x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:33 executing program 2: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:33 executing program 1: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCGETA(r0, 0x5405, &(0x7f0000000040)) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000080)={0x401, 0x0, 0x4f7c7b3, 0xffff, 0x9, "bbeba1734a08a564b9f299033f0e449fbad28c"}) r1 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCNOTTY(r1, 0x5422) ioctl$KDGKBENT(r1, 0x4b46, &(0x7f0000000000)={0x9, 0xe1, 0x9}) 14:29:33 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x187000, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) 14:29:33 executing program 3: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x187000, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x80202, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x1) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={0x1, 0x58, &(0x7f00000000c0)}, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180)) 14:29:33 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x1) process_madvise(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000000040)="424869a49c5dcc94c7c0bb52d1cd217181587520795695afa0ec28e0", 0x1c}, {&(0x7f0000000080)="dfe036fd11e081b4def34e435419b071b5b9c10034b0282c6b7bda46ae3266ae4f482798a8b07e3649fc1eb0b80686cbc3dccd847fd604104169258c05f95faa35736d19cd48e670f7dabc", 0x4b}, {&(0x7f0000000140)="9077e7741327f565e1a09c74411b0115692fbf72ab3180e008f28d9d9856e806849bee2768136624172218a7bde9bd751015eb0b126aa41ba63bd4171a32a93d386a9063271bbfe820", 0x49}, {&(0x7f00000001c0)="cf65d892886dde216469c8d24146e12a744da31f01591c4b3848c57f8707e0dff4966d24e3759b3cf4d6051b28ef2c149f7411270b3bb59aeef813128d5b8e332ed3ce167a29db787c44557e4e0e0b0d684d926540c1be33cfab776d", 0x5c}], 0x4, 0x15, 0x0) 14:29:33 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:33 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r2, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:33 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0), 0xc00, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) write$P9_RAUTH(r0, &(0x7f0000000040)={0x14, 0x67, 0x2, {0x0, 0x1, 0x1}}, 0x14) 14:29:33 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:33 executing program 1: syz_open_dev$tty1(0xc, 0x4, 0x1) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r0, 0x0) ioctl$TCSETSF(r0, 0x4b31, 0x0) 14:29:33 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0), 0xc00, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) write$P9_RAUTH(r0, &(0x7f0000000040)={0x14, 0x67, 0x2, {0x0, 0x1, 0x1}}, 0x14) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0), 0xc00, 0x0) (async) pipe2$9p(&(0x7f0000000000), 0x4000) (async) write$P9_RAUTH(r0, &(0x7f0000000040)={0x14, 0x67, 0x2, {0x0, 0x1, 0x1}}, 0x14) (async) 14:29:33 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, 0x0, 0x0) 14:29:33 executing program 5: r0 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) process_madvise(r0, &(0x7f0000000240)=[{&(0x7f0000000040)="424869a49c5dcc94c7c0bb52d1cd217181587520795695afa0ec28e0", 0x1c}, {&(0x7f0000000080)="dfe036fd11e081b4def34e435419b071b5b9c10034b0282c6b7bda46ae3266ae4f482798a8b07e3649fc1eb0b80686cbc3dccd847fd604104169258c05f95faa35736d19cd48e670f7dabc", 0x4b}, {&(0x7f0000000140)="9077e7741327f565e1a09c74411b0115692fbf72ab3180e008f28d9d9856e806849bee2768136624172218a7bde9bd751015eb0b126aa41ba63bd4171a32a93d386a9063271bbfe820", 0x49}, {&(0x7f00000001c0)="cf65d892886dde216469c8d24146e12a744da31f01591c4b3848c57f8707e0dff4966d24e3759b3cf4d6051b28ef2c149f7411270b3bb59aeef813128d5b8e332ed3ce167a29db787c44557e4e0e0b0d684d926540c1be33cfab776d", 0x5c}], 0x4, 0x15, 0x0) 14:29:33 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0), 0xc00, 0x0) (async) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) write$P9_RAUTH(r0, &(0x7f0000000040)={0x14, 0x67, 0x2, {0x0, 0x1, 0x1}}, 0x14) 14:29:33 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x187000, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x80202, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x1) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={0x1, 0x58, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_GET(r3, &(0x7f0000000540)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000004c0)={&(0x7f00000001c0)={0x300, 0x0, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [{{0x8, 0x1, r4}, {0x78, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x17d}}}]}}, {{0x8, 0x1, r5}, {0x264, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x1000}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1f}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4941}}}, {0x54, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x24, 0x4, [{0x7ff, 0x20, 0x76, 0xb3b7}, {0x8, 0x7f, 0x9, 0x1000}, {0x20, 0x3f, 0x40, 0x7}, {0x3, 0x1, 0x9}]}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x40}}, {0x8}}}]}}]}, 0x300}, 0x1, 0x0, 0x0, 0x4000000}, 0x4001) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0xa) 14:29:33 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, 0x0, 0x0) 14:29:33 executing program 5: r0 = openat$thread_pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) process_madvise(r0, &(0x7f0000000240)=[{&(0x7f0000000040)="424869a49c5dcc94c7c0bb52d1cd217181587520795695afa0ec28e0", 0x1c}, {&(0x7f0000000080)="dfe036fd11e081b4def34e435419b071b5b9c10034b0282c6b7bda46ae3266ae4f482798a8b07e3649fc1eb0b80686cbc3dccd847fd604104169258c05f95faa35736d19cd48e670f7dabc", 0x4b}, {&(0x7f0000000140)="9077e7741327f565e1a09c74411b0115692fbf72ab3180e008f28d9d9856e806849bee2768136624172218a7bde9bd751015eb0b126aa41ba63bd4171a32a93d386a9063271bbfe820", 0x49}, {&(0x7f00000001c0)="cf65d892886dde216469c8d24146e12a744da31f01591c4b3848c57f8707e0dff4966d24e3759b3cf4d6051b28ef2c149f7411270b3bb59aeef813128d5b8e332ed3ce167a29db787c44557e4e0e0b0d684d926540c1be33cfab776d", 0x5c}], 0x4, 0x15, 0x0) 14:29:33 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:33 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x187000, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) 14:29:33 executing program 5: r0 = openat$thread_pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) process_madvise(r0, &(0x7f0000000240)=[{&(0x7f0000000040)="424869a49c5dcc94c7c0bb52d1cd217181587520795695afa0ec28e0", 0x1c}, {&(0x7f0000000080)="dfe036fd11e081b4def34e435419b071b5b9c10034b0282c6b7bda46ae3266ae4f482798a8b07e3649fc1eb0b80686cbc3dccd847fd604104169258c05f95faa35736d19cd48e670f7dabc", 0x4b}, {&(0x7f0000000140)="9077e7741327f565e1a09c74411b0115692fbf72ab3180e008f28d9d9856e806849bee2768136624172218a7bde9bd751015eb0b126aa41ba63bd4171a32a93d386a9063271bbfe820", 0x49}, {&(0x7f00000001c0)="cf65d892886dde216469c8d24146e12a744da31f01591c4b3848c57f8707e0dff4966d24e3759b3cf4d6051b28ef2c149f7411270b3bb59aeef813128d5b8e332ed3ce167a29db787c44557e4e0e0b0d684d926540c1be33cfab776d", 0x5c}], 0x4, 0x15, 0x0) 14:29:33 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:33 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, 0x0, 0x0) 14:29:33 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x187000, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x80202, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x1) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={0x1, 0x58, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_GET(r3, &(0x7f0000000540)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000004c0)={&(0x7f00000001c0)={0x300, 0x0, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [{{0x8, 0x1, r4}, {0x78, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x17d}}}]}}, {{0x8, 0x1, r5}, {0x264, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x1000}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1f}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4941}}}, {0x54, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x24, 0x4, [{0x7ff, 0x20, 0x76, 0xb3b7}, {0x8, 0x7f, 0x9, 0x1000}, {0x20, 0x3f, 0x40, 0x7}, {0x3, 0x1, 0x9}]}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x40}}, {0x8}}}]}}]}, 0x300}, 0x1, 0x0, 0x0, 0x4000000}, 0x4001) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0xa) 14:29:33 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x187000, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x187000, 0x0) (async) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) (async) 14:29:33 executing program 5: r0 = openat$thread_pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) process_madvise(r0, &(0x7f0000000240)=[{&(0x7f0000000040)="424869a49c5dcc94c7c0bb52d1cd217181587520795695afa0ec28e0", 0x1c}, {&(0x7f0000000080)="dfe036fd11e081b4def34e435419b071b5b9c10034b0282c6b7bda46ae3266ae4f482798a8b07e3649fc1eb0b80686cbc3dccd847fd604104169258c05f95faa35736d19cd48e670f7dabc", 0x4b}, {&(0x7f0000000140)="9077e7741327f565e1a09c74411b0115692fbf72ab3180e008f28d9d9856e806849bee2768136624172218a7bde9bd751015eb0b126aa41ba63bd4171a32a93d386a9063271bbfe820", 0x49}, {&(0x7f00000001c0)="cf65d892886dde216469c8d24146e12a744da31f01591c4b3848c57f8707e0dff4966d24e3759b3cf4d6051b28ef2c149f7411270b3bb59aeef813128d5b8e332ed3ce167a29db787c44557e4e0e0b0d684d926540c1be33cfab776d", 0x5c}], 0x4, 0x15, 0x0) 14:29:33 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x187000, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x80202, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x1) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={0x1, 0x58, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_GET(r3, &(0x7f0000000540)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000004c0)={&(0x7f00000001c0)={0x300, 0x0, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [{{0x8, 0x1, r4}, {0x78, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x17d}}}]}}, {{0x8, 0x1, r5}, {0x264, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x1000}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1f}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4941}}}, {0x54, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x24, 0x4, [{0x7ff, 0x20, 0x76, 0xb3b7}, {0x8, 0x7f, 0x9, 0x1000}, {0x20, 0x3f, 0x40, 0x7}, {0x3, 0x1, 0x9}]}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x40}}, {0x8}}}]}}]}, 0x300}, 0x1, 0x0, 0x0, 0x4000000}, 0x4001) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0xa) 14:29:33 executing program 5: openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) process_madvise(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000000040)="424869a49c5dcc94c7c0bb52d1cd217181587520795695afa0ec28e0", 0x1c}, {&(0x7f0000000080)="dfe036fd11e081b4def34e435419b071b5b9c10034b0282c6b7bda46ae3266ae4f482798a8b07e3649fc1eb0b80686cbc3dccd847fd604104169258c05f95faa35736d19cd48e670f7dabc", 0x4b}, {&(0x7f0000000140)="9077e7741327f565e1a09c74411b0115692fbf72ab3180e008f28d9d9856e806849bee2768136624172218a7bde9bd751015eb0b126aa41ba63bd4171a32a93d386a9063271bbfe820", 0x49}, {&(0x7f00000001c0)="cf65d892886dde216469c8d24146e12a744da31f01591c4b3848c57f8707e0dff4966d24e3759b3cf4d6051b28ef2c149f7411270b3bb59aeef813128d5b8e332ed3ce167a29db787c44557e4e0e0b0d684d926540c1be33cfab776d", 0x5c}], 0x4, 0x15, 0x0) 14:29:33 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x187000, 0x0) (async) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) 14:29:33 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) [ 512.960878][T23407] udevd[23407]: inotify_add_watch(7, /dev/loop2, 10) failed: No such file or directory 14:29:33 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:33 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x4a80c1, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xa) 14:29:33 executing program 5: openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) process_madvise(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000000040)="424869a49c5dcc94c7c0bb52d1cd217181587520795695afa0ec28e0", 0x1c}, {&(0x7f0000000080)="dfe036fd11e081b4def34e435419b071b5b9c10034b0282c6b7bda46ae3266ae4f482798a8b07e3649fc1eb0b80686cbc3dccd847fd604104169258c05f95faa35736d19cd48e670f7dabc", 0x4b}, {&(0x7f0000000140)="9077e7741327f565e1a09c74411b0115692fbf72ab3180e008f28d9d9856e806849bee2768136624172218a7bde9bd751015eb0b126aa41ba63bd4171a32a93d386a9063271bbfe820", 0x49}, {&(0x7f00000001c0)="cf65d892886dde216469c8d24146e12a744da31f01591c4b3848c57f8707e0dff4966d24e3759b3cf4d6051b28ef2c149f7411270b3bb59aeef813128d5b8e332ed3ce167a29db787c44557e4e0e0b0d684d926540c1be33cfab776d", 0x5c}], 0x4, 0x15, 0x0) 14:29:33 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:33 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:33 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x187000, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x80202, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x1) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={0x1, 0x58, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_GET(r3, &(0x7f0000000540)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000004c0)={&(0x7f00000001c0)={0x300, 0x0, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [{{0x8, 0x1, r4}, {0x78, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x17d}}}]}}, {{0x8, 0x1, r5}, {0x264, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x1000}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1f}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4941}}}, {0x54, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x24, 0x4, [{0x7ff, 0x20, 0x76, 0xb3b7}, {0x8, 0x7f, 0x9, 0x1000}, {0x20, 0x3f, 0x40, 0x7}, {0x3, 0x1, 0x9}]}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x40}}, {0x8}}}]}}]}, 0x300}, 0x1, 0x0, 0x0, 0x4000000}, 0x4001) 14:29:33 executing program 5: openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) process_madvise(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000000040)="424869a49c5dcc94c7c0bb52d1cd217181587520795695afa0ec28e0", 0x1c}, {&(0x7f0000000080)="dfe036fd11e081b4def34e435419b071b5b9c10034b0282c6b7bda46ae3266ae4f482798a8b07e3649fc1eb0b80686cbc3dccd847fd604104169258c05f95faa35736d19cd48e670f7dabc", 0x4b}, {&(0x7f0000000140)="9077e7741327f565e1a09c74411b0115692fbf72ab3180e008f28d9d9856e806849bee2768136624172218a7bde9bd751015eb0b126aa41ba63bd4171a32a93d386a9063271bbfe820", 0x49}, {&(0x7f00000001c0)="cf65d892886dde216469c8d24146e12a744da31f01591c4b3848c57f8707e0dff4966d24e3759b3cf4d6051b28ef2c149f7411270b3bb59aeef813128d5b8e332ed3ce167a29db787c44557e4e0e0b0d684d926540c1be33cfab776d", 0x5c}], 0x4, 0x15, 0x0) 14:29:33 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:33 executing program 5: r0 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) process_madvise(r0, 0x0, 0x0, 0x15, 0x0) 14:29:33 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:33 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) 14:29:33 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x187000, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x80202, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x1) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={0x1, 0x58, &(0x7f00000000c0)}, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180)) 14:29:33 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) 14:29:33 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x4a80c1, 0x0) (async) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xa) 14:29:33 executing program 5: r0 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) process_madvise(r0, 0x0, 0x0, 0x0, 0x0) 14:29:33 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x187000, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x80202, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x1) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={0x1, 0x58, &(0x7f00000000c0)}, 0x10) 14:29:33 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:33 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x4a80c1, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xa) 14:29:33 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:33 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:33 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x4a80c1, 0x0) (async) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xa) 14:29:33 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x187000, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x80202, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x1) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 14:29:33 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) 14:29:33 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x4a80c1, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xa) [ 513.245077][ T22] audit: type=1400 audit(1643984973.760:203): avc: denied { read write } for pid=313 comm="syz-executor.2" name="loop2" dev="devtmpfs" ino=563671 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 14:29:33 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_SET(r0, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000240)) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_NL_MON_SET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0xd0, r1, 0x8, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_MEDIA={0xbc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x54, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x40000000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7fffffff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x343}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}]}, @TIPC_NLA_MEDIA_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfda}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x800}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xbbe}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7ff}]}]}]}, 0xd0}, 0x1, 0x0, 0x0, 0x90}, 0x4000800) 14:29:33 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x187000, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x80202, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x1) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0) 14:29:33 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:33 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_SET(r0, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000240)) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_NL_MON_SET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0xd0, r1, 0x8, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_MEDIA={0xbc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x54, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x40000000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7fffffff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x343}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}]}, @TIPC_NLA_MEDIA_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfda}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x800}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xbbe}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7ff}]}]}]}, 0xd0}, 0x1, 0x0, 0x0, 0x90}, 0x4000800) 14:29:33 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:33 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_SET(r0, 0x0, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000240)) (async) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_NL_MON_SET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0xd0, r1, 0x8, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_MEDIA={0xbc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x54, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x40000000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7fffffff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x343}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}]}, @TIPC_NLA_MEDIA_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfda}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x800}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xbbe}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7ff}]}]}]}, 0xd0}, 0x1, 0x0, 0x0, 0x90}, 0x4000800) 14:29:33 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) [ 513.272545][ T22] audit: type=1400 audit(1643984973.760:204): avc: denied { open } for pid=313 comm="syz-executor.2" path="/dev/loop2" dev="devtmpfs" ino=563671 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 513.272559][ T22] audit: type=1400 audit(1643984973.780:205): avc: denied { ioctl } for pid=313 comm="syz-executor.2" path="/dev/loop2" dev="devtmpfs" ino=563671 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 14:29:33 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x4a80c1, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xa) 14:29:33 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x187000, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x80202, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x1) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x1) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0) 14:29:33 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:33 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) 14:29:33 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:33 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:33 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:33 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x4a80c1, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xa) 14:29:33 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x187000, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x80202, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x1) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x1) 14:29:33 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:33 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:33 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) 14:29:34 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x4a80c1, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xa) 14:29:34 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x4a80c1, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xa) 14:29:34 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x0, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) 14:29:34 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x4a80c1, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xa) 14:29:34 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:34 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x187000, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x80202, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x1) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0) 14:29:34 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x187000, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x80202, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x1) 14:29:34 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x0, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xa) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x0, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x0, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:34 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xa) 14:29:34 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x187000, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x80202, 0x0) 14:29:34 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x0, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 14:29:34 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xa) 14:29:34 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x80202, 0x0) 14:29:34 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x80202, 0x0) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x0, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:34 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x4a80c1, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xa) 14:29:34 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x0, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:34 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x80202, 0x0) 14:29:34 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x4a80c1, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xa) 14:29:34 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:34 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x80202, 0x0) 14:29:34 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x0, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x0, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xa) 14:29:34 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:34 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:34 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) 14:29:34 executing program 2: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x40, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xa) 14:29:34 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:34 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xa) 14:29:34 executing program 2: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x40, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:34 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:34 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x40, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:34 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:34 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xa) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 2: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:34 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:34 executing program 2: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:34 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xa) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xa) 14:29:34 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:34 executing program 2: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xa) 14:29:34 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:34 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:34 executing program 2: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:34 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:34 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xa) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x40, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:34 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xa) 14:29:34 executing program 3: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:34 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x40, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 5: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x40, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:34 executing program 2: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:34 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x40, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:34 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 5: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:34 executing program 3: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:34 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:34 executing program 5: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:34 executing program 2: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:34 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 2: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:34 executing program 5: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:34 executing program 2: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:34 executing program 3: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:34 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 5: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:34 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:34 executing program 5: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 5: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x40, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:34 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x40, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) [ 514.331988][T23407] udevd[23407]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory 14:29:34 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x40, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:34 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:34 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:34 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) [ 514.373275][T23407] udevd[23407]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory [ 514.374420][ T478] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x40, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:34 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x40, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:35 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:35 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x40, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:35 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:35 executing program 5: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:35 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) 14:29:35 executing program 5: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:35 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:35 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:35 executing program 5: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:35 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:35 executing program 5: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) [ 514.513792][ T493] debugfs: Directory 'loop0' with parent 'block' already present! [ 514.538211][T23407] udevd[23407]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory 14:29:35 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) [ 514.591907][T23407] udevd[23407]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory [ 514.622767][T23407] udevd[23407]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory 14:29:35 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:35 executing program 5: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:35 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:35 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:35 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:35 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:35 executing program 5: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:35 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:35 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:35 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}}, 0x0) 14:29:35 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:35 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}}, 0x0) [ 514.662863][T23407] udevd[23407]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory 14:29:35 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:35 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:35 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}}, 0x0) 14:29:35 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:35 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:35 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:35 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:35 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:35 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:35 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:35 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:35 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:35 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) 14:29:35 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:35 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:35 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:35 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:35 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:35 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) [ 514.883353][T23407] udevd[23407]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory [ 514.962452][ T590] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:35 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:35 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:35 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:35 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:35 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:35 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:35 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:35 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) 14:29:35 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:35 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:35 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:35 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:35 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) [ 515.081590][T23407] udevd[23407]: setting mode of /dev/loop0 to 060660 failed: No such file or directory [ 515.092808][T23407] udevd[23407]: setting owner of /dev/loop0 to uid=0, gid=6 failed: No such file or directory 14:29:35 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:35 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:35 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) 14:29:35 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:35 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) 14:29:35 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:35 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:35 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:35 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:35 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) 14:29:35 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:35 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:35 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) [ 515.233838][ T642] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:35 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) 14:29:35 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:35 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:35 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:35 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) 14:29:35 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:35 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:35 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) [ 515.406524][ T664] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:36 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:36 