][ T7] Bluetooth: hci0: Frame reassembly failed (-84) [ 847.543148][T23033] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) 20:40:16 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) [ 847.561294][T23033] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 847.590255][T23058] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 849.602131][T22967] Bluetooth: hci0: command 0x1003 tx timeout [ 849.609448][T19431] Bluetooth: hci0: sending frame failed (-49) [ 851.682097][T22967] Bluetooth: hci0: command 0x1001 tx timeout [ 851.688180][T19431] Bluetooth: hci0: sending frame failed (-49) [ 853.762103][T22967] Bluetooth: hci0: command 0x1009 tx timeout 20:40:26 executing program 3 (fault-call:2 fault-nth:67): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:40:26 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:40:26 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) 20:40:26 executing program 0: r0 = socket$inet(0x2, 0x3, 0x0) getsockopt(r0, 0x0, 0xcf, &(0x7f0000001400)=""/203, &(0x7f0000000040)=0xcb) 20:40:26 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:40:26 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) setsockopt$packet_tx_ring(r1, 0x107, 0xd, &(0x7f0000000040)=@req={0x92a, 0x7, 0xffffffffffffff54, 0x2}, 0x10) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) [ 857.814427][T23066] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 857.841868][T23074] debugfs: Directory 'hci0' with parent 'bluetooth' already present! 20:40:27 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) 20:40:27 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x0, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:40:27 executing program 0: socket$inet(0x2, 0x3, 0x2) getsockopt(0xffffffffffffffff, 0x0, 0xcf, &(0x7f0000001400)=""/203, &(0x7f0000000040)=0xcb) [ 857.887514][T23074] FAULT_INJECTION: forcing a failure. [ 857.887514][T23074] name failslab, interval 1, probability 0, space 0, times 0 [ 857.962143][T23074] CPU: 1 PID: 23074 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 857.970177][T23074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 857.975947][T23084] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 857.980462][T23074] Call Trace: [ 857.980487][T23074] dump_stack+0x1d8/0x2f8 [ 857.980502][T23074] should_fail+0x608/0x860 [ 857.980512][T23074] ? setup_fault_attr+0x2b0/0x2b0 [ 857.980531][T23074] ? __lock_acquire+0x4750/0x4750 [ 858.014712][T23074] __should_failslab+0x11a/0x160 [ 858.019759][T23074] ? __kernfs_new_node+0xd9/0x6e0 [ 858.024796][T23074] should_failslab+0x9/0x20 [ 858.029456][T23074] kmem_cache_alloc+0x56/0x2e0 [ 858.034356][T23074] __kernfs_new_node+0xd9/0x6e0 [ 858.039808][T23074] ? __kasan_check_write+0x14/0x20 [ 858.044937][T23074] ? kernfs_new_node+0x180/0x180 [ 858.049919][T23074] ? __mutex_unlock_slowpath+0x18c/0x630 [ 858.055742][T23074] ? mutex_unlock+0x10/0x10 [ 858.059994][T23087] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 858.060378][T23074] ? mutex_unlock+0xd/0x10 [ 858.074764][T23074] ? kernfs_activate+0x213/0x230 [ 858.080049][T23074] kernfs_new_node+0x97/0x180 [ 858.084906][T23074] __kernfs_create_file+0x4a/0x2f0 [ 858.090217][T23074] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 858.097127][T23074] sysfs_merge_group+0x1f3/0x3c0 [ 858.102086][T23074] ? sysfs_remove_groups+0xb0/0xb0 [ 858.107667][T23074] dpm_sysfs_add+0xcc/0x250 [ 858.112980][T23074] device_add+0xba3/0x1570 [ 858.117427][T23074] ? device_add+0xa41/0x1570 [ 858.122038][T23074] ? dev_set_name+0x110/0x110 [ 858.126765][T23074] ? pm_runtime_init+0x295/0x370 [ 858.130067][T23089] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 858.131987][T23074] rfkill_register+0x18b/0x9f0 [ 858.132001][T23074] hci_register_dev+0x3ac/0x720 [ 858.132016][T23074] hci_uart_tty_ioctl+0x8ad/0xa20 [ 858.132034][T23074] ? hci_uart_tty_write+0x10/0x10 [ 858.164816][T23074] tty_ioctl+0xfa8/0x1610 [ 858.169281][T23074] ? tty_do_resize+0x180/0x180 [ 858.174237][T23074] ? rcu_lock_release+0x9/0x30 [ 858.179582][T23074] ? __lock_acquire+0x4750/0x4750 [ 858.185143][T23074] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 858.192600][T23074] ? tomoyo_path_number_perm+0x587/0x740 [ 858.199966][T23074] ? trace_hardirqs_on+0x74/0x80 [ 858.205443][T23074] ? tomoyo_path_number_perm+0x5f0/0x740 [ 858.210076][T23091] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 858.211183][T23074] ? tomoyo_check_path_acl+0x180/0x180 [ 858.211195][T23074] ? smk_access+0x4f0/0x4f0 [ 858.211212][T23074] ? smk_access+0x18c/0x4f0 [ 858.235786][T23074] ? tty_do_resize+0x180/0x180 [ 858.240752][T23074] do_vfs_ioctl+0x7d4/0x18f0 [ 858.245622][T23074] ? ioctl_preallocate+0x240/0x240 [ 858.250899][T23074] ? fget_many+0x30/0x30 [ 858.255151][T23074] ? debug_smp_processor_id+0x1c/0x20 [ 858.260981][T23074] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 858.267224][T23074] ? tomoyo_file_ioctl+0x23/0x30 [ 858.272190][T23074] ? security_file_ioctl+0xa1/0xd0 [ 858.277392][T23074] __x64_sys_ioctl+0xe3/0x120 [ 858.282169][T23074] do_syscall_64+0xfe/0x140 [ 858.286681][T23074] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 858.292663][T23074] RIP: 0033:0x459829 [ 858.296646][T23074] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 858.317398][T23074] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 858.325818][T23074] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 858.334290][T23074] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 858.342885][T23074] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 858.351215][T23074] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 20:40:27 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) 20:40:27 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) 20:40:27 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0b") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) [ 858.359772][T23074] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 858.462260][T23064] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 858.472005][T23064] FAT-fs (loop4): Filesystem has been set read-only [ 858.484083][T23064] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 858.504785][T23064] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 858.533535][T23064] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 860.402134][ T22] Bluetooth: hci0: command 0x1003 tx timeout [ 860.410203][T19431] Bluetooth: hci0: sending frame failed (-49) [ 862.482181][ T22] Bluetooth: hci0: command 0x1001 tx timeout [ 862.488552][T19431] Bluetooth: hci0: sending frame failed (-49) [ 864.562144][ T22] Bluetooth: hci0: command 0x1009 tx timeout 20:40:37 executing program 3 (fault-call:2 fault-nth:68): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:40:37 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0b") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) 20:40:37 executing program 0: socket$inet(0x2, 0x3, 0x2) getsockopt(0xffffffffffffffff, 0x0, 0xcf, &(0x7f0000001400)=""/203, &(0x7f0000000040)=0xcb) 20:40:37 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x0, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:40:37 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:40:37 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/self/net/pfkey\x00', 0x408000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:40:37 executing program 0: socket$inet(0x2, 0x3, 0x2) getsockopt(0xffffffffffffffff, 0x0, 0xcf, &(0x7f0000001400)=""/203, &(0x7f0000000040)=0xcb) [ 868.686184][T23101] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 20:40:37 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x0, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) [ 868.776368][T23109] debugfs: Directory 'hci0' with parent 'bluetooth' already present! 20:40:38 executing program 0: r0 = socket$inet(0x2, 0x3, 0x2) getsockopt(r0, 0x0, 0x0, &(0x7f0000001400)=""/203, &(0x7f0000000040)=0xcb) [ 868.839188][T23109] FAULT_INJECTION: forcing a failure. [ 868.839188][T23109] name failslab, interval 1, probability 0, space 0, times 0 [ 868.851085][T23102] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) 20:40:38 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0b") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) [ 868.880345][T23102] FAT-fs (loop4): Filesystem has been set read-only [ 868.905419][T23102] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 868.917174][T23117] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 868.918301][T23109] CPU: 1 PID: 23109 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 868.941910][T23109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 868.946080][T23102] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 868.952139][T23109] Call Trace: [ 868.952161][T23109] dump_stack+0x1d8/0x2f8 [ 868.952173][T23109] should_fail+0x608/0x860 [ 868.952184][T23109] ? setup_fault_attr+0x2b0/0x2b0 [ 868.952196][T23109] ? __lock_acquire+0x4750/0x4750 [ 868.952210][T23109] __should_failslab+0x11a/0x160 [ 868.952220][T23109] ? __kernfs_new_node+0xd9/0x6e0 [ 868.952231][T23109] should_failslab+0x9/0x20 [ 868.952242][T23109] kmem_cache_alloc+0x56/0x2e0 [ 868.952252][T23109] __kernfs_new_node+0xd9/0x6e0 [ 868.952262][T23109] ? __kasan_check_write+0x14/0x20 [ 868.952277][T23109] ? kernfs_new_node+0x180/0x180 [ 868.972971][T23102] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 868.973363][T23109] ? __mutex_unlock_slowpath+0x18c/0x630 [ 868.973374][T23109] ? mutex_unlock+0x10/0x10 [ 868.973386][T23109] ? mutex_unlock+0xd/0x10 [ 869.043210][T23109] ? kernfs_activate+0x213/0x230 [ 869.048163][T23109] kernfs_new_node+0x97/0x180 [ 869.052924][T23109] __kernfs_create_file+0x4a/0x2f0 [ 869.058900][T23109] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 869.064274][T23109] sysfs_merge_group+0x1f3/0x3c0 [ 869.069224][T23109] ? sysfs_remove_groups+0xb0/0xb0 [ 869.074351][T23109] dpm_sysfs_add+0xcc/0x250 [ 869.078853][T23109] device_add+0xba3/0x1570 [ 869.083357][T23109] ? device_add+0xa41/0x1570 [ 869.087942][T23109] ? dev_set_name+0x110/0x110 [ 869.092612][T23109] ? pm_runtime_init+0x295/0x370 [ 869.097553][T23109] rfkill_register+0x18b/0x9f0 [ 869.102353][T23109] hci_register_dev+0x3ac/0x720 [ 869.107203][T23109] hci_uart_tty_ioctl+0x8ad/0xa20 [ 869.112220][T23109] ? hci_uart_tty_write+0x10/0x10 [ 869.117240][T23109] tty_ioctl+0xfa8/0x1610 [ 869.121575][T23109] ? tty_do_resize+0x180/0x180 [ 869.126336][T23109] ? rcu_lock_release+0x9/0x30 [ 869.131098][T23109] ? __lock_acquire+0x4750/0x4750 [ 869.136122][T23109] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 869.141759][T23109] ? tomoyo_path_number_perm+0x587/0x740 [ 869.147391][T23109] ? trace_hardirqs_on+0x74/0x80 [ 869.152326][T23109] ? tomoyo_path_number_perm+0x5f0/0x740 [ 869.152337][T23109] ? tomoyo_check_path_acl+0x180/0x180 [ 869.152346][T23109] ? smk_access+0x4f0/0x4f0 [ 869.152353][T23109] ? smk_access+0x18c/0x4f0 [ 869.152364][T23109] ? tty_do_resize+0x180/0x180 [ 869.152374][T23109] do_vfs_ioctl+0x7d4/0x18f0 [ 869.152385][T23109] ? ioctl_preallocate+0x240/0x240 [ 869.152402][T23109] ? fget_many+0x30/0x30 [ 869.152410][T23109] ? debug_smp_processor_id+0x1c/0x20 [ 869.152424][T23109] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 869.202839][T23109] ? tomoyo_file_ioctl+0x23/0x30 [ 869.207795][T23109] ? security_file_ioctl+0xa1/0xd0 [ 869.212902][T23109] __x64_sys_ioctl+0xe3/0x120 [ 869.217573][T23109] do_syscall_64+0xfe/0x140 [ 869.222344][T23109] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 869.228229][T23109] RIP: 0033:0x459829 [ 869.232120][T23109] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 869.251975][T23109] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 869.260395][T23109] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 869.268360][T23109] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 20:40:38 executing program 0: r0 = socket$inet(0x2, 0x3, 0x2) getsockopt(r0, 0x0, 0x0, &(0x7f0000001400)=""/203, &(0x7f0000000040)=0xcb) 20:40:38 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) [ 869.276503][T23109] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 869.284506][T23109] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 869.292479][T23109] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 869.336976][ T7] Bluetooth: hci0: Frame reassembly failed (-84) [ 871.362396][T22967] Bluetooth: hci0: command 0x1003 tx timeout [ 871.368653][T19431] Bluetooth: hci0: sending frame failed (-49) [ 873.442420][T22967] Bluetooth: hci0: command 0x1001 tx timeout [ 873.448514][T19431] Bluetooth: hci0: sending frame failed (-49) [ 875.522397][T22967] Bluetooth: hci0: command 0x1009 tx timeout 20:40:48 executing program 3 (fault-call:2 fault-nth:69): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:40:48 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47b") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) 20:40:48 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0) mkdir(0x0, 0x0) 20:40:48 executing program 0: r0 = socket$inet(0x2, 0x3, 0x2) getsockopt(r0, 0x0, 0x0, &(0x7f0000001400)=""/203, &(0x7f0000000040)=0xcb) 20:40:48 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:40:48 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x400400, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:40:48 executing program 0: r0 = socket$inet(0x2, 0x3, 0x2) getsockopt(r0, 0x0, 0xcf, 0x0, &(0x7f0000000040)) [ 879.553769][T23130] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 20:40:48 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47b") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) [ 879.598418][T23136] debugfs: Directory 'hci0' with parent 'bluetooth' already present! 20:40:48 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:40:48 executing program 0: r0 = socket$inet(0x2, 0x3, 0x2) getsockopt(r0, 0x0, 0xcf, 0x0, 0x0) [ 879.651267][T23136] FAULT_INJECTION: forcing a failure. [ 879.651267][T23136] name failslab, interval 1, probability 0, space 0, times 0 [ 879.667574][T23139] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 879.740697][T23136] CPU: 1 PID: 23136 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 879.748717][T23136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 879.758783][T23136] Call Trace: [ 879.762087][T23136] dump_stack+0x1d8/0x2f8 [ 879.766425][T23136] should_fail+0x608/0x860 [ 879.770847][T23136] ? setup_fault_attr+0x2b0/0x2b0 [ 879.775875][T23136] ? kzalloc+0x26/0x40 [ 879.780132][T23136] __should_failslab+0x11a/0x160 [ 879.785073][T23136] ? kzalloc+0x26/0x40 [ 879.787611][T23128] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 879.789168][T23136] should_failslab+0x9/0x20 [ 879.789182][T23136] __kmalloc+0x7a/0x340 [ 879.789193][T23136] kzalloc+0x26/0x40 [ 879.789209][T23136] kobject_get_path+0xa7/0x1d0 [ 879.815039][T23136] kobject_uevent_env+0x2f2/0x1260 [ 879.816634][T23128] FAT-fs (loop4): Filesystem has been set read-only [ 879.820165][T23136] ? mutex_unlock+0x10/0x10 [ 879.820183][T23136] kobject_uevent+0x1f/0x30 [ 879.820196][T23136] device_add+0x105e/0x1570 [ 879.820209][T23136] ? device_add+0xa41/0x1570 [ 879.838356][T23128] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 879.840277][T23136] ? dev_set_name+0x110/0x110 [ 879.840289][T23136] ? pm_runtime_init+0x295/0x370 [ 879.840306][T23136] rfkill_register+0x18b/0x9f0 [ 879.840319][T23136] hci_register_dev+0x3ac/0x720 [ 879.840334][T23136] hci_uart_tty_ioctl+0x8ad/0xa20 [ 879.877047][T23136] ? hci_uart_tty_write+0x10/0x10 [ 879.882173][T23136] tty_ioctl+0xfa8/0x1610 [ 879.886507][T23136] ? tty_do_resize+0x180/0x180 [ 879.891278][T23136] ? rcu_lock_release+0x9/0x30 [ 879.896319][T23136] ? __lock_acquire+0x4750/0x4750 [ 879.901346][T23136] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 879.906996][T23136] ? tomoyo_path_number_perm+0x587/0x740 [ 879.907013][T23136] ? trace_hardirqs_on+0x74/0x80 [ 879.917567][T23136] ? tomoyo_path_number_perm+0x5f0/0x740 [ 879.917580][T23136] ? tomoyo_check_path_acl+0x180/0x180 [ 879.917595][T23136] ? smk_access+0x4f0/0x4f0 [ 879.933153][T23136] ? smk_access+0x18c/0x4f0 [ 879.937739][T23136] ? tty_do_resize+0x180/0x180 [ 879.942794][T23136] do_vfs_ioctl+0x7d4/0x18f0 [ 879.947384][T23136] ? ioctl_preallocate+0x240/0x240 [ 879.952493][T23136] ? fget_many+0x30/0x30 [ 879.956730][T23136] ? debug_smp_processor_id+0x1c/0x20 [ 879.962109][T23136] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 879.968185][T23136] ? tomoyo_file_ioctl+0x23/0x30 [ 879.973116][T23136] ? security_file_ioctl+0xa1/0xd0 [ 879.978260][T23136] __x64_sys_ioctl+0xe3/0x120 [ 879.982934][T23136] do_syscall_64+0xfe/0x140 20:40:49 executing program 0: r0 = socket$inet(0x2, 0x3, 0x2) getsockopt(r0, 0x0, 0xcf, 0x0, 0x0) 20:40:49 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0) mkdir(0x0, 0x0) [ 879.987462][T23136] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 879.994196][T23136] RIP: 0033:0x459829 [ 879.998088][T23136] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 880.017784][T23136] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 880.026228][T23136] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 880.034302][T23136] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 880.042271][T23136] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 880.042276][T23136] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 880.042282][T23136] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 880.050941][ T7] Bluetooth: hci0: Frame reassembly failed (-84) [ 880.257732][T23151] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 880.269180][T23151] FAT-fs (loop4): Filesystem has been set read-only [ 880.276556][T23151] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 882.082116][ T22] Bluetooth: hci0: command 0x1003 tx timeout [ 882.089816][T19431] Bluetooth: hci0: sending frame failed (-49) [ 884.162202][ T22] Bluetooth: hci0: command 0x1001 tx timeout [ 884.168290][T19431] Bluetooth: hci0: sending frame failed (-49) [ 886.242138][ T22] Bluetooth: hci0: command 0x1009 tx timeout 20:40:59 executing program 3 (fault-call:2 fault-nth:70): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:40:59 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47b") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) 20:40:59 executing program 0: r0 = socket$inet(0x2, 0x3, 0x2) getsockopt(r0, 0x0, 0xcf, 0x0, 0x0) 20:40:59 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:40:59 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) mq_timedreceive(0xffffffffffffffff, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428"], 0x55) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0) mkdir(0x0, 0x0) 20:40:59 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) ioctl$DRM_IOCTL_GET_STATS(r1, 0x80f86406, &(0x7f0000000400)=""/254) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:40:59 executing program 0: r0 = socket$inet(0x2, 0x3, 0x2) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000040)=ANY=[], 0x7c774aac) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x2, 0x11, r1, 0x0) getsockopt(r0, 0x0, 0xcf, &(0x7f0000001400)=""/203, &(0x7f0000000040)=0xcb) [ 890.440194][T23161] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 20:40:59 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf0") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) [ 890.487924][T23168] debugfs: Directory 'hci0' with parent 'bluetooth' already present! 