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) 14:29:36 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:36 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:36 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:36 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:36 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:36 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:36 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:36 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:36 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:36 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:36 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) 14:29:36 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:36 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:36 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:36 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:36 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:36 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) [ 515.565993][ T677] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:36 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) 14:29:36 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:36 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) [ 515.692639][ T720] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:36 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:36 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:36 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) 14:29:36 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:36 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:36 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) 14:29:36 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) 14:29:36 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:36 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) 14:29:36 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:36 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:36 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:36 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:36 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) 14:29:36 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:36 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) 14:29:36 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:36 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) 14:29:36 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:36 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) 14:29:36 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) 14:29:36 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:36 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) 14:29:36 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) 14:29:36 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) 14:29:36 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:36 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) 14:29:36 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:36 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) 14:29:36 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:36 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) 14:29:36 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) 14:29:36 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) 14:29:36 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r0) 14:29:36 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r0) 14:29:36 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:36 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:36 executing program 5: ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) 14:29:36 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:36 executing program 3: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:36 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r0) 14:29:36 executing program 5: ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) 14:29:36 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:36 executing program 5: ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) 14:29:36 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:36 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x22840, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) 14:29:36 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x22840, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) 14:29:36 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x22840, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) 14:29:36 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) 14:29:36 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) 14:29:36 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:36 executing program 3: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:36 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:36 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:36 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) 14:29:36 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) 14:29:36 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) 14:29:36 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:36 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:36 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:36 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:36 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:36 executing program 3: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:36 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:36 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:36 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) [ 516.282253][ T842] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:36 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:36 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:36 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:36 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:36 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:36 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:36 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:36 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) [ 516.362657][ T866] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:36 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) [ 516.453471][ T886] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:37 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:37 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:37 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:37 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:37 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:37 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:37 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:37 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:37 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:37 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) [ 516.658621][ T909] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:37 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:37 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:37 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:37 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) [ 516.753428][ T921] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:37 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:37 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:37 executing program 4: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) 14:29:37 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:37 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) [ 516.853650][ T934] debugfs: Directory 'loop0' with parent 'block' already present! [ 516.892552][ T938] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:37 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:37 executing program 4: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) 14:29:37 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) 14:29:37 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:37 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:37 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) 14:29:37 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:37 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) 14:29:37 executing program 4: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) [ 517.054904][ T944] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:37 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:37 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) 14:29:37 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) 14:29:37 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:37 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:37 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:37 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:37 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:37 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, 0x0, 0x0) 14:29:37 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:37 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) 14:29:37 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) 14:29:37 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, 0x0, 0x0) 14:29:37 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) 14:29:37 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:37 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:37 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:37 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:37 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) 14:29:37 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:37 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:37 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:37 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:37 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:37 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, 0x0, 0x0) 14:29:37 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:37 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:37 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:37 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:37 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:38 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7}, 0x7) 14:29:38 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:38 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:38 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:38 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:38 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7}, 0x7) 14:29:38 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:38 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:38 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:38 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:38 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:38 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:38 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:38 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7}, 0x7) 14:29:38 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:38 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:38 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:38 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7}, 0x7) 14:29:38 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:38 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:38 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:38 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:38 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:38 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:38 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:38 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:38 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:38 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7}, 0x7) 14:29:38 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:38 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:38 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:38 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:38 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:38 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:38 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, 0x0, 0x0) 14:29:38 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:38 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7}, 0x7) 14:29:38 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:38 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:38 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:38 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:38 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:38 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:38 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:38 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:38 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:38 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:38 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:38 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:38 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:38 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:38 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:38 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) 14:29:38 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) [ 517.977906][ T1152] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:38 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:38 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:38 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:38 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:38 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:38 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:38 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:38 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:38 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:38 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:38 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) [ 518.137863][T23407] udevd[23407]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory [ 518.148817][T23407] udevd[23407]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory 14:29:38 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:38 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:38 executing program 4: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:38 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:38 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:38 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:38 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:38 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:38 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:38 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) [ 518.234937][ T1192] debugfs: Directory 'loop0' with parent 'block' already present! [ 518.244799][T23407] udevd[23407]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory [ 518.255610][T23407] udevd[23407]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory 14:29:38 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:38 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:38 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:38 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:38 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:38 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) [ 518.301386][T23407] udevd[23407]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory 14:29:38 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:38 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:38 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) [ 518.344100][ T1216] debugfs: Directory 'loop0' with parent 'block' already present! [ 518.362581][T23407] udevd[23407]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory 14:29:38 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:38 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:38 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) 14:29:38 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:39 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) 14:29:39 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) [ 518.446788][T23407] udevd[23407]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory 14:29:39 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:39 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:39 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:39 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, 0x0, 0x0) 14:29:39 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) 14:29:39 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) [ 518.552193][T23407] udevd[23407]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory [ 518.553953][ T1256] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:39 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) [ 518.606297][T23407] udevd[23407]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory [ 518.625734][T11818] udevd[11818]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory 14:29:39 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) [ 518.718441][ T1277] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:39 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) [ 518.763017][ T1280] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:39 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, 0x0, 0x0) 14:29:39 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:39 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:39 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, 0x0, 0x0) [ 518.903440][ T1298] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:39 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 4: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:39 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:39 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7}, 0x7) 14:29:39 executing program 4: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:39 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) write$P9_RLINK(0xffffffffffffffff, 0x0, 0x0) 14:29:39 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) [ 519.153454][ T1362] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:39 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) write$P9_RLINK(0xffffffffffffffff, 0x0, 0x0) 14:29:39 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) 14:29:39 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7}, 0x7) 14:29:39 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) 14:29:39 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) write$P9_RLINK(0xffffffffffffffff, 0x0, 0x0) 14:29:39 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) 14:29:39 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7}, 0x7) 14:29:39 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) 14:29:39 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) 14:29:39 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7}, 0x7) 14:29:39 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:39 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7}, 0x7) [ 519.363090][ T1389] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:39 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7}, 0x7) 14:29:40 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7}, 0x7) 14:29:40 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:40 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:40 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7}, 0x7) 14:29:40 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:40 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7}, 0x7) [ 519.492682][ T1414] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:40 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:40 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) 14:29:40 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) 14:29:40 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) 14:29:40 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:40 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:40 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) [ 519.613426][ T1431] debugfs: Directory 'loop0' with parent 'block' already present! [ 519.653246][ T1439] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:40 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:40 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:40 executing program 3: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:40 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:40 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) 14:29:40 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:40 executing program 3: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:40 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:40 executing program 4: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:40 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) 14:29:40 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:40 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:40 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) 14:29:40 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) 14:29:40 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:40 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:40 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:40 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) 14:29:40 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) [ 519.892374][ T1470] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:40 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:40 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:40 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:40 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:40 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) 14:29:40 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:40 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) [ 519.983993][ T1485] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:40 executing program 3: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:40 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) 14:29:40 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) 14:29:40 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) 14:29:40 executing program 2: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:40 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) 14:29:40 executing program 3: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:40 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:40 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:40 executing program 3: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:40 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:40 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:40 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:40 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) 14:29:40 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:40 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) 14:29:40 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:40 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:40 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) 14:29:40 executing program 3: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:40 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) 14:29:40 executing program 3: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:40 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) 14:29:40 executing program 3: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:40 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) 14:29:40 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) 14:29:40 executing program 3: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 14:29:40 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) 14:29:40 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) 14:29:40 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:40 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:40 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:40 executing program 2: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x40, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:40 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) 14:29:40 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:40 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:40 executing program 2: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:40 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) 14:29:40 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:40 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:40 executing program 2: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:40 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) 14:29:40 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:40 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:40 executing program 4: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xa) 14:29:40 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) 14:29:40 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:40 executing program 2: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) [ 520.316346][ T1575] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:40 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:40 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:40 executing program 4: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:40 executing program 3: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x40, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:40 executing program 2: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x0, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:40 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) 14:29:41 executing program 5: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x0, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:41 executing program 0: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:41 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:41 executing program 3: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 14:29:41 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) 14:29:41 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:41 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:41 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:41 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) 14:29:41 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) [ 520.463966][ T1608] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:41 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) 14:29:41 executing program 1: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x0, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:41 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) 14:29:41 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xa) 14:29:41 executing program 3: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x0, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:41 executing program 2: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x0, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:41 executing program 3: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x0, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) [ 520.553851][ T1631] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:41 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:41 executing program 5: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:41 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) 14:29:41 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) 14:29:41 executing program 0: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:41 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) 14:29:41 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) 14:29:41 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:41 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) 14:29:41 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x47, 0x2}, 0x7) 14:29:41 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) 14:29:41 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) 14:29:41 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) 14:29:41 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) 14:29:41 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) 14:29:41 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) 14:29:41 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) 14:29:41 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x187000, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x80202, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x1) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={0x1, 0x58, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_GET(r3, &(0x7f0000000540)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000004c0)={&(0x7f00000001c0)={0x300, 0x0, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [{{0x8, 0x1, r4}, {0x78, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x17d}}}]}}, {{0x8, 0x1, r5}, {0x264, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x1000}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1f}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4941}}}, {0x54, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x24, 0x4, [{0x7ff, 0x20, 0x76, 0xb3b7}, {0x8, 0x7f, 0x9, 0x1000}, {0x20, 0x3f, 0x40, 0x7}, {0x3, 0x1, 0x9}]}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x40}}, {0x8}}}]}}]}, 0x300}, 0x1, 0x0, 0x0, 0x4000000}, 0x4001) 14:29:41 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, r2) 14:29:41 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x187000, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x80202, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x1) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={0x1, 0x58, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_GET(r3, &(0x7f0000000540)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000004c0)={&(0x7f00000001c0)={0x300, 0x0, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [{{0x8, 0x1, r4}, {0x78, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x17d}}}]}}, {{0x8, 0x1, r5}, {0x264, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x1000}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1f}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4941}}}, {0x54, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x24, 0x4, [{0x7ff, 0x20, 0x76, 0xb3b7}, {0x8, 0x7f, 0x9, 0x1000}, {0x20, 0x3f, 0x40, 0x7}, {0x3, 0x1, 0x9}]}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x40}}, {0x8}}}]}}]}, 0x300}, 0x1, 0x0, 0x0, 0x4000000}, 0x4001) 14:29:41 executing program 3: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x187000, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x80202, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x1) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={0x1, 0x58, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_GET(r3, &(0x7f0000000540)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000004c0)={&(0x7f00000001c0)={0x300, 0x0, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [{{0x8, 0x1, r4}, {0x78, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x17d}}}]}}, {{0x8, 0x1, r5}, {0x264, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x1000}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1f}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4941}}}, {0x54, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x24, 0x4, [{0x7ff, 0x20, 0x76, 0xb3b7}, {0x8, 0x7f, 0x9, 0x1000}, {0x20, 0x3f, 0x40, 0x7}, {0x3, 0x1, 0x9}]}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x40}}, {0x8}}}]}}]}, 0x300}, 0x1, 0x0, 0x0, 0x4000000}, 0x4001) [ 520.884054][ T1691] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:41 executing program 0: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, '!%'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xffffffffffffffff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 14:29:41 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, 0x0, 0x0) 14:29:41 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00') r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40031}, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000200)={0x9, 0x0, 0x101, 0x2, 0x1b, "e6ffcb8c65fb6ce793423cc52f04f22c04febf"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000180)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x1000, 0x77f70b3c, {0x80, 0x2, 0x4}, 0x2a340000, 0x3ff, 0xfff, 0x3, 0x15, '}[}#\xcc#S^[&(\')*+^{#@%^', 0x0, '', 0x2, '!