20:40:59 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) [ 890.551058][T23168] FAULT_INJECTION: forcing a failure. [ 890.551058][T23168] name failslab, interval 1, probability 0, space 0, times 0 [ 890.570107][T23174] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 20:40:59 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf0") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) [ 890.679293][T23168] CPU: 1 PID: 23168 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 890.687322][T23168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 890.697386][T23168] Call Trace: [ 890.700865][T23168] dump_stack+0x1d8/0x2f8 [ 890.705203][T23168] should_fail+0x608/0x860 [ 890.709624][T23168] ? setup_fault_attr+0x2b0/0x2b0 [ 890.714664][T23168] __should_failslab+0x11a/0x160 [ 890.719607][T23168] should_failslab+0x9/0x20 [ 890.724119][T23168] kmem_cache_alloc_node_trace+0x6e/0x2d0 [ 890.729842][T23168] ? __kmalloc_node_track_caller+0x3c/0x60 [ 890.735685][T23168] __kmalloc_node_track_caller+0x3c/0x60 [ 890.741329][T23168] ? alloc_uevent_skb+0x7f/0x230 [ 890.746264][T23168] __alloc_skb+0xe8/0x500 [ 890.750627][T23168] alloc_uevent_skb+0x7f/0x230 [ 890.755404][T23168] kobject_uevent_env+0xcbb/0x1260 [ 890.760517][T23168] ? mutex_unlock+0x10/0x10 [ 890.765029][T23168] kobject_uevent+0x1f/0x30 [ 890.769533][T23168] device_add+0x105e/0x1570 [ 890.774038][T23168] ? device_add+0xa41/0x1570 [ 890.778740][T23168] ? dev_set_name+0x110/0x110 [ 890.783508][T23168] ? pm_runtime_init+0x295/0x370 [ 890.788538][T23168] rfkill_register+0x18b/0x9f0 [ 890.793315][T23168] hci_register_dev+0x3ac/0x720 [ 890.798181][T23168] hci_uart_tty_ioctl+0x8ad/0xa20 [ 890.803213][T23168] ? hci_uart_tty_write+0x10/0x10 [ 890.808256][T23168] tty_ioctl+0xfa8/0x1610 [ 890.812587][T23168] ? tty_do_resize+0x180/0x180 [ 890.817354][T23168] ? rcu_lock_release+0x9/0x30 [ 890.822132][T23168] ? __lock_acquire+0x4750/0x4750 [ 890.827161][T23168] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 890.832795][T23168] ? tomoyo_path_number_perm+0x587/0x740 [ 890.838428][T23168] ? trace_hardirqs_on+0x74/0x80 [ 890.843368][T23168] ? tomoyo_path_number_perm+0x5f0/0x740 [ 890.849007][T23168] ? tomoyo_check_path_acl+0x180/0x180 [ 890.854466][T23168] ? smk_access+0x4f0/0x4f0 [ 890.858965][T23168] ? smk_access+0x18c/0x4f0 [ 890.863466][T23168] ? tty_do_resize+0x180/0x180 [ 890.868228][T23168] do_vfs_ioctl+0x7d4/0x18f0 [ 890.872831][T23168] ? ioctl_preallocate+0x240/0x240 [ 890.877949][T23168] ? fget_many+0x30/0x30 [ 890.882186][T23168] ? debug_smp_processor_id+0x1c/0x20 [ 890.887562][T23168] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 890.893634][T23168] ? tomoyo_file_ioctl+0x23/0x30 [ 890.898579][T23168] ? security_file_ioctl+0xa1/0xd0 [ 890.903700][T23168] __x64_sys_ioctl+0xe3/0x120 [ 890.908734][T23168] do_syscall_64+0xfe/0x140 [ 890.913340][T23168] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 890.919240][T23168] RIP: 0033:0x459829 [ 890.923139][T23168] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 890.932446][T23184] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 890.943789][T23168] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 890.943799][T23168] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 890.943803][T23168] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 20:41:00 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000240)='/dev/audio\x00', 0x22000, 0x0) ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300)) readv(r0, &(0x7f0000395000)=[{&(0x7f00004d2000)=""/4096, 0x1000}], 0x1) [ 890.943807][T23168] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 890.943811][T23168] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 890.943815][T23168] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 890.953764][ T9428] Bluetooth: hci0: Frame reassembly failed (-84) [ 891.001515][T23163] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17) [ 891.022455][T23163] FAT-fs (loop4): Filesystem has been set read-only 20:41:00 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf0") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) [ 891.045398][T23163] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17) [ 891.127506][T23186] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 892.962080][T22967] Bluetooth: hci0: command 0x1003 tx timeout [ 892.968179][T19431] Bluetooth: hci0: sending frame failed (-49) [ 895.042140][T22967] Bluetooth: hci0: command 0x1001 tx timeout [ 895.048222][T19431] Bluetooth: hci0: sending frame failed (-49) [ 897.122091][T22967] Bluetooth: hci0: command 0x1009 tx timeout 20:41:10 executing program 3 (fault-call:2 fault-nth:71): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:41:10 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:41:10 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000140)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58) r2 = accept$alg(r1, 0x0, 0x0) write$binfmt_script(r2, 0x0, 0x0) 20:41:10 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) 20:41:10 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000440)={0xffffffff, 0x80000000, 0x3ff, 0x0, 0x7fff, 0x5, 0x780b, 0x7, 0x400, 0x7ff, 0x3, 0x100, 0x0, 0x34, 0x101, 0x2, 0xffff, 0xf5, 0x10000}) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) ioctl$TIOCLINUX6(r0, 0x541c, &(0x7f0000000400)={0x6, 0x1000}) 20:41:10 executing program 0: ioctl$PERF_EVENT_IOC_ID(0xffffffffffffffff, 0x80082407, &(0x7f0000000200)) socket$inet(0x2, 0xa, 0x81) ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8953, &(0x7f0000000100)={{0x2, 0x0, @multicast2}, {0x0, @broadcast}, 0xa, {0x2, 0x0, @broadcast}, 'veth0_to_bond\x00'}) getpeername$inet(0xffffffffffffffff, &(0x7f0000000240)={0x2, 0x0, @multicast2}, &(0x7f00000002c0)=0x10) getresuid(&(0x7f0000000040), 0x0, &(0x7f00000000c0)) getegid() socketpair$unix(0x1, 0x1, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$FUSE_WRITE(r1, 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f0000000140)="40c74adc7724e27d876f441d952bf111375896d876c4ed0f2e703cd5f8b64ff3cd946b507daea1c09fc1fe6c"}, 0x20) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x501, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) r3 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r2, 0x400454d8, &(0x7f0000000200)=0xa7) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x3, &(0x7f0000000180)=@raw=[@map, @alu={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff0}], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') write$cgroup_subtree(r2, &(0x7f00000000c0)={[{0x0, 'c\x86\xdd', 0x7}]}, 0x70ad) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0) 20:41:10 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) 20:41:10 executing program 4: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_MIGRATE_ID(r0, &(0x7f0000000440)={0x12, 0x10, 0xfa00, {0x0}}, 0x18) [ 901.373699][T23204] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 901.389935][T23204] FAULT_INJECTION: forcing a failure. [ 901.389935][T23204] name failslab, interval 1, probability 0, space 0, times 0 [ 901.409442][T23204] CPU: 1 PID: 23204 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 901.417460][T23204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 901.427512][T23204] Call Trace: [ 901.427536][T23204] dump_stack+0x1d8/0x2f8 [ 901.427555][T23204] should_fail+0x608/0x860 [ 901.439570][T23204] ? setup_fault_attr+0x2b0/0x2b0 [ 901.439588][T23204] ? lock_acquire+0x158/0x250 [ 901.449550][T23204] ? kzalloc+0x26/0x40 [ 901.453625][T23204] __should_failslab+0x11a/0x160 [ 901.458571][T23204] ? kzalloc+0x26/0x40 [ 901.462627][T23204] should_failslab+0x9/0x20 [ 901.462639][T23204] __kmalloc+0x7a/0x340 [ 901.462649][T23204] kzalloc+0x26/0x40 [ 901.462657][T23204] kobject_get_path+0xa7/0x1d0 [ 901.462665][T23204] kobject_uevent_env+0x2f2/0x1260 [ 901.462676][T23204] ? mutex_unlock+0x10/0x10 [ 901.462690][T23204] kobject_uevent+0x1f/0x30 [ 901.462703][T23204] device_add+0x105e/0x1570 [ 901.462715][T23204] ? device_add+0xa41/0x1570 [ 901.462726][T23204] ? dev_set_name+0x110/0x110 [ 901.462742][T23204] ? pm_runtime_init+0x295/0x370 [ 901.475357][T23204] rfkill_register+0x18b/0x9f0 [ 901.475371][T23204] hci_register_dev+0x3ac/0x720 [ 901.475387][T23204] hci_uart_tty_ioctl+0x8ad/0xa20 [ 901.486104][T23204] ? hci_uart_tty_write+0x10/0x10 [ 901.486118][T23204] tty_ioctl+0xfa8/0x1610 [ 901.486127][T23204] ? tty_do_resize+0x180/0x180 [ 901.486139][T23204] ? rcu_lock_release+0x9/0x30 [ 901.486154][T23204] ? __lock_acquire+0x4750/0x4750 [ 901.499599][T23204] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 901.499618][T23204] ? tomoyo_path_number_perm+0x587/0x740 [ 901.499629][T23204] ? trace_hardirqs_on+0x74/0x80 [ 901.518531][T23204] ? tomoyo_path_number_perm+0x5f0/0x740 [ 901.518545][T23204] ? tomoyo_check_path_acl+0x180/0x180 [ 901.518556][T23204] ? smk_access+0x4f0/0x4f0 [ 901.518564][T23204] ? smk_access+0x18c/0x4f0 [ 901.518576][T23204] ? tty_do_resize+0x180/0x180 [ 901.518593][T23204] do_vfs_ioctl+0x7d4/0x18f0 [ 901.542733][T23204] ? ioctl_preallocate+0x240/0x240 [ 901.542750][T23204] ? fget_many+0x30/0x30 [ 901.542760][T23204] ? debug_smp_processor_id+0x1c/0x20 [ 901.542772][T23204] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 901.542785][T23204] ? tomoyo_file_ioctl+0x23/0x30 [ 901.542799][T23204] ? security_file_ioctl+0xa1/0xd0 [ 901.542808][T23204] __x64_sys_ioctl+0xe3/0x120 [ 901.542824][T23204] do_syscall_64+0xfe/0x140 [ 901.542839][T23204] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 901.542848][T23204] RIP: 0033:0x459829 [ 901.542858][T23204] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 901.542862][T23204] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 901.542871][T23204] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 901.542877][T23204] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 901.542882][T23204] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 901.542887][T23204] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 901.542893][T23204] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 20:41:10 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d9f"], 0x14}}, 0x0) 20:41:10 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) [ 901.554067][ T7] Bluetooth: hci0: Frame reassembly failed (-84) [ 901.743195][T23216] device nr0 entered promiscuous mode 20:41:10 executing program 4: ioctl$PERF_EVENT_IOC_ID(0xffffffffffffffff, 0x80082407, 0x0) r0 = socket$inet(0x2, 0xa, 0x81) ioctl$sock_inet_SIOCSARP(r0, 0x8953, &(0x7f0000000100)={{0x2, 0x0, @multicast2}, {0x0, @broadcast}, 0xa, {0x2, 0x0, @broadcast}, 'veth0_to_bond\x00'}) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000000)) getresuid(&(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0)) getegid() socketpair$unix(0x1, 0x1, 0x0, 0x0) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$FUSE_WRITE(r2, 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f0000000140)="40c74adc7724e27d876f441d952bf111375896d876c4ed0f2e703cd5f8b64ff3cd946b507daea1c09fc1fe6c"}, 0x20) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x501, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) r4 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r3, 0x400454d8, &(0x7f0000000200)=0xa7) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x3, &(0x7f0000000180)=@raw=[@map, @alu={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff0}], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') write$cgroup_subtree(r3, &(0x7f00000000c0)={[{0x0, 'c\x86\xdd', 0x7}]}, 0x70ad) 20:41:11 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, 0x0, 0x0) [ 901.964737][T23225] device nr0 entered promiscuous mode [ 902.135792][T23225] device nr0 entered promiscuous mode [ 903.602091][ T22] Bluetooth: hci0: command 0x1003 tx timeout [ 903.609373][T19431] Bluetooth: hci0: sending frame failed (-49) [ 905.682096][ T22] Bluetooth: hci0: command 0x1001 tx timeout [ 905.688211][T19431] Bluetooth: hci0: sending frame failed (-49) [ 907.762131][ T22] Bluetooth: hci0: command 0x1009 tx timeout 20:41:21 executing program 3 (fault-call:2 fault-nth:72): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:41:21 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:41:21 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f00000003c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffe) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0) write$RDMA_USER_CM_CMD_DESTROY_ID(r1, &(0x7f0000000100)={0x1, 0x10, 0xfa00, {&(0x7f00000000c0), r2}}, 0x18) add_key$user(&(0x7f0000000480)='user\x00', 0x0, 0x0, 0x0, r0) add_key$user(&(0x7f0000000200)='user\x00', 0x0, &(0x7f0000000100)='\x00', 0x1, 0xfffffffffffffffd) syz_open_dev$audion(0x0, 0x4, 0x2000) 20:41:21 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, 0x0, 0x0) 20:41:21 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) setsockopt$IP_VS_SO_SET_TIMEOUT(r3, 0x0, 0x48a, &(0x7f0000000400)={0x7, 0x40, 0xfffffffffffffffd}, 0xc) 20:41:21 executing program 4: ioctl$PERF_EVENT_IOC_ID(0xffffffffffffffff, 0x80082407, 0x0) r0 = socket$inet(0x2, 0xa, 0x81) ioctl$sock_inet_SIOCSARP(r0, 0x8953, &(0x7f0000000100)={{0x2, 0x0, @multicast2}, {0x0, @broadcast}, 0xa, {0x2, 0x0, @broadcast}, 'veth0_to_bond\x00'}) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000000)) getresuid(&(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0)) getegid() socketpair$unix(0x1, 0x1, 0x0, 0x0) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$FUSE_WRITE(r2, 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f0000000140)="40c74adc7724e27d876f441d952bf111375896d876c4ed0f2e703cd5f8b64ff3cd946b507daea1c09fc1fe6c"}, 0x20) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x501, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) r4 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r3, 0x400454d8, &(0x7f0000000200)=0xa7) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x3, &(0x7f0000000180)=@raw=[@map, @alu={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff0}], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') write$cgroup_subtree(r3, &(0x7f00000000c0)={[{0x0, 'c\x86\xdd', 0x7}]}, 0x70ad) 20:41:21 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, 0x0, 0x0) [ 912.225577][T23239] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 912.243187][T23239] FAULT_INJECTION: forcing a failure. [ 912.243187][T23239] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 912.256407][T23239] CPU: 1 PID: 23239 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 912.256414][T23239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 912.256418][T23239] Call Trace: [ 912.256439][T23239] dump_stack+0x1d8/0x2f8 [ 912.256462][T23239] should_fail+0x608/0x860 [ 912.286752][T23239] ? setup_fault_attr+0x2b0/0x2b0 [ 912.291795][T23239] ? stack_trace_save+0x111/0x1e0 [ 912.296831][T23239] ? prep_new_page+0x230/0x2e0 [ 912.301587][T23239] should_fail_alloc_page+0x55/0x60 [ 912.306840][T23239] prepare_alloc_pages+0x283/0x470 [ 912.311945][T23239] __alloc_pages_nodemask+0x11c/0x790 [ 912.317310][T23239] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 912.322844][T23239] ? kobject_uevent_env+0x2cd/0x1260 [ 912.328121][T23239] ? device_add+0x105e/0x1570 [ 912.328135][T23239] ? hci_register_dev+0x3ac/0x720 [ 912.337816][T23239] ? trace_lock_release+0x135/0x1a0 [ 912.343021][T23239] kmem_getpages+0x56/0xa20 [ 912.343033][T23239] cache_grow_begin+0x7e/0x2c0 [ 912.343043][T23239] cache_alloc_refill+0x311/0x3f0 [ 912.343053][T23239] ? check_preemption_disabled+0xb7/0x2a0 [ 912.343063][T23239] __kmalloc+0x318/0x340 [ 912.343072][T23239] ? kzalloc+0x26/0x40 [ 912.343080][T23239] kzalloc+0x26/0x40 [ 912.343088][T23239] kobject_get_path+0xa7/0x1d0 [ 912.343098][T23239] kobject_uevent_env+0x2f2/0x1260 [ 912.343107][T23239] ? mutex_unlock+0x10/0x10 [ 912.343121][T23239] kobject_uevent+0x1f/0x30 [ 912.343132][T23239] device_add+0x105e/0x1570 [ 912.343144][T23239] ? device_add+0xa41/0x1570 [ 912.343155][T23239] ? dev_set_name+0x110/0x110 [ 912.343172][T23239] ? pm_runtime_init+0x295/0x370 [ 912.363457][T23239] rfkill_register+0x18b/0x9f0 [ 912.363470][T23239] hci_register_dev+0x3ac/0x720 [ 912.363485][T23239] hci_uart_tty_ioctl+0x8ad/0xa20 [ 912.363495][T23239] ? hci_uart_tty_write+0x10/0x10 [ 912.363508][T23239] tty_ioctl+0xfa8/0x1610 [ 912.363517][T23239] ? tty_do_resize+0x180/0x180 [ 912.363529][T23239] ? rcu_lock_release+0x9/0x30 [ 912.363544][T23239] ? __lock_acquire+0x4750/0x4750 [ 912.375686][T23239] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 912.375699][T23239] ? tomoyo_path_number_perm+0x587/0x740 [ 912.375708][T23239] ? trace_hardirqs_on+0x74/0x80 [ 912.375718][T23239] ? tomoyo_path_number_perm+0x5f0/0x740 [ 912.375738][T23239] ? tomoyo_check_path_acl+0x180/0x180 [ 912.385595][T23239] ? smk_access+0x4f0/0x4f0 [ 912.385605][T23239] ? smk_access+0x18c/0x4f0 [ 912.385614][T23239] ? tty_do_resize+0x180/0x180 [ 912.385632][T23239] do_vfs_ioctl+0x7d4/0x18f0 [ 912.395197][T23239] ? ioctl_preallocate+0x240/0x240 [ 912.395216][T23239] ? fget_many+0x30/0x30 [ 912.395232][T23239] ? debug_smp_processor_id+0x1c/0x20 [ 912.409027][T23239] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 912.409041][T23239] ? tomoyo_file_ioctl+0x23/0x30 [ 912.409055][T23239] ? security_file_ioctl+0xa1/0xd0 [ 912.409067][T23239] __x64_sys_ioctl+0xe3/0x120 [ 912.409081][T23239] do_syscall_64+0xfe/0x140 [ 912.409098][T23239] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 912.428596][T23239] RIP: 0033:0x459829 [ 912.428607][T23239] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 20:41:21 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0xfffffffe, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) eventfd2(0xffffffffffffffc0, 0x1) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000400)=ANY=[@ANYBLOB="00fdfdb9863802aa0063b8f24267b1d85cbf000040000038e70f657fffffe300000000e6e9f121122a1561203534da91b5b9fb50e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131a79630bc9c774b5c7ee258e8cef785f25df8e9c5b394d331c616956d4bd7f4fcda9a0749427278498f23d"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:41:21 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) [ 912.428612][T23239] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 912.428622][T23239] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 912.428627][T23239] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 912.428635][T23239] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 912.447824][T23239] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 