%', 0x2, '{\x88'}}, 0x53) sendmsg$NBD_CMD_DISCONNECT(r2, 0x0, 0x0) 14:29:41 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, &(0x7f0000000040)="97ae58c8c520a218f4f459c795ceccadf5dcc0bea8cecac3cc6b7653f4b23decf53408cfc01228937649352d03a3330028bdaeb3a64ca43bfebc76cd98802f7b419b98e8eb94b028a9ab7a6ee469d7ec92b327631cf14c79cdd0050b06ccb203e1a5d7561834776affb5a3e2a534c2edbdf447c0d1d4") r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x240200, 0x0) syz_open_pts(r2, 0x0) ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000000)=0x3) syz_open_dev$ttys(0xc, 0x2, 0x0) r3 = syz_open_pts(r1, 0xa01) ioctl$TIOCPKT(r3, 0x5420, &(0x7f00000001c0)) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_SET(r4, 0x0, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), r4) syz_open_dev$ttys(0xc, 0x2, 0x1) r5 = syz_open_pts(r2, 0x0) syz_open_pts(r5, 0x400001) r6 = syz_open_dev$tty1(0xc, 0x4, 0x2) ioctl$TIOCL_GETMOUSEREPORTING(r6, 0x541c, &(0x7f0000000140)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000180)) 14:29:41 executing program 4: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_MEDIA_GET(r1, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x18, r0, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@TIPC_NLA_MEDIA={0x4}]}, 0x18}}, 0x40040) 14:29:41 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x187000, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x80202, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x1) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x1) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={0x1, 0x58, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_GET(r3, &(0x7f0000000540)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000004c0)={&(0x7f00000001c0)={0x300, 0x0, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [{{0x8, 0x1, r4}, {0x78, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x17d}}}]}}, {{0x8, 0x1, r5}, {0x264, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x1000}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1f}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4941}}}, {0x54, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x24, 0x4, [{0x7ff, 0x20, 0x76, 0xb3b7}, {0x8, 0x7f, 0x9, 0x1000}, {0x20, 0x3f, 0x40, 0x7}, {0x3, 0x1, 0x9}]}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x40}}, {0x8}}}]}}]}, 0x300}, 0x1, 0x0, 0x0, 0x4000000}, 0x4001) 14:29:41 executing program 3: prctl$PR_GET_NAME(0x10, &(0x7f0000000000)=""/120) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b30, 0x0) 14:29:41 executing program 1: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="10120400", @ANYRES16=r0, @ANYBLOB="10002dbd7000fbdbdf25150000005400028004000400080002009b000000080001000200000000000200040000000000020001040000000004009c0002802c00038008000200090000000800020000020000080001000800000008000100faffffff0800020005000000080001000400000008000100ff0100000000038000000100f9ffffff0000010001040000000002000000000000000100050000000000020001800000000001000004000000000100040000000000010006080000000001008100000000000100fa7d0000540003800800010008000000080002008000000008000100aacf00000800020050189fa60800010009000000080002007e0f0000080001000100008008000200000000000800010001000000080002001f0000000c0001800800030008000000"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TCSETSF(r1, 0x4b33, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_NOACK_MAP(r2, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r3, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}}, 0x20}}, 0x0) sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, r3, 0x100, 0x70bd28, 0x25dfdbff, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000080)={0x9, 0x7, 0x2}, 0x9) 14:29:41 executing program 5: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="10120400", @ANYRES16=r0, @ANYBLOB="10002dbd7000fbdbdf25150000005400028004000400080002009b000000080001000200000000000200040000000000020001040000000004009c0002802c00038008000200090000000800020000020000080001000800000008000100faffffff0800020005000000080001000400000008000100ff0100000000038000000100f9ffffff0000010001040000000002000000000000000100050000000000020001800000000001000004000000000100040000000000010006080000000001008100000000000100fa7d0000540003800800010008000000080002008000000008000100aacf00000800020050189fa60800010009000000080002007e0f0000080001000100008008000200000000000800010001000000080002001f0000000c0001800800030008000000"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TCSETSF(r1, 0x4b33, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_NOACK_MAP(r2, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r3, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}}, 0x20}}, 0x0) sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, r3, 0x100, 0x70bd28, 0x25dfdbff, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000080)={0x9, 0x7, 0x2}, 0x9) 14:29:41 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:41 executing program 4: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x400000, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x21100, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0xb) 14:29:41 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b31, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x20000000, 0xcf, 0x32e, 0xb, 0xffffffffffffffff, 0x401, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x4, 0x5}, 0x48) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={r1, 0x58, &(0x7f0000000080)}, 0x10) 14:29:41 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b31, 0x0) write$P9_RRENAME(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x15, 0x2}, 0x7) ioctl$KDGKBENT(r0, 0x4b46, &(0x7f0000000000)={0x6, 0x8, 0x3}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="20002abd7000fcdbdf252100000008000300", @ANYRES32=0x0, @ANYBLOB="0c00990000000080370000006000848008000200e00000000a000500ffffffffffff00001c0001004e5a996bf1e98f1dc0fd492c7449d3eb922658559c7c04a50a000500ffffffffffff00000a000500ab93dfb084a200000a000500080211000000000008000200ff000000dc002a0084a9010b00080211000000000000003f004008021100000181000000080211000001110000fffffffffffffaffffff260040ffffffffffff020000000802110000000c0040ffffffffffff08000000080211000000260000ffffffffffff8f0f00004200000802110000010000000016000008021100000105000000080000080211000001feffffff2e0040ffffffffffff81000000ffffffffffff1b0000ffffffffffff000800000b0083254003fc080211000001810000000802110000010700000006000000ffffffffffff000000000004a426a43c0400ec000400ec000a000600ffffffffffff000031002a007206030303030303bd06ffffffffffff7e150b9302ffffffffffff020000000100000000000000680402007e000000002c002c8008000000f5ffffff0800000007000000080000000900000008000000070000000800000000040000080077003f000000"], 0x1e0}, 0x1, 0x0, 0x0, 0x8004}, 0x2000000) ioctl$TIOCGWINSZ(r0, 0x5413, &(0x7f0000000080)) 14:29:41 executing program 3: prctl$PR_GET_NAME(0x10, &(0x7f0000000000)=""/120) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b30, 0x0) 14:29:41 executing program 0: pipe2$9p(&(0x7f0000000a00)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RATTACH(r0, &(0x7f0000000a40)={0x14, 0x69, 0x1, {0x8, 0x0, 0x6}}, 0x14) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_SET(r1, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_GET(r1, &(0x7f00000009c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000980)={&(0x7f0000000440)={0x504, 0x0, 0x20, 0x70bd27, 0x25dfdbff, {}, [@TIPC_NLA_NODE={0x340, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0xb8, 0x3, "3280dcdd7b5eda688a06c385b13312e97c06c02263e72afe1d62c8e15ed0363e05729b5bf5fa5cf6e0bda745007331fb1c86ae5a88439ab2fa540982b407f2f634e3e70a591e2fa6633f8ae239222fdc314a1d23f9a82d40c39e09bdf3ae62a5aad68b50a79e6feeb5bb9ed0272e03559f46f64e5b9218f6d316f5f8fd001d1e9a415194bde310dc60196e228381cd1c6da40cde5681bdbc5fdb1d268a730d93d4b497eeb3286c9dea8a9446e60ef0e89b6da20b"}, @TIPC_NLA_NODE_ID={0x8b, 0x3, "4f6f41d8e3bb512e0e850d12281bc155055fa6b11e6b82e5de656577f2f418cbeeda4ffc64619686bbcae84d2c9a45f807df1d2fd9d3a5c2882aa02fc0b89555578a2451c297ef80cf08b2331e62a5e41e1d8753a8f70e3d840124c95fe01d375842e8e3ebfcb19ad96896fded63c1e75abd3a63276e8f2d4118e3456a3df9e1c3ad6a0fed0e50"}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ID={0xd1, 0x3, "5a8a544f013fbeb2f9f7799419c64547e59e1dbd5a69a34b7fb451860781d0e27d149a40f29c11743cb43723f82aee8cbcf38f77394b135130bdd0b77b433805d5985d4f6c491739913c801437e18726bc67f701864e7d51097f0a731c08d56e00b04d294bcf8e96c2856df2d498bfd3499a79020b46ef24f2702da9a5ea988ca9c5834325c21807cef8cea7977a995f95a6abdab6e80a054d9589b69c2b918c7993ceb91733143acd53fd0d5ae4620cb2440143e54c96ab296aeed847ebbf8af7454a4da741140fc02f1cc26d"}, @TIPC_NLA_NODE_ID={0x49, 0x3, "7e9a69209dcaae98646b1d5146ee3438230744a6dd6e487c29d2f6fb6cd18bd37a1a105d9c6080c3ab688c40283060e6065c941d3120094af4c1798119a8c3145b1386f1f1"}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x3}, @TIPC_NLA_NODE_ID={0x3f, 0x3, "c77481bdb9c3226377cb3e74f557e7389d84a637d0bdd253b331276eede481bcff1b4326f2b49e869c57357bfb9cd94e8339696d6eca315bdb3054"}, @TIPC_NLA_NODE_KEY={0x44, 0x4, {'gcm(aes)\x00', 0x1c, "ae29e1ff6caf73ddee6508c81bf7bd9a1725b4e823f352eb406e90f8"}}, @TIPC_NLA_NODE_KEY={0x41, 0x4, {'gcm(aes)\x00', 0x19, "39a87b9d86259cb1484599d4ea6572b375d01b1c520586f8dd"}}]}, @TIPC_NLA_NET={0x20, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x3}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x18000}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}]}, @TIPC_NLA_NODE={0x178, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_NODE_ID={0xca, 0x3, "2d2cb201a1d2342c1ede25116d75b91d012c451e2035069f728979302be661d5b642ee3fb1fc972b2c8a2129d2a435ae5ff76f447a713f73469205cb24791b71da18178778c39d4b7988e14cb4556fd4dcc2940e59bdd3271ad5a5a3da44752b9bf04de6053a46bc357c6ed61b95a2ac71b4873336c747a01da543c569b26c5432b70b8eba5953f7e189cbfcdb97017c31e302889177a2c1ce72ba8500af8fc1e006343162d04f2d88772f58a4d9903371d23b1eded7afb0457bb7a8db0b5474ae12c886b234"}, @TIPC_NLA_NODE_ID={0x95, 0x3, "e6c881d7d654ff9d543a9c8c8214538cd5762e7bfd1d54864523f8df6a4641c928dcf5dca999a8c3036f3955c1cb9d55cf837880dfbc8e61067e59a29736552c626b0db6befbd34a7b3b32c9d2c9b9dcfa777a06b38ae2e24ab2c27f324142916340212f28b44f49241409496f2ecd067569505e194dd0b72f3afb36b990e0ad0c3988dca0f6da85562cef8857bf067cb6"}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x3ff}]}, @TIPC_NLA_SOCK={0x18, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}]}, 0x504}, 0x1, 0x0, 0x0, 0x4000081}, 0x40) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_NL_MEDIA_GET(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000003c0)={&(0x7f00000000c0)={0x2bc, r2, 0x4, 0x70bd25, 0x25dfdbfb, {}, [@TIPC_NLA_NODE={0x14c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0x64, 0x3, "7176d7a2d2a24f3c911554eaed744b90726e90a1f66583dcd3622a2d8b846fae8bf6cc4221fc7b45bfe0fade80c4498b9bd546431d0c24d5daf7ba68cddac6371d52b29499be5ef47eb35bd60c654f5b7edda29b5e35831c46701544d8e214bc"}, @TIPC_NLA_NODE_KEY={0x3d, 0x4, {'gcm(aes)\x00', 0x15, "8f21a5d212378bf1b2e54b1860ce81ae9ea80d7c38"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x1ff}, @TIPC_NLA_NODE_KEY={0x4b, 0x4, {'gcm(aes)\x00', 0x23, "cebc15ec40646d4e23d3b1ee05d9e42303fdaa85ac1baae1d9270596314e91eaf9643c"}}, @TIPC_NLA_NODE_KEY={0x3d, 0x4, {'gcm(aes)\x00', 0x15, "878d01e50fcc0e6aa7c104d875268a7a8e49108d87"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x1}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0xfffffffe}]}, @TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x9}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xfffffc01}]}, @TIPC_NLA_BEARER={0xac, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @remote}}, {0x14, 0x2, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x13}}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x3ff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x2}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0xfffff77c, @remote, 0x4}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @local}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x1f8a00, @local, 0xffff0000}}}}]}, @TIPC_NLA_SOCK={0x6c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x1}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x8000}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x70c}]}, @TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x80}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x80000001}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x20}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2bfe}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}]}]}, @TIPC_NLA_MEDIA={0x30, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffffffff}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2730}]}]}]}, 0x2bc}, 0x1, 0x0, 0x0, 0x10}, 0x10) 14:29:41 executing program 5: openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000000)={0x401, 0x0, 0x4f7c7b3, 0x800, 0x3, "bbeba1736908a564b9f299033f0e449fbad28c", 0x200000, 0x200000}) 14:29:41 executing program 1: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="10120400", @ANYRES16=r0, @ANYBLOB="10002dbd7000fbdbdf25150000005400028004000400080002009b000000080001000200000000000200040000000000020001040000000004009c0002802c00038008000200090000000800020000020000080001000800000008000100faffffff0800020005000000080001000400000008000100ff0100000000038000000100f9ffffff0000010001040000000002000000000000000100050000000000020001800000000001000004000000000100040000000000010006080000000001008100000000000100fa7d0000540003800800010008000000080002008000000008000100aacf00000800020050189fa60800010009000000080002007e0f0000080001000100008008000200000000000800010001000000080002001f0000000c0001800800030008000000"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TCSETSF(r1, 0x4b33, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_NOACK_MAP(r2, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r3, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}}, 0x20}}, 0x0) sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, r3, 0x100, 0x70bd28, 0x25dfdbff, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000080)={0x9, 0x7, 0x2}, 0x9) 14:29:41 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:41 executing program 4: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x400000, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x21100, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0xb) 14:29:41 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:41 executing program 3: prctl$PR_GET_NAME(0x10, &(0x7f0000000000)=""/120) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b30, 0x0) 14:29:41 executing program 5: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000000)={0x7, 0xfff, 0xffff6e2c, 0x0, 0x1, "22eb4f71f188cb04ad36b50f2d70c213f17d34", 0x1f, 0xfffffffe}) r1 = syz_open_dev$tty1(0xc, 0x4, 0x2) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f0000000080)="ca483bdde600850b91fa906ed925627ce4fe0e988d86c4") r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x12, 0x100, 0x8001, 0xa01, 0x20, 0x1, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x3}, 0x48) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'team0\x00', 0x0}) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xc, 0x3b7, 0x9, 0xfffffff9, 0x0, r2, 0x100, '\x00', r3, 0xffffffffffffffff, 0x1, 0x3}, 0x48) ioctl$TIOCL_GETKMSGREDIRECT(r1, 0x541c, &(0x7f0000000040)) ioctl$TCSETSF(r1, 0x540a, 0x0) 14:29:41 executing program 3: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000080)={0x401, 0x0, 0x4f7c7b3, 0x0, 0x0, "bbeba1734a08a564b9f299033f0e449fbad28c"}) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, &(0x7f0000000140)="2f2c7ee0364367bbd5c247895743f5bcf6808927a88b1270ca8c11d0e223bc") sendmsg$BATADV_CMD_SET_VLAN(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8004010}, 0xc, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="04002abd7000fedbdf251200000005002d00fe00810008000c0038000100000008002b000700000005002a00010000000500330000000000"], 0x44}, 0x1, 0x0, 0x0, 0x800}, 0x8051) 14:29:41 executing program 5: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000000)={0x7, 0xfff, 0xffff6e2c, 0x0, 0x1, "22eb4f71f188cb04ad36b50f2d70c213f17d34", 0x1f, 0xfffffffe}) r1 = syz_open_dev$tty1(0xc, 0x4, 0x2) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f0000000080)="ca483bdde600850b91fa906ed925627ce4fe0e988d86c4") r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x12, 0x100, 0x8001, 0xa01, 0x20, 0x1, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x3}, 0x48) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'team0\x00', 0x0}) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xc, 0x3b7, 0x9, 0xfffffff9, 0x0, r2, 0x100, '\x00', r3, 0xffffffffffffffff, 0x1, 0x3}, 0x48) ioctl$TIOCL_GETKMSGREDIRECT(r1, 0x541c, &(0x7f0000000040)) ioctl$TCSETSF(r1, 0x540a, 0x0) 14:29:41 executing program 4: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x400000, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x21100, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0xb) 14:29:41 executing program 1: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="10120400", @ANYRES16=r0, @ANYBLOB="10002dbd7000fbdbdf25150000005400028004000400080002009b000000080001000200000000000200040000000000020001040000000004009c0002802c00038008000200090000000800020000020000080001000800000008000100faffffff0800020005000000080001000400000008000100ff0100000000038000000100f9ffffff0000010001040000000002000000000000000100050000000000020001800000000001000004000000000100040000000000010006080000000001008100000000000100fa7d0000540003800800010008000000080002008000000008000100aacf00000800020050189fa60800010009000000080002007e0f0000080001000100008008000200000000000800010001000000080002001f0000000c0001800800030008000000"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TCSETSF(r1, 0x4b33, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_NOACK_MAP(r2, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r3, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}}, 0x20}}, 0x0) sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, r3, 0x100, 0x70bd28, 0x25dfdbff, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000080)={0x9, 0x7, 0x2}, 0x9) 14:29:41 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:41 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:41 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) syz_open_dev$tty20(0xc, 0x4, 0x1) syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TCSETSF(r0, 0x540a, 0x0) 14:29:41 executing program 5: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000000)={0x7, 0xfff, 0xffff6e2c, 0x0, 0x1, "22eb4f71f188cb04ad36b50f2d70c213f17d34", 0x1f, 0xfffffffe}) r1 = syz_open_dev$tty1(0xc, 0x4, 0x2) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f0000000080)="ca483bdde600850b91fa906ed925627ce4fe0e988d86c4") r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x12, 0x100, 0x8001, 0xa01, 0x20, 0x1, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x3}, 0x48) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'team0\x00', 0x0}) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xc, 0x3b7, 0x9, 0xfffffff9, 0x0, r2, 0x100, '\x00', r3, 0xffffffffffffffff, 0x1, 0x3}, 0x48) ioctl$TIOCL_GETKMSGREDIRECT(r1, 0x541c, &(0x7f0000000040)) ioctl$TCSETSF(r1, 0x540a, 0x0) 14:29:41 executing program 3: write$P9_RWRITE(0xffffffffffffffff, &(0x7f0000000040)={0xb, 0x77, 0x1}, 0xb) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$KDGKBENT(r0, 0x4b46, &(0x7f0000000000)={0x9, 0x1b, 0x340}) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000080)={0x401, 0x0, 0x4f7c7b3, 0x0, 0x0, "bbeba1734a08a564b9f299033f0e449fbad28c"}) 14:29:41 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b30, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000240), 0x0, 0x0) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000280)=""/206) syz_open_dev$evdev(&(0x7f0000000040), 0x100, 0x78700) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_LINK_RESET_STATS(r2, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000380)={0x248, 0x0, 0x4f761d6435fef6ff, 0x70bd2c, 0x25dfdbfb, {}, [@TIPC_NLA_NODE={0x10c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_NODE_ADDR={0x8}, @TIPC_NLA_NODE_KEY={0x49, 0x4, {'gcm(aes)\x00', 0x21, "f1fd5404d047481e2022971573bcc075fd5fde4fa3d2e136407afd130a473f3d71"}}, @TIPC_NLA_NODE_ID={0xaa, 0x3, "dfbc4df57585b09f9e15ff7d6b6790f01c7d263f88bb5a89b602ab381ee02962becc30b6ef64a35e9aa4102cefd53dc059e6845c1fd5561b5213f2db961f239badc1daaadc1af3d7041c034db9f2ab13448b763cd92e48e740584bd23752f92ca504355bf4e71c10948c6e096b50b63306474fbdc3ea4d5407460999e338369b07ddb66cdf523a34e846b84f73685ce1a8636a5cd340732139605129ab269d24942eb53259b4"}]}, @TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_NODE={0xc8, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY={0x47, 0x4, {'gcm(aes)\x00', 0x1f, "a7c252ccfc57f9b50689bd5f2c63b7a95c6c2f687704897dd64e2d779506e3"}}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_ADDR={0x8}, @TIPC_NLA_NODE_KEY={0x49, 0x4, {'gcm(aes)\x00', 0x21, "03ae9e38c53e14bfb82102f70123fedd32d042ff5829f17e28a1ca0fe50cd17ce0"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x10001}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x8944}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x7}]}, @TIPC_NLA_NODE={0x54, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4a, 0x4, {'gcm(aes)\x00', 0x22, "95dace851cbdbe0a0784505222a26e1e075e18891aa0fcdc983d21dabe55a17c3c76"}}, @TIPC_NLA_NODE_UP={0x4}]}]}, 0x248}, 0x1, 0x0, 0x0, 0x8000}, 0xc000) r3 = syz_open_dev$evdev(&(0x7f0000000240), 0x0, 0x0) ioctl$EVIOCGEFFECTS(r3, 0x80044584, &(0x7f0000000280)=""/206) r4 = syz_open_dev$evdev(&(0x7f0000000240), 0x0, 0x0) ioctl$EVIOCGEFFECTS(r4, 0x80044584, &(0x7f0000000280)=""/206) ioctl$EVIOCGABS3F(r4, 0x8018457f, &(0x7f0000000080)=""/21) ioctl$EVIOCGRAB(r3, 0x40044590, &(0x7f0000000000)=0x4) syz_open_dev$evdev(&(0x7f0000000180), 0x7, 0x28200) 14:29:41 executing program 1: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="10120400", @ANYRES16=r0, @ANYBLOB="10002dbd7000fbdbdf25150000005400028004000400080002009b000000080001000200000000000200040000000000020001040000000004009c0002802c00038008000200090000000800020000020000080001000800000008000100faffffff0800020005000000080001000400000008000100ff0100000000038000000100f9ffffff0000010001040000000002000000000000000100050000000000020001800000000001000004000000000100040000000000010006080000000001008100000000000100fa7d0000540003800800010008000000080002008000000008000100aacf00000800020050189fa60800010009000000080002007e0f0000080001000100008008000200000000000800010001000000080002001f0000000c0001800800030008000000"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TCSETSF(r1, 0x4b33, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_NOACK_MAP(r2, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r3, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}}, 0x20}}, 0x0) sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, r3, 0x100, 0x70bd28, 0x25dfdbff, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:41 executing program 5: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000000)={0x7, 0xfff, 0xffff6e2c, 0x0, 0x1, "22eb4f71f188cb04ad36b50f2d70c213f17d34", 0x1f, 0xfffffffe}) r1 = syz_open_dev$tty1(0xc, 0x4, 0x2) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f0000000080)="ca483bdde600850b91fa906ed925627ce4fe0e988d86c4") r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x12, 0x100, 0x8001, 0xa01, 0x20, 0x1, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x3}, 0x48) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'team0\x00', 0x0}) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xc, 0x3b7, 0x9, 0xfffffff9, 0x0, r2, 0x100, '\x00', r3, 0xffffffffffffffff, 0x1, 0x3}, 0x48) ioctl$TIOCL_GETKMSGREDIRECT(r1, 0x541c, &(0x7f0000000040)) 14:29:41 executing program 4: syslog(0x9, 0x0, 0x0) unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/custom0\x00') syz_open_dev$tty1(0xc, 0x4, 0x1) r0 = syz_open_dev$evdev(&(0x7f0000000240), 0x0, 0x0) ioctl$EVIOCGEFFECTS(r0, 0x80044584, &(0x7f0000000280)=""/206) ioctl$EVIOCGKEYCODE_V2(r0, 0x80284504, &(0x7f0000000140)=""/4096) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) ioctl$TCSETSF(r1, 0x4b33, 0x0) 14:29:41 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b30, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000240), 0x0, 0x0) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000280)=""/206) syz_open_dev$evdev(&(0x7f0000000040), 0x100, 0x78700) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_LINK_RESET_STATS(r2, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000380)={0x248, 0x0, 0x4f761d6435fef6ff, 0x70bd2c, 0x25dfdbfb, {}, [@TIPC_NLA_NODE={0x10c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_NODE_ADDR={0x8}, @TIPC_NLA_NODE_KEY={0x49, 0x4, {'gcm(aes)\x00', 0x21, "f1fd5404d047481e2022971573bcc075fd5fde4fa3d2e136407afd130a473f3d71"}}, @TIPC_NLA_NODE_ID={0xaa, 0x3, "dfbc4df57585b09f9e15ff7d6b6790f01c7d263f88bb5a89b602ab381ee02962becc30b6ef64a35e9aa4102cefd53dc059e6845c1fd5561b5213f2db961f239badc1daaadc1af3d7041c034db9f2ab13448b763cd92e48e740584bd23752f92ca504355bf4e71c10948c6e096b50b63306474fbdc3ea4d5407460999e338369b07ddb66cdf523a34e846b84f73685ce1a8636a5cd340732139605129ab269d24942eb53259b4"}]}, @TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_NODE={0xc8, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY={0x47, 0x4, {'gcm(aes)\x00', 0x1f, "a7c252ccfc57f9b50689bd5f2c63b7a95c6c2f687704897dd64e2d779506e3"}}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_ADDR={0x8}, @TIPC_NLA_NODE_KEY={0x49, 0x4, {'gcm(aes)\x00', 0x21, "03ae9e38c53e14bfb82102f70123fedd32d042ff5829f17e28a1ca0fe50cd17ce0"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x10001}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x8944}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x7}]}, @TIPC_NLA_NODE={0x54, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4a, 0x4, {'gcm(aes)\x00', 0x22, "95dace851cbdbe0a0784505222a26e1e075e18891aa0fcdc983d21dabe55a17c3c76"}}, @TIPC_NLA_NODE_UP={0x4}]}]}, 0x248}, 0x1, 0x0, 0x0, 0x8000}, 0xc000) r3 = syz_open_dev$evdev(&(0x7f0000000240), 0x0, 0x0) ioctl$EVIOCGEFFECTS(r3, 0x80044584, &(0x7f0000000280)=""/206) r4 = syz_open_dev$evdev(&(0x7f0000000240), 0x0, 0x0) ioctl$EVIOCGEFFECTS(r4, 0x80044584, &(0x7f0000000280)=""/206) ioctl$EVIOCGABS3F(r4, 0x8018457f, &(0x7f0000000080)=""/21) ioctl$EVIOCGRAB(r3, 0x40044590, &(0x7f0000000000)=0x4) syz_open_dev$evdev(&(0x7f0000000180), 0x7, 0x28200) 14:29:41 executing program 3: r0 = geteuid() r1 = geteuid() setreuid(r0, r1) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS2(r2, 0x402c542b, &(0x7f0000000080)={0x401, 0x0, 0x4f7c7b3, 0x0, 0x0, "bbeba1734a08a564b9f299033f0e449fbad28c"}) 14:29:41 executing program 1: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="10120400", @ANYRES16=r0, @ANYBLOB="10002dbd7000fbdbdf25150000005400028004000400080002009b000000080001000200000000000200040000000000020001040000000004009c0002802c00038008000200090000000800020000020000080001000800000008000100faffffff0800020005000000080001000400000008000100ff0100000000038000000100f9ffffff0000010001040000000002000000000000000100050000000000020001800000000001000004000000000100040000000000010006080000000001008100000000000100fa7d0000540003800800010008000000080002008000000008000100aacf00000800020050189fa60800010009000000080002007e0f0000080001000100008008000200000000000800010001000000080002001f0000000c0001800800030008000000"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TCSETSF(r1, 0x4b33, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_NOACK_MAP(r2, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r3, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}}, 0x20}}, 0x0) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:41 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) 14:29:41 executing program 5: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000000)={0x7, 0xfff, 0xffff6e2c, 0x0, 0x1, "22eb4f71f188cb04ad36b50f2d70c213f17d34", 0x1f, 0xfffffffe}) syz_open_dev$tty1(0xc, 0x4, 0x2) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f0000000080)="ca483bdde600850b91fa906ed925627ce4fe0e988d86c4") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x12, 0x100, 0x8001, 0xa01, 0x20, 0x1, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x3}, 0x48) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'team0\x00', 0x0}) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xc, 0x3b7, 0x9, 0xfffffff9, 0x0, r1, 0x100, '\x00', r2, 0xffffffffffffffff, 0x1, 0x3}, 0x48) 14:29:41 executing program 4: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="10120400", @ANYRES16=r0, @ANYBLOB="10002dbd7000fbdbdf25150000005400028004000400080002009b000000080001000200000000000200040000000000020001040000000004009c0002802c00038008000200090000000800020000020000080001000800000008000100faffffff0800020005000000080001000400000008000100ff0100000000038000000100f9ffffff0000010001040000000002000000000000000100050000000000020001800000000001000004000000000100040000000000010006080000000001008100000000000100fa7d0000540003800800010008000000080002008000000008000100aacf00000800020050189fa60800010009000000080002007e0f0000080001000100008008000200000000000800010001000000080002001f0000000c0001800800030008000000"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TCSETSF(r1, 0x4b33, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_NOACK_MAP(r2, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r3, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}}, 0x20}}, 0x0) sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, r3, 0x100, 0x70bd28, 0x25dfdbff, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:41 executing program 1: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="10120400", @ANYRES16=r0, @ANYBLOB="10002dbd7000fbdbdf25150000005400028004000400080002009b000000080001000200000000000200040000000000020001040000000004009c0002802c00038008000200090000000800020000020000080001000800000008000100faffffff0800020005000000080001000400000008000100ff0100000000038000000100f9ffffff0000010001040000000002000000000000000100050000000000020001800000000001000004000000000100040000000000010006080000000001008100000000000100fa7d0000540003800800010008000000080002008000000008000100aacf00000800020050189fa60800010009000000080002007e0f0000080001000100008008000200000000000800010001000000080002001f0000000c0001800800030008000000"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TCSETSF(r1, 0x4b33, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:41 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b30, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000240), 0x0, 0x0) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000280)=""/206) syz_open_dev$evdev(&(0x7f0000000040), 0x100, 0x78700) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_LINK_RESET_STATS(r2, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000380)={0x248, 0x0, 0x4f761d6435fef6ff, 0x70bd2c, 0x25dfdbfb, {}, [@TIPC_NLA_NODE={0x10c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_NODE_ADDR={0x8}, @TIPC_NLA_NODE_KEY={0x49, 0x4, {'gcm(aes)\x00', 0x21, "f1fd5404d047481e2022971573bcc075fd5fde4fa3d2e136407afd130a473f3d71"}}, @TIPC_NLA_NODE_ID={0xaa, 0x3, "dfbc4df57585b09f9e15ff7d6b6790f01c7d263f88bb5a89b602ab381ee02962becc30b6ef64a35e9aa4102cefd53dc059e6845c1fd5561b5213f2db961f239badc1daaadc1af3d7041c034db9f2ab13448b763cd92e48e740584bd23752f92ca504355bf4e71c10948c6e096b50b63306474fbdc3ea4d5407460999e338369b07ddb66cdf523a34e846b84f73685ce1a8636a5cd340732139605129ab269d24942eb53259b4"}]}, @TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_NODE={0xc8, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY={0x47, 0x4, {'gcm(aes)\x00', 0x1f, "a7c252ccfc57f9b50689bd5f2c63b7a95c6c2f687704897dd64e2d779506e3"}}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_ADDR={0x8}, @TIPC_NLA_NODE_KEY={0x49, 0x4, {'gcm(aes)\x00', 0x21, "03ae9e38c53e14bfb82102f70123fedd32d042ff5829f17e28a1ca0fe50cd17ce0"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x10001}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x8944}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x7}]}, @TIPC_NLA_NODE={0x54, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4a, 0x4, {'gcm(aes)\x00', 0x22, "95dace851cbdbe0a0784505222a26e1e075e18891aa0fcdc983d21dabe55a17c3c76"}}, @TIPC_NLA_NODE_UP={0x4}]}]}, 0x248}, 0x1, 0x0, 0x0, 0x8000}, 0xc000) r3 = syz_open_dev$evdev(&(0x7f0000000240), 0x0, 0x0) ioctl$EVIOCGEFFECTS(r3, 0x80044584, &(0x7f0000000280)=""/206) r4 = syz_open_dev$evdev(&(0x7f0000000240), 0x0, 0x0) ioctl$EVIOCGEFFECTS(r4, 0x80044584, &(0x7f0000000280)=""/206) ioctl$EVIOCGABS3F(r4, 0x8018457f, &(0x7f0000000080)=""/21) ioctl$EVIOCGRAB(r3, 0x40044590, &(0x7f0000000000)=0x4) syz_open_dev$evdev(&(0x7f0000000180), 0x7, 0x28200) 14:29:41 executing program 3: r0 = geteuid() r1 = geteuid() setreuid(r0, r1) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS2(r2, 0x402c542b, &(0x7f0000000080)={0x401, 0x0, 0x4f7c7b3, 0x0, 0x0, "bbeba1734a08a564b9f299033f0e449fbad28c"}) 14:29:41 executing program 5: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000000)={0x7, 0xfff, 0xffff6e2c, 0x0, 0x1, "22eb4f71f188cb04ad36b50f2d70c213f17d34", 0x1f, 0xfffffffe}) syz_open_dev$tty1(0xc, 0x4, 0x2) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f0000000080)="ca483bdde600850b91fa906ed925627ce4fe0e988d86c4") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x12, 0x100, 0x8001, 0xa01, 0x20, 0x1, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x3}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xc, 0x3b7, 0x9, 0xfffffff9, 0x0, r1, 0x100, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3}, 0x48) 14:29:41 executing program 3: r0 = geteuid() r1 = geteuid() setreuid(r0, r1) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS2(r2, 0x402c542b, &(0x7f0000000080)={0x401, 0x0, 0x4f7c7b3, 0x0, 0x0, "bbeba1734a08a564b9f299033f0e449fbad28c"}) 14:29:41 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:41 executing program 1: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="10120400", @ANYRES16=r0, @ANYBLOB="10002dbd7000fbdbdf25150000005400028004000400080002009b000000080001000200000000000200040000000000020001040000000004009c0002802c00038008000200090000000800020000020000080001000800000008000100faffffff0800020005000000080001000400000008000100ff0100000000038000000100f9ffffff0000010001040000000002000000000000000100050000000000020001800000000001000004000000000100040000000000010006080000000001008100000000000100fa7d0000540003800800010008000000080002008000000008000100aacf00000800020050189fa60800010009000000080002007e0f0000080001000100008008000200000000000800010001000000080002001f0000000c0001800800030008000000"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TCSETSF(r1, 0x4b33, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:41 executing program 4: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="10120400", @ANYRES16=r0, @ANYBLOB="10002dbd7000fbdbdf25150000005400028004000400080002009b000000080001000200000000000200040000000000020001040000000004009c0002802c00038008000200090000000800020000020000080001000800000008000100faffffff0800020005000000080001000400000008000100ff0100000000038000000100f9ffffff0000010001040000000002000000000000000100050000000000020001800000000001000004000000000100040000000000010006080000000001008100000000000100fa7d0000540003800800010008000000080002008000000008000100aacf00000800020050189fa60800010009000000080002007e0f0000080001000100008008000200000000000800010001000000080002001f0000000c0001800800030008000000"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TCSETSF(r1, 0x4b33, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_NOACK_MAP(r2, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r3, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}}, 0x20}}, 0x0) sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, r3, 0x100, 0x70bd28, 0x25dfdbff, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:41 executing program 3: r0 = geteuid() r1 = geteuid() setreuid(r0, r1) openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) 14:29:41 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) 14:29:41 executing program 5: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000000)={0x7, 0xfff, 0xffff6e2c, 0x0, 0x1, "22eb4f71f188cb04ad36b50f2d70c213f17d34", 0x1f, 0xfffffffe}) syz_open_dev$tty1(0xc, 0x4, 0x2) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f0000000080)="ca483bdde600850b91fa906ed925627ce4fe0e988d86c4") bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xc, 0x3b7, 0x9, 0xfffffff9, 0x0, 0xffffffffffffffff, 0x100, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3}, 0x48) 14:29:41 executing program 4: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="10120400", @ANYRES16=r0, @ANYBLOB="10002dbd7000fbdbdf25150000005400028004000400080002009b000000080001000200000000000200040000000000020001040000000004009c0002802c00038008000200090000000800020000020000080001000800000008000100faffffff0800020005000000080001000400000008000100ff0100000000038000000100f9ffffff0000010001040000000002000000000000000100050000000000020001800000000001000004000000000100040000000000010006080000000001008100000000000100fa7d0000540003800800010008000000080002008000000008000100aacf00000800020050189fa60800010009000000080002007e0f0000080001000100008008000200000000000800010001000000080002001f0000000c0001800800030008000000"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TCSETSF(r1, 0x4b33, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_NOACK_MAP(r2, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r3, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}}, 0x20}}, 0x0) sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, r3, 0x100, 0x70bd28, 0x25dfdbff, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:41 executing program 5: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000000)={0x7, 0xfff, 0xffff6e2c, 0x0, 0x1, "22eb4f71f188cb04ad36b50f2d70c213f17d34", 0x1f, 0xfffffffe}) syz_open_dev$tty1(0xc, 0x4, 0x2) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xc, 0x3b7, 0x9, 0xfffffff9, 0x0, 0xffffffffffffffff, 0x100, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3}, 0x48) 14:29:41 executing program 1: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="10120400", @ANYRES16=r0, @ANYBLOB="10002dbd7000fbdbdf25150000005400028004000400080002009b000000080001000200000000000200040000000000020001040000000004009c0002802c00038008000200090000000800020000020000080001000800000008000100faffffff0800020005000000080001000400000008000100ff0100000000038000000100f9ffffff0000010001040000000002000000000000000100050000000000020001800000000001000004000000000100040000000000010006080000000001008100000000000100fa7d0000540003800800010008000000080002008000000008000100aacf00000800020050189fa60800010009000000080002007e0f0000080001000100008008000200000000000800010001000000080002001f0000000c0001800800030008000000"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TCSETSF(r1, 0x4b33, 0x0) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:41 executing program 3: r0 = geteuid() r1 = geteuid() setreuid(r0, r1) 14:29:41 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) 14:29:41 executing program 5: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000000)={0x7, 0xfff, 0xffff6e2c, 0x0, 0x1, "22eb4f71f188cb04ad36b50f2d70c213f17d34", 0x1f, 0xfffffffe}) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xc, 0x3b7, 0x9, 0xfffffff9, 0x0, 0xffffffffffffffff, 0x100, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3}, 0x48) 14:29:41 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) 14:29:41 executing program 4: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="10120400", @ANYRES16=r0, @ANYBLOB="10002dbd7000fbdbdf25150000005400028004000400080002009b000000080001000200000000000200040000000000020001040000000004009c0002802c00038008000200090000000800020000020000080001000800000008000100faffffff0800020005000000080001000400000008000100ff0100000000038000000100f9ffffff0000010001040000000002000000000000000100050000000000020001800000000001000004000000000100040000000000010006080000000001008100000000000100fa7d0000540003800800010008000000080002008000000008000100aacf00000800020050189fa60800010009000000080002007e0f0000080001000100008008000200000000000800010001000000080002001f0000000c0001800800030008000000"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TCSETSF(r1, 0x4b33, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_NOACK_MAP(r2, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r3, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}}, 0x20}}, 0x0) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:41 executing program 1: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="10120400", @ANYRES16=r0, @ANYBLOB="10002dbd7000fbdbdf25150000005400028004000400080002009b000000080001000200000000000200040000000000020001040000000004009c0002802c00038008000200090000000800020000020000080001000800000008000100faffffff0800020005000000080001000400000008000100ff0100000000038000000100f9ffffff0000010001040000000002000000000000000100050000000000020001800000000001000004000000000100040000000000010006080000000001008100000000000100fa7d0000540003800800010008000000080002008000000008000100aacf00000800020050189fa60800010009000000080002007e0f0000080001000100008008000200000000000800010001000000080002001f0000000c0001800800030008000000"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:41 executing program 5: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xc, 0x3b7, 0x9, 0xfffffff9, 0x0, 0xffffffffffffffff, 0x100, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3}, 0x48) 14:29:41 executing program 3: r0 = geteuid() setreuid(r0, 0x0) 14:29:41 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 14:29:41 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r1) 14:29:41 executing program 4: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="10120400", @ANYRES16=r0, @ANYBLOB="10002dbd7000fbdbdf25150000005400028004000400080002009b000000080001000200000000000200040000000000020001040000000004009c0002802c00038008000200090000000800020000020000080001000800000008000100faffffff0800020005000000080001000400000008000100ff0100000000038000000100f9ffffff0000010001040000000002000000000000000100050000000000020001800000000001000004000000000100040000000000010006080000000001008100000000000100fa7d0000540003800800010008000000080002008000000008000100aacf00000800020050189fa60800010009000000080002007e0f0000080001000100008008000200000000000800010001000000080002001f0000000c0001800800030008000000"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TCSETSF(r1, 0x4b33, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:41 executing program 1: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="10120400", @ANYRES16=r0, @ANYBLOB="10002dbd7000fbdbdf25150000005400028004000400080002009b000000080001000200000000000200040000000000020001040000000004009c0002802c00038008000200090000000800020000020000080001000800000008000100faffffff0800020005000000080001000400000008000100ff0100000000038000000100f9ffffff0000010001040000000002000000000000000100050000000000020001800000000001000004000000000100040000000000010006080000000001008100000000000100fa7d0000540003800800010008000000080002008000000008000100aacf00000800020050189fa60800010009000000080002007e0f0000080001000100008008000200000000000800010001000000080002001f0000000c0001800800030008000000"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:41 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:41 executing program 5: openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xc, 0x3b7, 0x9, 0xfffffff9, 0x0, 0xffffffffffffffff, 0x100, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3}, 0x48) 14:29:41 executing program 4: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="10120400", @ANYRES16=r0, @ANYBLOB="10002dbd7000fbdbdf25150000005400028004000400080002009b000000080001000200000000000200040000000000020001040000000004009c0002802c00038008000200090000000800020000020000080001000800000008000100faffffff0800020005000000080001000400000008000100ff0100000000038000000100f9ffffff0000010001040000000002000000000000000100050000000000020001800000000001000004000000000100040000000000010006080000000001008100000000000100fa7d0000540003800800010008000000080002008000000008000100aacf00000800020050189fa60800010009000000080002007e0f0000080001000100008008000200000000000800010001000000080002001f0000000c0001800800030008000000"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TCSETSF(r1, 0x4b33, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:41 executing program 1: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="10120400", @ANYRES16=r0, @ANYBLOB="10002dbd7000fbdbdf25150000005400028004000400080002009b000000080001000200000000000200040000000000020001040000000004009c0002802c00038008000200090000000800020000020000080001000800000008000100faffffff0800020005000000080001000400000008000100ff0100000000038000000100f9ffffff0000010001040000000002000000000000000100050000000000020001800000000001000004000000000100040000000000010006080000000001008100000000000100fa7d0000540003800800010008000000080002008000000008000100aacf00000800020050189fa60800010009000000080002007e0f0000080001000100008008000200000000000800010001000000080002001f0000000c0001800800030008000000"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:41 executing program 4: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="10120400", @ANYRES16=r0, @ANYBLOB="10002dbd7000fbdbdf25150000005400028004000400080002009b000000080001000200000000000200040000000000020001040000000004009c0002802c00038008000200090000000800020000020000080001000800000008000100faffffff0800020005000000080001000400000008000100ff0100000000038000000100f9ffffff0000010001040000000002000000000000000100050000000000020001800000000001000004000000000100040000000000010006080000000001008100000000000100fa7d0000540003800800010008000000080002008000000008000100aacf00000800020050189fa60800010009000000080002007e0f0000080001000100008008000200000000000800010001000000080002001f0000000c0001800800030008000000"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TCSETSF(r1, 0x4b33, 0x0) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:41 executing program 3: setreuid(0x0, 0x0) 14:29:41 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xc, 0x3b7, 0x9, 0xfffffff9, 0x0, 0xffffffffffffffff, 0x100, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3}, 0x48) 14:29:41 executing program 1: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="10120400", @ANYRES16=r0, @ANYBLOB="10002dbd7000fbdbdf25150000005400028004000400080002009b000000080001000200000000000200040000000000020001040000000004009c0002802c00038008000200090000000800020000020000080001000800000008000100faffffff0800020005000000080001000400000008000100ff0100000000038000000100f9ffffff0000010001040000000002000000000000000100050000000000020001800000000001000004000000000100040000000000010006080000000001008100000000000100fa7d0000540003800800010008000000080002008000000008000100aacf00000800020050189fa60800010009000000080002007e0f0000080001000100008008000200000000000800010001000000080002001f0000000c0001800800030008000000"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:41 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 14:29:41 executing program 3: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="10120400", @ANYRES16=r0, @ANYBLOB="10002dbd7000fbdbdf25150000005400028004000400080002009b000000080001000200000000000200040000000000020001040000000004009c0002802c00038008000200090000000800020000020000080001000800000008000100faffffff0800020005000000080001000400000008000100ff0100000000038000000100f9ffffff0000010001040000000002000000000000000100050000000000020001800000000001000004000000000100040000000000010006080000000001008100000000000100fa7d0000540003800800010008000000080002008000000008000100aacf00000800020050189fa60800010009000000080002007e0f0000080001000100008008000200000000000800010001000000080002001f0000000c0001800800030008000000"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TCSETSF(r1, 0x4b33, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_NOACK_MAP(r2, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r3, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}}, 0x20}}, 0x0) sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, r3, 0x100, 0x70bd28, 0x25dfdbff, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:41 executing program 4: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="10120400", @ANYRES16=r0, @ANYBLOB="10002dbd7000fbdbdf25150000005400028004000400080002009b000000080001000200000000000200040000000000020001040000000004009c0002802c00038008000200090000000800020000020000080001000800000008000100faffffff0800020005000000080001000400000008000100ff0100000000038000000100f9ffffff0000010001040000000002000000000000000100050000000000020001800000000001000004000000000100040000000000010006080000000001008100000000000100fa7d0000540003800800010008000000080002008000000008000100aacf00000800020050189fa60800010009000000080002007e0f0000080001000100008008000200000000000800010001000000080002001f0000000c0001800800030008000000"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:41 executing program 5: bpf$MAP_CREATE(0x0, 0x0, 0x0) 14:29:42 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2) 14:29:42 executing program 1: syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 5: bpf$MAP_CREATE(0x0, 0x0, 0x0) 14:29:42 executing program 4: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="10120400", @ANYRES16=r0, @ANYBLOB="10002dbd7000fbdbdf25150000005400028004000400080002009b000000080001000200000000000200040000000000020001040000000004009c0002802c00038008000200090000000800020000020000080001000800000008000100faffffff0800020005000000080001000400000008000100ff0100000000038000000100f9ffffff0000010001040000000002000000000000000100050000000000020001800000000001000004000000000100040000000000010006080000000001008100000000000100fa7d0000540003800800010008000000080002008000000008000100aacf00000800020050189fa60800010009000000080002007e0f0000080001000100008008000200000000000800010001000000080002001f0000000c0001800800030008000000"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 3: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="10120400", @ANYRES16=r0, @ANYBLOB="10002dbd7000fbdbdf25150000005400028004000400080002009b000000080001000200000000000200040000000000020001040000000004009c0002802c00038008000200090000000800020000020000080001000800000008000100faffffff0800020005000000080001000400000008000100ff0100000000038000000100f9ffffff0000010001040000000002000000000000000100050000000000020001800000000001000004000000000100040000000000010006080000000001008100000000000100fa7d0000540003800800010008000000080002008000000008000100aacf00000800020050189fa60800010009000000080002007e0f0000080001000100008008000200000000000800010001000000080002001f0000000c0001800800030008000000"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TCSETSF(r1, 0x4b33, 0x0) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 14:29:42 executing program 4: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="10120400", @ANYRES16=r0, @ANYBLOB="10002dbd7000fbdbdf25150000005400028004000400080002009b000000080001000200000000000200040000000000020001040000000004009c0002802c00038008000200090000000800020000020000080001000800000008000100faffffff0800020005000000080001000400000008000100ff0100000000038000000100f9ffffff0000010001040000000002000000000000000100050000000000020001800000000001000004000000000100040000000000010006080000000001008100000000000100fa7d0000540003800800010008000000080002008000000008000100aacf00000800020050189fa60800010009000000080002007e0f0000080001000100008008000200000000000800010001000000080002001f0000000c0001800800030008000000"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 3: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="10120400", @ANYRES16=r0, @ANYBLOB="10002dbd7000fbdbdf25150000005400028004000400080002009b000000080001000200000000000200040000000000020001040000000004009c0002802c00038008000200090000000800020000020000080001000800000008000100faffffff0800020005000000080001000400000008000100ff0100000000038000000100f9ffffff0000010001040000000002000000000000000100050000000000020001800000000001000004000000000100040000000000010006080000000001008100000000000100fa7d0000540003800800010008000000080002008000000008000100aacf00000800020050189fa60800010009000000080002007e0f0000080001000100008008000200000000000800010001000000080002001f0000000c0001800800030008000000"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TCSETSF(r1, 0x4b33, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_NOACK_MAP(r2, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r3, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}}, 0x20}}, 0x0) sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, r3, 0x100, 0x70bd28, 0x25dfdbff, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 5: bpf$MAP_CREATE(0x0, 0x0, 0x0) 14:29:42 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 4: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="10120400", @ANYRES16=r0, @ANYBLOB="10002dbd7000fbdbdf25150000005400028004000400080002009b000000080001000200000000000200040000000000020001040000000004009c0002802c00038008000200090000000800020000020000080001000800000008000100faffffff0800020005000000080001000400000008000100ff0100000000038000000100f9ffffff0000010001040000000002000000000000000100050000000000020001800000000001000004000000000100040000000000010006080000000001008100000000000100fa7d0000540003800800010008000000080002008000000008000100aacf00000800020050189fa60800010009000000080002007e0f0000080001000100008008000200000000000800010001000000080002001f0000000c0001800800030008000000"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x0, 0x3b7, 0x9, 0xfffffff9, 0x0, 0xffffffffffffffff, 0x100, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3}, 0x48) 14:29:42 executing program 0: pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, 0x0, 0x0) write$P9_RXATTRWALK(r0, &(0x7f0000000000)={0xf, 0x1f, 0x1}, 0xf) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x187000, 0x0) 14:29:42 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 4: syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x0, 0x3b7, 0x9, 0xfffffff9, 0x0, 0xffffffffffffffff, 0x100, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3}, 0x48) 14:29:42 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:42 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x0, 0x3b7, 0x9, 0xfffffff9, 0x0, 0xffffffffffffffff, 0x100, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3}, 0x48) 14:29:42 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:42 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xc, 0x0, 0x9, 0xfffffff9, 0x0, 0xffffffffffffffff, 0x100, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3}, 0x48) 14:29:42 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x22840, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:42 executing program 1: syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 3: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xc, 0x0, 0x0, 0xfffffff9, 0x0, 0xffffffffffffffff, 0x100, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3}, 0x48) 14:29:42 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xc, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x100, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3}, 0x48) 14:29:42 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 14:29:42 executing program 0: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 1: syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 3: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xc, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3}, 0x48) 14:29:42 executing program 0: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 1: syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xc, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x48) 14:29:42 executing program 3: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 4: syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 14:29:42 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:42 executing program 4: syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 0: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xc}, 0x48) 14:29:42 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 4: syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xc}, 0x48) 14:29:42 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:42 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:42 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:42 executing program 0: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:42 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 14:29:42 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:42 executing program 0: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) 14:29:42 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 14:29:42 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:42 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:42 executing program 0: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:42 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) 14:29:42 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:42 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 14:29:42 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:42 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:42 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) 14:29:42 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) 14:29:42 executing program 5: write$P9_RWSTAT(0xffffffffffffffff, 0x0, 0x0) 14:29:42 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:42 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:42 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) 14:29:42 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:42 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 14:29:42 executing program 5: write$P9_RWSTAT(0xffffffffffffffff, 0x0, 0x0) 14:29:42 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:42 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:42 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) 14:29:42 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) 14:29:42 executing program 5: write$P9_RWSTAT(0xffffffffffffffff, 0x0, 0x0) 14:29:42 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) 14:29:42 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 14:29:42 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:42 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) 14:29:42 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:42 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) 14:29:42 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) 14:29:42 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:42 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) 14:29:42 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 14:29:42 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 14:29:42 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) 14:29:42 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:42 executing program 3: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000080)={0x401, 0x0, 0x4f7c7b3, 0x0, 0x0, "bbeba1734a08a564b9f299033f0e449fbad28c"}) r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x80000000, 0x20000) ioctl$EVIOCGRAB(r1, 0x40044590, &(0x7f0000000040)=0x8001) 14:29:42 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) 14:29:42 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 14:29:42 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(0xffffffffffffffff, 0x0, 0x0) [ 522.013706][ T2036] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:42 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(0xffffffffffffffff, 0x0, 0x0) 14:29:42 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) 14:29:42 executing program 3: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000080)={0x401, 0x0, 0x4f7c7b3, 0x0, 0x0, "bbeba1734a08a564b9f299033f0e449fbad28c"}) r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x80000000, 0x20000) ioctl$EVIOCGRAB(r1, 0x40044590, &(0x7f0000000040)=0x8001) 14:29:42 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(0xffffffffffffffff, 0x0, 0x0) 14:29:42 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 14:29:42 executing program 1: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7}, 0x7) 14:29:42 executing program 3: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000080)={0x401, 0x0, 0x4f7c7b3, 0x0, 0x0, "bbeba1734a08a564b9f299033f0e449fbad28c"}) r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x80000000, 0x20000) ioctl$EVIOCGRAB(r1, 0x40044590, &(0x7f0000000040)=0x8001) 14:29:42 executing program 5: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000080)={0x401, 0x0, 0x4f7c7b3, 0x0, 0x0, "bbeba1734a08a564b9f299033f0e449fbad28c"}) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x49b43, 0x0) 14:29:42 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) syz_open_dev$ttys(0xc, 0x2, 0x1) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000140), 0x2c4500, 0x0) r2 = syz_open_pts(r1, 0x0) ioctl$TCSETSF(r2, 0x5404, &(0x7f00000000c0)={0x4, 0x200, 0x9, 0x10001, 0x13, "eeea4a40ffbb452e936e7abbff493614b7cdf1"}) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_open_pts(r3, 0x0) ioctl$GIO_FONTX(r3, 0x4b6b, &(0x7f0000000000)={0xc3, 0x16, &(0x7f0000000380)}) ioctl$PIO_UNISCRNMAP(r3, 0x4b6a, &(0x7f0000000240)="daab5281aa2508a00532a1f5c3d9f2cccbc67294b6e85ba30eccf02f11752b65488d697884e09bff8c8fce8b9f3c5be654a937e21a522ed23cb9dfc87bc6a3528afbecda2615d2d846092538add42464a282747e76c3b507e7592384c56165c11be89471fb193a189bb3813351fcd483aca20cf1854c3342f81ae55138d90cad1ec50be012ab283bb994d88408a79d4d999b854a3e9ad917cd7572650bbf4c0a8a2bab1251b946623c580d9b3b5c8461bbc1cf940ef26074b4850000000000000000000000000000007c0c3bea8155f1ede01b12b3ae2bba68628c6b1c1678e574993deed4696ca6ba8dd47fa73fadcb22418bf1438c8424e37144986bd625073a9139d1c283378211995d37fe9d5ea820d531e7b2f81e62290c7d83117f222f1567e2635ef38c06477d1c4d10fa91196d") r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r4, 0x0) r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r5, 0x0) r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r6, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r7, 0x0) ioctl$TIOCGWINSZ(0xffffffffffffffff, 0x5413, &(0x7f0000000080)) 14:29:42 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 14:29:42 executing program 1: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7}, 0x7) 14:29:42 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) syz_open_dev$ttys(0xc, 0x2, 0x1) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000140), 0x2c4500, 0x0) r2 = syz_open_pts(r1, 0x0) ioctl$TCSETSF(r2, 0x5404, &(0x7f00000000c0)={0x4, 0x200, 0x9, 0x10001, 0x13, "eeea4a40ffbb452e936e7abbff493614b7cdf1"}) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_open_pts(r3, 0x0) ioctl$GIO_FONTX(r3, 0x4b6b, &(0x7f0000000000)={0xc3, 0x16, &(0x7f0000000380)}) ioctl$PIO_UNISCRNMAP(r3, 0x4b6a, &(0x7f0000000240)="daab5281aa2508a00532a1f5c3d9f2cccbc67294b6e85ba30eccf02f11752b65488d697884e09bff8c8fce8b9f3c5be654a937e21a522ed23cb9dfc87bc6a3528afbecda2615d2d846092538add42464a282747e76c3b507e7592384c56165c11be89471fb193a189bb3813351fcd483aca20cf1854c3342f81ae55138d90cad1ec50be012ab283bb994d88408a79d4d999b854a3e9ad917cd7572650bbf4c0a8a2bab1251b946623c580d9b3b5c8461bbc1cf940ef26074b4850000000000000000000000000000007c0c3bea8155f1ede01b12b3ae2bba68628c6b1c1678e574993deed4696ca6ba8dd47fa73fadcb22418bf1438c8424e37144986bd625073a9139d1c283378211995d37fe9d5ea820d531e7b2f81e62290c7d83117f222f1567e2635ef38c06477d1c4d10fa91196d") r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r4, 0x0) r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r5, 0x0) r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r6, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r7, 0x0) ioctl$TIOCGWINSZ(0xffffffffffffffff, 0x5413, &(0x7f0000000080)) 14:29:42 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) ioctl$TIOCGWINSZ(r1, 0x5413, &(0x7f0000000000)) ioctl$GIO_SCRNMAP(0xffffffffffffffff, 0x4b40, &(0x7f0000000040)=""/32) ioctl$TCSETSF(r0, 0x4b31, 0x0) 14:29:42 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b30, 0x0) 14:29:42 executing program 1: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7}, 0x7) 14:29:42 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) syz_open_dev$ttys(0xc, 0x2, 0x1) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000140), 0x2c4500, 0x0) r2 = syz_open_pts(r1, 0x0) ioctl$TCSETSF(r2, 0x5404, &(0x7f00000000c0)={0x4, 0x200, 0x9, 0x10001, 0x13, "eeea4a40ffbb452e936e7abbff493614b7cdf1"}) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_open_pts(r3, 0x0) ioctl$GIO_FONTX(r3, 0x4b6b, &(0x7f0000000000)={0xc3, 0x16, &(0x7f0000000380)}) ioctl$PIO_UNISCRNMAP(r3, 0x4b6a, &(0x7f0000000240)="daab5281aa2508a00532a1f5c3d9f2cccbc67294b6e85ba30eccf02f11752b65488d697884e09bff8c8fce8b9f3c5be654a937e21a522ed23cb9dfc87bc6a3528afbecda2615d2d846092538add42464a282747e76c3b507e7592384c56165c11be89471fb193a189bb3813351fcd483aca20cf1854c3342f81ae55138d90cad1ec50be012ab283bb994d88408a79d4d999b854a3e9ad917cd7572650bbf4c0a8a2bab1251b946623c580d9b3b5c8461bbc1cf940ef26074b4850000000000000000000000000000007c0c3bea8155f1ede01b12b3ae2bba68628c6b1c1678e574993deed4696ca6ba8dd47fa73fadcb22418bf1438c8424e37144986bd625073a9139d1c283378211995d37fe9d5ea820d531e7b2f81e62290c7d83117f222f1567e2635ef38c06477d1c4d10fa91196d") r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r4, 0x0) r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r5, 0x0) r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r6, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r7, 0x0) ioctl$TIOCGWINSZ(0xffffffffffffffff, 0x5413, &(0x7f0000000080)) [ 522.142854][ T2089] debugfs: Directory 'loop0' with parent 'block' already present! 