912.447829][T23239] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 912.509960][ T7] Bluetooth: hci0: Frame reassembly failed (-84) 20:41:21 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) [ 912.657301][T23235] device nr0 entered promiscuous mode 20:41:21 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) 20:41:21 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) [ 914.562156][T22955] Bluetooth: hci0: command 0x1003 tx timeout [ 914.569381][T19431] Bluetooth: hci0: sending frame failed (-49) [ 916.642170][T22955] Bluetooth: hci0: command 0x1001 tx timeout [ 916.648392][T19431] Bluetooth: hci0: sending frame failed (-49) [ 918.722126][T22955] Bluetooth: hci0: command 0x1009 tx timeout 20:41:32 executing program 3 (fault-call:2 fault-nth:73): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:41:32 executing program 4: r0 = socket$inet6(0xa, 0x3, 0x6) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x5, &(0x7f0000000040)={@loopback}, 0x20) 20:41:32 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)}, 0x0) 20:41:32 executing program 0: ioctl$PERF_EVENT_IOC_ID(0xffffffffffffffff, 0x80082407, 0x0) r0 = socket$inet(0x2, 0xa, 0x81) ioctl$sock_inet_SIOCSARP(r0, 0x8953, &(0x7f0000000100)={{0x2, 0x0, @multicast2}, {0x0, @broadcast}, 0xa, {0x2, 0x0, @broadcast}, 'veth0_to_bond\x00'}) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000000)) getresuid(&(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0)) getegid() socketpair$unix(0x1, 0x1, 0x0, 0x0) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$FUSE_WRITE(r2, 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f0000000140)="40c74adc7724e27d876f441d952bf111375896d876c4ed0f2e703cd5f8b64ff3cd946b507daea1c09fc1fe6c"}, 0x20) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x501, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000280)={'nr0\x01\x00', 0x4009}) r4 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETVNETHDRSZ(r3, 0x400454d8, &(0x7f0000000200)=0xa7) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x3, &(0x7f0000000180)=@raw=[@map, @alu={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff0}], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') write$cgroup_subtree(r3, &(0x7f00000000c0)={[{0x0, 'c\x86\xdd', 0x7}]}, 0x70ad) 20:41:32 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f0000000440)=""/82, 0x52, 0x7f, &(0x7f0000000400)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:41:32 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0xffffffff) r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x809) 20:41:32 executing program 4: r0 = socket$inet6(0xa, 0x3, 0x6) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x13, &(0x7f0000000040)={@loopback}, 0x20) 20:41:32 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)}, 0x0) 20:41:32 executing program 4: 20:41:32 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) ioctl$EVIOCGRAB(r1, 0x40044590, &(0x7f0000000400)=0x8000) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) [ 923.117368][T23277] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 923.149037][T23277] FAULT_INJECTION: forcing a failure. [ 923.149037][T23277] name failslab, interval 1, probability 0, space 0, times 0 [ 923.196430][T23277] CPU: 1 PID: 23277 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 923.204461][T23277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 923.214559][T23277] Call Trace: [ 923.217869][T23277] dump_stack+0x1d8/0x2f8 [ 923.222237][T23277] should_fail+0x608/0x860 [ 923.222248][T23277] ? setup_fault_attr+0x2b0/0x2b0 [ 923.222260][T23277] ? __schedule+0x8be/0xcd0 [ 923.222277][T23277] __should_failslab+0x11a/0x160 [ 923.222290][T23277] should_failslab+0x9/0x20 [ 923.222301][T23277] kmem_cache_alloc_node+0x65/0x280 [ 923.222312][T23277] ? __alloc_skb+0x9f/0x500 [ 923.222325][T23277] __alloc_skb+0x9f/0x500 [ 923.241198][T23277] hci_sock_dev_event+0xed/0x5f0 [ 923.241216][T23277] hci_register_dev+0x65f/0x720 [ 923.269516][T23277] hci_uart_tty_ioctl+0x8ad/0xa20 [ 923.274549][T23277] ? hci_uart_tty_write+0x10/0x10 [ 923.279594][T23277] tty_ioctl+0xfa8/0x1610 [ 923.283944][T23277] ? tty_do_resize+0x180/0x180 [ 923.288713][T23277] ? rcu_lock_release+0x9/0x30 [ 923.293506][T23277] ? __lock_acquire+0x4750/0x4750 [ 923.298552][T23277] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 923.304191][T23277] ? tomoyo_path_number_perm+0x587/0x740 [ 923.309834][T23277] ? trace_hardirqs_on+0x74/0x80 [ 923.314788][T23277] ? tomoyo_path_number_perm+0x5f0/0x740 [ 923.320441][T23277] ? tomoyo_check_path_acl+0x180/0x180 [ 923.325910][T23277] ? smk_access+0x4f0/0x4f0 [ 923.330421][T23277] ? smk_access+0x18c/0x4f0 [ 923.334915][T23277] ? tty_do_resize+0x180/0x180 [ 923.334928][T23277] do_vfs_ioctl+0x7d4/0x18f0 20:41:32 executing program 4: 20:41:32 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0xffffffff) r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x809) [ 923.334939][T23277] ? ioctl_preallocate+0x240/0x240 [ 923.334954][T23277] ? fget_many+0x30/0x30 [ 923.334963][T23277] ? debug_smp_processor_id+0x1c/0x20 [ 923.334973][T23277] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 923.334985][T23277] ? tomoyo_file_ioctl+0x23/0x30 [ 923.335001][T23277] ? security_file_ioctl+0xa1/0xd0 [ 923.353651][T23277] __x64_sys_ioctl+0xe3/0x120 [ 923.353666][T23277] do_syscall_64+0xfe/0x140 [ 923.353679][T23277] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 923.353686][T23277] RIP: 0033:0x459829 [ 923.353696][T23277] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 923.353700][T23277] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 923.353708][T23277] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 923.353713][T23277] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 923.353718][T23277] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 923.353723][T23277] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 923.353728][T23277] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 923.509207][ T7] Bluetooth: hci0: Frame reassembly failed (-84) [ 925.522099][T22967] Bluetooth: hci0: command 0x1003 tx timeout [ 925.528234][T19431] Bluetooth: hci0: sending frame failed (-49) [ 927.602093][T22967] Bluetooth: hci0: command 0x1001 tx timeout [ 927.608192][T19431] Bluetooth: hci0: sending frame failed (-49) [ 929.682098][T22967] Bluetooth: hci0: command 0x1009 tx timeout 20:41:43 executing program 3 (fault-call:2 fault-nth:74): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:41:43 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)}, 0x0) 20:41:43 executing program 4: 20:41:43 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r3 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r3) mq_timedreceive(r2, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) bind$isdn_base(r0, &(0x7f0000000500)={0x22, 0x80, 0x101, 0x645, 0x8}, 0x6) setsockopt$kcm_KCM_RECV_DISABLE(r3, 0x119, 0x1, &(0x7f0000000640)=0x7fffffff, 0x4) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r4, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x34a) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pread64(r3, &(0x7f0000000880)=""/4096, 0x1000, 0x0) sendfile(r4, r4, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r3, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000004c0)={r3, &(0x7f0000000400)="ac2b50ef3d5e9403531a6386010f2c5c423812947a359d2aff0b9edd5e80d60076166abcd070c9f09e36ad714ff88e51fbc180d27ab9f19aa10090c211e98270ea45761c4630591cc5ca6a4aa374979ba5228aedf6dd0f1ac762a978e9f6b211ad9799ee1b47c47d2a52b9e5d2074d97510d3242e6", &(0x7f0000000480)=""/8}, 0x18) setsockopt$bt_BT_SECURITY(r1, 0x112, 0x4, &(0x7f0000000600)={0x63, 0xe8}, 0x2) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:41:43 executing program 0: 20:41:43 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0xffffffff) r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x809) 20:41:43 executing program 0: 20:41:43 executing program 4: 20:41:43 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[]}}, 0x0) 20:41:43 executing program 4: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x60fc, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000840)='/group.sta\x9f\xd4t\x00+\x04J{\t\xab\v\x02t\xe1\t\x85\xa6\xfa\x15\xb3[\xa6\x94!\xf2\x04\xde\xc5f\x8a\x06\x00\x00\x00\xb9\x0f\xf8`\xe0\x1f&+\xaf\xacu\nm\\\xe2Y\xcba\xea\f\xd9DXX>\xef/\xc5\x97\xea\x93\xa7\xde\xc9\xb4\x16\x8eF\x8b\xe0Wm\x1d\x0e\xbf\x8b\xc4G\x8f\x8e\xd8[T|i$\x88\x04\x00\x00\x00\x00\x00\x00\x00\x90\x1eB\x8b\x98\xad\xd17_Q\xe15\x84\x8f\xea\x98\xc6\xe3WE\x11\xe0\xc6\x1f\xf2/\xf6\x1f', 0x2761, 0x0) 20:41:43 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') preadv(r0, &(0x7f0000000480)=[{&(0x7f0000001e40)=""/4096, 0x1000}], 0x1, 0x0) [ 934.005801][T23302] debugfs: Directory 'hci0' with parent 'bluetooth' already present! 20:41:43 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) [ 934.083049][T23302] FAULT_INJECTION: forcing a failure. [ 934.083049][T23302] name failslab, interval 1, probability 0, space 0, times 0 [ 934.146108][T23302] CPU: 0 PID: 23302 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 934.155023][T23302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 934.165079][T23302] Call Trace: [ 934.168382][T23302] dump_stack+0x1d8/0x2f8 [ 934.172722][T23302] should_fail+0x608/0x860 [ 934.177147][T23302] ? setup_fault_attr+0x2b0/0x2b0 [ 934.182184][T23302] __should_failslab+0x11a/0x160 [ 934.187120][T23302] should_failslab+0x9/0x20 [ 934.191629][T23302] kmem_cache_alloc_node_trace+0x6e/0x2d0 [ 934.197350][T23302] ? __kmalloc_node_track_caller+0x3c/0x60 [ 934.203155][T23302] __kmalloc_node_track_caller+0x3c/0x60 [ 934.208786][T23302] ? alloc_uevent_skb+0x7f/0x230 [ 934.213725][T23302] __alloc_skb+0xe8/0x500 [ 934.218062][T23302] alloc_uevent_skb+0x7f/0x230 [ 934.222831][T23302] kobject_uevent_env+0xcbb/0x1260 [ 934.227937][T23302] ? mutex_unlock+0x10/0x10 [ 934.232443][T23302] kobject_uevent+0x1f/0x30 [ 934.236946][T23302] device_add+0x105e/0x1570 [ 934.241459][T23302] ? device_add+0xa41/0x1570 [ 934.246060][T23302] ? dev_set_name+0x110/0x110 [ 934.250738][T23302] ? pm_runtime_init+0x295/0x370 [ 934.255681][T23302] rfkill_register+0x18b/0x9f0 [ 934.260451][T23302] hci_register_dev+0x3ac/0x720 [ 934.265309][T23302] hci_uart_tty_ioctl+0x8ad/0xa20 [ 934.270426][T23302] ? hci_uart_tty_write+0x10/0x10 [ 934.275459][T23302] tty_ioctl+0xfa8/0x1610 [ 934.279784][T23302] ? tty_do_resize+0x180/0x180 [ 934.284546][T23302] ? rcu_lock_release+0x9/0x30 [ 934.289313][T23302] ? __lock_acquire+0x4750/0x4750 [ 934.294431][T23302] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 934.300074][T23302] ? tomoyo_path_number_perm+0x587/0x740 [ 934.305704][T23302] ? trace_hardirqs_on+0x74/0x80 [ 934.310640][T23302] ? tomoyo_path_number_perm+0x5f0/0x740 [ 934.316278][T23302] ? tomoyo_check_path_acl+0x180/0x180 [ 934.321735][T23302] ? smk_access+0x4f0/0x4f0 [ 934.326408][T23302] ? smk_access+0x18c/0x4f0 [ 934.330913][T23302] ? tty_do_resize+0x180/0x180 [ 934.335673][T23302] do_vfs_ioctl+0x7d4/0x18f0 [ 934.340262][T23302] ? ioctl_preallocate+0x240/0x240 [ 934.345379][T23302] ? fget_many+0x30/0x30 [ 934.349617][T23302] ? debug_smp_processor_id+0x1c/0x20 [ 934.354986][T23302] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 934.361240][T23302] ? tomoyo_file_ioctl+0x23/0x30 [ 934.366262][T23302] ? security_file_ioctl+0xa1/0xd0 [ 934.371372][T23302] __x64_sys_ioctl+0xe3/0x120 [ 934.376052][T23302] do_syscall_64+0xfe/0x140 [ 934.380559][T23302] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 934.386451][T23302] RIP: 0033:0x459829 [ 934.390343][T23302] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 934.409941][T23302] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 934.418352][T23302] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 934.426328][T23302] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 934.434295][T23302] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 934.442263][T23302] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 934.450237][T23302] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 936.482202][T22967] Bluetooth: hci0: command 0x1003 tx timeout [ 936.488354][T19431] Bluetooth: hci0: sending frame failed (-49) [ 938.562181][T22967] Bluetooth: hci0: command 0x1001 tx timeout [ 938.568349][T19431] Bluetooth: hci0: sending frame failed (-49) [ 940.642189][T22967] Bluetooth: hci0: command 0x1009 tx timeout 20:41:54 executing program 3 (fault-call:2 fault-nth:75): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:41:54 executing program 0: openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x306) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, &(0x7f0000000100)=0xfffffffffffffffb) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) fchdir(0xffffffffffffffff) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:41:54 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, 0x0, 0x0) ioctl$FIGETBSZ(0xffffffffffffffff, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x0, 0x0) accept$packet(0xffffffffffffffff, 0x0, 0x0) bind$xdp(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) recvfrom$inet6(r1, &(0x7f00000001c0)=""/31, 0xfffffffffffffe3c, 0x100, &(0x7f0000001880), 0x17c) getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, 0x0, 0x0) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, 0x0, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) clock_gettime(0x0, 0x0) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(0xffffffffffffffff, 0x28, 0x6, 0x0, 0x0) shutdown(r1, 0x1) r2 = accept4(r0, 0x0, 0x0, 0x0) sendto$inet6(r2, &(0x7f00000000c0), 0xfffffdda, 0x1a00, 0x0, 0x0) 20:41:54 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[]}}, 0x0) 20:41:54 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:41:54 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x1000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000580)={&(0x7f0000ffc000/0x4000)=nil, 0x4000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) getsockopt$inet6_tcp_buf(r3, 0x6, 0x2f, &(0x7f0000000400)=""/235, &(0x7f0000000500)=0xeb) write$binfmt_aout(r3, &(0x7f0000000640)=ANY=[@ANYBLOB="00fdfdff86e1a6aa0063b8f24252b10400bf000040000038e79f9e600f657f01b6639ac14effff0500000000640acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3166428eb4cb7860000698b7a4d2c9b9217d8e392c03a103d93a02a81faac43c9a3ae058dc41150cd619c5b12f75d1dd653331a2be5f926eebc2b5de32b2ea9e776cb317a59dfab14f4ad0b029eb443aa8092e9ae2d69e815ac88"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:41:54 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[]}}, 0x0) 20:41:54 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB], 0x1}}, 0x0) [ 944.839293][ C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 944.862808][T23333] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 944.875339][T23333] FAULT_INJECTION: forcing a failure. [ 944.875339][T23333] name failslab, interval 1, probability 0, space 0, times 0 [ 944.895121][T23333] CPU: 1 PID: 23333 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 944.903105][T23333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 944.913260][T23333] Call Trace: [ 944.916563][T23333] dump_stack+0x1d8/0x2f8 [ 944.920892][T23333] should_fail+0x608/0x860 [ 944.925504][T23333] ? setup_fault_attr+0x2b0/0x2b0 [ 944.930670][T23333] ? __schedule+0x8be/0xcd0 [ 944.935259][T23333] __should_failslab+0x11a/0x160 [ 944.940240][T23333] should_failslab+0x9/0x20 [ 944.944793][T23333] kmem_cache_alloc_node+0x65/0x280 [ 944.949986][T23333] ? __alloc_skb+0x9f/0x500 [ 944.954467][T23333] __alloc_skb+0x9f/0x500 [ 944.954479][T23333] hci_sock_dev_event+0xed/0x5f0 [ 944.954486][T23333] hci_register_dev+0x65f/0x720 [ 944.954504][T23333] hci_uart_tty_ioctl+0x8ad/0xa20 [ 944.963889][T23333] ? hci_uart_tty_write+0x10/0x10 [ 944.963901][T23333] tty_ioctl+0xfa8/0x1610 [ 944.963907][T23333] ? tty_do_resize+0x180/0x180 [ 944.963916][T23333] ? rcu_lock_release+0x9/0x30 [ 944.963926][T23333] ? __lock_acquire+0x4750/0x4750 [ 944.963934][T23333] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 944.963940][T23333] ? tomoyo_path_number_perm+0x587/0x740 [ 944.963946][T23333] ? trace_hardirqs_on+0x74/0x80 [ 944.963952][T23333] ? tomoyo_path_number_perm+0x5f0/0x740 [ 944.963960][T23333] ? tomoyo_check_path_acl+0x180/0x180 [ 944.963966][T23333] ? smk_access+0x4f0/0x4f0 [ 944.963971][T23333] ? smk_access+0x18c/0x4f0 [ 944.963988][T23333] ? tty_do_resize+0x180/0x180 [ 944.983889][T23333] do_vfs_ioctl+0x7d4/0x18f0 [ 944.983901][T23333] ? ioctl_preallocate+0x240/0x240 [ 944.983914][T23333] ? fget_many+0x30/0x30 [ 944.983922][T23333] ? debug_smp_processor_id+0x1c/0x20 [ 944.983939][T23333] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 944.993598][T23333] ? tomoyo_file_ioctl+0x23/0x30 [ 944.993616][T23333] ? security_file_ioctl+0xa1/0xd0 [ 945.026112][T23333] __x64_sys_ioctl+0xe3/0x120 [ 945.026129][T23333] do_syscall_64+0xfe/0x140 [ 945.035132][T23333] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 945.035145][T23333] RIP: 0033:0x459829 [ 945.095097][T23333] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 945.114708][T23333] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 945.123118][T23333] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 945.131201][T23333] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 20:41:54 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB], 0x1}}, 0x0) 20:41:54 executing program 0: openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x306) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, &(0x7f0000000100)=0xfffffffffffffffb) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) fchdir(0xffffffffffffffff) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) [ 945.139176][T23333] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 945.147144][T23333] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 [ 945.155134][T23333] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 20:41:54 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB], 0x1}}, 0x0) 20:41:54 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) [ 945.283843][ T9428] Bluetooth: hci0: Frame reassembly failed (-84) [ 945.617794][ C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 947.362100][T22955] Bluetooth: hci0: command 0x1003 tx timeout [ 947.368236][T19431] Bluetooth: hci0: sending frame failed (-49) [ 949.442104][T22955] Bluetooth: hci0: command 0x1001 tx timeout [ 949.448205][T19431] Bluetooth: hci0: sending frame failed (-49) [ 951.522102][T22955] Bluetooth: hci0: command 0x1009 tx timeout 20:42:04 executing program 3 (fault-call:2 fault-nth:76): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:42:04 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08"], 0x1}}, 0x0) 20:42:04 executing program 0: openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x306) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, &(0x7f0000000100)=0xfffffffffffffffb) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) fchdir(0xffffffffffffffff) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:04 