14:29:42 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 14:29:42 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x4b33, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) ioctl$TCGETA(r1, 0x5405, &(0x7f0000000000)) 14:29:42 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500), 0x187000, 0x3) 14:29:42 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) 14:29:42 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 14:29:42 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 14:29:42 executing program 3: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000080)={0x401, 0x0, 0x4f7c7b3, 0x0, 0x0, "bbeba1734a08a564b9f299033f0e449fbad28c"}) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r2 = syz_open_pts(r0, 0x0) ioctl$GIO_FONTX(r2, 0x4b6b, &(0x7f0000000000)={0xf6, 0x19, &(0x7f0000000140)}) syz_open_dev$tty1(0xc, 0x4, 0x3) syz_open_pts(r1, 0x0) ioctl$TIOCGPTPEER(r1, 0x5441, 0x0) 14:29:42 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x540a, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) syz_open_pts(r1, 0x0) ioctl$EVIOCGPROP(0xffffffffffffffff, 0x80404509, &(0x7f0000000200)=""/242) syz_open_pts(0xffffffffffffffff, 0x101001) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r2, 0x0) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r3, 0x0) ioctl$TIOCNOTTY(r3, 0x5422) ioctl$TIOCL_GETKMSGREDIRECT(r2, 0x541c, &(0x7f0000000040)) r4 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c00000058a571a70a5927e4913ad674a2d8c65836a6099548ac3a4a82a8e8002e80b18454643ce1dfee9ad73961d01b8f7eadd513272cbe7e383d877e4c181715ce726df6f3e6341add75380befb8e31a56f8757dd130a0deb62594f5ef503836b78556e9ad0a79a14b5e934ba19e5eb4308afebe6585ca1349bc9e2fa4ee8a6f1973fbbbe1253498d547c2e32f46d30cd23c0c128154e57c7c8b901bd5620814b9cb4fc40ec631e16108de33fd8b3cd2ed7dad86d85f88d1170d23aa803b6107def4317763e972d0b9a1f3d26cbd92420c7dd2f3a34f9ca095f92ec8e575b3a5381a7b7ebb69e6526f5e6bc21834d40e665b526181add060e6d23cc2d36322b53e4041ff1eb9ffd0ff066cea42ac8e1a3b679ed7363f4ccc595cbc0598d6dc4676b83d5371ef685e0024d4a50115117be1b49e1825bc5e4ab3", @ANYRES16=r4, @ANYBLOB="000228bd7000ffdbdf25030000000800010000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x20000000) 14:29:42 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 14:29:42 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 14:29:42 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) 14:29:42 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 14:29:42 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r0, 0x540a, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) syz_open_pts(r1, 0x0) ioctl$EVIOCGPROP(0xffffffffffffffff, 0x80404509, &(0x7f0000000200)=""/242) syz_open_pts(0xffffffffffffffff, 0x101001) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r2, 0x0) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r3, 0x0) ioctl$TIOCNOTTY(r3, 0x5422) ioctl$TIOCL_GETKMSGREDIRECT(r2, 0x541c, &(0x7f0000000040)) r4 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c00000058a571a70a5927e4913ad674a2d8c65836a6099548ac3a4a82a8e8002e80b18454643ce1dfee9ad73961d01b8f7eadd513272cbe7e383d877e4c181715ce726df6f3e6341add75380befb8e31a56f8757dd130a0deb62594f5ef503836b78556e9ad0a79a14b5e934ba19e5eb4308afebe6585ca1349bc9e2fa4ee8a6f1973fbbbe1253498d547c2e32f46d30cd23c0c128154e57c7c8b901bd5620814b9cb4fc40ec631e16108de33fd8b3cd2ed7dad86d85f88d1170d23aa803b6107def4317763e972d0b9a1f3d26cbd92420c7dd2f3a34f9ca095f92ec8e575b3a5381a7b7ebb69e6526f5e6bc21834d40e665b526181add060e6d23cc2d36322b53e4041ff1eb9ffd0ff066cea42ac8e1a3b679ed7363f4ccc595cbc0598d6dc4676b83d5371ef685e0024d4a50115117be1b49e1825bc5e4ab3", @ANYRES16=r4, @ANYBLOB="000228bd7000ffdbdf25030000000800010000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x20000000) 14:29:42 executing program 5: syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) keyctl$session_to_parent(0x12) syz_open_dev$tty20(0xc, 0x4, 0x1) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) ioctl$TIOCNOTTY(r1, 0x5422) ioctl$TIOCGPTPEER(r0, 0x5441, 0x8) r2 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$TCSETSF(r2, 0x4b30, 0x0) 14:29:42 executing program 3: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000080)={0x401, 0x0, 0x4f7c7b3, 0x0, 0x0, "bbeba1734a08a564b9f299033f0e449fbad28c"}) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r2 = syz_open_pts(r1, 0x0) r3 = ioctl$TIOCGPTPEER(r2, 0x5441, 0x40) ioctl$TIOCNOTTY(r3, 0x5422) ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000000)={0x3, 0x1, 0x80, 0x8, 0x4, "dafc4b4a8235fe6796424d3ca97d80027607eb", 0x3, 0x5199}) syz_open_dev$ttys(0xc, 0x2, 0x1) 14:29:42 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 14:29:42 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 14:29:42 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 14:29:42 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (fail_nth: 1) 14:29:42 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) (fail_nth: 1) 14:29:42 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 14:29:42 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:43 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 14:29:43 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) 14:29:43 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x2) 14:29:43 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:43 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (fail_nth: 1) [ 523.105058][ T2166] FAULT_INJECTION: forcing a failure. [ 523.105058][ T2166] name failslab, interval 1, probability 0, space 0, times 0 [ 523.117759][ T2166] CPU: 0 PID: 2166 Comm: syz-executor.4 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 523.127887][ T2166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 523.138026][ T2166] Call Trace: [ 523.141292][ T2166] dump_stack+0x18e/0x1de [ 523.143791][ T2153] FAULT_INJECTION: forcing a failure. [ 523.143791][ T2153] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 523.145600][ T2166] should_fail+0x5d8/0x740 [ 523.163136][ T2166] ? ldsem_down_read+0x58/0x790 [ 523.167963][ T2166] ? tty_write+0x304/0x880 [ 523.172353][ T2166] should_failslab+0x5/0x20 [ 523.176828][ T2166] __kmalloc+0x5f/0x2f0 [ 523.180960][ T2166] tty_write+0x304/0x880 [ 523.185176][ T2166] ? n_tty_read+0x1b00/0x1b00 [ 523.189828][ T2166] ? redirected_tty_write+0xb0/0xb0 [ 523.195000][ T2166] __vfs_write+0xa7/0x6b0 [ 523.199305][ T2166] ? avc_policy_seqno+0x17/0x70 [ 523.204131][ T2166] ? selinux_file_permission+0x2d0/0x520 [ 523.209738][ T2166] vfs_write+0x212/0x4e0 [ 523.213959][ T2166] ksys_write+0x13f/0x240 [ 523.218268][ T2166] do_syscall_64+0xcb/0x1e0 [ 523.222746][ T2166] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 523.228612][ T2166] RIP: 0033:0x7f4585420059 [ 523.233002][ T2166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 523.252582][ T2166] RSP: 002b:00007f4584596168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 523.260968][ T2166] RAX: ffffffffffffffda RBX: 00007f4585532f60 RCX: 00007f4585420059 [ 523.268920][ T2166] RDX: 0000000000000007 RSI: 00000000200000c0 RDI: 0000000000000003 [ 523.276863][ T2166] RBP: 00007f45845961d0 R08: 0000000000000000 R09: 0000000000000000 [ 523.284810][ T2166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 523.292753][ T2166] R13: 00007ffc2507296f R14: 00007f4584596300 R15: 0000000000022000 14:29:43 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:43 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (fail_nth: 2) 14:29:43 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:43 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) [ 523.300708][ T2153] CPU: 1 PID: 2153 Comm: syz-executor.3 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 523.310852][ T2153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 523.310855][ T2153] Call Trace: [ 523.310867][ T2153] dump_stack+0x18e/0x1de [ 523.310878][ T2153] should_fail+0x5d8/0x740 [ 523.310890][ T2153] __alloc_pages_nodemask+0x12e/0x740 [ 523.310900][ T2153] __get_free_pages+0xa/0x30 14:29:43 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:43 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) [ 523.310906][ T2153] __tlb_remove_page_size+0x167/0x2e0 [ 523.310914][ T2153] unmap_page_range+0xb45/0x1700 [ 523.310927][ T2153] unmap_vmas+0x306/0x440 [ 523.310936][ T2153] exit_mmap+0x286/0x4f0 [ 523.310947][ T2153] __mmput+0x34/0x240 [ 523.310955][ T2153] do_exit+0xb6a/0x2aa0 [ 523.310966][ T2153] do_group_exit+0x15c/0x2c0 [ 523.310975][ T2153] get_signal+0x151f/0x1e10 [ 523.310988][ T2153] ? kick_process+0xc8/0x120 [ 523.310996][ T2153] do_signal+0x3b/0x580 [ 523.311007][ T2153] prepare_exit_to_usermode+0x207/0x310 14:29:43 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 14:29:43 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) [ 523.311016][ T2153] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 523.311024][ T2153] RIP: 0033:0x7f1c6846f059 [ 523.311032][ T2153] Code: Bad RIP value. [ 523.311036][ T2153] RSP: 002b:00007f1c675e5168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 523.311043][ T2153] RAX: fffffffffffffe00 RBX: 00007f1c68581f60 RCX: 00007f1c6846f059 [ 523.311048][ T2153] RDX: 0000000000000007 RSI: 00000000200000c0 RDI: 0000000000000003 [ 523.311052][ T2153] RBP: 00007f1c675e51d0 R08: 0000000000000000 R09: 0000000000000000 [ 523.311056][ T2153] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 523.311061][ T2153] R13: 00007ffd3d12689f R14: 00007f1c675e5300 R15: 0000000000022000 14:29:44 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x8) 14:29:44 executing program 1: syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7}, 0x7) 14:29:44 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 1) 14:29:44 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1b9}, 0x7) 14:29:44 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:44 executing program 1: syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7}, 0x7) 14:29:44 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x8, 0x7f, 0x1}, 0x7) 14:29:44 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x80000) 14:29:44 executing program 1: syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7}, 0x7) [ 523.952836][ T2200] FAULT_INJECTION: forcing a failure. [ 523.952836][ T2200] name failslab, interval 1, probability 0, space 0, times 0 [ 523.968537][ T2200] CPU: 1 PID: 2200 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 523.978688][ T2200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 523.988740][ T2200] Call Trace: [ 523.988760][ T2200] dump_stack+0x18e/0x1de [ 523.996335][ T2200] should_fail+0x5d8/0x740 14:29:44 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:44 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 2) [ 523.996345][ T2200] ? loop_add+0x56/0x710 [ 523.996362][ T2200] should_failslab+0x5/0x20 [ 524.009461][ T2200] kmem_cache_alloc_trace+0x39/0x2b0 [ 524.009477][ T2200] loop_add+0x56/0x710 [ 524.018790][ T2200] ? radix_tree_lookup+0x1c0/0x1d0 [ 524.018799][ T2200] loop_control_ioctl+0x468/0x680 [ 524.018807][ T2200] ? xor_init+0x60/0x60 [ 524.018816][ T2200] do_vfs_ioctl+0x6fb/0x15b0 [ 524.018828][ T2200] __x64_sys_ioctl+0xd4/0x110 [ 524.018837][ T2200] do_syscall_64+0xcb/0x1e0 [ 524.018848][ T2200] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 524.018856][ T2200] RIP: 0033:0x7fe6f0f01059 [ 524.018865][ T2200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 524.018869][ T2200] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 524.018877][ T2200] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 524.018881][ T2200] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 524.018886][ T2200] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 524.018891][ T2200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 524.018896][ T2200] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 524.033119][ T2213] FAULT_INJECTION: forcing a failure. [ 524.033119][ T2213] name failslab, interval 1, probability 0, space 0, times 0 [ 524.140782][ T2213] CPU: 1 PID: 2213 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 524.150904][ T2213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 524.150908][ T2213] Call Trace: [ 524.150922][ T2213] dump_stack+0x18e/0x1de [ 524.150935][ T2213] should_fail+0x5d8/0x740 [ 524.150946][ T2213] ? radix_tree_node_alloc+0x84/0x370 [ 524.150962][ T2213] should_failslab+0x5/0x20 [ 524.182742][ T2213] kmem_cache_alloc+0x36/0x290 [ 524.187482][ T2213] radix_tree_node_alloc+0x84/0x370 [ 524.192649][ T2213] idr_get_free+0x29a/0x870 [ 524.197127][ T2213] idr_alloc+0x156/0x280 [ 524.201339][ T2213] loop_add+0xa8/0x710 [ 524.205375][ T2213] ? radix_tree_lookup+0x1c0/0x1d0 [ 524.210455][ T2213] loop_control_ioctl+0x468/0x680 [ 524.215449][ T2213] ? xor_init+0x60/0x60 [ 524.219574][ T2213] do_vfs_ioctl+0x6fb/0x15b0 [ 524.224140][ T2213] __x64_sys_ioctl+0xd4/0x110 [ 524.228812][ T2213] do_syscall_64+0xcb/0x1e0 [ 524.233306][ T2213] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 524.239168][ T2213] RIP: 0033:0x7fe6f0f01059 14:29:44 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) 14:29:44 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0xf0ff7f) 14:29:44 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x9, 0x7f, 0x1}, 0x7) 14:29:44 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) [ 524.243551][ T2213] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 524.263126][ T2213] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 524.271513][ T2213] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 524.279464][ T2213] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 524.287451][ T2213] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 524.287456][ T2213] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 524.287461][ T2213] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 14:29:45 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:45 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 3) 14:29:45 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0xa, 0x7f, 0x1}, 0x7) 14:29:45 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:45 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x1000000) [ 524.796110][ T2227] FAULT_INJECTION: forcing a failure. [ 524.796110][ T2227] name failslab, interval 1, probability 0, space 0, times 0 [ 524.808754][ T2227] CPU: 1 PID: 2227 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 524.818892][ T2227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 524.818896][ T2227] Call Trace: [ 524.818914][ T2227] dump_stack+0x18e/0x1de [ 524.818931][ T2227] should_fail+0x5d8/0x740 [ 524.841002][ T2227] ? blk_mq_alloc_tag_set+0x312/0xe60 [ 524.841017][ T2227] should_failslab+0x5/0x20 [ 524.850844][ T2227] __kmalloc+0x5f/0x2f0 [ 524.850854][ T2227] blk_mq_alloc_tag_set+0x312/0xe60 [ 524.850868][ T2227] ? idr_alloc+0x1c3/0x280 [ 524.864550][ T2227] loop_add+0x22b/0x710 [ 524.864566][ T2227] ? radix_tree_lookup+0x1c0/0x1d0 [ 524.873859][ T2227] loop_control_ioctl+0x468/0x680 [ 524.873872][ T2227] ? xor_init+0x60/0x60 [ 524.883002][ T2227] do_vfs_ioctl+0x6fb/0x15b0 [ 524.883018][ T2227] __x64_sys_ioctl+0xd4/0x110 [ 524.892234][ T2227] do_syscall_64+0xcb/0x1e0 [ 524.892249][ T2227] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 524.902605][ T2227] RIP: 0033:0x7fe6f0f01059 [ 524.902614][ T2227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 524.902625][ T2227] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 524.935076][ T2227] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 14:29:45 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:45 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:45 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) [ 524.935082][ T2227] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 524.935086][ T2227] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 524.935097][ T2227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 524.966888][ T2227] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 14:29:45 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) 14:29:45 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x2000000) 14:29:45 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 4) 14:29:45 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:45 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0xb, 0x7f, 0x1}, 0x7) 14:29:45 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0xa, 0x7f, 0x1}, 0x7) 14:29:45 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x7ffff000) 14:29:45 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0xa, 0x7f, 0x1}, 0x7) [ 525.135521][ T2243] FAULT_INJECTION: forcing a failure. [ 525.135521][ T2243] name failslab, interval 1, probability 0, space 0, times 0 [ 525.148148][ T2243] CPU: 1 PID: 2243 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 525.148160][ T2243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 525.168359][ T2243] Call Trace: [ 525.168376][ T2243] dump_stack+0x18e/0x1de [ 525.168396][ T2243] should_fail+0x5d8/0x740 [ 525.180397][ T2243] ? blk_mq_alloc_tag_set+0x3ca/0xe60 14:29:45 executing program 3: ioctl$EVIOCGMASK(0xffffffffffffffff, 0x80104592, &(0x7f0000000040)={0x5, 0x7, &(0x7f0000000000)="3e7b09d11696c1"}) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) [ 525.180414][ T2243] should_failslab+0x5/0x20 [ 525.190257][ T2243] __kmalloc+0x5f/0x2f0 [ 525.190272][ T2243] ? blk_mq_alloc_tag_set+0x312/0xe60 [ 525.199760][ T2243] blk_mq_alloc_tag_set+0x3ca/0xe60 [ 525.199771][ T2243] loop_add+0x22b/0x710 [ 525.199786][ T2243] ? radix_tree_lookup+0x1c0/0x1d0 [ 525.214166][ T2243] loop_control_ioctl+0x468/0x680 [ 525.214179][ T2243] ? xor_init+0x60/0x60 [ 525.223326][ T2243] do_vfs_ioctl+0x6fb/0x15b0 [ 525.223340][ T2243] __x64_sys_ioctl+0xd4/0x110 [ 525.223355][ T2243] do_syscall_64+0xcb/0x1e0 [ 525.237062][ T2243] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 525.237076][ T2243] RIP: 0033:0x7fe6f0f01059 [ 525.247345][ T2243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 525.247350][ T2243] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 525.275359][ T2243] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 14:29:45 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 5) 14:29:45 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0xffffff7f) 14:29:45 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0xc, 0x7f, 0x1}, 0x7) 14:29:45 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0xb, 0x7f, 0x1}, 0x7) 14:29:45 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0xa, 0x7f, 0x1}, 0x7) [ 525.275372][ T2243] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 525.291292][ T2243] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 525.291296][ T2243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 525.291301][ T2243] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 525.321382][ T2261] FAULT_INJECTION: forcing a failure. 14:29:45 executing program 3: ioctl$EVIOCGMASK(0xffffffffffffffff, 0x80104592, &(0x7f0000000040)={0x5, 0x7, &(0x7f0000000000)="3e7b09d11696c1"}) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) [ 525.321382][ T2261] name failslab, interval 1, probability 0, space 0, times 0 [ 525.338550][ T2261] CPU: 1 PID: 2261 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 525.338562][ T2261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 525.358736][ T2261] Call Trace: [ 525.358751][ T2261] dump_stack+0x18e/0x1de [ 525.358761][ T2261] should_fail+0x5d8/0x740 [ 525.358778][ T2261] ? blk_mq_init_tags+0x74/0x290 [ 525.375784][ T2261] should_failslab+0x5/0x20 [ 525.375800][ T2261] kmem_cache_alloc_trace+0x39/0x2b0 [ 525.385565][ T2261] blk_mq_init_tags+0x74/0x290 [ 525.385579][ T2261] ? blk_mq_hw_queue_to_node+0xeb/0x100 [ 525.395942][ T2261] blk_mq_alloc_rq_map+0x93/0x1a0 [ 525.395956][ T2261] blk_mq_alloc_tag_set+0x6bc/0xe60 [ 525.406302][ T2261] loop_add+0x22b/0x710 [ 525.406312][ T2261] ? radix_tree_lookup+0x1c0/0x1d0 [ 525.406325][ T2261] loop_control_ioctl+0x468/0x680 [ 525.420609][ T2261] ? xor_init+0x60/0x60 [ 525.420618][ T2261] do_vfs_ioctl+0x6fb/0x15b0 [ 525.420634][ T2261] __x64_sys_ioctl+0xd4/0x110 [ 525.433975][ T2261] do_syscall_64+0xcb/0x1e0 [ 525.433991][ T2261] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 525.444349][ T2261] RIP: 0033:0x7fe6f0f01059 [ 525.444364][ T2261] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 525.469395][ T2261] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 525.469413][ T2261] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 14:29:46 executing program 3: ioctl$EVIOCGMASK(0xffffffffffffffff, 0x80104592, &(0x7f0000000040)={0x5, 0x7, &(0x7f0000000000)="3e7b09d11696c1"}) (async) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:46 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0xd, 0x7f, 0x1}, 0x7) 14:29:46 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x7ffffffff000) 14:29:46 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0xb, 0x7f, 0x1}, 0x7) 14:29:46 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 6) 14:29:46 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0xe, 0x7f, 0x1}, 0x7) 14:29:46 executing program 1: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x7f, 0x1}, 0x7) 14:29:46 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0xf, 0x7f, 0x1}, 0x7) [ 525.485842][ T2261] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 525.485846][ T2261] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 525.485850][ T2261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 525.485862][ T2261] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 525.519718][ T2261] blk-mq: reduced tag depth (128 -> 64) 14:29:46 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0xb, 0x7f, 0x1}, 0x7) 14:29:46 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x1) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, 0x0, 0x0) pipe2$9p(&(0x7f0000000000), 0x80000) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x8c8b55a955d13569) write$P9_RWSTAT(r1, &(0x7f0000000040)={0x52, 0x7f, 0x1}, 0x7) 14:29:46 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x8000000000000) 14:29:46 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x18, 0x7f, 0x1}, 0x7) 14:29:46 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x1) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, 0x0, 0x0) pipe2$9p(&(0x7f0000000000), 0x80000) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x8c8b55a955d13569) write$P9_RWSTAT(r1, &(0x7f0000000040)={0x52, 0x7f, 0x1}, 0x7) syz_open_dev$tty1(0xc, 0x4, 0x1) (async) pipe2$9p(&(0x7f0000000400), 0x0) (async) write$P9_RLINK(r0, 0x0, 0x0) (async) pipe2$9p(&(0x7f0000000000), 0x80000) (async) pipe2$9p(&(0x7f0000000080), 0x8c8b55a955d13569) (async) write$P9_RWSTAT(r1, &(0x7f0000000040)={0x52, 0x7f, 0x1}, 0x7) (async) 14:29:46 executing program 1: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x7f, 0x1}, 0x7) 14:29:46 executing program 2: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0xb, 0x7f, 0x1}, 0x7) 14:29:46 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0xf0ff7f00000000) [ 525.619770][ T2283] FAULT_INJECTION: forcing a failure. [ 525.619770][ T2283] name failslab, interval 1, probability 0, space 0, times 0 [ 525.633873][ T2283] CPU: 0 PID: 2283 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 525.644022][ T2283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 525.654053][ T2283] Call Trace: [ 525.657405][ T2283] dump_stack+0x18e/0x1de [ 525.661719][ T2283] should_fail+0x5d8/0x740 [ 525.666204][ T2283] ? sbitmap_init_node+0x145/0x3d0 [ 525.671286][ T2283] should_failslab+0x5/0x20 [ 525.675763][ T2283] __kmalloc+0x5f/0x2f0 [ 525.679885][ T2283] sbitmap_init_node+0x145/0x3d0 [ 525.684790][ T2283] sbitmap_queue_init_node+0x2f/0xbe0 [ 525.690151][ T2283] ? kmem_cache_alloc_trace+0x139/0x2b0 [ 525.695676][ T2283] ? blk_mq_init_tags+0x74/0x290 [ 525.700712][ T2283] blk_mq_init_tags+0xef/0x290 [ 525.705456][ T2283] blk_mq_alloc_rq_map+0x93/0x1a0 [ 525.710550][ T2283] blk_mq_alloc_tag_set+0x6bc/0xe60 [ 525.715722][ T2283] loop_add+0x22b/0x710 [ 525.719856][ T2283] ? radix_tree_lookup+0x1c0/0x1d0 [ 525.724965][ T2283] loop_control_ioctl+0x468/0x680 [ 525.729965][ T2283] ? xor_init+0x60/0x60 [ 525.734099][ T2283] do_vfs_ioctl+0x6fb/0x15b0 [ 525.738664][ T2283] __x64_sys_ioctl+0xd4/0x110 [ 525.743340][ T2283] do_syscall_64+0xcb/0x1e0 [ 525.747816][ T2283] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 525.753685][ T2283] RIP: 0033:0x7fe6f0f01059 [ 525.758074][ T2283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 525.777838][ T2283] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 525.786230][ T2283] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 525.794175][ T2283] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 525.802123][ T2283] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 525.810068][ T2283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 14:29:46 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 7) 14:29:46 executing program 1: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x7f, 0x1}, 0x7) 14:29:46 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x1a, 0x7f, 0x1}, 0x7) 14:29:46 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x1) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, 0x0, 0x0) pipe2$9p(&(0x7f0000000000), 0x80000) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x8c8b55a955d13569) write$P9_RWSTAT(r1, &(0x7f0000000040)={0x52, 0x7f, 0x1}, 0x7) syz_open_dev$tty1(0xc, 0x4, 0x1) (async) pipe2$9p(&(0x7f0000000400), 0x0) (async) write$P9_RLINK(r0, 0x0, 0x0) (async) pipe2$9p(&(0x7f0000000000), 0x80000) (async) pipe2$9p(&(0x7f0000000080), 0x8c8b55a955d13569) (async) write$P9_RWSTAT(r1, &(0x7f0000000040)={0x52, 0x7f, 0x1}, 0x7) (async) 14:29:46 executing program 2: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0xb, 0x7f, 0x1}, 0x7) 14:29:46 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0xf0ffffff7f0000) 14:29:46 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x1b, 0x7f, 0x1}, 0x7) 14:29:46 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0xa, 0x7f, 0x1}, 0x7) 14:29:46 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x100000000000000) 14:29:46 executing program 2: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0xb, 0x7f, 0x1}, 0x7) 14:29:46 executing program 3: write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000040)={0x49, 0x7d, 0x1, {0x0, 0x42, 0x8, 0x2, {0x20, 0x3, 0x2}, 0x82140000, 0x0, 0xe28, 0x5, 0x7, '}+/\'-/$', 0x4, '.:\x19\xcc', 0x3, '#\\/', 0x1, '('}}, 0x49) syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x7f, 0x11}, 0x7) 14:29:46 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0xa, 0x7f, 0x1}, 0x7) [ 525.818013][ T2283] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 525.826541][ T2283] blk-mq: reduced tag depth (128 -> 64) [ 525.892413][ T2311] FAULT_INJECTION: forcing a failure. [ 525.892413][ T2311] name failslab, interval 1, probability 0, space 0, times 0 [ 525.905688][ T2311] CPU: 1 PID: 2311 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 525.915918][ T2311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 525.925956][ T2311] Call Trace: [ 525.929284][ T2311] dump_stack+0x18e/0x1de [ 525.933674][ T2311] should_fail+0x5d8/0x740 [ 525.938070][ T2311] ? sbitmap_queue_init_node+0x3db/0xbe0 [ 525.943872][ T2311] should_failslab+0x5/0x20 [ 525.948354][ T2311] kmem_cache_alloc_trace+0x39/0x2b0 [ 525.953707][ T2311] sbitmap_queue_init_node+0x3db/0xbe0 [ 525.959166][ T2311] blk_mq_init_tags+0xef/0x290 [ 525.963911][ T2311] blk_mq_alloc_rq_map+0x93/0x1a0 [ 525.968905][ T2311] blk_mq_alloc_tag_set+0x6bc/0xe60 [ 525.974076][ T2311] loop_add+0x22b/0x710 [ 525.978220][ T2311] ? radix_tree_lookup+0x1c0/0x1d0 [ 525.983308][ T2311] loop_control_ioctl+0x468/0x680 [ 525.988303][ T2311] ? xor_init+0x60/0x60 [ 525.992430][ T2311] do_vfs_ioctl+0x6fb/0x15b0 [ 525.996993][ T2311] __x64_sys_ioctl+0xd4/0x110 [ 526.001648][ T2311] do_syscall_64+0xcb/0x1e0 [ 526.006147][ T2311] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 526.012017][ T2311] RIP: 0033:0x7fe6f0f01059 [ 526.016405][ T2311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 14:29:46 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 8) 14:29:46 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x200000000000000) 14:29:46 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x200000c7, 0x7f, 0x1}, 0x7) 14:29:46 executing program 3: write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000040)={0x49, 0x7d, 0x1, {0x0, 0x42, 0x8, 0x2, {0x20, 0x3, 0x2}, 0x82140000, 0x0, 0xe28, 0x5, 0x7, '}+/\'-/$', 0x4, '.:\x19\xcc', 0x3, '#\\/', 0x1, '('}}, 0x49) (async) syz_open_dev$tty1(0xc, 0x4, 0x1) (async) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x7f, 0x11}, 0x7) 14:29:46 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0xa, 0x7f, 0x1}, 0x7) 14:29:46 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0xb, 0x7f, 0x1}, 0x7) 14:29:46 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x8000000000000000) 14:29:46 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0xb, 0x7f, 0x1}, 0x7) 14:29:46 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0xffffff7f00000000) [ 526.035995][ T2311] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 526.044379][ T2311] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 526.052327][ T2311] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 526.060273][ T2311] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 526.068230][ T2311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 526.076190][ T2311] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 526.084440][ T2311] blk-mq: reduced tag depth (128 -> 64) 14:29:46 executing program 1: syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x7f, 0x1}, 0x7) 14:29:46 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7ffff000, 0x7f, 0x1}, 0x7) 14:29:46 executing program 3: write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000040)={0x49, 0x7d, 0x1, {0x0, 0x42, 0x8, 0x2, {0x20, 0x3, 0x2}, 0x82140000, 0x0, 0xe28, 0x5, 0x7, '}+/\'-/$', 0x4, '.:\x19\xcc', 0x3, '#\\/', 0x1, '('}}, 0x49) syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x7f, 0x11}, 0x7) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000040)={0x49, 0x7d, 0x1, {0x0, 0x42, 0x8, 0x2, {0x20, 0x3, 0x2}, 0x82140000, 0x0, 0xe28, 0x5, 0x7, '}+/\'-/$', 0x4, '.:\x19\xcc', 0x3, '#\\/', 0x1, '('}}, 0x49) (async) syz_open_dev$tty1(0xc, 0x4, 0x1) (async) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x7f, 0x11}, 0x7) (async) [ 526.151476][ T2338] FAULT_INJECTION: forcing a failure. [ 526.151476][ T2338] name failslab, interval 1, probability 0, space 0, times 0 [ 526.165692][ T2338] CPU: 1 PID: 2338 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 526.175831][ T2338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 526.185951][ T2338] Call Trace: [ 526.189321][ T2338] dump_stack+0x18e/0x1de [ 526.193627][ T2338] should_fail+0x5d8/0x740 [ 526.198019][ T2338] ? sbitmap_queue_init_node+0x3db/0xbe0 [ 526.203640][ T2338] should_failslab+0x5/0x20 [ 526.208123][ T2338] kmem_cache_alloc_trace+0x39/0x2b0 [ 526.213382][ T2338] sbitmap_queue_init_node+0x3db/0xbe0 [ 526.218824][ T2338] blk_mq_init_tags+0x153/0x290 [ 526.223651][ T2338] blk_mq_alloc_rq_map+0x93/0x1a0 [ 526.228658][ T2338] blk_mq_alloc_tag_set+0x6bc/0xe60 [ 526.233837][ T2338] loop_add+0x22b/0x710 [ 526.237976][ T2338] ? radix_tree_lookup+0x1c0/0x1d0 [ 526.243073][ T2338] loop_control_ioctl+0x468/0x680 [ 526.248065][ T2338] ? xor_init+0x60/0x60 [ 526.252192][ T2338] do_vfs_ioctl+0x6fb/0x15b0 [ 526.256767][ T2338] __x64_sys_ioctl+0xd4/0x110 [ 526.261416][ T2338] do_syscall_64+0xcb/0x1e0 [ 526.265893][ T2338] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 526.271755][ T2338] RIP: 0033:0x7fe6f0f01059 [ 526.276233][ T2338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 14:29:46 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 9) 14:29:46 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0xffffffff00000000) 14:29:46 executing program 1: syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x7f, 0x1}, 0x7) 14:29:46 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0xb, 0x7f, 0x1}, 0x7) 14:29:46 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0xffffff9b, 0x7f, 0x1}, 0x7) 14:29:46 executing program 3: sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="000428bd7000fedbdf254400000008000c00030000000400cc0008006b000300000008006b00ff00000005001801110000000800a00002000000ac005a804400038014000300030005000100000105000008000003000800020029091930140005003f000200ff00c0210200fd6608000200080001001b30244805000700000000006400028014000500010006000002ff7f05000200008f09001400030005000800910102001f00e10281000300050006000100000005000600010000001400050001040900020001005f0505000008050014000300d506010000003d3c0600ff039a00090008006b0009000000"], 0xf4}, 0x1, 0x0, 0x0, 0x4008000}, 0x4) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wlan1\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x5c, r0, 0x300, 0x70bd2c, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_STA_VLAN={0x8, 0x14, r1}, @NL80211_ATTR_STA_FLAGS={0x8, 0x11, 0x0, 0x1, [@NL80211_STA_FLAG_ASSOCIATED={0x4}]}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x1f, 0x13, [{0x16, 0x1}, {0x60, 0x1}, {0x5}, {0xb, 0x1}, {0xc, 0x1}, {0x16, 0x1}, {0x18, 0x1}, {0x3, 0x1}, {0x48, 0x1}, {0x6c, 0x1}, {0x9, 0x1}, {0x6c, 0x1}, {0x24}, {0x0, 0x1}, {0x24}, {0xc, 0x1}, {0x16, 0x1}, {0x3}, {0x1}, {0x6}, {0xb, 0x1}, {0x16, 0x1}, {0x18}, {0x1, 0x1}, {0x36, 0x1}, {0x2}, {0x1b, 0x1}]}, @NL80211_ATTR_STA_VLAN={0x8, 0x14, r2}, @NL80211_ATTR_STA_TX_POWER={0x6, 0x114, 0x9}]}, 0x5c}, 0x1, 0x0, 0x0, 0x8000}, 0x40) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$gtp(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$GTP_CMD_DELPDP(r3, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x3c, r4, 0x100, 0x70bd2a, 0x25dfdbfe, {}, [@GTPA_O_TEI={0x8, 0x9, 0x3}, @GTPA_I_TEI={0x8, 0x8, 0x1}, @GTPA_FLOW={0x6, 0x6, 0x2}, @GTPA_O_TEI={0x8, 0x9, 0x1}, @GTPA_FLOW={0x6, 0x6, 0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20040001}, 0x20000040) syz_genetlink_get_family_id$batadv(&(0x7f0000000300), r3) syz_open_dev$tty1(0xc, 0x4, 0x1) 14:29:46 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0xffffffff, 0x7f, 0x1}, 0x7) 14:29:46 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0xffffffffffffffff) [ 526.295810][ T2338] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 526.304190][ T2338] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 526.312137][ T2338] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 526.320096][ T2338] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 526.328044][ T2338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 526.336011][ T2338] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 526.344368][ T2338] blk-mq: reduced tag depth (128 -> 64) 14:29:46 executing program 3: sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="000428bd7000fedbdf254400000008000c00030000000400cc0008006b000300000008006b00ff00000005001801110000000800a00002000000ac005a804400038014000300030005000100000105000008000003000800020029091930140005003f000200ff00c0210200fd6608000200080001001b30244805000700000000006400028014000500010006000002ff7f05000200008f09001400030005000800910102001f00e10281000300050006000100000005000600010000001400050001040900020001005f0505000008050014000300d506010000003d3c0600ff039a00090008006b0009000000"], 0xf4}, 0x1, 0x0, 0x0, 0x4008000}, 0x4) (async) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wlan1\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x5c, r0, 0x300, 0x70bd2c, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_STA_VLAN={0x8, 0x14, r1}, @NL80211_ATTR_STA_FLAGS={0x8, 0x11, 0x0, 0x1, [@NL80211_STA_FLAG_ASSOCIATED={0x4}]}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x1f, 0x13, [{0x16, 0x1}, {0x60, 0x1}, {0x5}, {0xb, 0x1}, {0xc, 0x1}, {0x16, 0x1}, {0x18, 0x1}, {0x3, 0x1}, {0x48, 0x1}, {0x6c, 0x1}, {0x9, 0x1}, {0x6c, 0x1}, {0x24}, {0x0, 0x1}, {0x24}, {0xc, 0x1}, {0x16, 0x1}, {0x3}, {0x1}, {0x6}, {0xb, 0x1}, {0x16, 0x1}, {0x18}, {0x1, 0x1}, {0x36, 0x1}, {0x2}, {0x1b, 0x1}]}, @NL80211_ATTR_STA_VLAN={0x8, 0x14, r2}, @NL80211_ATTR_STA_TX_POWER={0x6, 0x114, 0x9}]}, 0x5c}, 0x1, 0x0, 0x0, 0x8000}, 0x40) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$gtp(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$GTP_CMD_DELPDP(r3, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x3c, r4, 0x100, 0x70bd2a, 0x25dfdbfe, {}, [@GTPA_O_TEI={0x8, 0x9, 0x3}, @GTPA_I_TEI={0x8, 0x8, 0x1}, @GTPA_FLOW={0x6, 0x6, 0x2}, @GTPA_O_TEI={0x8, 0x9, 0x1}, @GTPA_FLOW={0x6, 0x6, 0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20040001}, 0x20000040) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000000300), r3) (async) syz_open_dev$tty1(0xc, 0x4, 0x1) 14:29:46 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0xb, 0x7f, 0x1}, 0x7) 14:29:46 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7, 0x1}, 0x7) 14:29:46 executing program 5: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000000)={0x10000, 0x6, 0x3f, 0x4, 0x7f, "79b1f075bd42518e2633d4beed2a8b32b072d0", 0xffff0001, 0x2}) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r1, 0x0, 0x0) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RREADLINK(r2, &(0x7f0000000140)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x8040, 0x0) ioctl$KDGKBENT(r3, 0x4b46, &(0x7f0000000080)={0x1, 0x4, 0x6}) [ 526.412360][ T2372] FAULT_INJECTION: forcing a failure. [ 526.412360][ T2372] name failslab, interval 1, probability 0, space 0, times 0 [ 526.425249][ T2372] CPU: 1 PID: 2372 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 526.435392][ T2372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 526.445422][ T2372] Call Trace: [ 526.448693][ T2372] dump_stack+0x18e/0x1de [ 526.453015][ T2372] should_fail+0x5d8/0x740 [ 526.457416][ T2372] ? blk_mq_alloc_rq_map+0xb3/0x1a0 [ 526.462677][ T2372] should_failslab+0x5/0x20 [ 526.467194][ T2372] __kmalloc+0x5f/0x2f0 [ 526.471350][ T2372] ? blk_mq_init_tags+0x209/0x290 [ 526.476347][ T2372] blk_mq_alloc_rq_map+0xb3/0x1a0 [ 526.481343][ T2372] blk_mq_alloc_tag_set+0x6bc/0xe60 [ 526.486529][ T2372] loop_add+0x22b/0x710 [ 526.490670][ T2372] ? radix_tree_lookup+0x1c0/0x1d0 [ 526.495765][ T2372] loop_control_ioctl+0x468/0x680 [ 526.500777][ T2372] ? xor_init+0x60/0x60 [ 526.504903][ T2372] do_vfs_ioctl+0x6fb/0x15b0 [ 526.509469][ T2372] __x64_sys_ioctl+0xd4/0x110 [ 526.514171][ T2372] do_syscall_64+0xcb/0x1e0 [ 526.518985][ T2372] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 526.524918][ T2372] RIP: 0033:0x7fe6f0f01059 [ 526.529310][ T2372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 526.553944][ T2372] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 14:29:47 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 10) 14:29:47 executing program 1: syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x7f, 0x1}, 0x7) 14:29:47 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x8, 0x1}, 0x7) 14:29:47 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:47 executing program 5: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r0, 0x0) (async) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000000)={0x10000, 0x6, 0x3f, 0x4, 0x7f, "79b1f075bd42518e2633d4beed2a8b32b072d0", 0xffff0001, 0x2}) (async) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r1, 0x0, 0x0) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RREADLINK(r2, &(0x7f0000000140)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10) (async) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x8040, 0x0) ioctl$KDGKBENT(r3, 0x4b46, &(0x7f0000000080)={0x1, 0x4, 0x6}) 14:29:47 executing program 3: sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="000428bd7000fedbdf254400000008000c00030000000400cc0008006b000300000008006b00ff00000005001801110000000800a00002000000ac005a804400038014000300030005000100000105000008000003000800020029091930140005003f000200ff00c0210200fd6608000200080001001b30244805000700000000006400028014000500010006000002ff7f05000200008f09001400030005000800910102001f00e10281000300050006000100000005000600010000001400050001040900020001005f0505000008050014000300d506010000003d3c0600ff039a00090008006b0009000000"], 0xf4}, 0x1, 0x0, 0x0, 0x4008000}, 0x4) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wlan1\x00', 0x0}) (async) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x5c, r0, 0x300, 0x70bd2c, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_STA_VLAN={0x8, 0x14, r1}, @NL80211_ATTR_STA_FLAGS={0x8, 0x11, 0x0, 0x1, [@NL80211_STA_FLAG_ASSOCIATED={0x4}]}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x1f, 0x13, [{0x16, 0x1}, {0x60, 0x1}, {0x5}, {0xb, 0x1}, {0xc, 0x1}, {0x16, 0x1}, {0x18, 0x1}, {0x3, 0x1}, {0x48, 0x1}, {0x6c, 0x1}, {0x9, 0x1}, {0x6c, 0x1}, {0x24}, {0x0, 0x1}, {0x24}, {0xc, 0x1}, {0x16, 0x1}, {0x3}, {0x1}, {0x6}, {0xb, 0x1}, {0x16, 0x1}, {0x18}, {0x1, 0x1}, {0x36, 0x1}, {0x2}, {0x1b, 0x1}]}, @NL80211_ATTR_STA_VLAN={0x8, 0x14, r2}, @NL80211_ATTR_STA_TX_POWER={0x6, 0x114, 0x9}]}, 0x5c}, 0x1, 0x0, 0x0, 0x8000}, 0x40) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) (async) r4 = syz_genetlink_get_family_id$gtp(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$GTP_CMD_DELPDP(r3, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x3c, r4, 0x100, 0x70bd2a, 0x25dfdbfe, {}, [@GTPA_O_TEI={0x8, 0x9, 0x3}, @GTPA_I_TEI={0x8, 0x8, 0x1}, @GTPA_FLOW={0x6, 0x6, 0x2}, @GTPA_O_TEI={0x8, 0x9, 0x1}, @GTPA_FLOW={0x6, 0x6, 0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20040001}, 0x20000040) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000000300), r3) syz_open_dev$tty1(0xc, 0x4, 0x1) 14:29:47 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x9, 0x1}, 0x7) 14:29:47 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:47 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:47 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0xa, 0x1}, 0x7) [ 526.562439][ T2372] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 526.570385][ T2372] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 526.579161][ T2372] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 526.587123][ T2372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 526.595082][ T2372] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 526.603811][ T2372] blk-mq: reduced tag depth (128 -> 64) 14:29:47 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:47 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0xb, 0x1}, 0x7) [ 526.693767][ T2415] FAULT_INJECTION: forcing a failure. [ 526.693767][ T2415] name failslab, interval 1, probability 0, space 0, times 0 [ 526.706877][ T2415] CPU: 0 PID: 2415 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 526.717166][ T2415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 526.727198][ T2415] Call Trace: [ 526.730462][ T2415] dump_stack+0x18e/0x1de [ 526.734866][ T2415] should_fail+0x5d8/0x740 [ 526.739267][ T2415] ? blk_mq_alloc_rq_map+0xe9/0x1a0 [ 526.744442][ T2415] should_failslab+0x5/0x20 [ 526.748925][ T2415] __kmalloc+0x5f/0x2f0 [ 526.753053][ T2415] ? blk_mq_alloc_rq_map+0xb3/0x1a0 [ 526.758240][ T2415] blk_mq_alloc_rq_map+0xe9/0x1a0 [ 526.763241][ T2415] blk_mq_alloc_tag_set+0x6bc/0xe60 [ 526.768414][ T2415] loop_add+0x22b/0x710 [ 526.772541][ T2415] ? radix_tree_lookup+0x1c0/0x1d0 [ 526.777644][ T2415] loop_control_ioctl+0x468/0x680 [ 526.782638][ T2415] ? xor_init+0x60/0x60 [ 526.786773][ T2415] do_vfs_ioctl+0x6fb/0x15b0 [ 526.791479][ T2415] __x64_sys_ioctl+0xd4/0x110 [ 526.796136][ T2415] do_syscall_64+0xcb/0x1e0 [ 526.800701][ T2415] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 526.806578][ T2415] RIP: 0033:0x7fe6f0f01059 [ 526.811052][ T2415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 526.830633][ T2415] RSP: 002b:00007fe6f0056168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 14:29:47 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 11) 14:29:47 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:47 executing program 5: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r0, 0x0) (async) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000000)={0x10000, 0x6, 0x3f, 0x4, 0x7f, "79b1f075bd42518e2633d4beed2a8b32b072d0", 0xffff0001, 0x2}) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r1, 0x0, 0x0) (async) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RREADLINK(r2, &(0x7f0000000140)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10) (async) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x8040, 0x0) ioctl$KDGKBENT(r3, 0x4b46, &(0x7f0000000080)={0x1, 0x4, 0x6}) 14:29:47 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f0000000040)={0xfffffffffffffd73, 0x7f, 0x2}, 0xfffffffffffffeca) write$P9_RMKDIR(0xffffffffffffffff, &(0x7f0000000000)={0x14, 0x49, 0x2, {0x40, 0x3, 0x3}}, 0x14) 14:29:47 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0xc, 0x1}, 0x7) 14:29:47 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:47 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0xa}, 0x7) 14:29:47 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0xd, 0x1}, 0x7) [ 526.839019][ T2415] RAX: ffffffffffffffda RBX: 00007fe6f1014030 RCX: 00007fe6f0f01059 [ 526.847224][ T2415] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 526.855348][ T2415] RBP: 00007fe6f00561d0 R08: 0000000000000000 R09: 0000000000000000 [ 526.863291][ T2415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 526.871239][ T2415] R13: 00007ffff4cae1af R14: 00007fe6f0056300 R15: 0000000000022000 [ 526.880011][ T2415] blk-mq: reduced tag depth (128 -> 64) 14:29:47 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f0000000040)={0xfffffffffffffd73, 0x7f, 0x2}, 0xfffffffffffffeca) write$P9_RMKDIR(0xffffffffffffffff, &(0x7f0000000000)={0x14, 0x49, 0x2, {0x40, 0x3, 0x3}}, 0x14) syz_open_dev$tty1(0xc, 0x4, 0x1) (async) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f0000000040)={0xfffffffffffffd73, 0x7f, 0x2}, 0xfffffffffffffeca) (async) write$P9_RMKDIR(0xffffffffffffffff, &(0x7f0000000000)={0x14, 0x49, 0x2, {0x40, 0x3, 0x3}}, 0x14) (async) 14:29:47 executing program 5: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_PEER_REMOVE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={0x2c, r0, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0x4}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ADDR={0x8}]}]}, 0x2c}}, 0x0) sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000040)={0x19c, r0, 0x20, 0x70bd26, 0x25dfdbfe, {}, [@TIPC_NLA_NODE={0x24, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7fff}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x9}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x6}]}, @TIPC_NLA_NODE={0x10, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x5}]}, @TIPC_NLA_BEARER={0xe0, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @multicast2}}, {0x14, 0x2, @in={0x2, 0x4e23, @remote}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x7, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x9}}, {0x14, 0x2, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1d}}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0xf1, @local}}, {0x14, 0x2, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x3c}}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2f}}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x1000, @remote, 0xfffffffa}}}}]}, @TIPC_NLA_LINK={0x74, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xa696}]}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x101}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffff9}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}]}, 0x19c}, 0x1, 0x0, 0x0, 0x40000}, 0x4040) r2 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r2, 0x0, 0x0) 14:29:47 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0xa, 0x1}, 0x7) 14:29:47 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0xb}, 0x7) [ 526.952783][ T2426] FAULT_INJECTION: forcing a failure. [ 526.952783][ T2426] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 526.967087][ T2426] CPU: 0 PID: 2426 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 526.977245][ T2426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 526.987445][ T2426] Call Trace: [ 526.990707][ T2426] dump_stack+0x18e/0x1de [ 526.995010][ T2426] should_fail+0x5d8/0x740 [ 526.999400][ T2426] __alloc_pages_nodemask+0x12e/0x740 [ 527.004741][ T2426] blk_mq_alloc_rqs+0x252/0x660 [ 527.009563][ T2426] ? blk_mq_alloc_rq_map+0x11a/0x1a0 [ 527.014817][ T2426] blk_mq_alloc_tag_set+0x74b/0xe60 [ 527.019985][ T2426] loop_add+0x22b/0x710 [ 527.024111][ T2426] ? radix_tree_lookup+0x1c0/0x1d0 [ 527.029189][ T2426] loop_control_ioctl+0x468/0x680 [ 527.034190][ T2426] ? xor_init+0x60/0x60 [ 527.038315][ T2426] do_vfs_ioctl+0x6fb/0x15b0 [ 527.042930][ T2426] __x64_sys_ioctl+0xd4/0x110 [ 527.047583][ T2426] do_syscall_64+0xcb/0x1e0 [ 527.052068][ T2426] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 527.057932][ T2426] RIP: 0033:0x7fe6f0f01059 [ 527.062489][ T2426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 527.082075][ T2426] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 527.090454][ T2426] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 14:29:47 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 12) 14:29:47 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0xa, 0x1}, 0x7) 14:29:47 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0xe, 0x1}, 0x7) 14:29:47 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x1) (async) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f0000000040)={0xfffffffffffffd73, 0x7f, 0x2}, 0xfffffffffffffeca) (async) write$P9_RMKDIR(0xffffffffffffffff, &(0x7f0000000000)={0x14, 0x49, 0x2, {0x40, 0x3, 0x3}}, 0x14) 14:29:47 executing program 5: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_PEER_REMOVE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={0x2c, r0, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0x4}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ADDR={0x8}]}]}, 0x2c}}, 0x0) sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000040)={0x19c, r0, 0x20, 0x70bd26, 0x25dfdbfe, {}, [@TIPC_NLA_NODE={0x24, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7fff}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x9}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x6}]}, @TIPC_NLA_NODE={0x10, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x5}]}, @TIPC_NLA_BEARER={0xe0, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @multicast2}}, {0x14, 0x2, @in={0x2, 0x4e23, @remote}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x7, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x9}}, {0x14, 0x2, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1d}}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0xf1, @local}}, {0x14, 0x2, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x3c}}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2f}}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x1000, @remote, 0xfffffffa}}}}]}, @TIPC_NLA_LINK={0x74, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xa696}]}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x101}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffff9}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}]}, 0x19c}, 0x1, 0x0, 0x0, 0x40000}, 0x4040) r2 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r2, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$TIPC_NL_PEER_REMOVE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={0x2c, r0, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0x4}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ADDR={0x8}]}]}, 0x2c}}, 0x0) (async) sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000040)={0x19c, r0, 0x20, 0x70bd26, 0x25dfdbfe, {}, [@TIPC_NLA_NODE={0x24, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7fff}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x9}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x6}]}, @TIPC_NLA_NODE={0x10, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x5}]}, @TIPC_NLA_BEARER={0xe0, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @multicast2}}, {0x14, 0x2, @in={0x2, 0x4e23, @remote}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x7, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x9}}, {0x14, 0x2, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1d}}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0xf1, @local}}, {0x14, 0x2, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x3c}}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2f}}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x1000, @remote, 0xfffffffa}}}}]}, @TIPC_NLA_LINK={0x74, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xa696}]}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x101}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffff9}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}]}, 0x19c}, 0x1, 0x0, 0x0, 0x40000}, 0x4040) (async) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) write$P9_RWSTAT(r2, 0x0, 0x0) (async) 14:29:47 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0xd, 0x1}, 0x7) 14:29:47 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0xd, 0x1}, 0x7) 14:29:47 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0xf, 0x1}, 0x7) 14:29:47 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0xa, 0x1}, 0x7) 14:29:47 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x541c, &(0x7f0000000000)) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0x64, r2, 0x20, 0x70bd27, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_KEY_DEFAULT_TYPES={0x1c, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x2}, @NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "4f14fb389b"}, @NL80211_ATTR_KEY_DEFAULT={0x4}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x14, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}]}, @NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x2}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000840}, 0x4000001) 14:29:47 executing program 5: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_PEER_REMOVE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={0x2c, r0, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0x4}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ADDR={0x8}]}]}, 0x2c}}, 0x0) sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000040)={0x19c, r0, 0x20, 0x70bd26, 0x25dfdbfe, {}, [@TIPC_NLA_NODE={0x24, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7fff}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x9}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x6}]}, @TIPC_NLA_NODE={0x10, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x5}]}, @TIPC_NLA_BEARER={0xe0, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @multicast2}}, {0x14, 0x2, @in={0x2, 0x4e23, @remote}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x7, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x9}}, {0x14, 0x2, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1d}}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0xf1, @local}}, {0x14, 0x2, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x3c}}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2f}}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x1000, @remote, 0xfffffffa}}}}]}, @TIPC_NLA_LINK={0x74, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xa696}]}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x101}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffff9}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}]}, 0x19c}, 0x1, 0x0, 0x0, 0x40000}, 0x4040) r2 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r2, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$TIPC_NL_PEER_REMOVE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={0x2c, r0, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0x4}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ADDR={0x8}]}]}, 0x2c}}, 0x0) (async) sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000040)={0x19c, r0, 0x20, 0x70bd26, 0x25dfdbfe, {}, [@TIPC_NLA_NODE={0x24, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7fff}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x9}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x6}]}, @TIPC_NLA_NODE={0x10, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x5}]}, @TIPC_NLA_BEARER={0xe0, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @multicast2}}, {0x14, 0x2, @in={0x2, 0x4e23, @remote}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x7, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x9}}, {0x14, 0x2, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1d}}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0xf1, @local}}, {0x14, 0x2, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x3c}}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2f}}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x1000, @remote, 0xfffffffa}}}}]}, @TIPC_NLA_LINK={0x74, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xa696}]}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x101}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffff9}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}]}, 0x19c}, 0x1, 0x0, 0x0, 0x40000}, 0x4040) (async) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) write$P9_RWSTAT(r2, 0x0, 0x0) (async) [ 527.098398][ T2426] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 527.106339][ T2426] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 527.114277][ T2426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 527.122225][ T2426] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 14:29:47 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x18, 0x1}, 0x7) [ 527.192118][ T2454] FAULT_INJECTION: forcing a failure. [ 527.192118][ T2454] name failslab, interval 1, probability 0, space 0, times 0 [ 527.205283][ T2454] CPU: 1 PID: 2454 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 527.215421][ T2454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 527.215426][ T2454] Call Trace: [ 527.215453][ T2454] dump_stack+0x18e/0x1de [ 527.233047][ T2454] should_fail+0x5d8/0x740 [ 527.237442][ T2454] ? blk_alloc_queue_node+0x2c/0x570 [ 527.242706][ T2454] should_failslab+0x5/0x20 [ 527.247187][ T2454] kmem_cache_alloc+0x36/0x290 [ 527.252026][ T2454] ? __mutex_init+0x9d/0xf0 [ 527.256503][ T2454] blk_alloc_queue_node+0x2c/0x570 [ 527.261609][ T2454] blk_mq_init_queue+0x33/0xa0 [ 527.266343][ T2454] loop_add+0x256/0x710 [ 527.270470][ T2454] ? radix_tree_lookup+0x1c0/0x1d0 [ 527.275650][ T2454] loop_control_ioctl+0x468/0x680 [ 527.280644][ T2454] ? xor_init+0x60/0x60 [ 527.284773][ T2454] do_vfs_ioctl+0x6fb/0x15b0 [ 527.289337][ T2454] __x64_sys_ioctl+0xd4/0x110 [ 527.293985][ T2454] do_syscall_64+0xcb/0x1e0 [ 527.298456][ T2454] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 527.304324][ T2454] RIP: 0033:0x7fe6f0f01059 [ 527.308735][ T2454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 527.328313][ T2454] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 14:29:47 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 13) 14:29:47 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0xd, 0x1}, 0x7) 14:29:47 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x541c, &(0x7f0000000000)) (async, rerun: 32) r1 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0x64, r2, 0x20, 0x70bd27, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_KEY_DEFAULT_TYPES={0x1c, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x2}, @NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "4f14fb389b"}, @NL80211_ATTR_KEY_DEFAULT={0x4}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x14, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}]}, @NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x2}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000840}, 0x4000001) 14:29:47 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x1a, 0x1}, 0x7) 14:29:47 executing program 1: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0xa, 0x1}, 0x7) 14:29:47 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) ioctl$TIOCGPTPEER(r1, 0x5441, 0x7) write$P9_RWSTAT(r0, 0x0, 0x0) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r2, 0x0) ioctl$TIOCL_PASTESEL(r2, 0x541c, &(0x7f0000000000)) pipe2$9p(&(0x7f0000000040), 0x80800) 14:29:47 executing program 2: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0xd, 0x1}, 0x7) [ 527.336692][ T2454] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 527.344648][ T2454] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 527.352761][ T2454] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 527.360717][ T2454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 527.368656][ T2454] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 14:29:47 executing program 2: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0xd, 0x1}, 0x7) 14:29:47 executing program 1: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0xa, 0x1}, 0x7) 14:29:47 executing program 2: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0xd, 0x1}, 0x7) 14:29:47 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x1b, 0x1}, 0x7) 14:29:47 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) (async) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) (async) ioctl$TIOCGPTPEER(r1, 0x5441, 0x7) write$P9_RWSTAT(r0, 0x0, 0x0) (async) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r2, 0x0) (async, rerun: 64) ioctl$TIOCL_PASTESEL(r2, 0x541c, &(0x7f0000000000)) (async, rerun: 64) pipe2$9p(&(0x7f0000000040), 0x80800) [ 527.401041][ T2491] FAULT_INJECTION: forcing a failure. [ 527.401041][ T2491] name failslab, interval 1, probability 0, space 0, times 0 [ 527.429853][ T2491] CPU: 1 PID: 2491 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 527.440020][ T2491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 527.440023][ T2491] Call Trace: [ 527.440039][ T2491] dump_stack+0x18e/0x1de [ 527.440051][ T2491] should_fail+0x5d8/0x740 [ 527.440066][ T2491] ? mempool_init_node+0x131/0x500 [ 527.467270][ T2491] should_failslab+0x5/0x20 [ 527.467281][ T2491] __kmalloc+0x5f/0x2f0 [ 527.467297][ T2491] mempool_init_node+0x131/0x500 [ 527.480940][ T2491] ? ida_alloc_range+0x8e5/0x940 [ 527.480955][ T2491] ? mempool_free+0x380/0x380 [ 527.490648][ T2491] ? mempool_alloc_slab+0x20/0x20 [ 527.490655][ T2491] mempool_init+0x35/0x50 [ 527.490669][ T2491] bioset_init+0x465/0x610 [ 527.504365][ T2491] blk_alloc_queue_node+0xc4/0x570 [ 527.504378][ T2491] blk_mq_init_queue+0x33/0xa0 [ 527.514205][ T2491] loop_add+0x256/0x710 [ 527.514220][ T2491] ? radix_tree_lookup+0x1c0/0x1d0 [ 527.523451][ T2491] loop_control_ioctl+0x468/0x680 [ 527.528635][ T2491] ? xor_init+0x60/0x60 [ 527.532763][ T2491] do_vfs_ioctl+0x6fb/0x15b0 [ 527.537333][ T2491] __x64_sys_ioctl+0xd4/0x110 [ 527.541980][ T2491] do_syscall_64+0xcb/0x1e0 [ 527.546460][ T2491] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 527.552323][ T2491] RIP: 0033:0x7fe6f0f01059 [ 527.556717][ T2491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 527.576304][ T2491] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 527.584687][ T2491] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 527.592631][ T2491] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 14:29:48 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 14) 14:29:48 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x541c, &(0x7f0000000000)) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) (rerun: 32) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0x64, r2, 0x20, 0x70bd27, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_KEY_DEFAULT_TYPES={0x1c, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x2}, @NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "4f14fb389b"}, @NL80211_ATTR_KEY_DEFAULT={0x4}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x14, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}]}, @NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x2}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000840}, 0x4000001) 14:29:48 executing program 1: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0xa, 0x1}, 0x7) 14:29:48 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x7}, 0x7) 14:29:48 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) ioctl$TIOCGPTPEER(r1, 0x5441, 0x7) (async) write$P9_RWSTAT(r0, 0x0, 0x0) (async) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r2, 0x0) (async) ioctl$TIOCL_PASTESEL(r2, 0x541c, &(0x7f0000000000)) (async) pipe2$9p(&(0x7f0000000040), 0x80800) 14:29:48 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0xd, 0x1}, 0x7) [ 527.600577][ T2491] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 527.608528][ T2491] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 527.616491][ T2491] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 14:29:48 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0xd, 0x1}, 0x7) 14:29:48 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x8}, 0x7) 14:29:48 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0xa, 0x1}, 0x7) [ 527.642591][ T2516] FAULT_INJECTION: forcing a failure. [ 527.642591][ T2516] name failslab, interval 1, probability 0, space 0, times 0 [ 527.675327][ T2516] CPU: 1 PID: 2516 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 14:29:48 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x3) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, 0x0, 0x0) pipe2$9p(&(0x7f0000000000), 0x80000) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) write$P9_RWSTAT(r1, 0x0, 0xffffffa2) 14:29:48 executing program 3: pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, 0x0, 0x0) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:48 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0xd, 0x1}, 0x7) 14:29:48 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 15) 14:29:48 executing program 3: pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, 0x0, 0x0) (async) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) [ 527.685480][ T2516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 527.695522][ T2516] Call Trace: [ 527.698806][ T2516] dump_stack+0x18e/0x1de [ 527.698819][ T2516] should_fail+0x5d8/0x740 [ 527.698830][ T2516] ? mempool_alloc_slab+0x16/0x20 [ 527.698839][ T2516] should_failslab+0x5/0x20 [ 527.698848][ T2516] kmem_cache_alloc+0x36/0x290 [ 527.698856][ T2516] ? __kmalloc+0x174/0x2f0 14:29:48 executing program 3: pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, 0x0, 0x0) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:48 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) write$P9_RRENAME(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x15, 0x1}, 0x7) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4400) write$P9_RLINK(r1, 0x0, 0x0) write$P9_RAUTH(r1, &(0x7f0000000000)={0x14, 0x67, 0x2, {0x8}}, 0x14) [ 527.698863][ T2516] ? mempool_init_node+0x131/0x500 [ 527.698871][ T2516] mempool_alloc_slab+0x16/0x20 [ 527.698878][ T2516] ? mempool_free+0x380/0x380 [ 527.698885][ T2516] mempool_init_node+0x1f6/0x500 [ 527.698894][ T2516] ? mempool_free+0x380/0x380 [ 527.698900][ T2516] ? mempool_alloc_slab+0x20/0x20 [ 527.698907][ T2516] mempool_init+0x35/0x50 [ 527.698915][ T2516] bioset_init+0x465/0x610 [ 527.698925][ T2516] blk_alloc_queue_node+0xc4/0x570 [ 527.698934][ T2516] blk_mq_init_queue+0x33/0xa0 [ 527.698942][ T2516] loop_add+0x256/0x710 [ 527.698951][ T2516] ? radix_tree_lookup+0x1c0/0x1d0 [ 527.698959][ T2516] loop_control_ioctl+0x468/0x680 [ 527.698966][ T2516] ? xor_init+0x60/0x60 [ 527.698975][ T2516] do_vfs_ioctl+0x6fb/0x15b0 [ 527.698988][ T2516] __x64_sys_ioctl+0xd4/0x110 [ 527.698997][ T2516] do_syscall_64+0xcb/0x1e0 [ 527.699006][ T2516] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 527.699014][ T2516] RIP: 0033:0x7fe6f0f01059 [ 527.699022][ T2516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 527.699027][ T2516] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 527.699036][ T2516] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 527.699040][ T2516] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 527.699045][ T2516] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 527.699049][ T2516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 14:29:48 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x9}, 0x7) 14:29:48 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0xd, 0x1}, 0x7) 14:29:48 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) write$P9_RRENAME(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x15, 0x1}, 0x7) (async) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4400) write$P9_RLINK(r1, 0x0, 0x0) write$P9_RAUTH(r1, &(0x7f0000000000)={0x14, 0x67, 0x2, {0x8}}, 0x14) [ 527.699053][ T2516] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 527.726965][ T2541] FAULT_INJECTION: forcing a failure. [ 527.726965][ T2541] name failslab, interval 1, probability 0, space 0, times 0 [ 527.912317][ T2541] CPU: 1 PID: 2541 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 527.922471][ T2541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 527.922474][ T2541] Call Trace: [ 527.922488][ T2541] dump_stack+0x18e/0x1de 14:29:48 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 16) [ 527.922499][ T2541] should_fail+0x5d8/0x740 [ 527.922508][ T2541] ? mempool_alloc_slab+0x16/0x20 [ 527.922516][ T2541] should_failslab+0x5/0x20 [ 527.922524][ T2541] kmem_cache_alloc+0x36/0x290 [ 527.922531][ T2541] ? __kmalloc+0x174/0x2f0 [ 527.922537][ T2541] ? mempool_init_node+0x131/0x500 [ 527.922544][ T2541] mempool_alloc_slab+0x16/0x20 [ 527.922550][ T2541] ? mempool_free+0x380/0x380 [ 527.922556][ T2541] mempool_init_node+0x1f6/0x500 [ 527.922564][ T2541] ? mempool_free+0x380/0x380 [ 527.922571][ T2541] ? mempool_alloc_slab+0x20/0x20 [ 527.922576][ T2541] mempool_init+0x35/0x50 [ 527.922584][ T2541] bioset_init+0x465/0x610 [ 527.922594][ T2541] blk_alloc_queue_node+0xc4/0x570 [ 527.922602][ T2541] blk_mq_init_queue+0x33/0xa0 [ 527.922609][ T2541] loop_add+0x256/0x710 [ 527.922617][ T2541] ? radix_tree_lookup+0x1c0/0x1d0 [ 527.922624][ T2541] loop_control_ioctl+0x468/0x680 [ 527.922631][ T2541] ? xor_init+0x60/0x60 [ 527.922639][ T2541] do_vfs_ioctl+0x6fb/0x15b0 [ 527.922650][ T2541] __x64_sys_ioctl+0xd4/0x110 [ 527.922658][ T2541] do_syscall_64+0xcb/0x1e0 [ 527.922667][ T2541] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 527.922674][ T2541] RIP: 0033:0x7fe6f0f01059 [ 527.922683][ T2541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 527.922686][ T2541] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 527.922694][ T2541] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 527.922699][ T2541] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 527.922703][ T2541] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 527.922707][ T2541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 527.922711][ T2541] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 527.989535][ T2555] FAULT_INJECTION: forcing a failure. [ 527.989535][ T2555] name failslab, interval 1, probability 0, space 0, times 0 [ 528.138501][ T2555] CPU: 1 PID: 2555 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 528.148642][ T2555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 528.148645][ T2555] Call Trace: [ 528.148661][ T2555] dump_stack+0x18e/0x1de [ 528.148672][ T2555] should_fail+0x5d8/0x740 [ 528.148687][ T2555] ? mempool_init_node+0x131/0x500 [ 528.175732][ T2555] should_failslab+0x5/0x20 [ 528.175743][ T2555] __kmalloc+0x5f/0x2f0 [ 528.175752][ T2555] ? mempool_init_node+0x131/0x500 [ 528.175765][ T2555] mempool_init_node+0x131/0x500 [ 528.194373][ T2555] ? mempool_free+0x380/0x380 [ 528.199016][ T2555] ? mempool_alloc_slab+0x20/0x20 [ 528.204006][ T2555] mempool_init+0x35/0x50 [ 528.208306][ T2555] bioset_init+0x4da/0x610 [ 528.212699][ T2555] blk_alloc_queue_node+0xc4/0x570 [ 528.217781][ T2555] blk_mq_init_queue+0x33/0xa0 [ 528.222598][ T2555] loop_add+0x256/0x710 [ 528.226734][ T2555] ? radix_tree_lookup+0x1c0/0x1d0 [ 528.231814][ T2555] loop_control_ioctl+0x468/0x680 [ 528.238543][ T2555] ? xor_init+0x60/0x60 [ 528.242678][ T2555] do_vfs_ioctl+0x6fb/0x15b0 [ 528.247238][ T2555] __x64_sys_ioctl+0xd4/0x110 [ 528.251884][ T2555] do_syscall_64+0xcb/0x1e0 [ 528.256357][ T2555] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 528.262225][ T2555] RIP: 0033:0x7fe6f0f01059 [ 528.266611][ T2555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 528.286178][ T2555] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 14:29:48 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0xa, 0x1}, 0x7) 14:29:48 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x3) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, 0x0, 0x0) (async) pipe2$9p(&(0x7f0000000000), 0x80000) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) write$P9_RWSTAT(r1, 0x0, 0xffffffa2) 14:29:48 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async, rerun: 32) write$P9_RRENAME(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x15, 0x1}, 0x7) (rerun: 32) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4400) write$P9_RLINK(r1, 0x0, 