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:42:04 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) ioctl$DRM_IOCTL_RES_CTX(r3, 0xc0106426, &(0x7f0000000440)={0x4, &(0x7f0000000400)=[{0x0}, {}, {}, {}]}) ioctl$DRM_IOCTL_RM_CTX(r3, 0xc0086421, &(0x7f0000000480)={r4, 0x1}) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:42:04 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, 0x0, 0x0) ioctl$FIGETBSZ(0xffffffffffffffff, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x0, 0x0) accept$packet(0xffffffffffffffff, 0x0, 0x0) bind$xdp(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) recvfrom$inet6(r1, &(0x7f00000001c0)=""/31, 0xfffffffffffffe3c, 0x100, &(0x7f0000001880), 0x17c) getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, 0x0, 0x0) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, 0x0, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) clock_gettime(0x0, 0x0) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(0xffffffffffffffff, 0x28, 0x6, 0x0, 0x0) shutdown(r1, 0x1) r2 = accept4(r0, 0x0, 0x0, 0x0) sendto$inet6(r2, &(0x7f00000000c0), 0xfffffdda, 0x1a00, 0x0, 0x0) 20:42:04 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08"], 0x1}}, 0x0) [ 955.748252][T23366] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 955.765056][ C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 955.789548][T23366] FAULT_INJECTION: forcing a failure. [ 955.789548][T23366] name failslab, interval 1, probability 0, space 0, times 0 [ 955.815301][T23366] CPU: 0 PID: 23366 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 955.823407][T23366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 955.833470][T23366] Call Trace: [ 955.836777][T23366] dump_stack+0x1d8/0x2f8 [ 955.841121][T23366] should_fail+0x608/0x860 [ 955.845553][T23366] ? setup_fault_attr+0x2b0/0x2b0 [ 955.850578][T23366] ? should_fail+0x182/0x860 [ 955.855197][T23366] ? setup_fault_attr+0x2b0/0x2b0 [ 955.860222][T23366] ? __schedule+0x8be/0xcd0 [ 955.864726][T23366] __should_failslab+0x11a/0x160 [ 955.869669][T23366] should_failslab+0x9/0x20 [ 955.874183][T23366] kmem_cache_alloc_node_trace+0x6e/0x2d0 [ 955.879906][T23366] ? __kmalloc_node_track_caller+0x3c/0x60 [ 955.885714][T23366] __kmalloc_node_track_caller+0x3c/0x60 [ 955.891347][T23366] ? hci_sock_dev_event+0xed/0x5f0 [ 955.896562][T23366] __alloc_skb+0xe8/0x500 [ 955.900998][T23366] hci_sock_dev_event+0xed/0x5f0 [ 955.905945][T23366] hci_register_dev+0x65f/0x720 [ 955.910811][T23366] hci_uart_tty_ioctl+0x8ad/0xa20 [ 955.915851][T23366] ? hci_uart_tty_write+0x10/0x10 [ 955.920876][T23366] tty_ioctl+0xfa8/0x1610 [ 955.925203][T23366] ? tty_do_resize+0x180/0x180 [ 955.930059][T23366] ? rcu_lock_release+0x9/0x30 [ 955.934829][T23366] ? __lock_acquire+0x4750/0x4750 [ 955.939868][T23366] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 955.945520][T23366] ? tomoyo_path_number_perm+0x587/0x740 [ 955.952131][T23366] ? trace_hardirqs_on+0x74/0x80 [ 955.957093][T23366] ? tomoyo_path_number_perm+0x5f0/0x740 [ 955.962740][T23366] ? tomoyo_check_path_acl+0x180/0x180 [ 955.968213][T23366] ? smk_access+0x4f0/0x4f0 [ 955.972729][T23366] ? smk_access+0x18c/0x4f0 [ 955.977267][T23366] ? tty_do_resize+0x180/0x180 [ 955.982045][T23366] do_vfs_ioctl+0x7d4/0x18f0 [ 955.988193][T23366] ? ioctl_preallocate+0x240/0x240 [ 955.993321][T23366] ? fget_many+0x30/0x30 [ 955.997626][T23366] ? debug_smp_processor_id+0x1c/0x20 [ 956.003040][T23366] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 956.009119][T23366] ? tomoyo_file_ioctl+0x23/0x30 [ 956.014069][T23366] ? security_file_ioctl+0xa1/0xd0 [ 956.019186][T23366] __x64_sys_ioctl+0xe3/0x120 [ 956.023881][T23366] do_syscall_64+0xfe/0x140 [ 956.028394][T23366] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 956.034293][T23366] RIP: 0033:0x459829 [ 956.038190][T23366] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 956.058154][T23366] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 956.066578][T23366] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 956.074563][T23366] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 956.082548][T23366] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 956.090525][T23366] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 20:42:05 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08"], 0x1}}, 0x0) [ 956.098516][T23366] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 20:42:05 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f"], 0x1}}, 0x0) 20:42:05 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:42:05 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f"], 0x1}}, 0x0) 20:42:05 executing program 0: openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x306) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, &(0x7f0000000100)=0xfffffffffffffffb) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) fchdir(0xffffffffffffffff) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) [ 956.139926][ T175] Bluetooth: hci0: Frame reassembly failed (-84) [ 958.162087][ T9866] Bluetooth: hci0: command 0x1003 tx timeout [ 958.169606][T19431] Bluetooth: hci0: sending frame failed (-49) [ 960.242133][ T9866] Bluetooth: hci0: command 0x1001 tx timeout [ 960.248218][T19431] Bluetooth: hci0: sending frame failed (-49) [ 962.322110][ T9866] Bluetooth: hci0: command 0x1009 tx timeout 20:42:15 executing program 3 (fault-call:2 fault-nth:77): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:42:15 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f"], 0x1}}, 0x0) 20:42:15 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:42:15 executing program 0: openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x306) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, &(0x7f0000000100)=0xfffffffffffffffb) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) fchdir(0xffffffffffffffff) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:15 executing program 4: pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, 0x0) syz_open_dev$admmidi(0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x4) 20:42:15 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) ioctl$SIOCX25SCUDMATCHLEN(r3, 0x89e7, &(0x7f0000000400)={0x16}) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:42:15 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0"], 0x1}}, 0x0) [ 966.610088][T23395] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 966.630043][T23395] FAULT_INJECTION: forcing a failure. [ 966.630043][T23395] name failslab, interval 1, probability 0, space 0, times 0 [ 966.647344][T23395] CPU: 1 PID: 23395 Comm: syz-executor.3 Not tainted 5.3.0-rc2+ #55 [ 966.655339][T23395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 966.665393][T23395] Call Trace: [ 966.668675][T23395] dump_stack+0x1d8/0x2f8 [ 966.672988][T23395] should_fail+0x608/0x860 [ 966.677381][T23395] ? setup_fault_attr+0x2b0/0x2b0 [ 966.682378][T23395] ? __schedule+0x8be/0xcd0 [ 966.686858][T23395] __should_failslab+0x11a/0x160 [ 966.691767][T23395] should_failslab+0x9/0x20 [ 966.696246][T23395] kmem_cache_alloc_node+0x65/0x280 [ 966.701416][T23395] ? __alloc_skb+0x9f/0x500 [ 966.705898][T23395] __alloc_skb+0x9f/0x500 [ 966.710207][T23395] hci_sock_dev_event+0xed/0x5f0 [ 966.715120][T23395] hci_register_dev+0x65f/0x720 [ 966.719946][T23395] hci_uart_tty_ioctl+0x8ad/0xa20 [ 966.724949][T23395] ? hci_uart_tty_write+0x10/0x10 [ 966.729949][T23395] tty_ioctl+0xfa8/0x1610 [ 966.734254][T23395] ? tty_do_resize+0x180/0x180 [ 966.738993][T23395] ? rcu_lock_release+0x9/0x30 [ 966.743861][T23395] ? __lock_acquire+0x4750/0x4750 [ 966.748861][T23395] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 966.754471][T23395] ? tomoyo_path_number_perm+0x587/0x740 [ 966.760076][T23395] ? trace_hardirqs_on+0x74/0x80 [ 966.764989][T23395] ? tomoyo_path_number_perm+0x5f0/0x740 [ 966.770606][T23395] ? tomoyo_check_path_acl+0x180/0x180 [ 966.776036][T23395] ? smk_access+0x4f0/0x4f0 [ 966.780513][T23395] ? smk_access+0x18c/0x4f0 [ 966.784986][T23395] ? tty_do_resize+0x180/0x180 [ 966.789724][T23395] do_vfs_ioctl+0x7d4/0x18f0 [ 966.794290][T23395] ? ioctl_preallocate+0x240/0x240 [ 966.799392][T23395] ? fget_many+0x30/0x30 [ 966.803610][T23395] ? debug_smp_processor_id+0x1c/0x20 [ 966.808970][T23395] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 966.815105][T23395] ? tomoyo_file_ioctl+0x23/0x30 [ 966.820017][T23395] ? security_file_ioctl+0xa1/0xd0 [ 966.825123][T23395] __x64_sys_ioctl+0xe3/0x120 [ 966.829773][T23395] do_syscall_64+0xfe/0x140 [ 966.834257][T23395] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 966.840122][T23395] RIP: 0033:0x459829 [ 966.843992][T23395] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 966.863578][T23395] RSP: 002b:00007f8e5ca5ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 966.871959][T23395] RAX: ffffffffffffffda RBX: 00007f8e5ca5ac90 RCX: 0000000000459829 [ 966.879905][T23395] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 966.887849][T23395] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 966.895795][T23395] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e5ca5b6d4 20:42:16 executing program 0: openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x306) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, &(0x7f0000000100)=0xfffffffffffffffb) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) fchdir(0xffffffffffffffff) umount2(&(0x7f0000000400)='./file0\x00', 0x0) [ 966.903739][T23395] R13: 00000000004c250e R14: 00000000004d5930 R15: 0000000000000004 [ 966.930236][ T7] Bluetooth: hci0: Frame reassembly failed (-84) 20:42:16 executing program 0: openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x306) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, &(0x7f0000000100)=0xfffffffffffffffb) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) fchdir(0xffffffffffffffff) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:16 executing program 4: getpgid(0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$mice(&(0x7f0000000200)='/dev/input/mice\x00', 0x0, 0x64140) 20:42:16 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:42:16 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0"], 0x1}}, 0x0) [ 968.962088][ T9347] Bluetooth: hci0: command 0x1003 tx timeout [ 968.969743][T19431] Bluetooth: hci0: sending frame failed (-49) [ 971.042156][ T9347] Bluetooth: hci0: command 0x1001 tx timeout [ 971.048314][T19431] Bluetooth: hci0: sending frame failed (-49) [ 973.122145][ T9347] Bluetooth: hci0: command 0x1009 tx timeout 20:42:26 executing program 3 (fault-call:2 fault-nth:78): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:42:26 executing program 0: openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x306) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, &(0x7f0000000100)=0xfffffffffffffffb) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:26 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0"], 0x1}}, 0x0) 20:42:26 executing program 4: getpgid(0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$mice(&(0x7f0000000200)='/dev/input/mice\x00', 0x0, 0x64140) 20:42:26 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:42:26 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$EVIOCSABS20(r0, 0x401845e0, &(0x7f0000000400)={0x1, 0x0, 0x200, 0x400, 0xffffffffffffffff, 0x8}) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000340)='./file0\x00', 0x800000000e006, 0x7, &(0x7f0000000bc0)=[{&(0x7f0000000380)="385a6b57163eb34e5b6f4d1ccc0092eeebf2da9456fd183f897be94e5f8bb92796891c", 0x23, 0xfbb4}, {&(0x7f0000000600)="dc32b934ce3283a0048098f3b17973f2b3c3b934ccbbb45b079e1e56a7a15b714971f21163850a96ba1477e75d39dc4cae984b4c889cb0b19129a4c7f273c5d3fa691d5b4b3c5af6152609a75479d43732517a02f3476ee03aea707ba94bb4c28b4afc8fa065563cecd4da11d948db48ad783e3ba14682eb6b231656819e1bed056ed0e600b45478a40c11d2170c376c3e6a6a30da9c314ad40b8af3a221de41bf1d205ceb4bd12e933b14d0dbbd4091234ec296513564d5560fe5732145faafb49b87ec", 0xc4, 0x1}, {&(0x7f0000000780)="d837bcd5af9ba722ee57710d7ea6383e3d45dceebdd400776c75963c0f64a10a87cc3148fba97a64b72355ee36a92d343687ecec13ce64a72872cb0ce47da23cfb959ba75389752567ff230c9d2f04c81e69232d7ae4ded5f4853f05b71402549f7e86a95d665d3d6ca1fef4d137", 0x6e, 0x10001}, {&(0x7f0000000880)="f0ad9cc96f5b5218e1561da91cb6a65a6747552c5afdb891f9b9dfdbbe0ff4edcd84e1c836814fc2fae4129e09f9fffefc01bf67669342c4d79d413cdcc555fc2be73fe790bffa4d10115fb7819b9afb0b1cf71a41f8568108c7387e16a01cad152f9c0432081e4ca8bef40150c9d47931d2a93dc10c9b496f4810e4c6a59cefd1e661c6b2d75fff16a388c65e96fcfd38778cbd31e0e3c2bc9470059911e98f10a658b475555e3985994f4d1a360a2f365fa3e2dc85908b9ff20f6c4c86bfcd9778ad54dce6f3b2c2fee30905f583e27ff1abfaafe7c0b4af77d697f284d1c9c70ab06c78777ad1ee9215c9da579d1c", 0xf0, 0xae1c}, {&(0x7f0000000c80)="4b863c4c524f1701f8fc0d11c0b93602f8dd133d5f790c8d175efcebc5a7e79fc56ef8e9608e357ad9cc5f7d5085aa3252cd72d3ae21994096243e1f6d19a2856d0f526af1105f87ca0321a8baab35d71e898b5da148b383f09821e99f140385258a7b04b75756595110561e60295d410cb549f197af08770be46cf28fc7520aa9c3db13d018d137007aade0765b4990eb2c741ddb2b722ce3e4392ce035d5ecf595d4a0a872d87b50c0ea4289ff4a00000000000000000000000058fd44da4b28e58f8ff7d732e58782bc904e9f97d575cbeac1351978fad1fef0cd53d885b8a9b76ace89e9ef4357fe53a8b317c8e2af6b17c700bf5faa5b89aef6182b713c654572b1f45adcfcdbf037afe2b296f71b9ac49165a179864f12cd196cc24b5b0671ee5858585c27f5ecaca1488ff847ff670db4eb705a9338bd3c761ceeecbb0ff80f22b9fc465bf2de8c4c810f0dd9da3f4206b766422d63c3f7ec8053fdda080139253499", 0x166}, {&(0x7f0000000a40)="2b8c21ab74116fc1a45c7bb050fe70d48164e9ae112932f6d926e444deb9ba910bcf7dcdeebda5ff2e8de634ac468d2cf3b71e7cbdea1eb0b80e346f0487af581488aed789abe25a0ff73ed3044630b6b009736d", 0x54, 0x80}, {&(0x7f0000000ac0)="0bac77e587ebd79afcdb9e27c03d824718f86d0ec88e588676fc64466feece5fcdb150a8a3a7d9454d3841740c97282ecb75b0a75eb25e7c9c355ef46e44883134527b4e4fe47df34bea3acbf632ada1db31d66cffac82b34fc8e718190838ff1baa37be1b91d1ae8c332fed73d9f014a2c2da10d2c8399d94bc71b8149d866db1817049c26b59bda3ad6c0b88b44fc33e4e6010e9db536dd98c57f5bccd52b7488e8591845cee75921d960aa621290bf7645485fe355e6c81adb931ed6c5f77f59b60a568c5b061e989310c7caeaaa374b6b8c9835b3affcea068bcc3feeccebd301d3c9a0fd3f113495835515e82", 0xef, 0x9}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000440)=ANY=[@ANYBLOB="830000002900000000000001000002000000000000000000000000000000000000000000000009000000000000000007002e2f66696c6530000400000000000000000000000900000000000000df05002e2f6275730000000000000000000000000000000000000000000507002e2f66696c65300000000000000000000000000000000a14606419c56b2995d7d4779d33005e2eea92b913b14d52753a6db63333400808650bcc8223ca757c738aa907bd14a5199b4c499cef9fbf559c20cda42598cedd3b3af468846a5d0348df934d5a11083e484d5b35e8376d45488027fee8889f1b3ec3231d13f63086f8bd0995"], 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5efb501e441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a31a6124157a7e966428eb4cb7860c131a"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r2, &(0x7f0000000000), 0x8080fffffffc) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:42:26 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3"], 0x1}}, 0x0) 20:42:26 executing program 4: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) fsconfig$FSCONFIG_SET_FLAG(r0, 0x0, 0x0, 0x0, 0x0) [ 977.518471][T23426] debugfs: Directory 'hci0' with parent 'bluetooth' already present! 20:42:26 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptmx\x00', 0xffffffffffffffff, 0x0) syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x8001, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) fcntl$setflags(r3, 0x2, 0x1) syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./bus\x00', 0x7fd, 0x1, &(0x7f0000000500)=[{&(0x7f00000004c0)="e2769b5e", 0x4, 0x200}], 0x100000, &(0x7f0000000600)={[{@i_version='i_version'}, {@usrjquota_path={'usrjquota', 0x3d, './file0'}}, {@noinit_itable='noinit_itable'}, {@dioread_lock='dioread_lock'}, {@nojournal_checksum='nojournal_checksum'}, {@oldalloc='oldalloc'}, {@errors_remount='errors=remount-ro'}, {@nouid32='nouid32'}, {@nolazytime='nolazytime'}, {@nobarrier='nobarrier'}], [{@smackfsfloor={'smackfsfloor', 0x3d, 'vfat\x00'}}, {@hash='hash'}]}) 20:42:26 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:42:26 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3"], 0x1}}, 0x0) 20:42:26 executing program 0: openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x306) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, &(0x7f0000000100)=0xfffffffffffffffb) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) [ 979.682120][ T9347] Bluetooth: hci0: command 0x1003 tx timeout [ 979.688292][T19431] Bluetooth: hci0: sending frame failed (-49) [ 981.762125][ T9347] Bluetooth: hci0: command 0x1001 tx timeout [ 981.768201][T19431] Bluetooth: hci0: sending frame failed (-49) [ 983.842099][ T9347] Bluetooth: hci0: command 0x1009 tx timeout 20:42:36 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 20:42:36 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3"], 0x1}}, 0x0) 20:42:36 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:36 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:42:36 executing program 0: openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x306) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, &(0x7f0000000100)=0xfffffffffffffffb) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:36 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) lsetxattr$trusted_overlay_opaque(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)='trusted.overlay.opaque\x00', &(0x7f0000000480)='y\x00', 0x2, 0x2) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:42:36 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:36 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af"], 0x1}}, 0x0) 20:42:37 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) [ 987.760749][T23460] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 987.800371][ T9428] Bluetooth: hci0: Frame reassembly failed (-84) 20:42:37 executing program 0: openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x306) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, &(0x7f0000000100)=0xfffffffffffffffb) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:37 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:42:37 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) [ 989.842143][ T9347] Bluetooth: hci0: command 0x1003 tx timeout [ 989.848238][T19431] Bluetooth: hci0: sending frame failed (-49) [ 991.922149][ T9347] Bluetooth: hci0: command 0x1001 tx timeout [ 991.928667][T19431] Bluetooth: hci0: sending frame failed (-49) [ 994.002215][ T9347] Bluetooth: hci0: command 0x1009 tx timeout 20:42:47 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x2, 0x0) 20:42:47 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:47 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af"], 0x1}}, 0x0) 20:42:47 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:42:47 executing program 0: openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x306) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, &(0x7f0000000100)=0xfffffffffffffffb) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:47 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000006c0)={r0, 0xc0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=0x6, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x7, 0x1}, 0x0, 0x0, &(0x7f0000000480)={0x1, 0x7, 0xaf3b, 0x800}, &(0x7f00000004c0)=0xffffffffffff0001, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)=0xfffffffffffffd55}}, 0x10) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000700)=r3, 0x4) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x200, 0x0) write$binfmt_aout(r4, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24256b1d85cbf000040000038e70f657fffffe30000000064df5e0a1bd667b55e06086091b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r4, r4, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:42:47 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af"], 0x1}}, 0x0) 20:42:47 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:47 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x10, 0x0) 20:42:47 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af1458"], 0x1}}, 0x0) 20:42:47 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:42:47 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) io_setup(0x92, &(0x7f0000000400)=0x0) io_submit(r0, 0x0, &(0x7f0000000440)) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r3 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r3) mq_timedreceive(r2, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r4, &(0x7f0000000580)=ANY=[@ANYBLOB="00fde5ff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb50ecef873bf48290ad67896d77551e1a05dc00441f9d63e232b9b20700b1d96033ccfdff06d903b0fbd2b0a3966428"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r4, r4, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r3, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:42:47 executing program 0: openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x306) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, &(0x7f0000000100)=0xfffffffffffffffb) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:47 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af1458"], 0x1}}, 0x0) 20:42:47 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:47 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x127a, 0x0) 20:42:47 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af1458"], 0x1}}, 0x0) 20:42:47 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:47 executing program 0: openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x306) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:47 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:42:47 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:47 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d"], 0x1}}, 0x0) 20:42:47 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x127c, 0x0) 20:42:48 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r3 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r3) mq_timedreceive(r2, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) ioctl$TIOCSISO7816(r0, 0xc0285443, &(0x7f0000000400)={0x14d3410f, 0x5, 0x0, 0x7ff, 0x3ff}) ioctl$BLKIOMIN(r3, 0x1278, &(0x7f0000000440)) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r4, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r4, r4, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r3, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:42:48 executing program 0: openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x306) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:48 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d"], 0x1}}, 0x0) 20:42:48 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:48 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x4c00, 0x0) 20:42:48 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:42:48 executing program 4: setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) bind$inet(0xffffffffffffffff, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:48 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001e005f010300000000006c007ef7000000000075d689643a9b772e4b39400104000039fcafa32a684ae23857d8477e7528b833f4c94c733b2cef74e2e33334523e6efd08407a95a7ed0bb319e8de51aba536cf85b6a64b9bf4bfb2c67f574e97e9d826ddf221559f05a8635d8e8f416e3d8eab70c3aca924ddc0462057e725237fd1e3d5320f70af14589d"], 0x1}}, 0x0) 20:42:48 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x4c01, 0x0) 20:42:48 executing program 4: setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) bind$inet(0xffffffffffffffff, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:48 executing program 0: openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x306) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:48 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:42:49 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r0, 0x29, 0x41, &(0x7f0000000400)={'filter\x00', 0x3, [{}, {}, {}]}, 0x58) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff823802aa0063b8f24252b1d85cbf200040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:42:49 executing program 4: setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) bind$inet(0xffffffffffffffff, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:49 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5409, 0x0) 20:42:49 executing program 1: openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x40, 0x0) 20:42:49 executing program 0: openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:49 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:42:49 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'ghash\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) write$binfmt_script(r1, &(0x7f0000000600)=ANY=[], 0xfec8) 20:42:49 executing program 4: r0 = socket$inet_sctp(0x2, 0x0, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:49 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x540b, 0x0) 20:42:49 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:49 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:42:49 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x540c, 0x0) 20:42:50 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) pipe(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$UI_BEGIN_FF_ERASE(r0, 0xc00c55ca, &(0x7f0000000480)={0xa, 0x9, 0x1}) setsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, &(0x7f0000000440)=0x7d2, 0x2) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r3 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r3) mq_timedreceive(r2, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r4, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r4, r4, &(0x7f00000004c0), 0x8080fffffffe) write$FUSE_INIT(r3, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:42:50 executing program 4: r0 = socket$inet_sctp(0x2, 0x0, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:50 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x540d, 0x0) 20:42:50 executing program 1: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x42806) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, "ba39bbc4ac000019dc14eb1ac13101ea1ed885e51eb6ae95403057b2868782ffb05258c83eaafbaa4eaf5407b3eee9f3e4030000003801e98eb2982284dd752c", "a116ea24bd4d9f54efe29fa8e64f038705e0731b525ff419dbb46b3f92b23a4462c9671d7051fb4aee76f9287ee37bb2976f016b0491efe9cebeec3769f87ec6", "f621f397b6948916dd94350a1e317beb07003ccea38833a624a6abbcc200"}) 20:42:50 executing program 0: syz_mount_image$vfat(0x0, &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:50 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x809) 20:42:50 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x540e, 0x0) 20:42:50 executing program 0: syz_mount_image$vfat(0x0, &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:50 executing program 4: r0 = socket$inet_sctp(0x2, 0x0, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:50 executing program 1: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x42806) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, "ba39bbc4ac000019dc14eb1ac13101ea1ed885e51eb6ae95403057b2868782ffb05258c83eaafbaa4eaf5407b3eee9f3e4030000003801e98eb2982284dd752c", "a116ea24bd4d9f54efe29fa8e64f038705e0731b525ff419dbb46b3f92b23a4462c9671d7051fb4aee76f9287ee37bb2976f016b0491efe9cebeec3769f87ec6", "f621f397b6948916dd94350a1e317beb07003ccea38833a624a6abbcc200"}) 20:42:50 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x540f, 0x0) 20:42:50 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x809) 20:42:50 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) accept$packet(r0, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000440)=0x14) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:42:50 executing program 0: syz_mount_image$vfat(0x0, &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:50 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5410, 0x0) 20:42:50 executing program 1: openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x306) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, &(0x7f0000000100)=0xfffffffffffffffb) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:50 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:50 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x809) 20:42:50 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:51 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5412, 0x0) 20:42:51 executing program 1: openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x306) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, &(0x7f0000000100)=0xfffffffffffffffb) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:51 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:51 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', 0x0, 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:51 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x0) 20:42:51 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r3 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r3) mq_timedreceive(r2, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r4, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) splice(r2, &(0x7f0000000400), r0, &(0x7f0000000440), 0x8, 0x2) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r4, r4, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r3, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:42:51 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0x0, &(0x7f0000018000)=0x1, 0x4) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:51 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5413, 0x0) 20:42:51 executing program 1: openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x306) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, &(0x7f0000000100)=0xfffffffffffffffb) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:51 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', 0x0, 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:51 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x0) 20:42:51 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0x0, &(0x7f0000018000)=0x1, 0x4) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:51 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5414, 0x0) 20:42:51 executing program 1: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) pipe(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$UI_BEGIN_FF_ERASE(r0, 0xc00c55ca, &(0x7f0000000480)={0xa, 0x9, 0x1}) setsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, &(0x7f0000000440)=0x7d2, 0x2) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r3 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r3) mq_timedreceive(r2, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r4, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r4, r4, &(0x7f00000004c0), 0x8080fffffffe) write$FUSE_INIT(r3, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:42:51 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0x0, &(0x7f0000018000)=0x1, 0x4) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:51 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', 0x0, 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:51 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5415, 0x0) 20:42:52 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/ptmx\x00', 0xfffffffffffffffe, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$KVM_NMI(r1, 0xae9a) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000440)='/proc/capi/capi20\x00', 0x44080, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) ioctl$FUSE_DEV_IOC_CLONE(r3, 0x8004e500, &(0x7f0000000400)=r2) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:42:52 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x0) 20:42:52 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:52 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, 0x0, 0x0) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:52 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5416, 0x0) 20:42:52 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5417, 0x0) 20:42:52 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, 0x0, 0x0) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) [ 1003.610328][T23724] FAT-fs (loop0): bogus number of reserved sectors [ 1003.643058][T23724] FAT-fs (loop0): Can't find a valid FAT filesystem 20:42:52 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:42:52 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:42:52 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:52 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, 0x0, 0x0) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:52 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5418, 0x0) [ 1003.814968][T23744] FAT-fs (loop0): bogus number of reserved sectors [ 1003.829697][T23744] FAT-fs (loop0): Can't find a valid FAT filesystem 20:42:53 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$P9_RREADLINK(r3, &(0x7f0000000400)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:42:53 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000), 0x4) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:53 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:42:53 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:53 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x541d, 0x0) 20:42:53 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:42:53 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000), 0x4) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:53 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x541e, 0x0) 20:42:53 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:42:53 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000), 0x4) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) [ 1004.490653][T23759] FAT-fs (loop0): bogus number of reserved sectors [ 1004.512578][T23759] FAT-fs (loop0): Can't find a valid FAT filesystem 20:42:53 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x541f, 0x0) 20:42:53 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x0, 0x0, 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) [ 1004.733601][T23786] FAT-fs (loop0): bogus number of reserved sectors [ 1004.741503][T23786] FAT-fs (loop0): Can't find a valid FAT filesystem 20:42:54 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x400000, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000400)=ANY=[@ANYBLOB="83000000290000000000000100000000000000000000000000000000000000000405002e2f6275730000000000000000000000000009000000000000000007002e2f66696c6530000400000000000000000000000900000000000000df05002e2f6275730000000000000000000000000000000000000000000507002e2f66696c653084d04ab9967a357e367eeb33a73e3642cdf71f7aaad993ce12c380473ad1fe5b5622f9c2be60cd4307c71c375491a34e14236b9a590b73c91afc489cb6b741a7ca512df4f2f8d7a3c181a958bc72ff29d48d68e77ba06512d14b10aca1d7"], 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000880)=ANY=[@ANYBLOB="00fdfdff8638d8340564b8f24252b1d85cbf000040000038e80f657fffffe30000000064df018000000000000034da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e6532c2f92c74d32343ec47b4f20e8ca2c2212a24d2518faab7e5ed21b94c48eac6930dba3dfd1b3eb6baec514cf7704b80e7e2ff5dce7464fd0c4b317c06918140628e03c35739b94093c34330784c5a37e838ae38f1097d425e725876a2b4d3bbfa424930a021ba44cada8b1eef368f4e9b9e54205526cfb098ef4522bd68294edf25c2abb23cffc5a17c329cada57d37996e74bdf77390d71d5aa585027173b80e999a30abae98e90d1ca75b2c5fb22db24c92f06a4d455da045bc775bd9aa9e45498e8dbba7688f0303a8a2cb700430edae64f3fd90bad85e7dac7db84f8234734b5dcdd550d700"/345], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:42:54 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) bind$inet(0xffffffffffffffff, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:54 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x809) 20:42:54 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x0, 0x0, 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:54 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5420, 0x0) 20:42:54 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:42:54 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) bind$inet(0xffffffffffffffff, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:54 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) [ 1005.414650][T23799] FAT-fs (loop0): bogus number of reserved sectors [ 1005.430547][T23799] FAT-fs (loop0): Can't find a valid FAT filesystem 20:42:54 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) bind$inet(0xffffffffffffffff, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:54 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5421, 0x0) 20:42:54 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x0, 0x0, 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:54 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) bind$inet(r0, 0x0, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) [ 1005.587243][T23819] FAT-fs (loop0): bogus number of reserved sectors [ 1005.612207][T23819] FAT-fs (loop0): Can't find a valid FAT filesystem 20:42:55 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) ioctl$sock_bt_hci(r0, 