0x0) write$P9_RAUTH(r1, &(0x7f0000000000)={0x14, 0x67, 0x2, {0x8}}, 0x14) 14:29:48 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0xa}, 0x7) 14:29:48 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:48 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 17) 14:29:48 executing program 1: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0xa, 0x1}, 0x7) 14:29:48 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0xb}, 0x7) 14:29:48 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:48 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x3) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, 0x0, 0x0) pipe2$9p(&(0x7f0000000000), 0x80000) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) write$P9_RWSTAT(r1, 0x0, 0xffffffa2) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) pipe2$9p(&(0x7f0000000400), 0x0) (async) write$P9_RLINK(r0, 0x0, 0x0) (async) pipe2$9p(&(0x7f0000000000), 0x80000) (async) pipe2$9p(&(0x7f0000000040), 0x80800) (async) write$P9_RWSTAT(r1, 0x0, 0xffffffa2) (async) [ 528.294569][ T2555] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 528.302506][ T2555] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 528.310443][ T2555] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 528.318383][ T2555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 528.326320][ T2555] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 14:29:48 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x1) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, 0x0, 0x0) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x2}, 0x7) 14:29:48 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x1) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, 0x0, 0x0) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x2}, 0x7) syz_open_dev$tty1(0xc, 0x4, 0x1) (async) pipe2$9p(&(0x7f0000000400), 0x0) (async) write$P9_RLINK(r0, 0x0, 0x0) (async) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x2}, 0x7) (async) [ 528.375448][ T2576] FAULT_INJECTION: forcing a failure. [ 528.375448][ T2576] name failslab, interval 1, probability 0, space 0, times 0 [ 528.388703][ T2576] CPU: 1 PID: 2576 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 528.398847][ T2576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 528.398851][ T2576] Call Trace: [ 528.398871][ T2576] dump_stack+0x18e/0x1de [ 528.416481][ T2576] should_fail+0x5d8/0x740 [ 528.416499][ T2576] ? mempool_alloc_slab+0x16/0x20 14:29:48 executing program 1: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0xa, 0x1}, 0x7) 14:29:48 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0xc}, 0x7) 14:29:48 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 18) 14:29:48 executing program 5: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) syz_clone3(&(0x7f0000000280)={0x40000000, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0)=0x0, {0x19}, &(0x7f0000000100)=""/73, 0x49, &(0x7f0000000180)=""/164, &(0x7f0000000240)=[0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff], 0x4}, 0x58) write$P9_RGETLOCK(r0, &(0x7f0000000440)=ANY=[@ANYBLOB="22000000370200010700002000000000ff0100000000000021814a5fb79fa2693de1251a76ab71ae59eba9fd78f4d6954d2d828eb8cef7cdf1c9e6ad57b36cfa22ec8503ac903f725c2914faac874a60575a2723873b62c9850de4dc5e8abbf16bf7b095de43639946baea15af2c4d1e291a5ef42ea723e4fd9354f6dd815e87c42771b4843fc26df8aee3b23e6c8bacaa535d649541a4b6a7749cf0f8f4783660a46af8163756d354e1a35cd405b32b0fd8add85d635f1b0c056d611b264219ea686e069145bf220eb6b2f81a8851b9164579ae7093aeb4015f070667027671217948e8cd4b7b436202bdf782e5583b2ad06c4cbf200057106322ab98810106e12516716f49bd0650fde275e03c0500", @ANYRES32=r1, @ANYBLOB="04007d275c5b"], 0x22) r2 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r2, 0x0, 0x0) [ 528.425903][ T2576] should_failslab+0x5/0x20 [ 528.425915][ T2576] kmem_cache_alloc+0x36/0x290 [ 528.425924][ T2576] ? __kmalloc+0x174/0x2f0 [ 528.425933][ T2576] ? mempool_init_node+0x131/0x500 [ 528.425941][ T2576] mempool_alloc_slab+0x16/0x20 [ 528.425948][ T2576] ? mempool_free+0x380/0x380 [ 528.425955][ T2576] mempool_init_node+0x1f6/0x500 [ 528.425963][ T2576] ? mempool_free+0x380/0x380 [ 528.425970][ T2576] ? mempool_alloc_slab+0x20/0x20 [ 528.425976][ T2576] mempool_init+0x35/0x50 [ 528.425984][ T2576] bioset_init+0x4da/0x610 [ 528.425993][ T2576] blk_alloc_queue_node+0xc4/0x570 [ 528.426001][ T2576] blk_mq_init_queue+0x33/0xa0 [ 528.426008][ T2576] loop_add+0x256/0x710 [ 528.426016][ T2576] ? radix_tree_lookup+0x1c0/0x1d0 [ 528.426022][ T2576] loop_control_ioctl+0x468/0x680 [ 528.426028][ T2576] ? xor_init+0x60/0x60 [ 528.426037][ T2576] do_vfs_ioctl+0x6fb/0x15b0 [ 528.426047][ T2576] __x64_sys_ioctl+0xd4/0x110 [ 528.426056][ T2576] do_syscall_64+0xcb/0x1e0 [ 528.426065][ T2576] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 528.426071][ T2576] RIP: 0033:0x7fe6f0f01059 [ 528.426080][ T2576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 528.426084][ T2576] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 528.426092][ T2576] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 528.426097][ T2576] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 528.426101][ T2576] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 528.426105][ T2576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 528.426110][ T2576] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 528.446658][ T2599] FAULT_INJECTION: forcing a failure. [ 528.446658][ T2599] name failslab, interval 1, probability 0, space 0, times 0 [ 528.617080][ T2599] CPU: 1 PID: 2599 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 14:29:49 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:49 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x1) (async) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, 0x0, 0x0) (async) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x2}, 0x7) 14:29:49 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0xd}, 0x7) 14:29:49 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 19) 14:29:49 executing program 1: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0xa, 0x1}, 0x7) [ 528.617091][ T2599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 528.637351][ T2599] Call Trace: [ 528.637368][ T2599] dump_stack+0x18e/0x1de [ 528.637382][ T2599] should_fail+0x5d8/0x740 [ 528.637394][ T2599] ? mempool_alloc_slab+0x16/0x20 [ 528.637405][ T2599] should_failslab+0x5/0x20 [ 528.637415][ T2599] kmem_cache_alloc+0x36/0x290 [ 528.637424][ T2599] ? __kmalloc+0x174/0x2f0 [ 528.637432][ T2599] ? mempool_init_node+0x131/0x500 [ 528.637442][ T2599] mempool_alloc_slab+0x16/0x20 [ 528.637450][ T2599] ? mempool_free+0x380/0x380 [ 528.637458][ T2599] mempool_init_node+0x1f6/0x500 [ 528.637470][ T2599] ? mempool_free+0x380/0x380 [ 528.637478][ T2599] ? mempool_alloc_slab+0x20/0x20 [ 528.637486][ T2599] mempool_init+0x35/0x50 [ 528.637497][ T2599] bioset_init+0x4da/0x610 [ 528.637510][ T2599] blk_alloc_queue_node+0xc4/0x570 [ 528.637524][ T2599] blk_mq_init_queue+0x33/0xa0 [ 528.637534][ T2599] loop_add+0x256/0x710 [ 528.637543][ T2599] ? radix_tree_lookup+0x1c0/0x1d0 [ 528.637552][ T2599] loop_control_ioctl+0x468/0x680 [ 528.637560][ T2599] ? xor_init+0x60/0x60 [ 528.637571][ T2599] do_vfs_ioctl+0x6fb/0x15b0 [ 528.637585][ T2599] __x64_sys_ioctl+0xd4/0x110 [ 528.637595][ T2599] do_syscall_64+0xcb/0x1e0 [ 528.637606][ T2599] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 528.637614][ T2599] RIP: 0033:0x7fe6f0f01059 [ 528.637624][ T2599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 528.637629][ T2599] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 528.637639][ T2599] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 528.637644][ T2599] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 528.637649][ T2599] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 528.637655][ T2599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 528.637660][ T2599] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 528.667383][ T2617] FAULT_INJECTION: forcing a failure. [ 528.667383][ T2617] name failslab, interval 1, probability 0, space 0, times 0 [ 528.841775][ T2617] CPU: 1 PID: 2617 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 528.851928][ T2617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 528.851932][ T2617] Call Trace: [ 528.851946][ T2617] dump_stack+0x18e/0x1de [ 528.851958][ T2617] should_fail+0x5d8/0x740 [ 528.851968][ T2617] ? bdi_alloc_node+0x76/0xc0 [ 528.851976][ T2617] should_failslab+0x5/0x20 [ 528.851992][ T2617] kmem_cache_alloc_trace+0x39/0x2b0 [ 528.888355][ T2617] ? bioset_init+0x51b/0x610 [ 528.888365][ T2617] bdi_alloc_node+0x76/0xc0 [ 528.888375][ T2617] blk_alloc_queue_node+0x10b/0x570 [ 528.888384][ T2617] blk_mq_init_queue+0x33/0xa0 [ 528.888392][ T2617] loop_add+0x256/0x710 [ 528.888409][ T2617] ? radix_tree_lookup+0x1c0/0x1d0 [ 528.916536][ T2617] loop_control_ioctl+0x468/0x680 [ 528.921544][ T2617] ? xor_init+0x60/0x60 [ 528.925670][ T2617] do_vfs_ioctl+0x6fb/0x15b0 [ 528.930256][ T2617] __x64_sys_ioctl+0xd4/0x110 [ 528.934914][ T2617] do_syscall_64+0xcb/0x1e0 [ 528.939393][ T2617] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 528.945253][ T2617] RIP: 0033:0x7fe6f0f01059 [ 528.949639][ T2617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 528.969210][ T2617] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 14:29:49 executing program 5: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) syz_clone3(&(0x7f0000000280)={0x40000000, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0)=0x0, {0x19}, &(0x7f0000000100)=""/73, 0x49, &(0x7f0000000180)=""/164, &(0x7f0000000240)=[0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff], 0x4}, 0x58) write$P9_RGETLOCK(r0, &(0x7f0000000440)=ANY=[@ANYBLOB="22000000370200010700002000000000ff0100000000000021814a5fb79fa2693de1251a76ab71ae59eba9fd78f4d6954d2d828eb8cef7cdf1c9e6ad57b36cfa22ec8503ac903f725c2914faac874a60575a2723873b62c9850de4dc5e8abbf16bf7b095de43639946baea15af2c4d1e291a5ef42ea723e4fd9354f6dd815e87c42771b4843fc26df8aee3b23e6c8bacaa535d649541a4b6a7749cf0f8f4783660a46af8163756d354e1a35cd405b32b0fd8add85d635f1b0c056d611b264219ea686e069145bf220eb6b2f81a8851b9164579ae7093aeb4015f070667027671217948e8cd4b7b436202bdf782e5583b2ad06c4cbf200057106322ab98810106e12516716f49bd0650fde275e03c0500", @ANYRES32=r1, @ANYBLOB="04007d275c5b"], 0x22) r2 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r2, 0x0, 0x0) 14:29:49 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0xd}, 0x7) 14:29:49 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:49 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0xe}, 0x7) 14:29:49 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) ioctl$TCGETA(r1, 0x5405, &(0x7f0000000000)) socketpair(0x2, 0x80000, 0x8001, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x600, 0x70bd2b, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x20040080}, 0x0) syz_genetlink_get_family_id$gtp(&(0x7f0000000200), r3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000240), 0x9) ioctl$TCSBRK(r0, 0x5409, 0x0) 14:29:49 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 20) 14:29:49 executing program 5: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) (async) syz_clone3(&(0x7f0000000280)={0x40000000, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0)=0x0, {0x19}, &(0x7f0000000100)=""/73, 0x49, &(0x7f0000000180)=""/164, &(0x7f0000000240)=[0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff], 0x4}, 0x58) write$P9_RGETLOCK(r0, &(0x7f0000000440)=ANY=[@ANYBLOB="22000000370200010700002000000000ff0100000000000021814a5fb79fa2693de1251a76ab71ae59eba9fd78f4d6954d2d828eb8cef7cdf1c9e6ad57b36cfa22ec8503ac903f725c2914faac874a60575a2723873b62c9850de4dc5e8abbf16bf7b095de43639946baea15af2c4d1e291a5ef42ea723e4fd9354f6dd815e87c42771b4843fc26df8aee3b23e6c8bacaa535d649541a4b6a7749cf0f8f4783660a46af8163756d354e1a35cd405b32b0fd8add85d635f1b0c056d611b264219ea686e069145bf220eb6b2f81a8851b9164579ae7093aeb4015f070667027671217948e8cd4b7b436202bdf782e5583b2ad06c4cbf200057106322ab98810106e12516716f49bd0650fde275e03c0500", @ANYRES32=r1, @ANYBLOB="04007d275c5b"], 0x22) (async) r2 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r2, 0x0, 0x0) 14:29:49 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0xf}, 0x7) 14:29:49 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:49 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) [ 528.977695][ T2617] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 528.985634][ T2617] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 528.993573][ T2617] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 529.001513][ T2617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 529.009464][ T2617] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 14:29:49 executing program 5: sendmsg$TIPC_NL_NET_GET(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000240)={&(0x7f0000000080)={0x190, 0x0, 0x100, 0x70bd27, 0x25dfdbfc, {}, [@TIPC_NLA_PUBL={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x3d6}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xfffff800}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x800}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3c}]}, @TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x6fc6}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x9}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xff}, @TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x5}]}, @TIPC_NLA_BEARER={0x78, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0x12, 0x1, @l2={'ib', 0x3a, 'syzkaller1\x00'}}, @TIPC_NLA_BEARER_NAME={0x15, 0x1, @l2={'ib', 0x3a, 'veth1_to_team\x00'}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x8, @mcast1, 0x89d}}, {0x14, 0x2, @in={0x2, 0x4e23, @empty}}}}]}, @TIPC_NLA_MEDIA={0x38, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x200}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8001}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_MON={0x3c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x10001}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xdc8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x10000}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x317}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x5}]}, @TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xe1}, @TIPC_NLA_BEARER_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xc30f}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}]}]}, 0x190}, 0x1, 0x0, 0x0, 0x20008040}, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) write$P9_RATTACH(0xffffffffffffffff, &(0x7f0000000000)={0x14, 0x69, 0x2, {0x8, 0x0, 0x8}}, 0x14) 14:29:49 executing program 5: sendmsg$TIPC_NL_NET_GET(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000240)={&(0x7f0000000080)={0x190, 0x0, 0x100, 0x70bd27, 0x25dfdbfc, {}, [@TIPC_NLA_PUBL={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x3d6}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xfffff800}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x800}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3c}]}, @TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x6fc6}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x9}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xff}, @TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x5}]}, @TIPC_NLA_BEARER={0x78, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0x12, 0x1, @l2={'ib', 0x3a, 'syzkaller1\x00'}}, @TIPC_NLA_BEARER_NAME={0x15, 0x1, @l2={'ib', 0x3a, 'veth1_to_team\x00'}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x8, @mcast1, 0x89d}}, {0x14, 0x2, @in={0x2, 0x4e23, @empty}}}}]}, @TIPC_NLA_MEDIA={0x38, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x200}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8001}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_MON={0x3c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x10001}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xdc8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x10000}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x317}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x5}]}, @TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xe1}, @TIPC_NLA_BEARER_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xc30f}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}]}]}, 0x190}, 0x1, 0x0, 0x0, 0x20008040}, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) (async) write$P9_RATTACH(0xffffffffffffffff, &(0x7f0000000000)={0x14, 0x69, 0x2, {0x8, 0x0, 0x8}}, 0x14) [ 529.064317][ T2634] FAULT_INJECTION: forcing a failure. [ 529.064317][ T2634] name failslab, interval 1, probability 0, space 0, times 0 [ 529.077915][ T2634] CPU: 1 PID: 2634 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 529.088060][ T2634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 529.088063][ T2634] Call Trace: [ 529.088078][ T2634] dump_stack+0x18e/0x1de [ 529.088096][ T2634] should_fail+0x5d8/0x740 [ 529.110102][ T2634] ? bdi_init+0x196/0x940 14:29:49 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) ioctl$TCGETA(r1, 0x5405, &(0x7f0000000000)) socketpair(0x2, 0x80000, 0x8001, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x600, 0x70bd2b, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x20040080}, 0x0) syz_genetlink_get_family_id$gtp(&(0x7f0000000200), r3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000240), 0x9) ioctl$TCSBRK(r0, 0x5409, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) (async) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async) syz_open_pts(r1, 0x0) (async) ioctl$TCGETA(r1, 0x5405, &(0x7f0000000000)) (async) socketpair(0x2, 0x80000, 0x8001, &(0x7f0000000040)) (async) sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x600, 0x70bd2b, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x20040080}, 0x0) (async) syz_genetlink_get_family_id$gtp(&(0x7f0000000200), r3) (async) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000240), 0x9) (async) ioctl$TCSBRK(r0, 0x5409, 0x0) (async) 14:29:49 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:49 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 21) [ 529.110119][ T2634] should_failslab+0x5/0x20 [ 529.118904][ T2634] kmem_cache_alloc_trace+0x39/0x2b0 [ 529.118919][ T2634] ? bdi_alloc_node+0x76/0xc0 [ 529.128834][ T2634] bdi_init+0x196/0x940 [ 529.128848][ T2634] ? bdi_alloc_node+0x76/0xc0 [ 529.137637][ T2634] bdi_alloc_node+0x86/0xc0 [ 529.137654][ T2634] blk_alloc_queue_node+0x10b/0x570 [ 529.147312][ T2634] blk_mq_init_queue+0x33/0xa0 [ 529.147323][ T2634] loop_add+0x256/0x710 14:29:49 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x18}, 0x7) [ 529.147334][ T2634] ? radix_tree_lookup+0x1c0/0x1d0 [ 529.147344][ T2634] loop_control_ioctl+0x468/0x680 [ 529.147352][ T2634] ? xor_init+0x60/0x60 [ 529.147363][ T2634] do_vfs_ioctl+0x6fb/0x15b0 [ 529.147376][ T2634] __x64_sys_ioctl+0xd4/0x110 [ 529.147386][ T2634] do_syscall_64+0xcb/0x1e0 [ 529.147397][ T2634] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 529.147406][ T2634] RIP: 0033:0x7fe6f0f01059 14:29:49 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) ioctl$TCGETA(r1, 0x5405, &(0x7f0000000000)) socketpair(0x2, 0x80000, 0x8001, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x600, 0x70bd2b, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x20040080}, 0x0) (async) syz_genetlink_get_family_id$gtp(&(0x7f0000000200), r3) (async) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000240), 0x9) (async) ioctl$TCSBRK(r0, 0x5409, 0x0) [ 529.147415][ T2634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 529.147420][ T2634] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 529.147429][ T2634] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 529.147434][ T2634] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 529.147439][ T2634] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 529.147444][ T2634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 14:29:49 executing program 5: sendmsg$TIPC_NL_NET_GET(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000240)={&(0x7f0000000080)={0x190, 0x0, 0x100, 0x70bd27, 0x25dfdbfc, {}, [@TIPC_NLA_PUBL={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x3d6}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xfffff800}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x800}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3c}]}, @TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x6fc6}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x9}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xff}, @TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x5}]}, @TIPC_NLA_BEARER={0x78, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0x12, 0x1, @l2={'ib', 0x3a, 'syzkaller1\x00'}}, @TIPC_NLA_BEARER_NAME={0x15, 0x1, @l2={'ib', 0x3a, 'veth1_to_team\x00'}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x8, @mcast1, 0x89d}}, {0x14, 0x2, @in={0x2, 0x4e23, @empty}}}}]}, @TIPC_NLA_MEDIA={0x38, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x200}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8001}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_MON={0x3c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x10001}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xdc8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x10000}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x317}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x5}]}, @TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xe1}, @TIPC_NLA_BEARER_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xc30f}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}]}]}, 0x190}, 0x1, 0x0, 0x0, 0x20008040}, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) (async) write$P9_RATTACH(0xffffffffffffffff, &(0x7f0000000000)={0x14, 0x69, 0x2, {0x8, 0x0, 0x8}}, 0x14) 14:29:49 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:49 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0xa}, 0x7) 14:29:49 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 22) [ 529.147449][ T2634] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 529.167470][ T2655] FAULT_INJECTION: forcing a failure. [ 529.167470][ T2655] name failslab, interval 1, probability 0, space 0, times 0 [ 529.281725][ T2655] CPU: 1 PID: 2655 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 529.291864][ T2655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 529.291868][ T2655] Call Trace: [ 529.291884][ T2655] dump_stack+0x18e/0x1de [ 529.291897][ T2655] should_fail+0x5d8/0x740 [ 529.291908][ T2655] ? __percpu_counter_init+0x1aa/0x1e0 [ 529.291917][ T2655] ? blk_alloc_queue_stats+0x48/0x100 [ 529.291928][ T2655] should_failslab+0x5/0x20 [ 529.291938][ T2655] kmem_cache_alloc_trace+0x39/0x2b0 [ 529.291947][ T2655] blk_alloc_queue_stats+0x48/0x100 [ 529.291956][ T2655] blk_alloc_queue_node+0x14d/0x570 [ 529.291964][ T2655] blk_mq_init_queue+0x33/0xa0 [ 529.291973][ T2655] loop_add+0x256/0x710 [ 529.291980][ T2655] ? radix_tree_lookup+0x1c0/0x1d0 [ 529.291989][ T2655] loop_control_ioctl+0x468/0x680 [ 529.291996][ T2655] ? xor_init+0x60/0x60 [ 529.292005][ T2655] do_vfs_ioctl+0x6fb/0x15b0 [ 529.292016][ T2655] __x64_sys_ioctl+0xd4/0x110 [ 529.292024][ T2655] do_syscall_64+0xcb/0x1e0 [ 529.292033][ T2655] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 529.292039][ T2655] RIP: 0033:0x7fe6f0f01059 [ 529.292047][ T2655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 529.292051][ T2655] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 529.292058][ T2655] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 529.292063][ T2655] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 529.292067][ T2655] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 529.292071][ T2655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 14:29:50 executing program 5: write$P9_RATTACH(0xffffffffffffffff, &(0x7f0000000040)={0x14, 0x69, 0x2, {0x40, 0x3, 0x3}}, 0x14) write$P9_RWSTAT(0xffffffffffffffff, 0x0, 0x0) write$P9_RFLUSH(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x6d, 0x2}, 0x7) 14:29:50 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, &(0x7f0000000100)="91c689d04713c2400f2adf767eb968678bfb6227697398b9370353ddd6a626908730029f3476b1cde0b1b60a01c0cd42b1c0676c4f5f0ae8f46668c21c0dc9758e39af4ba8b8b1ac836dede4431004fb4f35328375501ae141297f4f915f064eba73891084623aa36acd26f788a92aff576370f7752382d441aae050294b2f91884d3d58f774910bcf43d4168fb241392c521f529139591b8c8fa9d298070470737a83c392aa0ff0dc12c9a22163e1f5527775c7a06dacf1797eb1ba") r2 = syz_open_dev$evdev(&(0x7f0000000240), 0x0, 0x0) ioctl$EVIOCGEFFECTS(r2, 0x80044584, &(0x7f0000000280)=""/206) ioctl$EVIOCGBITKEY(r2, 0x80404521, &(0x7f0000000000)=""/123) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r3, 0x0) ioctl$TIOCGRS485(r3, 0x542e, &(0x7f0000000080)) 14:29:50 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1a}, 0x7) 14:29:50 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0xa}, 0x7) 14:29:50 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) [ 529.292076][ T2655] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 529.337975][ T2679] FAULT_INJECTION: forcing a failure. [ 529.337975][ T2679] name failslab, interval 1, probability 0, space 0, times 0 [ 529.487332][ T2679] CPU: 0 PID: 2679 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 529.497472][ T2679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 529.507530][ T2679] Call Trace: [ 529.507548][ T2679] dump_stack+0x18e/0x1de 14:29:50 executing program 5: write$P9_RATTACH(0xffffffffffffffff, &(0x7f0000000040)={0x14, 0x69, 0x2, {0x40, 0x3, 0x3}}, 0x14) (async) write$P9_RWSTAT(0xffffffffffffffff, 0x0, 0x0) (async) write$P9_RFLUSH(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x6d, 0x2}, 0x7) 14:29:50 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 23) 14:29:50 executing program 5: write$P9_RATTACH(0xffffffffffffffff, &(0x7f0000000040)={0x14, 0x69, 0x2, {0x40, 0x3, 0x3}}, 0x14) write$P9_RWSTAT(0xffffffffffffffff, 0x0, 0x0) write$P9_RFLUSH(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x6d, 0x2}, 0x7) 14:29:50 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) ioctl$KDSKBSENT(r0, 0x4b49, &(0x7f0000000000)={0x7f, "f5b39eeba7547461cf7c5b4c0766123098853a443dd71c5fd49b5e3f704ec17d36240db2b9a1dbca756ec8d990df8b95013602f80586ce2aeba6a3a1e45ed2337cf5674748c5e1dbd58f55073d97ba004e6ed64c2155122e273857cdae3bbde130ee0e801cea9a8f4c7679290013f877f600d0bb8f6d94616aeb4693b9a35b22c41ec180096bdf459497d5c9b3b0e3f46c929db1a9c42a4db85221489cffb6336f4a7441eb9760c7a748b9d2aa8f0dd47a3f857d3cfa49242f589dcff1f57cad7966abf9a5724273b5a150b3cec433733db5643b8460436195de9040cf7245cf6d8faf5e9dc417aaa102deb39202c95a22c0cedae616f1519a742623aed9c325c662b62e69e88e768cf3e6db1c7a34ade350fe413ee1a4b21afd9c77eed9b9b4dad8ee5d3c0c9dad3bc21f4385e741445f1b4ae378d6e057a1a7a1554e850242fd875075f434507363bb052361fa0a993b90feafe7c0807f984c739af847ed3bf72524f87ca8b4c9a8c59252c3c014cb6f272eab2e457ea47bb4470a2f9508c5bd3b033168ee1faab36c3b44fd9caae9aaaacff1dd9f74fc0304b5c0ff351c713ed659169b151dff7680b96aa547ecd29f63294fd43b0c462226deecf887c854a5e0ca691ed49d4637dd3c1e7aea5ea53008d2bd520bdb1ff78f8d801d28f34cb62e0d2e85d6f7531e7f63f6238dca30c7a3eff84bbf720af4bac8e45d4955eb"}) ioctl$TIOCGPTPEER(r0, 0x5441, 0x6) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x2e009413ee37a9ca) write$P9_RREMOVE(r1, &(0x7f0000000280)={0x7, 0x7b, 0x1}, 0x7) [ 529.515117][ T2679] should_fail+0x5d8/0x740 [ 529.515129][ T2679] ? blk_stat_alloc_callback+0x5c/0x210 [ 529.515140][ T2679] should_failslab+0x5/0x20 [ 529.515151][ T2679] kmem_cache_alloc_trace+0x39/0x2b0 [ 529.515159][ T2679] ? blk_mq_poll_stats_fn+0x1b0/0x1b0 [ 529.515166][ T2679] ? blk_mq_free_tag_set+0x470/0x470 [ 529.515173][ T2679] blk_stat_alloc_callback+0x5c/0x210 [ 529.515184][ T2679] blk_mq_init_allocated_queue+0x86/0x16e0 [ 529.515193][ T2679] ? blk_timeout_work+0x10/0x10 [ 529.515204][ T2679] ? blk_alloc_queue_node+0x4e0/0x570 [ 529.515219][ T2679] blk_mq_init_queue+0x48/0xa0 [ 529.515227][ T2679] loop_add+0x256/0x710 [ 529.515237][ T2679] ? radix_tree_lookup+0x1c0/0x1d0 [ 529.515246][ T2679] loop_control_ioctl+0x468/0x680 [ 529.515254][ T2679] ? xor_init+0x60/0x60 [ 529.515264][ T2679] do_vfs_ioctl+0x6fb/0x15b0 [ 529.515276][ T2679] __x64_sys_ioctl+0xd4/0x110 [ 529.515285][ T2679] do_syscall_64+0xcb/0x1e0 [ 529.515297][ T2679] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 529.515305][ T2679] RIP: 0033:0x7fe6f0f01059 [ 529.515314][ T2679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 529.515318][ T2679] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 529.515327][ T2679] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 529.515332][ T2679] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 14:29:50 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1b}, 0x7) 14:29:50 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:50 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0xa}, 0x7) [ 529.515337][ T2679] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 529.515342][ T2679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 529.515348][ T2679] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 529.539049][ T2699] FAULT_INJECTION: forcing a failure. [ 529.539049][ T2699] name failslab, interval 1, probability 0, space 0, times 0 [ 529.700621][ T2699] CPU: 1 PID: 2699 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 14:29:50 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 24) [ 529.710766][ T2699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 529.710771][ T2699] Call Trace: [ 529.710786][ T2699] dump_stack+0x18e/0x1de [ 529.710799][ T2699] should_fail+0x5d8/0x740 [ 529.710809][ T2699] ? blk_mq_poll_stats_fn+0x1b0/0x1b0 [ 529.710818][ T2699] ? blk_stat_alloc_callback+0x95/0x210 [ 529.710828][ T2699] should_failslab+0x5/0x20 [ 529.710838][ T2699] __kmalloc+0x5f/0x2f0 [ 529.710846][ T2699] ? blk_stat_alloc_callback+0x5c/0x210 [ 529.710854][ T2699] ? blk_mq_poll_stats_fn+0x1b0/0x1b0 [ 529.710862][ T2699] ? blk_mq_free_tag_set+0x470/0x470 [ 529.710870][ T2699] blk_stat_alloc_callback+0x95/0x210 [ 529.710879][ T2699] ? blk_mq_free_tag_set+0x470/0x470 [ 529.710886][ T2699] ? blk_mq_poll_stats_fn+0x1b0/0x1b0 [ 529.710895][ T2699] blk_mq_init_allocated_queue+0x86/0x16e0 [ 529.710907][ T2699] ? blk_timeout_work+0x10/0x10 [ 529.710917][ T2699] ? blk_alloc_queue_node+0x4e0/0x570 [ 529.710926][ T2699] blk_mq_init_queue+0x48/0xa0 [ 529.710935][ T2699] loop_add+0x256/0x710 [ 529.710945][ T2699] ? radix_tree_lookup+0x1c0/0x1d0 [ 529.710954][ T2699] loop_control_ioctl+0x468/0x680 [ 529.710963][ T2699] ? xor_init+0x60/0x60 [ 529.710973][ T2699] do_vfs_ioctl+0x6fb/0x15b0 [ 529.710986][ T2699] __x64_sys_ioctl+0xd4/0x110 [ 529.710996][ T2699] do_syscall_64+0xcb/0x1e0 [ 529.711007][ T2699] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 529.711015][ T2699] RIP: 0033:0x7fe6f0f01059 [ 529.711024][ T2699] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 529.711029][ T2699] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 529.711038][ T2699] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 529.711043][ T2699] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 529.711048][ T2699] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 529.711053][ T2699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 529.711058][ T2699] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 529.749549][ T2717] FAULT_INJECTION: forcing a failure. [ 529.749549][ T2717] name failslab, interval 1, probability 0, space 0, times 0 [ 529.933272][ T2717] CPU: 0 PID: 2717 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 529.933277][ T2717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 529.933280][ T2717] Call Trace: [ 529.933295][ T2717] dump_stack+0x18e/0x1de [ 529.933307][ T2717] should_fail+0x5d8/0x740 [ 529.933316][ T2717] ? blk_mq_init_allocated_queue+0xf0/0x16e0 [ 529.933326][ T2717] should_failslab+0x5/0x20 [ 529.933341][ T2717] kmem_cache_alloc_trace+0x39/0x2b0 [ 529.981141][ T2717] ? blk_stat_alloc_callback+0x1a4/0x210 [ 529.981154][ T2717] ? blk_mq_free_tag_set+0x470/0x470 [ 529.992046][ T2717] ? blk_mq_poll_stats_fn+0x1b0/0x1b0 [ 529.992058][ T2717] blk_mq_init_allocated_queue+0xf0/0x16e0 [ 529.992070][ T2717] ? blk_alloc_queue_node+0x4e0/0x570 [ 529.992080][ T2717] blk_mq_init_queue+0x48/0xa0 [ 529.992089][ T2717] loop_add+0x256/0x710 [ 529.992100][ T2717] ? radix_tree_lookup+0x1c0/0x1d0 [ 529.992109][ T2717] loop_control_ioctl+0x468/0x680 [ 529.992118][ T2717] ? xor_init+0x60/0x60 [ 529.992128][ T2717] do_vfs_ioctl+0x6fb/0x15b0 [ 529.992141][ T2717] __x64_sys_ioctl+0xd4/0x110 [ 529.992151][ T2717] do_syscall_64+0xcb/0x1e0 [ 529.992161][ T2717] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 529.992177][ T2717] RIP: 0033:0x7fe6f0f01059 [ 529.992186][ T2717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 529.992191][ T2717] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 529.992199][ T2717] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 529.992204][ T2717] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 529.992209][ T2717] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 529.992214][ T2717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 14:29:50 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) (async) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) (async) ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, &(0x7f0000000100)="91c689d04713c2400f2adf767eb968678bfb6227697398b9370353ddd6a626908730029f3476b1cde0b1b60a01c0cd42b1c0676c4f5f0ae8f46668c21c0dc9758e39af4ba8b8b1ac836dede4431004fb4f35328375501ae141297f4f915f064eba73891084623aa36acd26f788a92aff576370f7752382d441aae050294b2f91884d3d58f774910bcf43d4168fb241392c521f529139591b8c8fa9d298070470737a83c392aa0ff0dc12c9a22163e1f5527775c7a06dacf1797eb1ba") r2 = syz_open_dev$evdev(&(0x7f0000000240), 0x0, 0x0) ioctl$EVIOCGEFFECTS(r2, 0x80044584, &(0x7f0000000280)=""/206) (async, rerun: 32) ioctl$EVIOCGBITKEY(r2, 0x80404521, &(0x7f0000000000)=""/123) (async, rerun: 32) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r3, 0x0) (async) ioctl$TIOCGRS485(r3, 0x542e, &(0x7f0000000080)) 14:29:50 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) (async) ioctl$KDSKBSENT(r0, 