0x400448ff, &(0x7f0000000880)="8f38c95e177fd49f4949dd889e60a0d17dfef2d40ae02b64a7fbcefc20d3bd005ca6eb958398c79ce39447a659a6c085c12ef14e29e6d9cf453a79cc938e447854d33a6c12ae6c2ba3f1411b22be80a9e570f3132f473a989e24d6e9777a5b8a703613f5c956a789daa4d1138e1cb29f8a1678c6f507f6b713849787427ae24db8215b5452ca1b05555f7d049e49da80d368e0dc5addff87c519c2e5401edb3d06d83f1c4447c9316ad82539ff5da94b0ad82c39d9bd9923d84aa7821c2056a22a3f5eb1f8f4278611876145b4ba852ecb31a6fab1cb1162d1d598f9783db1b96f5f1b85b8534768de16ae17baca50d467cbaee8f60eda165a8acc9ade79ba2f8dffbd46778b3be9baab0d502095008c0f1fb9d232d32d6b969a7e75dd32d2b3af01425806cdda58d97b1e11e86887b00fe948aeb7aebc99ee733eff8b46c77ad20918b7e237a017cd60792f867fe0906fc41eba54982ec9fa17553e276deffdb076f23376be0dfeefd7dd177c3abe8c03bd904bde0104e07ae3221471007429423eea33c037512757343fdc521d5364083bfa0176385539f48cefcb9f3c9efbd6fa3790744a2322442e4211c566e186f042d704bdc17965de0f565cd36ed166437d68035734631f254abe6091b5ba874dd8d847bf159c83b370398ef8222e8a0904a34f489a604e9b45a1b7450b2d1c06b4bdbcca75cba34188b4f36049580c7cd05bb2eb9fb1a6865ebbb949426cb7c047d836c32408f4383ddf809c7d62d6dce7d7c22535d8c0fcc7f684d206fde4ba114efc46633826ecf4ed4dac058eab94a5b16396d431a3a307a85ffd48d49d628b18bc772a8c3952d270628e3b406fc83823363929387713d7a0f49ec83f6dfca24bfc14a222b4fabdd4feea3a3a1b32ee5214e3a59ee874c2897bba31863557338d14199a079762d000d26a9695a73842a80db0e263f92a35a7128920e5836bc90e67d8afe2c1461b17ba8c20f152bd0338a05b654a530ab022e478850e5b7dbc445d0b4dec76a3bdd101db730373a8a82c2a11db1af1e33074d7d8d2a301f2eae0fe2d472226685e2be2d6214934f546d0010394a6357c66c2b4500a9562e4a80a356f85c289f02ee1d7da9fe496f71ef9d12bebaa1a7b9a83943b22ac2d0883e1888d3798a99595c16fc284bf6d44d69607508ecb163d9a0ba718fddaf677428ea87170eb8c2d70a286d8b778629c20d18f48b31446e45f2390f78ec7508f820b560a6794ce12924d7e26717bef6f3efb51c9eefbfc2f19cfbc6771ea49047b9c0ac2a03e8c5cb3c115c282ab593f70eb6f4bbab1d4f7db0087514a26056c56fcfca5deac5e118074cf7f791d95fa5efd8425e5aed199243394f44bacf40f4e4f16a26045c5362cc494e5edae509a67ef04955d7443aae299231f2ed80caea2aaa36267140f7dd2fb141376ce79fb2a7b5548506a6655aa70f148b7a73977cc4b8ec37cf98445d2c395232270d8e04dac616ad2a4e8d4af8e728d9526326fd066b9e6c76e5d8ab5297bb769adb631abd22a23ee8533ef374c067bf0a0c6220192617c1b320c9ff28e6bf0700956c6d2f47947231671eae82aebc8446f38aa755694b451a74c84c4e0c00e5965a3386645318be227919609161f8423553600bd3a41b40215e8f01c667cc2f61d7eefb5de32def443e2940412be5d961f0ee4582d639ad7f304a7673d8ec291b9ef3e8f8d3625dd56c036b1741297bfe71938455a1127479aa88f6d231dce2f66dfe3626233bb4048b987c0a77fc66b230684287b099e9cf4d614abb403bab5d5104e56af5a85c6603f4524e48534f9f93a43099154042a12b1826d64fc113909653daf6da6f30ed0043467b63c1a317eed9425abb7ae564947a5a5b06ae69109cfdb9bfb789401b8518eff8d014e5a6a9fa111a9ff724514ee921a192227c424950cf20396f52251ae7361a6df7585d3eefed10864fe0aad07a0ccc0048baddb6757a346827f5f6b23e707581be2ba876d2719eed268238cbd265779d8a344919a0c96c48bd080185282fbc47e799cec94c07d5e50a3ca807152368aeb76d6f9bc2eb5e87516ae1ed763caf7341d89e2487249e5979db9ac695283309a8412af5658339624002343c9c15e2a8a8fb8796a5a7f6c25d3facda56d49d5690172c463767097c6c45070ebb21432054de1ba41674b535539322572bfb9f364fe528ef498408eb63ab2fcacd5b6015947be2d19b38cc60f0638d30730f9fc9b2ac982185584294015239af4293ec9d098bf9db772853f5edfa81036248913a1781cd466ca1d66f250dcac6998020b61dacffd9c625780c613efa7968037f6ca01e65eb43bab327237a2f281b62f3f4d9ab2e04a38bd5d2c49eebdf6d8108310848f71b819f94312c0ee577bf4725ef4c9440ab39b9ff841a6028db8441167b4ef83f2b367b5f7a573b93b6b5a7d22532fe60ea332854a9cc6befba29c448a068e822d1aafb77a707ac54b427369a2b5beda48af1493754b26150b33e628daed80ad36692038b24b1a17dc62a97f0733002180a8bba3d3329eb8541753efa3f49707d1f8d1f481783290f25b2434cc8b23e66cc739f251b6fed45b8c1af8d3cf88ad9e107c15bf81504ff25ac7d878c2074dcf0641d18ec8dc09faaf9fdd4283856ed0ec0e21e0c42540e8555b080f489a725617705b716b1d628d2ed6fdfe1d9be4343b4ccffe74d5e3f3dcfd377311fb7fd4f3d9e663e1c880e99726679925dfa381bbe63335f12d02404bf56512d16bef2f12cac2f9b657d5dce9950e9585b8edd917a69f36ed64f7b00019ebf0dd3ac371f1847019f6af20c1dc371b82ad010b4e66477807cafb32e1e2aaf55f6dc015ef54349d8ae3940682719aec4245f94f745546d81e45cb3f678e2faaa754896d42f7e67e8856159b892f99346a7e09f9deaf5ea319eae0bc8fb8e24b24c07e794f4441b68c1f32def945de54ce509dd23cc4facf1651d9429e1cea458363880117f890e83b937b1ef45fa39d417a34ccb04677d99852194df5acc3d1e390643faf383862761af74ab2a80f4f6d0d9a2966ee57ff12ab1e190f63e4d85746dcc9fde7c812df05aca8ea23d5fad39edb7e98297703267805627413d6f03731e57d5bf3412591159a3e3964d409068aee3f56f92f31b44992033e75eca16f7054b68a3c6e266649dc0b8d313710b5f2c49977ad9cb7e25198a2a2770b76691c5fe1558623a4a451b9b828baf22d05e4fd32ce084e78b04ad1eb8177e4f8e00b89030210f53e1ac44758f7ac9f975f96d77c20a9adde24fc0f5106e4acbb879a65189d1035a940e0a9db5f2cfc6d51b242ac94fefbbc2706e57d216dae81098c2ae68250586f1b3c67e4768445c5320310bf6b3830433455aa58809edfabd0429cb5756cea4a0b360a6d65489c67c67a973637812dbadaa9abeaa5d6dcdbda91f407f09fe1a9b5108079a5295cb8a8dff37ada79fd87942f549f03b2fb4ebcdbebab85d9fa06cc0382ff1114f11973bca0b6696a1522eab6568293946de351a1fc4457c755a19dd2ac20321573ebbf0b5489f1d60b6d9a3b2dcfe88b69ab22b172988c51940098abd1823ac9dfa59c48bfe09d3bba5995d254f9031e1f04fe70d32d4498cb482e071fadd517857a7e99f8631aa9af2b2c7ebcf859119790749a59496ea51ac6d4d31dd02d3eff2f6989a5b47ee4883d733b128bbd09215bdb12c83100c89c869fbb0c68efbb59f0c602dc9f3bc92976b5e77ccf72a52fec19bc7152b652b6b99a4af1348819d24a2ada3c7a64d30f0335ebf29a254794c02745f4e77a7937b9d90d88a52f842baa2b786430cbea6ff7fb8e521e96906edf1c30e10b736b62381b0f4d49fea64f3dc9f0a79cf1fcb29358e55177acd5e6d4a9d8fb50eea1cc8c3de101082ba2e3daf1ecca6233afc6674cbbebbb8317edca319bd55270b9e8eb7247e317f3be853c49fd2f0ac20355bb789e0e469611b916d682c51bd4de614c6e2f108d5ed827268eecb0292774ca8092c00b5e23c2b9f5ead24f839f89cf157508894a2a91224d823933d1f70b5cfc186d76bf4839b5684bc86afb3ba2882d8e2df43a45b036263fd844963a4f404cd171a78edfd4b43afb5006dfaf3108433bfd40737b113d8e82f13891fc6330dab6aa9cf71835d55ae590f3d98b997d4fe3dfc751c622b5e57369f188e675365fc0bf8aa912de053437555ee681235a8a346372c8a2db55a1e32def4c43a3af978ec668cee8de52208065a61c09db47bec96352b6c0483cac4f400e33d11b5ca735e8cca6df077dbe6ce5f3ba0214597c78cd3591e5dfd096aa2516afcc6e417c1ac7e6e6caef0c411835a9b5e4bd0921bffa9d205a872a2dd377382f85e9014b02c5b2a421cbbc79c78b3108f07c1567523ee13d7496ad78013f5c4159abf66a50a2d872d5933d44fef4d1bf228b0bf5a8e9efb08927de52b10ba90737f5fb1effe226f85865b434971306882f05976e54f11f7da5654e32d3f4b421885f5c34c1f8f5998512a1b129dc3ba637162a04aed37bc93617643ee38b4471bd14d6f08bf56a855be87d90f73c9bf15082fcd51bcd277a656bcfcc3714f49ab0ab9a1071b032e56ed2c76e5d5480a69efa5d49e27ffaf0e7ba287dfabcdf0af019df7daabcfe78fe540964f2432788ac08d435b4be8dfb2b0ab2a936d016bfa5710c550acaebcc2253bfedc78b31891b2ea75d8c6811e58d192dd632bfd29bb197506206107249f6415cd306cfc727d152753e2d04cddd4705a6ae6691ee65b7b7e462233efa64556160de14d691ccfb429669b234bacc305bd086422eff94c377478393b63086c1423eb5d577267de698416a4e0f6f85d0808b4321483d2dfdf985292f5f4f423f5e5a3905237854aa5874d13d4b421f2ba76024eb5cad32b2931342722493c303ec80af074e867f144641651e7f30af35910ebd693bd3d64191cfcd47c35b064e19a5cb1c3ef3a4cbb9efd60db124adf7ab614a6096e67d0acfd513f37e771225bd150e0ded956ba46d68c25c710ec59ab33a7dcee3cb0efee26895f53e679fda303fe9ff94b798e300fb41b87d938ea877f5a21ab6d8752dcac63523f536f9c3e039ad3bd8dcdb77f8551ac659c6339233eeab14140298422df9ab26f9aaade4c4c412945a4cf07a11335c2f58d0df4425f80a042a865d3a3dbfb130981b84bb3d9ce8bcebe3e352cd99067e31d78b0deb70112c0ea6ac67e7e4442f00b491518df953cf53502eaa1261d768109cc3d8ecd75c796165d200a1c2c57415bd17b368eb5e18bc1cd0bebd89bc2c61d51cebe13e31bbb055bd740f64414744778915eac6a6d170c402dbd8ff23be6640016c9d4c79c0d15f7b0328edb0ce034ba9c0985d8a269b3d1d9434d484e66e48ae2a89fbf899515f537f7b5ef4b8c6f669ad184431b96ad51c90fab883621cb9cd0ba9fc77fef42f67437d106df2ea62016070e652f79a5d776f8b13a8b51de51eb4ec5d33691be3ccf45675ffd6c5d2c4889c97e0ef3c9dafa11763ad69b4f5d5b8976efae2ab19f16286663e271b25f2330312bf9635b4a18ce29a4c1a417ea99de813cfa88f86957ba230a016f07bcdcc6abf76e1f33578fedc261148fdddfb97f83b5fe5bdb808e58f7584166275f22538cbeb320b2e6015970a74fa2ee2ee7283ef2d8d1751df4805401c735de7965e299614a8e12d3c56b67ab251b7ca4809a12de7ee0e9dc1fb61022f820da8805fc6d7519c382509d378fa2bfc1023765020bc48e7d4cdefb1a7") perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:42:55 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5422, 0x0) 20:42:55 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x0, &(0x7f00000001c0), 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:55 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0) 20:42:55 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xffffffff) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:42:55 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) bind$inet(r0, 0x0, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:55 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0) 20:42:55 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) bind$inet(r0, 0x0, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:55 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5423, 0x0) 20:42:55 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0) [ 1006.298891][T23835] FAT-fs (loop0): bogus number of reserved sectors [ 1006.314822][T23835] FAT-fs (loop0): Can't find a valid FAT filesystem 20:42:55 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x0, &(0x7f00000001c0), 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:55 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) [ 1006.419935][T23852] FAT-fs (loop0): bogus number of reserved sectors [ 1006.442154][T23852] FAT-fs (loop0): Can't find a valid FAT filesystem 20:42:56 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) ioctl$TCSBRK(r0, 0x5409, 0x80000000006) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r3 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fsconfig$FSCONFIG_SET_PATH_EMPTY(r2, 0x4, &(0x7f00000004c0)='\x00', &(0x7f0000000500)='./bus\x00', r2) fchdir(r3) mq_timedreceive(r2, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) ioctl$PPPOEIOCDFWD(r1, 0xb101, 0x0) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000400)=ANY=[@ANYBLOB="00fdfdff863802bb070000f2d1efb1dc5cbf0000400000000000007fffffe30000000064df5e0acad550fe203534da91b5b907501e1a14dc00765f47f40fb1d96033ccfdff06d903b0fbf2b0a3966528eb4cb7131aef785f25df8e00000000000000d154cf06f8816db09a43fdf25dc81ebbbba9cd6a28a52d766faae26b5317be41503b4289d7964ea884"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r3, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:42:56 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5424, 0x0) 20:42:56 executing program 1: r0 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x0) 20:42:56 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:42:56 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:56 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x0, &(0x7f00000001c0), 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:56 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000013000)=[@in={0x2, 0x0, @broadcast}], 0x10) 20:42:56 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5425, 0x0) 20:42:56 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, 0x0, 0x0) 20:42:56 executing program 1: r0 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x0) [ 1007.257232][T23870] FAT-fs (loop0): bogus number of reserved sectors [ 1007.294533][T23870] FAT-fs (loop0): Can't find a valid FAT filesystem 20:42:56 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5427, 0x0) 20:42:56 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{0x0}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:56 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) r4 = syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0x2, 0x2) ioctl$VIDIOC_G_PARM(r4, 0xc0cc5615, &(0x7f00000000c0)={0x6}) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) memfd_create(&(0x7f0000000400)='ppp0mime_type\x00', 0x7) 20:42:56 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:42:56 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, 0x0, 0x0) 20:42:56 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5428, 0x0) [ 1007.440683][T23895] FAT-fs (loop0): bogus number of reserved sectors [ 1007.455017][T23895] FAT-fs (loop0): Can't find a valid FAT filesystem 20:42:56 executing program 1: r0 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x0) 20:42:56 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5429, 0x0) 20:42:56 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{0x0}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:56 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, 0x0, 0x0) 20:42:56 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:42:56 executing program 1: r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) 20:42:56 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000), 0x0) [ 1007.617336][T23908] FAT-fs (loop0): bogus number of reserved sectors [ 1007.654558][T23908] FAT-fs (loop0): Can't find a valid FAT filesystem 20:42:56 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:42:57 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) ioctl$DMA_BUF_IOCTL_SYNC(r2, 0x40086200, &(0x7f0000000400)=0x1) fchdir(r2) semget(0x3, 0x1, 0x180) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000050000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7c60c131acf785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:42:57 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{0x0}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:57 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5437, 0x0) 20:42:57 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000), 0x0) 20:42:57 executing program 1: r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) 20:42:57 executing program 2: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) 20:42:57 executing program 1: r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) 20:42:57 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) bind$inet(r0, &(0x7f0000003ff0)={0x2, 0x0, @empty}, 0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000013000), 0x0) 20:42:57 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5441, 0x0) [ 1008.333577][T23930] FAT-fs (loop0): bogus number of reserved sectors [ 1008.340256][T23930] FAT-fs (loop0): Can't find a valid FAT filesystem 20:42:57 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:57 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5437, 0x0) 20:42:57 executing program 2: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) [ 1008.451980][T23950] FAT-fs (loop0): bogus number of reserved sectors [ 1008.459676][T23950] FAT-fs (loop0): Can't find a valid FAT filesystem 20:42:58 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:58 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5450, 0x0) 20:42:58 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) 20:42:58 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5437, 0x0) 20:42:58 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="8300000029000000000000010000000000002405002e2f6275730000000000000000954343480009000000000000000007002e2f66696c6530000400000000000000000000000900000000000000df05002e2f6275730000000000000000000000000000000000000000000507002e2f66696c6530"], 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:42:58 executing program 2: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) 20:42:58 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5451, 0x0) 20:42:58 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5437, 0x0) [ 1009.212077][T23968] FAT-fs (loop0): bogus number of reserved sectors [ 1009.233928][T23968] FAT-fs (loop0): Can't find a valid FAT filesystem 20:42:58 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:58 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x5437, 0x0) 20:42:58 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5452, 0x0) 20:42:58 executing program 2: r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:42:58 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x5437, 0x0) 20:42:58 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) 20:42:58 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x545d, 0x0) [ 1009.390445][T23988] FAT-fs (loop0): bogus number of reserved sectors [ 1009.417687][T23988] FAT-fs (loop0): Can't find a valid FAT filesystem 20:42:58 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x5437, 0x0) 20:42:59 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) openat$null(0xffffffffffffff9c, &(0x7f0000000400)='/dev/null\x00', 0x4000, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:42:59 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5460, 0x0) 20:42:59 executing program 4: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x5437, 0x0) 20:42:59 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174", 0xb}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:42:59 executing program 2: r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:42:59 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) 20:42:59 executing program 4: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x5437, 0x0) 20:42:59 executing program 4: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x5437, 0x0) 20:42:59 executing program 2: r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:42:59 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5601, 0x0) [ 1010.152647][T24016] FAT-fs (loop0): bogus number of reserved sectors [ 1010.183662][T24016] FAT-fs (loop0): Can't find a valid FAT filesystem 20:42:59 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5437, 0x0) 20:42:59 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) 20:43:00 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000380)={0x0, r0, 0x0, 0x1, &(0x7f0000000340)='\x00'}, 0x30) ptrace$cont(0x1f, r2, 0x2, 0x7) r3 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r3) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) shutdown(r0, 0x0) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000880)=ANY=[@ANYBLOB="8300000029000000000000010000000000000000000000000000000000002228540800b534286275730000000000000000000000b014ad53000009000000000000000007002e2f66696c6530c76d101e40141c39e03245e011000400000000000000000000000900000000000000df055b7a5c4c74730000000000000000000000000000000000000000000507002e2f66696c6525fbab9c1bc885756edb5a94d7c294bd805205039852d099684e3785bdf3d3d098d7db964a8d0e75a59e5f7902707f61be01877b02cbba081ebd0a3d7d8b517b9dc7d3e7196d7ffbcddb276fef2fe70bff6a8c505f5404d193bbcca1abff030000000000008e0aa4f20101c9645a2e56ed7bd32310b9805714c002d876bd2addd904cbafc817b45f41451cb657c88c71494c43a89100e0131163d9baf34721d749e14fcdb511f7b93822555be16220bcb60b389c23a89b5acd6a0ced56e3ee91ed57d7019014f447c3ed"], 0x83) io_uring_register$IORING_UNREGISTER_BUFFERS(r0, 0x1, 0x0, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r4, &(0x7f0000000580)=ANY=[@ANYBLOB="00b9fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000080464df5e0acafe203534dad1b5b9fb501e1a05dc00041f9d63e232b9b2500fb1d96033ccfdff06c903b0fbbb10c43e2a9e872db7860c131aef785f25df"], 0x71) mq_timedsend(r4, &(0x7f0000000400)="f7a8635829a60a7e2141e38ff204c6e8b75b1d266590745578cc38c87835cad7528b7a9a5b1cbe4df68558375c3cc1e8b8b90aef95c5e64fe0c28da592d577e9c80dd6b22a9caa0956038a90ef2d9d33bfe4b15b8a2652b93b24063add95db309ef1425392f76b7418d97a89768bd8", 0x6f, 0x391b, &(0x7f0000000480)={0x0, 0x989680}) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000300)='/dev/sg#\x00', 0x6, 0x103680) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) sendfile(r4, r4, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r3, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x0, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x47) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) ptrace$cont(0x7, r2, 0x4, 0xfffffffffffffffc) 20:43:00 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174", 0xb}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:43:00 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5437, 0x0) 20:43:00 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x6364, 0x0) 20:43:00 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:43:00 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) 20:43:00 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x8912, 0x0) 20:43:00 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5437, 0x0) [ 1010.990733][T24046] FAT-fs (loop0): bogus number of reserved sectors [ 1011.002923][T24046] FAT-fs (loop0): Can't find a valid FAT filesystem 20:43:00 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:43:00 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174", 0xb}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:43:00 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x8933, 0x0) 20:43:00 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) [ 1011.159972][T24062] FAT-fs (loop0): bogus number of reserved sectors [ 1011.172197][T24062] FAT-fs (loop0): Can't find a valid FAT filesystem 20:43:01 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="83000000290000000000000100000000000000000000000000000000000000000405002e2f62757300aac77ebed76197cff698355b70c300000000000000000000000009000000000000000007002e2f66696c6530000400000000000000000000000900000000000000df05002e2f62757300"/131], 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:43:01 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5437, 0x0) 20:43:01 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:43:01 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x89e1, 0x0) 20:43:01 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002", 0x11}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:43:01 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) 20:43:01 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5437, 0x0) 20:43:01 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x40045431, 0x0) [ 1011.902587][T24080] FAT-fs (loop0): invalid media value (0x00) [ 1011.910131][T24080] FAT-fs (loop0): Can't find a valid FAT filesystem 20:43:01 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x5437, 0x0) 20:43:01 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) 20:43:01 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x40045436, 0x0) 20:43:01 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002", 0x11}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) [ 1012.086662][T24100] FAT-fs (loop0): invalid media value (0x00) [ 1012.113365][T24100] FAT-fs (loop0): Can't find a valid FAT filesystem 20:43:01 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6d8d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:43:01 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x5437, 0x0) 20:43:01 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400454ca, 0x0) 20:43:01 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:43:01 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002", 0x11}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:43:01 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) 20:43:02 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455cb, 0x0) 20:43:02 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x5437, 0x0) 20:43:02 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) [ 1012.839061][T24114] FAT-fs (loop0): invalid media value (0x00) [ 1012.869642][T24114] FAT-fs (loop0): Can't find a valid FAT filesystem 20:43:02 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x5437, 0x0) 20:43:02 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270", 0x14}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:43:02 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) [ 1013.052191][T24138] FAT-fs (loop0): invalid media value (0x00) [ 1013.066262][T24138] FAT-fs (loop0): Can't find a valid FAT filesystem 20:43:02 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000400)=ANY=[@ANYBLOB="83000000290000000000000100000000000000000000000000000000000000000405002e2f6275730000000000000000000000000009000000000000000007002e2f66696c6530000400000000000000000000000900000000000000df05002e2f6275730000000000000000000000000000000000000000000507002e2f66696c653030d38b23a7fd30331cf814e904f2981a968f499f7f80b0097a25f9936f5d7928ec975900b7adee910c5ef02d78e0e192d7b0c00e862c53f1d60c0367b9953a16686ea50da147148adbb4238460406d53be5c6d3a9fe5d8099f3c679cf0e746bc3b50f4580aba1ce1fafcd7d714dc10c90629d2375c4aac"], 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:43:02 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x40049409, 0x0) 20:43:02 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$KDADDIO(r0, 0x5437, 0x0) 20:43:02 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) 20:43:02 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270", 0x14}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:43:02 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:43:02 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$KDADDIO(r0, 0x5437, 0x0) 20:43:03 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x401070c9, 0x0) 20:43:03 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) [ 1013.765306][T24149] FAT-fs (loop0): invalid media value (0x00) [ 1013.787650][T24149] FAT-fs (loop0): Can't find a valid FAT filesystem 20:43:03 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$KDADDIO(r0, 0x5437, 0x0) 20:43:03 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270", 0x14}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:43:03 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x4020940d, 0x0) [ 1013.943232][T24170] FAT-fs (loop0): invalid media value (0x00) [ 1013.952251][T24170] FAT-fs (loop0): Can't find a valid FAT filesystem 20:43:03 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000500)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) symlinkat(&(0x7f0000000400)='./bus\x00', r0, &(0x7f0000000440)='./bus\x00') syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) openat$cgroup_type(r0, &(0x7f0000000480)='cgroup.type\x00', 0x2, 0x0) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f00000004c0)='./file0\x00', 0x400000000000) 20:43:03 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:43:03 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x80045430, 0x0) 20:43:03 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x5437, 0x0) 20:43:03 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x0, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) 20:43:03 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7", 0x15}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:43:03 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x5437, 0x0) 20:43:03 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x80045432, 0x0) [ 1014.688313][T24185] FAT-fs (loop0): invalid media value (0x00) [ 1014.706878][T24185] FAT-fs (loop0): Can't find a valid FAT filesystem 20:43:03 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:43:04 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7", 0x15}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:43:04 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x5437, 0x0) 20:43:04 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x80045438, 0x0) [ 1014.861561][T24202] FAT-fs (loop0): invalid media value (0x00) [ 1014.895884][T24202] FAT-fs (loop0): Can't find a valid FAT filesystem 20:43:04 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCBRDELBR(r1, 0x89a1, &(0x7f0000000400)='team_slave_0\x00') syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) ioctl$RTC_EPOCH_SET(r0, 0x4008700e, 0x8) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:43:04 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x0, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) 20:43:04 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x80045439, 0x0) 20:43:04 executing program 4: 20:43:04 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7", 0x15}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 20:43:04 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:43:04 executing program 4: [ 1015.565993][T24217] FAT-fs (loop0): invalid media value (0x00) [ 1015.584328][T24217] FAT-fs (loop0): Can't find a valid FAT filesystem 20:43:04 executing program 4: 20:43:04 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x80045440, 0x0) 20:43:04 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x0, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) 20:43:04 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(0x0, 0x0) 20:43:04 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x800454d2, 0x0) 20:43:05 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = syz_open_dev$radio(&(0x7f00000004c0)='/dev/radio#\x00', 0x3, 0x2) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000500)='rdma.current\x00', 0x0, 0x0) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000600)={0x0, r1}) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r3 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r4 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r4) mq_timedreceive(r3, &(0x7f00000000c0)=""/82, 0x7a, 0x100000000000007f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r5 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r5, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000440)="1be82873c15e6f5d0fd583b9ed43af673a7fbdb8a599dcbab0ec2ad014898977931ec143e76280a5a71a90512690aa451ebbb12d02f8317a1c277355c963a2137359c219a94441d0bc3043520e5aeddaa07f360b74e1dd1472a4481945d8fffe", 0x60) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r5, r5, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r4, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) ioctl$CAPI_REGISTER(r3, 0x400c4301, &(0x7f0000000400)={0xf323, 0x8, 0x7}) 20:43:05 executing program 4: 20:43:05 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:43:05 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(0x0, 0x0) 20:43:05 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) 20:43:05 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x800455c9, 0x0) 20:43:05 executing program 4: 20:43:05 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x800455ca, 0x0) 20:43:05 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(0x0, 0x0) 20:43:05 executing program 4: 20:43:05 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:43:05 executing program 4: 20:43:06 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="83000000290000000000000100ff709a816cc30001000000000000002e2f6275730000000000000000000000000009000000000000000007002e2f66696c6530000400000000000000000000000900000000000000df05002e2f6275730000000000000000000000000000000000000000000507002e2f66696c6530892668319c4c58"], 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:43:06 executing program 0: 20:43:06 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) 20:43:06 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x800455cc, 0x0) 20:43:06 executing program 4: 20:43:06 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:43:06 executing program 4: 20:43:06 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x80086301, 0x0) 20:43:06 executing program 0: 20:43:06 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) 20:43:06 executing program 4: 20:43:06 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x800455cc, 0x0) 20:43:07 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000000400)="eb3c906d6b66732e666174000204010002000270fff8", 0xffffffffffffffa3}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r1) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cacc4d550000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc0044019d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:43:07 executing program 4: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCBRDELBR(r1, 0x89a1, &(0x7f0000000400)='team_slave_0\x00') syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) ioctl$RTC_EPOCH_SET(r0, 0x4008700e, 0x8) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:43:07 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x0, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:43:07 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x800455cc, 0x0) 20:43:07 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x8010aa02, 0x0) 20:43:07 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) 20:43:07 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x800455cc, 0x0) 20:43:07 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0xc004500a, 0x0) 20:43:07 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) 20:43:07 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x0, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:43:07 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x800455cc, 0x0) 20:43:07 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0xc0045878, 0x0) 20:43:08 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) getsockopt$inet_mreqn(r3, 0x0, 0x20, &(0x7f0000000440)={@initdev, @multicast1}, &(0x7f0000000480)=0xc) fstat(r1, &(0x7f0000001b40)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$gfs2(&(0x7f0000000240)='gfs2\x00', &(0x7f0000000280)='./file0\x00', 0x7ff, 0x9, &(0x7f0000001a40)=[{&(0x7f0000000600)="5eb4b2c4dad0195cb0c30318d512d333ee94849dce746d735cf607d7e45def33ddde1ae178af494ac06fb4621dc0b444a5fa65a45fe0a1e619a62c2c18ba5f06bcea186d29b752ec450573582f6db5d6eccbc1f2056ff2cc21c20e05e5", 0x5d, 0x9}, {&(0x7f0000000680)="6813ff23399c8375c4c390f6a33ea3d987ab835d751a7fa96913cf9d36340e4c2761518db174dcdab2f0faa7ce", 0x2d, 0x10001}, {&(0x7f0000000880)="d9cc6fd813d562b8d160f5162e554a1305df04ef0c86c73531461e3104aa44af3233a46ed0a5166a2754e74969434fb11b8f605a31afa89b3dcea5925e47e7c55cd310d25e03f026d3e401fa24d5fb67af90d3ae7c78c966299443ac6e822acfa210bf0bc9ceabaaf23bad55e4c3ae2f97085e9b8350d11f132121eaa59c169d07b380109191ec942d60577f619843717f914e787bb176c4409a871fc9d99be6ff5fa83c7b6571a8f3971e7c07153ce20acf3f8c13211f662e593de6e8953e54606032d0ecebe261ad9e0778143ae6679b0d04eb926b4711c858b5a54d4184aae43726a0aff521313615d66023e275175885e4eb6f7948519e6931d907722900040c27ececde22050fadbc14107760ebcf0b62a7855f1ec51bbc8de1f3802c4909a056d0fa58a9bd31b42c37b0a89d3515d354285a36052302ce0b7070d175ecfd741a8961a5c8cd1f48db2db37a31028e7ba163b96c4641567151f49bbb0c9c690c86015708b1a5063610ba4dae98962880b6c7fd540953f8ab01a5572a483f0b7d9b6c07629168f0af0029c1f9dfa7ede131dee346aa16fd11154992030ee55263186a95e0bed1e4dfc15e53587780278f29138aff31e2ef1d9c23bcd685c1e08a6a67e972d5d22a092957429859426d35730504db8066fe7b1375eb7031ed3f7f6af31f6f4a62f34108feef0db1380d02f7dae555ef87d596f578463c89a143713f43f12b6461bfc72183c54d789c58347addc2d9aae3f7141cafe0323a6ef1b538d0b5468778f384d08d052d1dafbfcd63e6c69d974d97b860af9425c31cde7fe623c6916a137029305dfe224651c6b06414312fea578dbf404a9b7a5f0bcffe53b5391c2518a24b887f49e6cf127c6efc92871e3de2ec25671464915dcbcacdef876d14be31a8e0f46ae8a7db64cf6bd8cd1baffdce3696425f71a9bf3b7bfeb490e1d36c7dfaff0b391e8e6abd76261294e25f47e865288b30e07e281991e69bf2e236a9241e9c7280e66a061dca3e25eeb7bb92e9f44bf4cff4593660f5ed450496f16faec756fa740d2ee1b17f8ef8e6a496348afc7a61d2d88bf4b098b53e734056fde31ef412fd8d821f937183fd5365119192bafdad091904a1d9fd8a0467c8a53a5782ff8c30eac699d57bf5a1ca3bfd5850d0a8291dcf89d801e6e56e13dbe8cecd626d1883920a3c1ba2c26b559d0fe2097da10238d027224a5eee9c51f35434fa044ad350c2fb662f1631a5d81457e240d42f2d7bff752fd8b2d23ef6eb31dc6f97185d17bc02c6729e1ef54abe7237c0ffb450653b5d93d9d8e9f53972e47d1d1612c3f6daa2ab4eb71c616dfd2815c2ef4cf3a6f52b2bd4cafc27699d94044e1e75e2d8de7915519a48ad9946eb8aa2cf2042caaa2faa129a66ab2d5148238298f575b5c9d300234227cc284b40076dbfdc9f8d781b14341598f88ec76367196abed8b42a4f0c1b3fc1c9c9727139ec00ba17ced41344001edbebe7c53be4bc9ce454f0a273460e0e708f0842490b39d3957478a11bb4d855e6e9c03a865f4b91d8a7192b80c2e504debf5368cb6fa46358e65fc01bac808de1065c810170a1d19f25c88548c47a7fd8cb5f2b9e382c0f21f9b482fc6957e54f015b1f9ccfd5c4a5bd32a91c24eea616b90593827e7328f8c8f23d801fa4f28442bcdb2986a7e930114f8782ae59893dfe27685d3c0add575d5e713aae7b4c0ad19a892240b70e77cb3c8dc43da742c68fae88da76f173858a47693b44df1e89d01aad051c3283c48a2b718694797d7233c7dc4f175918da54e65f880f7c21f6b7aefcb8be016cca16be1be2d98a5a272cdaed0e4bcd41f5efb93353699e02dbb4acff1c965789723bfe39da300e3f44c9a2a35724d80790b4494ad8d33cfb547526f9b2f7d390ce0981a683cd34664dcc8e566e115cc6f3aa80a41f305a9b425200a965ae8e98765573e1e0ae1d048a346b6e13942b9e7fa93ecc2621c204833f940465f6ba2b9c52e37b1cd2e54d86193d5978eda07dedc28cbb811e0bd3152a95ed6250e1e1417c5afc7a9cc1675ddae0cbbd320449ec68e176a9cc0c48258ff27c9d574155b1a71f5ad769c5adf2e3e6f26b6314e73cf3cbb1bc9df07a81bd7ae0644a0e0ad19c464930aee2fe14d48e8de5c51ce6d329c68805606c6373aca5ab5a6c2e6cdbd02f890bd6c6988364b4d6127bad4d5f710be946b7a3878190c96ef15d694323cecd3248a403e7b074fb9789be6577cc3de52ee4eccb75ea711aebc6d9bdce7d467d1c4afc1663c87dc1660120b6af2f5b819dbbb7e2cc5fdc94f2be877b1a9ea7d5d0b13b701b650bc471e352ae48b045298625e1cdf9ef72f9a752cf300ff3704bb113343033948c82dd0f9fc94f9f14f4ff30f528cb364753c3b8c47f792507ed0c7d6722e9936892605d06b439c7a03c75a9fa29a36dba5ce13b5e03a36eb5ed2a3a234ce51385ba90b4c967634e662a1cc42e4f14af4d0383c24128baa46f9ce8d6aa4407338650fd5fd87206d2c3d9c769d5a06740d0afb7138daf4cf822b048375fe9aa629b1403e7654a85c93a4169378623d16a1eeed716c98a25199cfed026edfa6a163018a4e5e3d1efcd6a38097727c28db7cb2100b4bc422902f7af6cc25d6a3da8b14e690320f1982363a5062cc61e0d1b767a7925038c81c6ee766477451109f939c9a33d8bc8710957db29394f3d4bd0110be0073adb2183af7e04b6342011c2921550cb2bd7c1c43cba24854f3084a8ba8635d4e32f985921bb77cd645c7598c59dc1d4158a7224a5ab0d3dd803653b9312f70eeb9f2a8f3b811d24c6ffb4d7d9286f7666fd834cad81134bfc28cf25a88920876ef503b532e147efa97cd52deca67b7063be167c302a1e06e17e5931c874b34d40bab3822dc054632b3cfe41209b6ce918d69cb4da995a1544a70f395417b15b29bafb2de89419d3fd3315b550115a3a2bb1c618e44dbb6e17687b2790107deff4eda28c14b469b85926d761455807c6d1a31553c980b4cc2fc1dee94e5ca8d6328ccd6852edb1ddf35fa172cf4c8cf4d351ecf2d2d7bd1c1acd939ac3a8bb00a7cfeb3fd78a23cd3d36eec0cba8949f6db2a85e69dd62f181a90a82dd7ddc2a88f95507425904209cb2f8026a2187558a935ff3dbbf762faf31bb512db75b485030291afa755d48adf368710005f54abd334f6fb8c1a7fef2bfee27d1807b3fa776f0f3985e94487b2fbd5ca88599bf50be9517aa32123c1775b31c81b05f3ff0dce31d6a3da88529cb12c1c328d1b901798154bfa2694e8dceaab89e02d7cbedbb4551a204d47e612abb94f3e5cb7bc28c0961580558482211e263b9d3d39b62e55535b5cd2466b21e9b02778d6f5561fbbf6666db1e3e59c166a711fc6c94761d9b380412b814b6d92379fe51440e20b85507aabb253701c5c9c060a762567ff86a88f1a3feab1684e3c3b2688e9ed2979c5678e1014b90cbeeb9e2cc5d50e197b59f0ed59fc05bbf51bbd14781fc1c201cb8ad4886cb3ea9cd6e7de3468ae20b594d6a4036bc41b92bf41bd0f5e711c13981f523aead86f9c3797ce10d3026dfb7feedbd78db1e0382803c224ca617683a2dadbce4e37800d877e2dd597cefe917b7d222ff76988c0e78ba428575ca620189c9787a80898e07a6d4bb37bc592b09bdd5ddc7304d41a684e00d793dc87108f2d2b54fd0a6314f631e136c3a71c5423c439ff402c4f83ecf0a3544375a78628660d3d305e40b4f63762bdbaf0f157dec26ba3f497a570387437de6846b12d275d25e28fcbbc6137790b0ac6ec91ce63e9cc48f226b167a1ad1bbe28e0745104fd6ac11151392ab74d32f57838b7523b00be1995b71672d3312e9932ef4f7ea7f1fc3a2ce813aa9a018791eb389e9896ea65e26792be01b9dbb09d819dbcefe2c25285c5189d453ee9dd6d09db6fc00110b18f0ece474b98f2210817be3ce3e21db50aefa84288660fe194cd59f6c6f7c87b2dc8096710342986a33e40f4edcf3764951aea853de3b2f168bd5a5f37dfbfe26c02874f10007acc906f5f0a89ac17e7cdbb9ef3c6877055b4d20b3b964a05167fdcb00648ef7e8b7d3bdf806dcec6e55db0b787715c0806a7534143e96cdc30959fdd1f7cd138c47e5dc2991693d8f9009cc18240fa18a1a49d440b164747aa6dc8a27775a065c5c2c6ffad27e3e43f50cb1334e7a33eea55644735d7bc51cfa13c334ae9523024285b97e4bdb898c291ff21cd80f3e307f7e094c8f30ee92d8d758a8a4b3a8f15d883f6cdef1342acb96273ef4a07c441e6057114657f0cf24d373d56d9705562c74a334535379f30d6381b7d22d9b5c80616312986e4cf77b1009bad6e457a7801569f5bc251dc50d7e1a2963df8026dff515f0689c4733ad059368d348f90b24fd9c96df74721fadd34622386b7ce8b9f92cd4a8a7887ff758fabd72bca59a51026588eee7125c354a76cbd9db71d54233c2a610bdaf0e6dcc749886efd00205df3f9715c75f453e8ae28cd89da1cfc4043e08324e3f1a57c0560ebea9f0af0357124548a4372ac97783bc76da791ac9979d343c0ec1de38f7d1aa721d846833ddb0bdd6e3dc99f000f7ce84120b4eddf295cffb380243cb739a4a1f5f52bb1703ea1c1f05024cbad5921ebb1c44589ecb515b521c8ef8b9ed013eb80f723726ac689d22952e9ce039e60681e16b35adaf001857045e5a8c68d5e8e4054085efae555bfc188e0f994a92436376fcd0c6339e537f2acb7beb86a9fb45019b8afff9d0e4ee94c26f90fe8f67bbc1e5d0dcc1b49997f0808b1099b7badbc88d8d6a35ddfa12c983d92df2dd2343d2bbbee727a2d1f86a6fc439b5e1e7cf1c74db08264211830434f8601c74c777c21fe68edb84331511c5850667ffd48cdf4a6ad5b9f4e6a3f4cdbcf611b0937736ae4cfc230bccaae9f59e289577e74a6ec330ed868fa411287c17b9437048c0329eeedd68f1ef53a3a7e6f3edd1ef9c989f5333ba1c273939c7924c988bbf59c1ea6c05eb449b80937fa92945fc0979c279a1850dc523da906083056b204fb9ecfd188d6b20c519e8b129afa36e959ba4e4adbb672d4bf3e190887a7f85adf82336bf03f9fae58bebaa66e6f1f336f70c685959059f7d45b455961113c59e9bc145b9eb570a163bde64e64304d4fcffc11812457ff607ed10e38eef915089e877240defcd4775685ec0feea37acb3079a7a3bd4501d5ef6152f7c4254df44c74f4253d01d16abadca38e1fef384480f71cd44e32b7263a8873172584d89373f08c80364018d9c8d2c73c514f0ce224f1cd0004e61acfab3bc462ae99e6151c3bb430564af2ca061c037eae32ddcf6389035a3ce1dff07b6b2e9e570d67aaa8d3d67635871c34f7578531f53a3a649684a70edc417318c40b7be4920ad0173e4f2dc4238224202329b6e987bd615936d3d5530f53e29f6a8f682a229a772f2a8a7f3c1a051362983f6245cfb14c9a50d4adf4dc3ee151aeb8e38653b7910af533c650624aa61f29ad3ad0e8313527dad0ef96c6653f42dac6a7b44202a0a55dd6af7c6c145974e0c4c6b70f6c47a358f28fc14bc4528448ef66d5a487c7a102a046b406e73a39c88c2911b03eb4f244562da414ca10205406f3ac9e08d5b400af541aa0598c509542812410c10086400cd96323841fc9f661005a1b7f11412f50adbb727f033a56422807fe0ca86306d37974c2ba7c1afa496b9970658f553b85776c47f525014187c38ef4c6faa0689d7a83d1d4d58674343344a3003361e80", 0x1000, 0x10000}, {&(0x7f00000006c0)="56e6de98944ce1a723cac8c8c6532aafb328dceb1fd6c50b2c3399e62d7d9a50dc758ffb970e8b48fb277cbc786f624b8971f586d3", 0x35, 0x6}, {&(0x7f0000000700)="8a96ae6a3862ab", 0x7, 0x7f}, {&(0x7f0000001880)="ce3b82fa57b27aa4620b6aab2686d886180e155e932be88ec0a6fac118b22dee918b2f9cd4e6ef7c717258c6e8000db72ab430385d544c3cb3721c925dc4460ef0e851de58a22fc88aebe68b1cc59857b83ee3a4557dcdb5895a0123078629fca0b21a38b702d35d9af0dc24db850080b765fe270fefd864a51bac7045af08444e2abb949fc3d4bf0f4d80af8b676a42526e7add78b88b8ba105c5869b5aeff1b6f89c49ef913cd5a7ea0f52db0d3fabe9e593b708493bff26863a5016e5cfbeca9697bc603f853fe9570725ac877af468281462999656b9e25766fbaffa5198ede43084354c4b0aa524", 0xea, 0x7}, {&(0x7f0000000780)="ede8b66adc149cd03c6dd6", 0xb, 0x10000}, {&(0x7f0000001980)="580facaa677c4e0e150d56ec00d6f193d2889037d049c0dc1cc5017dc1049800bcd35a81684dee83b9036417158153f9cffab9217ebd3813abef23d11543689e98cd5ceb06ae8299826ea7018abcfeecdcb5814637f9dff882188d8564a85fe976a7d80b67c5f8e9c8ccc14aacff85a8adc64d932a19d93997ca29c4455c6c81586c5374d01f18b0b422abe1d7ec4cafa2af23e455b05af1d8096c4793deb4a65845e6cbabfa0630a1f2b5fa0a21af8bfba1443a", 0xb4}, {&(0x7f00000007c0)="4a50f69858c03b4f121c9115083dd502642fb9183c400a0b70568f9e71d82e3ba40dbecdfaa0ef4c0c9baedcbf2e4da1ad0660687382bcf6102ffcf4", 0x3c, 0xff}], 0x80, &(0x7f0000001bc0)={[{@data_writeback='data=writeback'}, {@barrier='barrier'}, {@lockproto_nolock='lockproto=lock_nolock'}, {@barrier='barrier'}], [{@fowner_lt={'fowner<', r4}}]}) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$CAIFSO_LINK_SELECT(r1, 0x116, 0x7f, &(0x7f0000000400)=0x8001, 0x4) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f00000004c0)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0xfffffef8) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:43:08 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x800455cc, 0x0) 20:43:08 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) 20:43:08 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0xc0045878, 0x0) 20:43:08 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x0, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:43:08 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455cb, 0x0) 20:43:08 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x800455cc, 0x0) 20:43:08 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0xc0189436, 0x0) 20:43:08 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x800455cc, 0x0) 20:43:08 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:43:08 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455cb, 0x0) 20:43:08 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x0) 20:43:09 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000400)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad5501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e00000000000000000000fddc76f37503f37f1811e00d90b86a690cb0481500757bd37a600ac4ee56cedc8775741c4db279b97f807bca"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:43:09 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x800455cc, 0x0) 20:43:09 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455cb, 0x0) 20:43:09 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0xc020660b, 0x0) 20:43:09 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:43:09 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x0) 20:43:09 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x800455cc, 0x0) 20:43:09 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455cb, 0x0) 20:43:09 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0xc02c563a, 0x0) 20:43:09 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x800455cc, 0x0) 20:43:09 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455cb, 0x0) 20:43:09 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x0) 20:43:10 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) lsetxattr$security_smack_entry(&(0x7f0000000400)='./bus\x00', &(0x7f0000000440)='security.SMACK64MMAP\x00', &(0x7f0000000480)='vfat\x00', 0x5, 0x2) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:43:10 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:43:10 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455cb, 0x0) 20:43:10 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x800455cc, 0x0) 20:43:10 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0xc0cc5616, 0x0) 20:43:10 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0) 20:43:10 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x2) 20:43:10 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x800455cc, 0x0) 20:43:10 executing program 4: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455cb, 0x0) 20:43:10 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x800455cc, 0x0) 20:43:10 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0) 20:43:10 executing program 4: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455cb, 0x0) 20:43:11 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000400)={0x0, 0x10000}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000480)={r1, 0x2}, &(0x7f00000004c0)=0x8) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r3 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r3) mq_timedreceive(r2, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r4, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r4, r4, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r3, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:43:11 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:43:11 executing program 4: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455cb, 0x0) 20:43:11 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x800455cc, 0x0) 20:43:11 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x3) 20:43:11 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x0) 20:43:11 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455cb, 0x0) 20:43:11 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x800455cc, 0x0) 20:43:11 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) 20:43:11 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455cb, 0x0) 20:43:11 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x800455cc, 0x0) [ 1022.083528][T24438] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 1022.108872][ T7] Bluetooth: hci0: Frame reassembly failed (-84) 20:43:11 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455cb, 0x0) 20:43:12 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534dab9d70f96391ff02bdc00441f9d63e232b9b2500fb1d960d903b0fbd2b0a3966428eb4cb7861f0c131aef785f25df8e"], 0x71) ioctl$EVIOCGEFFECTS(r3, 0x80044584, &(0x7f0000000400)=""/99) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:43:12 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x3) 20:43:12 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:43:12 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x800455cc, 0x0) 20:43:12 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455cb, 0x0) 20:43:12 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455cb, 0x0) 20:43:12 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x3) 20:43:12 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x800455cc, 0x0) [ 1024.162128][ T22] Bluetooth: hci0: command 0x1003 tx timeout [ 1024.169353][T19431] Bluetooth: hci0: sending frame failed (-49) [ 1026.242119][ T22] Bluetooth: hci0: command 0x1001 tx timeout [ 1026.248207][T19431] Bluetooth: hci0: sending frame failed (-49) [ 1028.322122][ T22] Bluetooth: hci0: command 0x1009 tx timeout 20:43:21 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x5) 20:43:21 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) 20:43:21 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455cb, 0x0) 20:43:21 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x3) 20:43:21 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$KDADDIO(r0, 0x800455cc, 0x0) 20:43:21 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = syz_open_dev$dspn(&(0x7f0000000400)='/dev/dsp#\x00', 0x4, 0x80000) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000440)={0x0}, &(0x7f0000000480)=0x8) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f00000004c0)={r1, 0x366}, &(0x7f0000000500)=0x8) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffc000/0x1000)=nil, 0x1000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r3 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$SIOCSIFMTU(r2, 0x8922, &(0x7f0000000600)={'syz_tun\x00', 0x1ff}) r4 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r4) mq_timedreceive(r3, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) bind$bt_l2cap(r4, &(0x7f0000000640)={0x1f, 0xb835, {0x3ff, 0x100000000, 0x200, 0xfffffffffffffffe, 0x40, 0x7}, 0x1, 0x9}, 0xe) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="83000000290000000000000100000000000000000000000000000000000000000405002e2f6275730000000000000000000000000009000000000000000007002e2f66696c6530000400dd0000000000000000000900000000000000df05002e2f6275730000000000000000000000000000000000000000000507002e2f66696c6530"], 0x83) r5 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r5, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r5, r5, &(0x7f0000000000), 0x8080fffffffe) write$FUSE_INIT(r4, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:43:21 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455cb, 0x0) 20:43:21 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x3) 20:43:21 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$KDADDIO(r0, 0x800455cc, 0x0) 20:43:21 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) 20:43:21 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x3) 20:43:21 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x6) 20:43:21 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455cb, 0x0) 20:43:21 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$KDADDIO(r0, 0x800455cc, 0x0) 20:43:21 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x3) 20:43:22 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) 20:43:22 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455cb, 0x0) 20:43:22 executing program 5: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r2) mq_timedreceive(r1, &(0x7f00000000c0)=""/82, 0x52, 0x7f, &(0x7f0000000040)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000300)={0x83, 0x29, 0x0, {0x0, [{{0x1}, 0x0, 0x4, 0x5, './bus'}, {{}, 0x9, 0x0, 0x7, './file0'}, {{0x0, 0x4}, 0x9, 0xdf, 0x5, './bus'}, {{}, 0x0, 0x5, 0x7, './file0'}]}}, 0x83) r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0xc) write$binfmt_aout(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="00fdfdff863802aa0063b8f24252b1d85cbf000040000038e70f657fffffe30000000064df5e0acad550fe203534da91b5b9fb501e1a05dc00441f9d63e232b9b2500fb1d96033ccfdff06d903b0fbd2b0a3966428eb4cb7860c131aef785f25df8e"], 0x71) connect$vsock_dgram(r3, &(0x7f0000000400)={0x28, 0x0, 0xffffffff, @my=0x0}, 0x10) setsockopt$bt_BT_FLUSHABLE(r1, 0x112, 0x8, &(0x7f0000000440)=0x9, 0x4) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r3, r3, &(0x7f0000000000), 0x8080fffffffe) epoll_ctl$EPOLL_CTL_DEL(r0, 0x2, r1) write$FUSE_INIT(r2, &(0x7f0000000240)={0x50, 0x0, 0x6, {0x7, 0x1f, 0x4, 0x1000, 0x7, 0x655c, 0x1dcbd324, 0xfffffffffffffffd}}, 0x50) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) 20:43:22 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x800455cc, 0x0) 20:43:22 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x7) 20:43:22 executing program 1: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x3) 20:43:22 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$KDADDIO(r0, 0x400455cb, 0x0) 20:43:22 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) 20:43:22 executing program 1: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x3) 20:43:22 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x800455cc, 0x0) 20:43:22 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x8) 20:43:22 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) ioctl$KDADDIO(r0, 0x400455cb, 0x0) 20:43:22 executing program 1: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x3) 20:43:22 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) [ 1033.556456][T24534] debugfs: Directory 'hci0' with parent 'bluetooth' already present! [ 1033.569775][ T1519] ------------[ cut here ]------------ [ 1033.575685][ T1519] WARNING: CPU: 1 PID: 1519 at drivers/tty/tty_ioctl.c:320 tty_set_termios+0xdcb/0x15f0 [ 1033.585407][ T1519] Kernel panic - not syncing: panic_on_warn set ... [ 1033.592004][ T1519] CPU: 1 PID: 1519 Comm: kworker/u5:0 Not tainted 5.3.0-rc2+ #55 [ 1033.599713][ T1519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1033.609866][ T1519] Workqueue: hci0 hci_power_on [ 1033.614620][ T1519] Call Trace: [ 1033.618087][ T1519] dump_stack+0x1d8/0x2f8 [ 1033.622439][ T1519] panic+0x29b/0x7d9 [ 1033.626344][ T1519] ? trace_hardirqs_on+0x74/0x80 [ 1033.631295][ T1519] ? __warn+0x126/0x230 [ 1033.635457][ T1519] ? nmi_panic+0x97/0x97 [ 1033.639697][ T1519] ? __probe_kernel_read+0x14b/0x1a0 [ 1033.644981][ T1519] ? tty_set_termios+0xdcb/0x15f0 [ 1033.650003][ T1519] ? is_valid_bugaddr+0x81/0x100 [ 1033.654943][ T1519] __warn+0x22f/0x230 [ 1033.658927][ T1519] ? tty_set_termios+0xdcb/0x15f0 [ 1033.663952][ T1519] report_bug+0x190/0x290 [ 1033.668280][ T1519] ? tty_set_termios+0xdcb/0x15f0 [ 1033.673317][ T1519] do_error_trap+0xd7/0x440 [ 1033.677813][ T1519] do_invalid_op+0x36/0x40 [ 1033.682220][ T1519] ? tty_set_termios+0xdcb/0x15f0 [ 1033.687240][ T1519] invalid_op+0x23/0x30 [ 1033.691398][ T1519] RIP: 0010:tty_set_termios+0xdcb/0x15f0 [ 1033.697633][ T1519] Code: 0f 85 3b 08 00 00 31 c0 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 73 6b be fd 48 c7 c7 3d b9 7a 88 31 c0 e8 a8 ca a6 fd <0f> 0b e9 38 f3 ff ff 89 d9 80 e1 07 fe c1 38 c1 0f 8c d9 f2 ff ff [ 1033.717233][ T1519] RSP: 0018:ffff8880a625f7a0 EFLAGS: 00010246 [ 1033.723307][ T1519] RAX: 0000000000000024 RBX: 0000000000000001 RCX: 942dd6da568bd500 [ 1033.731276][ T1519] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 1033.739250][ T1519] RBP: ffff8880a625f8b0 R08: ffffffff816068b4 R09: ffffed1015d66088 [ 1033.747220][ T1519] R10: ffffed1015d66088 R11: 0000000000000000 R12: ffff8880a625f950 [ 1033.755910][ T1519] R13: ffff8880a7daf700 R14: dffffc0000000000 R15: ffff8882192d803a [ 1033.764078][ T1519] ? vprintk_emit+0x2d4/0x3a0 [ 1033.768849][ T1519] ? tty_termios_hw_change+0x1d0/0x1d0 [ 1033.774394][ T1519] ? tty_termios_encode_baud_rate+0x4a4/0x580 [ 1033.780810][ T1519] hci_uart_setup+0x19d/0x5c0 [ 1033.785484][ T1519] ? mutex_lock_io_nested+0x60/0x60 [ 1033.790679][ T1519] ? hci_uart_send_frame+0x420/0x420 [ 1033.795958][ T1519] ? trace_lock_acquire+0x1d0/0x1d0 [ 1033.801158][ T1519] ? __kasan_check_read+0x11/0x20 [ 1033.806176][ T1519] ? hci_sock_dev_event+0x2ac/0x5f0 [ 1033.811373][ T1519] hci_dev_do_open+0x4bc/0x1670 [ 1033.816228][ T1519] ? hci_dev_open+0x2e0/0x2e0 [ 1033.820915][ T1519] ? check_preemption_disabled+0x47/0x2a0 [ 1033.827320][ T1519] ? check_preemption_disabled+0x47/0x2a0 [ 1033.833156][ T1519] ? trace_lock_release+0x135/0x1a0 [ 1033.838883][ T1519] ? trace_lock_release+0x135/0x1a0 [ 1033.844095][ T1519] hci_power_on+0x155/0x590 [ 1033.848599][ T1519] ? trace_lock_acquire+0x159/0x1d0 [ 1033.853809][ T1519] ? hci_tx_work+0x2220/0x2220 [ 1033.858562][ T1519] ? lock_acquire+0x158/0x250 [ 1033.863320][ T1519] ? process_one_work+0x7ee/0x1150 [ 1033.868428][ T1519] process_one_work+0x83b/0x1150 [ 1033.873451][ T1519] ? rescuer_thread+0x14e0/0x14e0 [ 1033.878468][ T1519] ? worker_thread+0x10de/0x1630 [ 1033.883495][ T1519] worker_thread+0xc01/0x1630 [ 1033.888180][ T1519] kthread+0x332/0x350 [ 1033.892245][ T1519] ? rcu_lock_release+0x30/0x30 [ 1033.897185][ T1519] ? kthread_blkcg+0xe0/0xe0 [ 1033.901773][ T1519] ret_from_fork+0x24/0x30 [ 1033.907616][ T1519] Kernel Offset: disabled [ 1033.921549][ T1519] Rebooting in 86400 seconds..