0x4b49, &(0x7f0000000000)={0x7f, "f5b39eeba7547461cf7c5b4c0766123098853a443dd71c5fd49b5e3f704ec17d36240db2b9a1dbca756ec8d990df8b95013602f80586ce2aeba6a3a1e45ed2337cf5674748c5e1dbd58f55073d97ba004e6ed64c2155122e273857cdae3bbde130ee0e801cea9a8f4c7679290013f877f600d0bb8f6d94616aeb4693b9a35b22c41ec180096bdf459497d5c9b3b0e3f46c929db1a9c42a4db85221489cffb6336f4a7441eb9760c7a748b9d2aa8f0dd47a3f857d3cfa49242f589dcff1f57cad7966abf9a5724273b5a150b3cec433733db5643b8460436195de9040cf7245cf6d8faf5e9dc417aaa102deb39202c95a22c0cedae616f1519a742623aed9c325c662b62e69e88e768cf3e6db1c7a34ade350fe413ee1a4b21afd9c77eed9b9b4dad8ee5d3c0c9dad3bc21f4385e741445f1b4ae378d6e057a1a7a1554e850242fd875075f434507363bb052361fa0a993b90feafe7c0807f984c739af847ed3bf72524f87ca8b4c9a8c59252c3c014cb6f272eab2e457ea47bb4470a2f9508c5bd3b033168ee1faab36c3b44fd9caae9aaaacff1dd9f74fc0304b5c0ff351c713ed659169b151dff7680b96aa547ecd29f63294fd43b0c462226deecf887c854a5e0ca691ed49d4637dd3c1e7aea5ea53008d2bd520bdb1ff78f8d801d28f34cb62e0d2e85d6f7531e7f63f6238dca30c7a3eff84bbf720af4bac8e45d4955eb"}) ioctl$TIOCGPTPEER(r0, 0x5441, 0x6) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x2e009413ee37a9ca) write$P9_RREMOVE(r1, &(0x7f0000000280)={0x7, 0x7b, 0x1}, 0x7) 14:29:50 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:50 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 25) 14:29:50 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1b9}, 0x7) 14:29:50 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0xf}, 0x7) 14:29:50 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x300}, 0x7) 14:29:50 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) (async) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) (async) ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, &(0x7f0000000100)="91c689d04713c2400f2adf767eb968678bfb6227697398b9370353ddd6a626908730029f3476b1cde0b1b60a01c0cd42b1c0676c4f5f0ae8f46668c21c0dc9758e39af4ba8b8b1ac836dede4431004fb4f35328375501ae141297f4f915f064eba73891084623aa36acd26f788a92aff576370f7752382d441aae050294b2f91884d3d58f774910bcf43d4168fb241392c521f529139591b8c8fa9d298070470737a83c392aa0ff0dc12c9a22163e1f5527775c7a06dacf1797eb1ba") (async, rerun: 64) r2 = syz_open_dev$evdev(&(0x7f0000000240), 0x0, 0x0) (rerun: 64) ioctl$EVIOCGEFFECTS(r2, 0x80044584, &(0x7f0000000280)=""/206) (async) ioctl$EVIOCGBITKEY(r2, 0x80404521, &(0x7f0000000000)=""/123) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r3, 0x0) ioctl$TIOCGRS485(r3, 0x542e, &(0x7f0000000080)) 14:29:50 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1b9}, 0x7) 14:29:50 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) (async) ioctl$KDSKBSENT(r0, 0x4b49, &(0x7f0000000000)={0x7f, "f5b39eeba7547461cf7c5b4c0766123098853a443dd71c5fd49b5e3f704ec17d36240db2b9a1dbca756ec8d990df8b95013602f80586ce2aeba6a3a1e45ed2337cf5674748c5e1dbd58f55073d97ba004e6ed64c2155122e273857cdae3bbde130ee0e801cea9a8f4c7679290013f877f600d0bb8f6d94616aeb4693b9a35b22c41ec180096bdf459497d5c9b3b0e3f46c929db1a9c42a4db85221489cffb6336f4a7441eb9760c7a748b9d2aa8f0dd47a3f857d3cfa49242f589dcff1f57cad7966abf9a5724273b5a150b3cec433733db5643b8460436195de9040cf7245cf6d8faf5e9dc417aaa102deb39202c95a22c0cedae616f1519a742623aed9c325c662b62e69e88e768cf3e6db1c7a34ade350fe413ee1a4b21afd9c77eed9b9b4dad8ee5d3c0c9dad3bc21f4385e741445f1b4ae378d6e057a1a7a1554e850242fd875075f434507363bb052361fa0a993b90feafe7c0807f984c739af847ed3bf72524f87ca8b4c9a8c59252c3c014cb6f272eab2e457ea47bb4470a2f9508c5bd3b033168ee1faab36c3b44fd9caae9aaaacff1dd9f74fc0304b5c0ff351c713ed659169b151dff7680b96aa547ecd29f63294fd43b0c462226deecf887c854a5e0ca691ed49d4637dd3c1e7aea5ea53008d2bd520bdb1ff78f8d801d28f34cb62e0d2e85d6f7531e7f63f6238dca30c7a3eff84bbf720af4bac8e45d4955eb"}) ioctl$TIOCGPTPEER(r0, 0x5441, 0x6) (async) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x2e009413ee37a9ca) write$P9_RREMOVE(r1, &(0x7f0000000280)={0x7, 0x7b, 0x1}, 0x7) [ 529.992219][ T2717] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 14:29:50 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0xf}, 0x7) 14:29:50 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1b9}, 0x7) [ 530.169916][ T2739] FAULT_INJECTION: forcing a failure. [ 530.169916][ T2739] name failslab, interval 1, probability 0, space 0, times 0 [ 530.186013][ T2739] CPU: 0 PID: 2739 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 530.196243][ T2739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 530.196247][ T2739] Call Trace: [ 530.196262][ T2739] dump_stack+0x18e/0x1de [ 530.196280][ T2739] should_fail+0x5d8/0x740 14:29:50 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0xf}, 0x7) 14:29:50 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:50 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x8) [ 530.218277][ T2739] ? blk_mq_init_allocated_queue+0x429/0x16e0 [ 530.218287][ T2739] should_failslab+0x5/0x20 [ 530.218302][ T2739] __kmalloc+0x5f/0x2f0 [ 530.232944][ T2739] ? blk_mq_sysfs_init+0x18b/0x1c0 [ 530.232953][ T2739] blk_mq_init_allocated_queue+0x429/0x16e0 [ 530.232969][ T2739] ? blk_alloc_queue_node+0x4e0/0x570 [ 530.249289][ T2739] blk_mq_init_queue+0x48/0xa0 [ 530.249303][ T2739] loop_add+0x256/0x710 [ 530.258175][ T2739] ? radix_tree_lookup+0x1c0/0x1d0 [ 530.258187][ T2739] loop_control_ioctl+0x468/0x680 14:29:50 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 26) [ 530.258196][ T2739] ? xor_init+0x60/0x60 [ 530.258206][ T2739] do_vfs_ioctl+0x6fb/0x15b0 [ 530.258219][ T2739] __x64_sys_ioctl+0xd4/0x110 [ 530.258228][ T2739] do_syscall_64+0xcb/0x1e0 [ 530.258240][ T2739] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 530.258248][ T2739] RIP: 0033:0x7fe6f0f01059 [ 530.258257][ T2739] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 530.258262][ T2739] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 530.258271][ T2739] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 530.258276][ T2739] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 530.258281][ T2739] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 530.258286][ T2739] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 530.258291][ T2739] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 530.276769][ T2760] FAULT_INJECTION: forcing a failure. [ 530.276769][ T2760] name failslab, interval 1, probability 0, space 0, times 0 [ 530.383232][ T2760] CPU: 1 PID: 2760 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 530.383237][ T2760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 530.383240][ T2760] Call Trace: [ 530.383255][ T2760] dump_stack+0x18e/0x1de [ 530.383267][ T2760] should_fail+0x5d8/0x740 [ 530.383277][ T2760] ? blk_mq_realloc_hw_ctxs+0x38a/0x1440 [ 530.383288][ T2760] should_failslab+0x5/0x20 [ 530.383297][ T2760] __kmalloc+0x5f/0x2f0 [ 530.383306][ T2760] ? _raw_spin_lock+0x6c/0x170 [ 530.383315][ T2760] blk_mq_realloc_hw_ctxs+0x38a/0x1440 [ 530.383327][ T2760] ? blk_mq_sysfs_init+0x18b/0x1c0 [ 530.383336][ T2760] blk_mq_init_allocated_queue+0x4d8/0x16e0 [ 530.383347][ T2760] ? blk_alloc_queue_node+0x4e0/0x570 [ 530.383357][ T2760] blk_mq_init_queue+0x48/0xa0 [ 530.383365][ T2760] loop_add+0x256/0x710 [ 530.383376][ T2760] ? radix_tree_lookup+0x1c0/0x1d0 [ 530.383385][ T2760] loop_control_ioctl+0x468/0x680 [ 530.383392][ T2760] ? xor_init+0x60/0x60 [ 530.383401][ T2760] do_vfs_ioctl+0x6fb/0x15b0 [ 530.383414][ T2760] __x64_sys_ioctl+0xd4/0x110 [ 530.383423][ T2760] do_syscall_64+0xcb/0x1e0 [ 530.383434][ T2760] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 530.383442][ T2760] RIP: 0033:0x7fe6f0f01059 [ 530.383451][ T2760] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 14:29:51 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 27) 14:29:51 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:51 executing program 1: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0xf}, 0x7) 14:29:51 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:51 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x9) 14:29:51 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) syz_open_dev$tty1(0xc, 0x4, 0x4) (async) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) 14:29:51 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) (async) write$P9_RWSTAT(r0, 0x0, 0x0) (async) [ 530.383456][ T2760] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 530.383464][ T2760] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 530.383468][ T2760] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 530.383480][ T2760] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 530.557185][ T2760] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 530.557190][ T2760] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 14:29:51 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1b9}, 0x7) 14:29:51 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0xa) 14:29:51 executing program 1: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0xf}, 0x7) 14:29:51 executing program 1: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0xf}, 0x7) 14:29:51 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 28) [ 530.609457][ T2762] FAULT_INJECTION: forcing a failure. [ 530.609457][ T2762] name failslab, interval 1, probability 0, space 0, times 0 [ 530.622482][ T2762] CPU: 0 PID: 2762 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 530.632632][ T2762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 530.632635][ T2762] Call Trace: [ 530.632650][ T2762] dump_stack+0x18e/0x1de [ 530.632664][ T2762] should_fail+0x5d8/0x740 14:29:51 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0xf}, 0x7) [ 530.632675][ T2762] ? blk_mq_realloc_hw_ctxs+0x637/0x1440 [ 530.632685][ T2762] should_failslab+0x5/0x20 [ 530.632695][ T2762] __kmalloc+0x5f/0x2f0 [ 530.632703][ T2762] ? blk_mq_realloc_hw_ctxs+0x38a/0x1440 [ 530.632711][ T2762] ? _raw_spin_lock+0x6c/0x170 [ 530.632720][ T2762] blk_mq_realloc_hw_ctxs+0x637/0x1440 [ 530.632733][ T2762] blk_mq_init_allocated_queue+0x4d8/0x16e0 [ 530.632744][ T2762] ? blk_alloc_queue_node+0x4e0/0x570 [ 530.632753][ T2762] blk_mq_init_queue+0x48/0xa0 [ 530.632762][ T2762] loop_add+0x256/0x710 [ 530.632770][ T2762] ? radix_tree_lookup+0x1c0/0x1d0 [ 530.632779][ T2762] loop_control_ioctl+0x468/0x680 [ 530.632787][ T2762] ? xor_init+0x60/0x60 [ 530.632797][ T2762] do_vfs_ioctl+0x6fb/0x15b0 [ 530.632809][ T2762] __x64_sys_ioctl+0xd4/0x110 [ 530.632818][ T2762] do_syscall_64+0xcb/0x1e0 [ 530.632828][ T2762] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 530.632837][ T2762] RIP: 0033:0x7fe6f0f01059 [ 530.632847][ T2762] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 530.632852][ T2762] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 530.632861][ T2762] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 530.632867][ T2762] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 530.632872][ T2762] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 530.632877][ T2762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 14:29:51 executing program 1: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0xf}, 0x7) 14:29:51 executing program 2: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1b9}, 0x7) [ 530.632882][ T2762] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 530.655001][ T2783] FAULT_INJECTION: forcing a failure. [ 530.655001][ T2783] name failslab, interval 1, probability 0, space 0, times 0 [ 530.829839][ T2783] CPU: 0 PID: 2783 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 530.829844][ T2783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 530.829847][ T2783] Call Trace: [ 530.829861][ T2783] dump_stack+0x18e/0x1de 14:29:51 executing program 2: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1b9}, 0x7) 14:29:51 executing program 1: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0xf}, 0x7) [ 530.829873][ T2783] should_fail+0x5d8/0x740 [ 530.829882][ T2783] ? sbitmap_init_node+0x145/0x3d0 [ 530.829892][ T2783] should_failslab+0x5/0x20 [ 530.829908][ T2783] __kmalloc+0x5f/0x2f0 [ 530.875716][ T2783] sbitmap_init_node+0x145/0x3d0 [ 530.875729][ T2783] blk_mq_realloc_hw_ctxs+0x6a1/0x1440 [ 530.875741][ T2783] blk_mq_init_allocated_queue+0x4d8/0x16e0 [ 530.875756][ T2783] ? blk_alloc_queue_node+0x4e0/0x570 [ 530.897347][ T2783] blk_mq_init_queue+0x48/0xa0 [ 530.897358][ T2783] loop_add+0x256/0x710 [ 530.897369][ T2783] ? radix_tree_lookup+0x1c0/0x1d0 [ 530.897378][ T2783] loop_control_ioctl+0x468/0x680 [ 530.897387][ T2783] ? xor_init+0x60/0x60 [ 530.897398][ T2783] do_vfs_ioctl+0x6fb/0x15b0 [ 530.897410][ T2783] __x64_sys_ioctl+0xd4/0x110 [ 530.897420][ T2783] do_syscall_64+0xcb/0x1e0 [ 530.897431][ T2783] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 530.897439][ T2783] RIP: 0033:0x7fe6f0f01059 [ 530.897449][ T2783] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 530.897454][ T2783] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 530.897463][ T2783] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 530.897468][ T2783] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 530.897473][ T2783] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 14:29:51 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:51 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) ioctl$HIDIOCGUSAGES(0xffffffffffffffff, 0xd01c4813, &(0x7f0000000000)={{0x2, 0xffffffff, 0x7ff, 0xff, 0x5, 0x7fff}, 0x1f6, [0x6, 0x1, 0x3, 0xfffffbff, 0x8, 0x61, 0x9, 0x80000000, 0xcf2f, 0x3, 0x1f, 0x9, 0x4000, 0x7, 0xd9e, 0x7ff, 0x7fffffff, 0x5, 0x5, 0x28, 0x1f, 0x8001, 0x6, 0x6, 0x80000000, 0x3, 0x7ff, 0x1, 0x6, 0x7, 0x156e, 0x3, 0x6, 0x4, 0xffff, 0x80000000, 0x962b, 0x4, 0x8, 0x10000, 0x5, 0x3, 0x3f, 0x0, 0x9, 0xfffffff7, 0x7d, 0xe0b, 0x941, 0xffff9879, 0x6, 0x10001, 0x4, 0x9, 0x4, 0x3f, 0xf24e, 0x1, 0x3, 0x6, 0x1000, 0x8, 0xfffffff7, 0x9, 0x6, 0x7f, 0xffffffff, 0x3f, 0x7f, 0x10001, 0x92, 0x0, 0x8, 0xe93, 0x6, 0x2c49, 0x0, 0x7, 0x40000000, 0x10, 0x9, 0x2, 0xfffff399, 0x998, 0x4b, 0x1f, 0x100, 0x4, 0x7, 0x24, 0x8000, 0x0, 0x9d6, 0x1ff, 0x81, 0xfffffffb, 0x800, 0x81, 0x3101, 0xfff, 0x3, 0x3f, 0x7f, 0x161, 0x46a7, 0x5, 0x6d7, 0x2, 0x9, 0x1, 0xedd265b1, 0xed, 0x5, 0xee0f, 0xf20e, 0x7ff, 0xffffffff, 0x80000001, 0x1, 0x8, 0xd0ac, 0x7f, 0xa6db, 0xfffffff7, 0x5, 0x80, 0x8, 0x0, 0x7, 0x800000, 0x1, 0x6, 0xffffffff, 0x3f, 0x9, 0x2, 0x20, 0x100, 0x4, 0x2, 0x80, 0xe144, 0x1, 0x6, 0xff, 0x3, 0xffff, 0x6, 0x6, 0x7, 0x7, 0xfffffc01, 0x28, 0x398e2b31, 0x1, 0xa8d, 0x0, 0xfffffff8, 0xca8, 0x2, 0x2, 0xca, 0x7, 0x0, 0x10000, 0x2, 0x1000, 0x4, 0x9, 0x3, 0x9, 0xf584, 0x1, 0x8, 0x2e0b, 0x5, 0x2, 0x8001, 0xfffffff9, 0x0, 0xf6f, 0x8, 0x1ce, 0x6, 0x5, 0x80000000, 0xd80e, 0x1c, 0x20, 0xfff, 0x0, 0x3, 0x81, 0x5, 0x5, 0x9, 0x17d, 0x2, 0x2, 0x0, 0x1ff, 0x6, 0x2, 0x962f, 0x81, 0x3, 0x9, 0x1, 0x0, 0xfff, 0x1, 0x1, 0xb, 0x5, 0x7f, 0x80, 0xffffffff, 0x0, 0x7dcbf647, 0x80000000, 0x0, 0xffc00000, 0x1, 0x0, 0x5, 0xfff, 0x8, 0x2, 0x7, 0x0, 0x1, 0xe6, 0x8, 0x20, 0x2, 0x7, 0x4, 0x4, 0x9, 0xffff7fff, 0x400, 0x101, 0x0, 0x4, 0x2, 0x9, 0x3, 0x9f000000, 0x5, 0xfffffe01, 0x1, 0x2, 0x5, 0x3f, 0x8, 0x4, 0xfffff916, 0x3, 0x4c, 0x2, 0x7ff, 0x0, 0x9, 0x101, 0x3, 0x7, 0x100, 0x8, 0x6, 0x25e, 0x9, 0x2, 0x9b, 0x4, 0x1, 0xffffff7f, 0x6, 0x8, 0x8, 0x7fffffff, 0x8, 0x5, 0x8, 0x1, 0x1, 0x3, 0x7f, 0x1, 0x3, 0xfff, 0x7, 0xffffffc1, 0x7fffffff, 0x5b3f, 0x4, 0x8, 0x8, 0x40004000, 0x0, 0x0, 0x81, 0x8, 0x8, 0x81, 0x5, 0x0, 0x1000, 0x4c00000, 0x1, 0x81, 0x2, 0x1, 0x8bce, 0x70b, 0x5, 0x3, 0x4f57c438, 0x8001, 0x7, 0xb, 0x4, 0x0, 0x8, 0x8, 0x8, 0xfffffe00, 0x9, 0x0, 0x60, 0x5c, 0x8, 0x4, 0x1ff, 0x8, 0x80000000, 0x2, 0x3f, 0x7, 0x7, 0x2, 0x3, 0x4, 0x3, 0x2, 0x1f, 0xffffffff, 0x5, 0xfffffffa, 0x100, 0xb3f5, 0x1, 0x84, 0x558, 0xe32, 0x6a84, 0xff, 0x0, 0x100, 0xffff7fff, 0x7fff, 0x10000, 0x4562, 0x1, 0x400, 0xe6, 0xffff, 0xffffffff, 0x1, 0x81, 0xfffffffa, 0x8001, 0x80000001, 0x5ca, 0x800, 0x9, 0xf651, 0x0, 0x401, 0x8000, 0x2, 0x80, 0xd5b9, 0x68d881a5, 0x2, 0x1, 0x2, 0x3f, 0x8001, 0x5, 0x9, 0x1f, 0x401, 0x7f, 0x8, 0x1, 0x2, 0x2, 0x7, 0x800, 0x80000000, 0xffffff16, 0x2, 0x5, 0x10000, 0x6, 0x401, 0xd74, 0x7fff, 0x81, 0xffffffae, 0x6, 0x6e9d, 0x1, 0x7, 0x2, 0x3, 0x5, 0x0, 0x9, 0x0, 0xd, 0x9, 0x20, 0x9, 0x9, 0x7fff, 0x10001, 0x5, 0x1ff, 0x7, 0x2, 0x7, 0x1, 0x1, 0x5, 0x0, 0x7ff, 0x4, 0xa682, 0x9, 0x6, 0x9, 0x0, 0x0, 0x8, 0x4, 0x1200000, 0x1, 0x7858, 0x1, 0x9, 0x2, 0x20, 0x5, 0x0, 0x2, 0x9, 0x6, 0x5, 0x9, 0x1, 0x8000, 0x3, 0xff, 0x6, 0x6, 0x9, 0x2b4, 0x5, 0x101, 0x0, 0x1, 0x3, 0x4, 0x401, 0x4da0, 0x55, 0x8a3, 0x81, 0x3ff, 0x401, 0x6f7, 0x2, 0x7fff, 0x4, 0xfff, 0x8, 0x8, 0x0, 0xf8d61600, 0x99b1, 0xf4a4, 0xffffffff, 0x9, 0xa5, 0x200, 0x1f, 0x401, 0x3, 0x5, 0x6, 0x0, 0x68b, 0x7fffffff, 0x9, 0x1, 0x7, 0x800, 0x9, 0x2, 0x5, 0x2, 0xfffffffc, 0x5, 0x3, 0x0, 0x9, 0x3, 0x0, 0xefc, 0x7fff, 0xffffffff, 0x3, 0x9d, 0x80000001, 0x0, 0x176e, 0x200, 0x401, 0x2, 0xebd6, 0x400, 0x884, 0x4, 0xffffffff, 0x1, 0x707a, 0x2, 0x4daa, 0x0, 0x2, 0x1, 0x1ff, 0x81, 0x3, 0x7, 0x0, 0x5, 0x8, 0x4, 0x8001, 0xffff, 0x7, 0x1, 0x1ff, 0x8000, 0x1, 0x6, 0x3, 0x0, 0x3, 0xa0, 0xfffffff7, 0x20, 0x8, 0x0, 0x6, 0x1, 0x9, 0x8, 0x0, 0x10000, 0x7, 0x7, 0x3fff8000, 0x6, 0x8, 0x0, 0x0, 0x7fff, 0x2, 0x1, 0x1f, 0x1, 0x100, 0x0, 0x80, 0x5, 0x4, 0x1, 0x100, 0x80, 0x6e, 0x6, 0x2, 0x4, 0x6, 0x1c0, 0x9, 0x80000000, 0x80, 0x1000, 0x1, 0x81, 0xd5f, 0x1ff, 0x8, 0xfffffffb, 0x401, 0x7, 0x81, 0x7f2a, 0x5, 0x20, 0x7, 0x0, 0x7, 0x80000, 0x1, 0xffffffff, 0xd5daca2, 0x27c51b43, 0x16b, 0x8, 0x3, 0x7, 0x1, 0x7, 0x9, 0xd3e4, 0x0, 0x100, 0xe36, 0x7fff, 0xfff, 0xf387, 0x0, 0x3, 0x6, 0x1, 0x0, 0xd5c, 0x4, 0x8, 0x6, 0x7fff, 0x5, 0x9, 0x5, 0x4, 0x0, 0x7, 0x4, 0x0, 0x7, 0x3, 0x43d, 0x5, 0x2, 0x80000001, 0x1, 0x0, 0xbc2, 0x6, 0x2, 0x9, 0xfffffffe, 0x0, 0x0, 0x34, 0x100, 0x3f, 0x9, 0x2, 0x6, 0x2, 0x9, 0xa17a, 0x1f, 0xff, 0x9dd8, 0x5, 0x9, 0x8, 0x9f, 0x1b312606, 0x81, 0x5, 0x3, 0x800, 0x40, 0x12, 0x3, 0x7fffffff, 0x5, 0x40, 0x1000, 0x0, 0x5, 0x4c6, 0xab, 0x9b7, 0x80000001, 0x9, 0x7, 0x0, 0x80000000, 0xffffffc0, 0x54b, 0x81, 0x8, 0xb9, 0x9, 0xffffffff, 0xbdee, 0xfffffffd, 0x1f, 0x5, 0x1, 0x400, 0x6, 0x5, 0xfffffcc4, 0x145, 0x1000, 0x1, 0x200, 0xffffffff, 0x7, 0x6, 0x9, 0x6, 0x5, 0x7, 0x401, 0x7, 0x6, 0xffffffff, 0x4, 0x4, 0x9, 0x200, 0x6, 0x135e, 0x8, 0x40, 0x2, 0x6b2a, 0x40, 0x3, 0x0, 0x0, 0x8, 0x645d, 0x1, 0x2, 0x50b, 0x6, 0x4000000, 0x6, 0xfff, 0x100, 0x3f, 0x4, 0x81, 0x8, 0x2, 0x4, 0x5, 0x40, 0x100, 0x80000001, 0x10000, 0x1, 0xc3, 0xfffffe01, 0x8001, 0x9, 0xffffffff, 0x1, 0x80000001, 0x3, 0x2, 0x8001, 0x9f58, 0x5, 0x9, 0x20, 0x8, 0xff, 0x0, 0x6, 0x1, 0x80, 0x1, 0xfff, 0xa8a, 0xfffffffe, 0x4, 0x81, 0xfffff91a, 0x10, 0x4, 0x101, 0x1, 0x3f, 0x5, 0x6e1, 0x71d, 0xd9, 0xff, 0x10000, 0x755d, 0x1, 0xfffffff6, 0x3f, 0x81, 0x2, 0x4, 0x27c, 0x1, 0x3ff, 0x7fff, 0x80000000, 0x5298, 0x1f, 0x0, 0xffffff74, 0x2, 0x9, 0x8, 0x8001, 0x10001, 0x7, 0xf2, 0x2, 0xc3bd, 0xfd2e, 0x3ff, 0x8, 0x1, 0x20, 0x21041881, 0xffffffc0, 0x6, 0x4, 0x7, 0xf31, 0x3, 0x1000, 0x7, 0xdb, 0x4, 0x7, 0x3ff, 0x1, 0x7, 0x0, 0x524, 0x1000, 0x0, 0x1, 0x9, 0x0, 0x6, 0x0, 0x5, 0x9, 0x2, 0x1, 0x3, 0x20, 0x81, 0x3, 0x7ff, 0x7fffffff, 0x3b89dca8, 0x7, 0x6, 0x8, 0x0, 0x3f, 0x8, 0x7, 0x5, 0x7, 0x4, 0xa7d, 0x2, 0x5, 0x4, 0x4, 0x8, 0x1000, 0xffffffe0, 0x6b31bcb1, 0x1000, 0xc1dd, 0x6, 0x1, 0xb5a4, 0x0, 0x9, 0xfff, 0x10000, 0x2, 0x6, 0x100, 0xe6be, 0x9, 0x5, 0x400, 0x96eb, 0xc1, 0x7fffffff, 0x3, 0x0, 0x0, 0x4, 0x7, 0x6, 0x4, 0x7, 0x1eee, 0xffff7fff, 0x9, 0x1, 0x0, 0x1, 0x20, 0x1f, 0x8, 0x20, 0x7fff, 0x7, 0x20, 0x65, 0x7, 0x1, 0x1, 0x20ee, 0xffffffff, 0x40, 0x200, 0x100, 0x4, 0x200, 0x4, 0x39ee, 0x5935, 0x4, 0x3556, 0x6, 0x4, 0x80000000, 0x400, 0x10001, 0x20, 0x1, 0xc0, 0x7fffffff, 0x5, 0x3, 0x2, 0x80000000, 0x86b40a83, 0x8, 0xa40, 0x7994, 0xfffffff8, 0x7, 0x8, 0x4, 0x1, 0x9, 0x401, 0x1000, 0x3f, 0xd8e, 0x0, 0x4, 0x0, 0x88, 0x0, 0x8, 0xffff, 0x7, 0x7fff, 0x1, 0x452, 0x401, 0x2, 0x0, 0x5, 0xfffffe00, 0xfffffffc, 0x2, 0x0, 0xe49d, 0x65, 0x40000000, 0xa2, 0x0, 0x200, 0x200, 0x7ff, 0x6, 0xff, 0x6, 0x1, 0x101, 0xfffffff7, 0x7, 0x2, 0x7, 0x0, 0x7, 0x1000, 0x2, 0x7, 0x8000, 0x6, 0x1, 0x3]}) r1 = gettid() wait4(r1, &(0x7f0000001040), 0x20000000, &(0x7f0000001080)) 14:29:51 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0xb) 14:29:51 executing program 2: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1b9}, 0x7) 14:29:51 executing program 1: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0xf}, 0x7) 14:29:51 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 29) 14:29:51 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0xc) 14:29:51 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1b9}, 0x7) 14:29:51 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) (async) ioctl$HIDIOCGUSAGES(0xffffffffffffffff, 0xd01c4813, &(0x7f0000000000)={{0x2, 0xffffffff, 0x7ff, 0xff, 0x5, 0x7fff}, 0x1f6, [0x6, 0x1, 0x3, 0xfffffbff, 0x8, 0x61, 0x9, 0x80000000, 0xcf2f, 0x3, 0x1f, 0x9, 0x4000, 0x7, 0xd9e, 0x7ff, 0x7fffffff, 0x5, 0x5, 0x28, 0x1f, 0x8001, 0x6, 0x6, 0x80000000, 0x3, 0x7ff, 0x1, 0x6, 0x7, 0x156e, 0x3, 0x6, 0x4, 0xffff, 0x80000000, 0x962b, 0x4, 0x8, 0x10000, 0x5, 0x3, 0x3f, 0x0, 0x9, 0xfffffff7, 0x7d, 0xe0b, 0x941, 0xffff9879, 0x6, 0x10001, 0x4, 0x9, 0x4, 0x3f, 0xf24e, 0x1, 0x3, 0x6, 0x1000, 0x8, 0xfffffff7, 0x9, 0x6, 0x7f, 0xffffffff, 0x3f, 0x7f, 0x10001, 0x92, 0x0, 0x8, 0xe93, 0x6, 0x2c49, 0x0, 0x7, 0x40000000, 0x10, 0x9, 0x2, 0xfffff399, 0x998, 0x4b, 0x1f, 0x100, 0x4, 0x7, 0x24, 0x8000, 0x0, 0x9d6, 0x1ff, 0x81, 0xfffffffb, 0x800, 0x81, 0x3101, 0xfff, 0x3, 0x3f, 0x7f, 0x161, 0x46a7, 0x5, 0x6d7, 0x2, 0x9, 0x1, 0xedd265b1, 0xed, 0x5, 0xee0f, 0xf20e, 0x7ff, 0xffffffff, 0x80000001, 0x1, 0x8, 0xd0ac, 0x7f, 0xa6db, 0xfffffff7, 0x5, 0x80, 0x8, 0x0, 0x7, 0x800000, 0x1, 0x6, 0xffffffff, 0x3f, 0x9, 0x2, 0x20, 0x100, 0x4, 0x2, 0x80, 0xe144, 0x1, 0x6, 0xff, 0x3, 0xffff, 0x6, 0x6, 0x7, 0x7, 0xfffffc01, 0x28, 0x398e2b31, 0x1, 0xa8d, 0x0, 0xfffffff8, 0xca8, 0x2, 0x2, 0xca, 0x7, 0x0, 0x10000, 0x2, 0x1000, 0x4, 0x9, 0x3, 0x9, 0xf584, 0x1, 0x8, 0x2e0b, 0x5, 0x2, 0x8001, 0xfffffff9, 0x0, 0xf6f, 0x8, 0x1ce, 0x6, 0x5, 0x80000000, 0xd80e, 0x1c, 0x20, 0xfff, 0x0, 0x3, 0x81, 0x5, 0x5, 0x9, 0x17d, 0x2, 0x2, 0x0, 0x1ff, 0x6, 0x2, 0x962f, 0x81, 0x3, 0x9, 0x1, 0x0, 0xfff, 0x1, 0x1, 0xb, 0x5, 0x7f, 0x80, 0xffffffff, 0x0, 0x7dcbf647, 0x80000000, 0x0, 0xffc00000, 0x1, 0x0, 0x5, 0xfff, 0x8, 0x2, 0x7, 0x0, 0x1, 0xe6, 0x8, 0x20, 0x2, 0x7, 0x4, 0x4, 0x9, 0xffff7fff, 0x400, 0x101, 0x0, 0x4, 0x2, 0x9, 0x3, 0x9f000000, 0x5, 0xfffffe01, 0x1, 0x2, 0x5, 0x3f, 0x8, 0x4, 0xfffff916, 0x3, 0x4c, 0x2, 0x7ff, 0x0, 0x9, 0x101, 0x3, 0x7, 0x100, 0x8, 0x6, 0x25e, 0x9, 0x2, 0x9b, 0x4, 0x1, 0xffffff7f, 0x6, 0x8, 0x8, 0x7fffffff, 0x8, 0x5, 0x8, 0x1, 0x1, 0x3, 0x7f, 0x1, 0x3, 0xfff, 0x7, 0xffffffc1, 0x7fffffff, 0x5b3f, 0x4, 0x8, 0x8, 0x40004000, 0x0, 0x0, 0x81, 0x8, 0x8, 0x81, 0x5, 0x0, 0x1000, 0x4c00000, 0x1, 0x81, 0x2, 0x1, 0x8bce, 0x70b, 0x5, 0x3, 0x4f57c438, 0x8001, 0x7, 0xb, 0x4, 0x0, 0x8, 0x8, 0x8, 0xfffffe00, 0x9, 0x0, 0x60, 0x5c, 0x8, 0x4, 0x1ff, 0x8, 0x80000000, 0x2, 0x3f, 0x7, 0x7, 0x2, 0x3, 0x4, 0x3, 0x2, 0x1f, 0xffffffff, 0x5, 0xfffffffa, 0x100, 0xb3f5, 0x1, 0x84, 0x558, 0xe32, 0x6a84, 0xff, 0x0, 0x100, 0xffff7fff, 0x7fff, 0x10000, 0x4562, 0x1, 0x400, 0xe6, 0xffff, 0xffffffff, 0x1, 0x81, 0xfffffffa, 0x8001, 0x80000001, 0x5ca, 0x800, 0x9, 0xf651, 0x0, 0x401, 0x8000, 0x2, 0x80, 0xd5b9, 0x68d881a5, 0x2, 0x1, 0x2, 0x3f, 0x8001, 0x5, 0x9, 0x1f, 0x401, 0x7f, 0x8, 0x1, 0x2, 0x2, 0x7, 0x800, 0x80000000, 0xffffff16, 0x2, 0x5, 0x10000, 0x6, 0x401, 0xd74, 0x7fff, 0x81, 0xffffffae, 0x6, 0x6e9d, 0x1, 0x7, 0x2, 0x3, 0x5, 0x0, 0x9, 0x0, 0xd, 0x9, 0x20, 0x9, 0x9, 0x7fff, 0x10001, 0x5, 0x1ff, 0x7, 0x2, 0x7, 0x1, 0x1, 0x5, 0x0, 0x7ff, 0x4, 0xa682, 0x9, 0x6, 0x9, 0x0, 0x0, 0x8, 0x4, 0x1200000, 0x1, 0x7858, 0x1, 0x9, 0x2, 0x20, 0x5, 0x0, 0x2, 0x9, 0x6, 0x5, 0x9, 0x1, 0x8000, 0x3, 0xff, 0x6, 0x6, 0x9, 0x2b4, 0x5, 0x101, 0x0, 0x1, 0x3, 0x4, 0x401, 0x4da0, 0x55, 0x8a3, 0x81, 0x3ff, 0x401, 0x6f7, 0x2, 0x7fff, 0x4, 0xfff, 0x8, 0x8, 0x0, 0xf8d61600, 0x99b1, 0xf4a4, 0xffffffff, 0x9, 0xa5, 0x200, 0x1f, 0x401, 0x3, 0x5, 0x6, 0x0, 0x68b, 0x7fffffff, 0x9, 0x1, 0x7, 0x800, 0x9, 0x2, 0x5, 0x2, 0xfffffffc, 0x5, 0x3, 0x0, 0x9, 0x3, 0x0, 0xefc, 0x7fff, 0xffffffff, 0x3, 0x9d, 0x80000001, 0x0, 0x176e, 0x200, 0x401, 0x2, 0xebd6, 0x400, 0x884, 0x4, 0xffffffff, 0x1, 0x707a, 0x2, 0x4daa, 0x0, 0x2, 0x1, 0x1ff, 0x81, 0x3, 0x7, 0x0, 0x5, 0x8, 0x4, 0x8001, 0xffff, 0x7, 0x1, 0x1ff, 0x8000, 0x1, 0x6, 0x3, 0x0, 0x3, 0xa0, 0xfffffff7, 0x20, 0x8, 0x0, 0x6, 0x1, 0x9, 0x8, 0x0, 0x10000, 0x7, 0x7, 0x3fff8000, 0x6, 0x8, 0x0, 0x0, 0x7fff, 0x2, 0x1, 0x1f, 0x1, 0x100, 0x0, 0x80, 0x5, 0x4, 0x1, 0x100, 0x80, 0x6e, 0x6, 0x2, 0x4, 0x6, 0x1c0, 0x9, 0x80000000, 0x80, 0x1000, 0x1, 0x81, 0xd5f, 0x1ff, 0x8, 0xfffffffb, 0x401, 0x7, 0x81, 0x7f2a, 0x5, 0x20, 0x7, 0x0, 0x7, 0x80000, 0x1, 0xffffffff, 0xd5daca2, 0x27c51b43, 0x16b, 0x8, 0x3, 0x7, 0x1, 0x7, 0x9, 0xd3e4, 0x0, 0x100, 0xe36, 0x7fff, 0xfff, 0xf387, 0x0, 0x3, 0x6, 0x1, 0x0, 0xd5c, 0x4, 0x8, 0x6, 0x7fff, 0x5, 0x9, 0x5, 0x4, 0x0, 0x7, 0x4, 0x0, 0x7, 0x3, 0x43d, 0x5, 0x2, 0x80000001, 0x1, 0x0, 0xbc2, 0x6, 0x2, 0x9, 0xfffffffe, 0x0, 0x0, 0x34, 0x100, 0x3f, 0x9, 0x2, 0x6, 0x2, 0x9, 0xa17a, 0x1f, 0xff, 0x9dd8, 0x5, 0x9, 0x8, 0x9f, 0x1b312606, 0x81, 0x5, 0x3, 0x800, 0x40, 0x12, 0x3, 0x7fffffff, 0x5, 0x40, 0x1000, 0x0, 0x5, 0x4c6, 0xab, 0x9b7, 0x80000001, 0x9, 0x7, 0x0, 0x80000000, 0xffffffc0, 0x54b, 0x81, 0x8, 0xb9, 0x9, 0xffffffff, 0xbdee, 0xfffffffd, 0x1f, 0x5, 0x1, 0x400, 0x6, 0x5, 0xfffffcc4, 0x145, 0x1000, 0x1, 0x200, 0xffffffff, 0x7, 0x6, 0x9, 0x6, 0x5, 0x7, 0x401, 0x7, 0x6, 0xffffffff, 0x4, 0x4, 0x9, 0x200, 0x6, 0x135e, 0x8, 0x40, 0x2, 0x6b2a, 0x40, 0x3, 0x0, 0x0, 0x8, 0x645d, 0x1, 0x2, 0x50b, 0x6, 0x4000000, 0x6, 0xfff, 0x100, 0x3f, 0x4, 0x81, 0x8, 0x2, 0x4, 0x5, 0x40, 0x100, 0x80000001, 0x10000, 0x1, 0xc3, 0xfffffe01, 0x8001, 0x9, 0xffffffff, 0x1, 0x80000001, 0x3, 0x2, 0x8001, 0x9f58, 0x5, 0x9, 0x20, 0x8, 0xff, 0x0, 0x6, 0x1, 0x80, 0x1, 0xfff, 0xa8a, 0xfffffffe, 0x4, 0x81, 0xfffff91a, 0x10, 0x4, 0x101, 0x1, 0x3f, 0x5, 0x6e1, 0x71d, 0xd9, 0xff, 0x10000, 0x755d, 0x1, 0xfffffff6, 0x3f, 0x81, 0x2, 0x4, 0x27c, 0x1, 0x3ff, 0x7fff, 0x80000000, 0x5298, 0x1f, 0x0, 0xffffff74, 0x2, 0x9, 0x8, 0x8001, 0x10001, 0x7, 0xf2, 0x2, 0xc3bd, 0xfd2e, 0x3ff, 0x8, 0x1, 0x20, 0x21041881, 0xffffffc0, 0x6, 0x4, 0x7, 0xf31, 0x3, 0x1000, 0x7, 0xdb, 0x4, 0x7, 0x3ff, 0x1, 0x7, 0x0, 0x524, 0x1000, 0x0, 0x1, 0x9, 0x0, 0x6, 0x0, 0x5, 0x9, 0x2, 0x1, 0x3, 0x20, 0x81, 0x3, 0x7ff, 0x7fffffff, 0x3b89dca8, 0x7, 0x6, 0x8, 0x0, 0x3f, 0x8, 0x7, 0x5, 0x7, 0x4, 0xa7d, 0x2, 0x5, 0x4, 0x4, 0x8, 0x1000, 0xffffffe0, 0x6b31bcb1, 0x1000, 0xc1dd, 0x6, 0x1, 0xb5a4, 0x0, 0x9, 0xfff, 0x10000, 0x2, 0x6, 0x100, 0xe6be, 0x9, 0x5, 0x400, 0x96eb, 0xc1, 0x7fffffff, 0x3, 0x0, 0x0, 0x4, 0x7, 0x6, 0x4, 0x7, 0x1eee, 0xffff7fff, 0x9, 0x1, 0x0, 0x1, 0x20, 0x1f, 0x8, 0x20, 0x7fff, 0x7, 0x20, 0x65, 0x7, 0x1, 0x1, 0x20ee, 0xffffffff, 0x40, 0x200, 0x100, 0x4, 0x200, 0x4, 0x39ee, 0x5935, 0x4, 0x3556, 0x6, 0x4, 0x80000000, 0x400, 0x10001, 0x20, 0x1, 0xc0, 0x7fffffff, 0x5, 0x3, 0x2, 0x80000000, 0x86b40a83, 0x8, 0xa40, 0x7994, 0xfffffff8, 0x7, 0x8, 0x4, 0x1, 0x9, 0x401, 0x1000, 0x3f, 0xd8e, 0x0, 0x4, 0x0, 0x88, 0x0, 0x8, 0xffff, 0x7, 0x7fff, 0x1, 0x452, 0x401, 0x2, 0x0, 0x5, 0xfffffe00, 0xfffffffc, 0x2, 0x0, 0xe49d, 0x65, 0x40000000, 0xa2, 0x0, 0x200, 0x200, 0x7ff, 0x6, 0xff, 0x6, 0x1, 0x101, 0xfffffff7, 0x7, 0x2, 0x7, 0x0, 0x7, 0x1000, 0x2, 0x7, 0x8000, 0x6, 0x1, 0x3]}) (async) r1 = gettid() wait4(r1, &(0x7f0000001040), 0x20000000, &(0x7f0000001080)) [ 530.897478][ T2783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 530.897482][ T2783] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 531.050397][ T2810] FAULT_INJECTION: forcing a failure. 14:29:51 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:51 executing program 3: ioctl$PIO_UNISCRNMAP(0xffffffffffffffff, 0x4b6a, &(0x7f0000000040)="a97e8477a439b841f09284a4a107f357844fb2958ff5f31bf9375bd1c02f15a59c377624d4a70861a1") syz_open_dev$tty1(0xc, 0x4, 0x1) pipe2$9p(&(0x7f00000000c0), 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) write$P9_RLINK(r0, 0x0, 0x0) write$P9_RWSTAT(r0, &(0x7f0000000000)={0x7, 0x7f, 0x1}, 0x7) 14:29:51 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) ioctl$HIDIOCGUSAGES(0xffffffffffffffff, 0xd01c4813, &(0x7f0000000000)={{0x2, 0xffffffff, 0x7ff, 0xff, 0x5, 0x7fff}, 0x1f6, [0x6, 0x1, 0x3, 0xfffffbff, 0x8, 0x61, 0x9, 0x80000000, 0xcf2f, 0x3, 0x1f, 0x9, 0x4000, 0x7, 0xd9e, 0x7ff, 0x7fffffff, 0x5, 0x5, 0x28, 0x1f, 0x8001, 0x6, 0x6, 0x80000000, 0x3, 0x7ff, 0x1, 0x6, 0x7, 0x156e, 0x3, 0x6, 0x4, 0xffff, 0x80000000, 0x962b, 0x4, 0x8, 0x10000, 0x5, 0x3, 0x3f, 0x0, 0x9, 0xfffffff7, 0x7d, 0xe0b, 0x941, 0xffff9879, 0x6, 0x10001, 0x4, 0x9, 0x4, 0x3f, 0xf24e, 0x1, 0x3, 0x6, 0x1000, 0x8, 0xfffffff7, 0x9, 0x6, 0x7f, 0xffffffff, 0x3f, 0x7f, 0x10001, 0x92, 0x0, 0x8, 0xe93, 0x6, 0x2c49, 0x0, 0x7, 0x40000000, 0x10, 0x9, 0x2, 0xfffff399, 0x998, 0x4b, 0x1f, 0x100, 0x4, 0x7, 0x24, 0x8000, 0x0, 0x9d6, 0x1ff, 0x81, 0xfffffffb, 0x800, 0x81, 0x3101, 0xfff, 0x3, 0x3f, 0x7f, 0x161, 0x46a7, 0x5, 0x6d7, 0x2, 0x9, 0x1, 0xedd265b1, 0xed, 0x5, 0xee0f, 0xf20e, 0x7ff, 0xffffffff, 0x80000001, 0x1, 0x8, 0xd0ac, 0x7f, 0xa6db, 0xfffffff7, 0x5, 0x80, 0x8, 0x0, 0x7, 0x800000, 0x1, 0x6, 0xffffffff, 0x3f, 0x9, 0x2, 0x20, 0x100, 0x4, 0x2, 0x80, 0xe144, 0x1, 0x6, 0xff, 0x3, 0xffff, 0x6, 0x6, 0x7, 0x7, 0xfffffc01, 0x28, 0x398e2b31, 0x1, 0xa8d, 0x0, 0xfffffff8, 0xca8, 0x2, 0x2, 0xca, 0x7, 0x0, 0x10000, 0x2, 0x1000, 0x4, 0x9, 0x3, 0x9, 0xf584, 0x1, 0x8, 0x2e0b, 0x5, 0x2, 0x8001, 0xfffffff9, 0x0, 0xf6f, 0x8, 0x1ce, 0x6, 0x5, 0x80000000, 0xd80e, 0x1c, 0x20, 0xfff, 0x0, 0x3, 0x81, 0x5, 0x5, 0x9, 0x17d, 0x2, 0x2, 0x0, 0x1ff, 0x6, 0x2, 0x962f, 0x81, 0x3, 0x9, 0x1, 0x0, 0xfff, 0x1, 0x1, 0xb, 0x5, 0x7f, 0x80, 0xffffffff, 0x0, 0x7dcbf647, 0x80000000, 0x0, 0xffc00000, 0x1, 0x0, 0x5, 0xfff, 0x8, 0x2, 0x7, 0x0, 0x1, 0xe6, 0x8, 0x20, 0x2, 0x7, 0x4, 0x4, 0x9, 0xffff7fff, 0x400, 0x101, 0x0, 0x4, 0x2, 0x9, 0x3, 0x9f000000, 0x5, 0xfffffe01, 0x1, 0x2, 0x5, 0x3f, 0x8, 0x4, 0xfffff916, 0x3, 0x4c, 0x2, 0x7ff, 0x0, 0x9, 0x101, 0x3, 0x7, 0x100, 0x8, 0x6, 0x25e, 0x9, 0x2, 0x9b, 0x4, 0x1, 0xffffff7f, 0x6, 0x8, 0x8, 0x7fffffff, 0x8, 0x5, 0x8, 0x1, 0x1, 0x3, 0x7f, 0x1, 0x3, 0xfff, 0x7, 0xffffffc1, 0x7fffffff, 0x5b3f, 0x4, 0x8, 0x8, 0x40004000, 0x0, 0x0, 0x81, 0x8, 0x8, 0x81, 0x5, 0x0, 0x1000, 0x4c00000, 0x1, 0x81, 0x2, 0x1, 0x8bce, 0x70b, 0x5, 0x3, 0x4f57c438, 0x8001, 0x7, 0xb, 0x4, 0x0, 0x8, 0x8, 0x8, 0xfffffe00, 0x9, 0x0, 0x60, 0x5c, 0x8, 0x4, 0x1ff, 0x8, 0x80000000, 0x2, 0x3f, 0x7, 0x7, 0x2, 0x3, 0x4, 0x3, 0x2, 0x1f, 0xffffffff, 0x5, 0xfffffffa, 0x100, 0xb3f5, 0x1, 0x84, 0x558, 0xe32, 0x6a84, 0xff, 0x0, 0x100, 0xffff7fff, 0x7fff, 0x10000, 0x4562, 0x1, 0x400, 0xe6, 0xffff, 0xffffffff, 0x1, 0x81, 0xfffffffa, 0x8001, 0x80000001, 0x5ca, 0x800, 0x9, 0xf651, 0x0, 0x401, 0x8000, 0x2, 0x80, 0xd5b9, 0x68d881a5, 0x2, 0x1, 0x2, 0x3f, 0x8001, 0x5, 0x9, 0x1f, 0x401, 0x7f, 0x8, 0x1, 0x2, 0x2, 0x7, 0x800, 0x80000000, 0xffffff16, 0x2, 0x5, 0x10000, 0x6, 0x401, 0xd74, 0x7fff, 0x81, 0xffffffae, 0x6, 0x6e9d, 0x1, 0x7, 0x2, 0x3, 0x5, 0x0, 0x9, 0x0, 0xd, 0x9, 0x20, 0x9, 0x9, 0x7fff, 0x10001, 0x5, 0x1ff, 0x7, 0x2, 0x7, 0x1, 0x1, 0x5, 0x0, 0x7ff, 0x4, 0xa682, 0x9, 0x6, 0x9, 0x0, 0x0, 0x8, 0x4, 0x1200000, 0x1, 0x7858, 0x1, 0x9, 0x2, 0x20, 0x5, 0x0, 0x2, 0x9, 0x6, 0x5, 0x9, 0x1, 0x8000, 0x3, 0xff, 0x6, 0x6, 0x9, 0x2b4, 0x5, 0x101, 0x0, 0x1, 0x3, 0x4, 0x401, 0x4da0, 0x55, 0x8a3, 0x81, 0x3ff, 0x401, 0x6f7, 0x2, 0x7fff, 0x4, 0xfff, 0x8, 0x8, 0x0, 0xf8d61600, 0x99b1, 0xf4a4, 0xffffffff, 0x9, 0xa5, 0x200, 0x1f, 0x401, 0x3, 0x5, 0x6, 0x0, 0x68b, 0x7fffffff, 0x9, 0x1, 0x7, 0x800, 0x9, 0x2, 0x5, 0x2, 0xfffffffc, 0x5, 0x3, 0x0, 0x9, 0x3, 0x0, 0xefc, 0x7fff, 0xffffffff, 0x3, 0x9d, 0x80000001, 0x0, 0x176e, 0x200, 0x401, 0x2, 0xebd6, 0x400, 0x884, 0x4, 0xffffffff, 0x1, 0x707a, 0x2, 0x4daa, 0x0, 0x2, 0x1, 0x1ff, 0x81, 0x3, 0x7, 0x0, 0x5, 0x8, 0x4, 0x8001, 0xffff, 0x7, 0x1, 0x1ff, 0x8000, 0x1, 0x6, 0x3, 0x0, 0x3, 0xa0, 0xfffffff7, 0x20, 0x8, 0x0, 0x6, 0x1, 0x9, 0x8, 0x0, 0x10000, 0x7, 0x7, 0x3fff8000, 0x6, 0x8, 0x0, 0x0, 0x7fff, 0x2, 0x1, 0x1f, 0x1, 0x100, 0x0, 0x80, 0x5, 0x4, 0x1, 0x100, 0x80, 0x6e, 0x6, 0x2, 0x4, 0x6, 0x1c0, 0x9, 0x80000000, 0x80, 0x1000, 0x1, 0x81, 0xd5f, 0x1ff, 0x8, 0xfffffffb, 0x401, 0x7, 0x81, 0x7f2a, 0x5, 0x20, 0x7, 0x0, 0x7, 0x80000, 0x1, 0xffffffff, 0xd5daca2, 0x27c51b43, 0x16b, 0x8, 0x3, 0x7, 0x1, 0x7, 0x9, 0xd3e4, 0x0, 0x100, 0xe36, 0x7fff, 0xfff, 0xf387, 0x0, 0x3, 0x6, 0x1, 0x0, 0xd5c, 0x4, 0x8, 0x6, 0x7fff, 0x5, 0x9, 0x5, 0x4, 0x0, 0x7, 0x4, 0x0, 0x7, 0x3, 0x43d, 0x5, 0x2, 0x80000001, 0x1, 0x0, 0xbc2, 0x6, 0x2, 0x9, 0xfffffffe, 0x0, 0x0, 0x34, 0x100, 0x3f, 0x9, 0x2, 0x6, 0x2, 0x9, 0xa17a, 0x1f, 0xff, 0x9dd8, 0x5, 0x9, 0x8, 0x9f, 0x1b312606, 0x81, 0x5, 0x3, 0x800, 0x40, 0x12, 0x3, 0x7fffffff, 0x5, 0x40, 0x1000, 0x0, 0x5, 0x4c6, 0xab, 0x9b7, 0x80000001, 0x9, 0x7, 0x0, 0x80000000, 0xffffffc0, 0x54b, 0x81, 0x8, 0xb9, 0x9, 0xffffffff, 0xbdee, 0xfffffffd, 0x1f, 0x5, 0x1, 0x400, 0x6, 0x5, 0xfffffcc4, 0x145, 0x1000, 0x1, 0x200, 0xffffffff, 0x7, 0x6, 0x9, 0x6, 0x5, 0x7, 0x401, 0x7, 0x6, 0xffffffff, 0x4, 0x4, 0x9, 0x200, 0x6, 0x135e, 0x8, 0x40, 0x2, 0x6b2a, 0x40, 0x3, 0x0, 0x0, 0x8, 0x645d, 0x1, 0x2, 0x50b, 0x6, 0x4000000, 0x6, 0xfff, 0x100, 0x3f, 0x4, 0x81, 0x8, 0x2, 0x4, 0x5, 0x40, 0x100, 0x80000001, 0x10000, 0x1, 0xc3, 0xfffffe01, 0x8001, 0x9, 0xffffffff, 0x1, 0x80000001, 0x3, 0x2, 0x8001, 0x9f58, 0x5, 0x9, 0x20, 0x8, 0xff, 0x0, 0x6, 0x1, 0x80, 0x1, 0xfff, 0xa8a, 0xfffffffe, 0x4, 0x81, 0xfffff91a, 0x10, 0x4, 0x101, 0x1, 0x3f, 0x5, 0x6e1, 0x71d, 0xd9, 0xff, 0x10000, 0x755d, 0x1, 0xfffffff6, 0x3f, 0x81, 0x2, 0x4, 0x27c, 0x1, 0x3ff, 0x7fff, 0x80000000, 0x5298, 0x1f, 0x0, 0xffffff74, 0x2, 0x9, 0x8, 0x8001, 0x10001, 0x7, 0xf2, 0x2, 0xc3bd, 0xfd2e, 0x3ff, 0x8, 0x1, 0x20, 0x21041881, 0xffffffc0, 0x6, 0x4, 0x7, 0xf31, 0x3, 0x1000, 0x7, 0xdb, 0x4, 0x7, 0x3ff, 0x1, 0x7, 0x0, 0x524, 0x1000, 0x0, 0x1, 0x9, 0x0, 0x6, 0x0, 0x5, 0x9, 0x2, 0x1, 0x3, 0x20, 0x81, 0x3, 0x7ff, 0x7fffffff, 0x3b89dca8, 0x7, 0x6, 0x8, 0x0, 0x3f, 0x8, 0x7, 0x5, 0x7, 0x4, 0xa7d, 0x2, 0x5, 0x4, 0x4, 0x8, 0x1000, 0xffffffe0, 0x6b31bcb1, 0x1000, 0xc1dd, 0x6, 0x1, 0xb5a4, 0x0, 0x9, 0xfff, 0x10000, 0x2, 0x6, 0x100, 0xe6be, 0x9, 0x5, 0x400, 0x96eb, 0xc1, 0x7fffffff, 0x3, 0x0, 0x0, 0x4, 0x7, 0x6, 0x4, 0x7, 0x1eee, 0xffff7fff, 0x9, 0x1, 0x0, 0x1, 0x20, 0x1f, 0x8, 0x20, 0x7fff, 0x7, 0x20, 0x65, 0x7, 0x1, 0x1, 0x20ee, 0xffffffff, 0x40, 0x200, 0x100, 0x4, 0x200, 0x4, 0x39ee, 0x5935, 0x4, 0x3556, 0x6, 0x4, 0x80000000, 0x400, 0x10001, 0x20, 0x1, 0xc0, 0x7fffffff, 0x5, 0x3, 0x2, 0x80000000, 0x86b40a83, 0x8, 0xa40, 0x7994, 0xfffffff8, 0x7, 0x8, 0x4, 0x1, 0x9, 0x401, 0x1000, 0x3f, 0xd8e, 0x0, 0x4, 0x0, 0x88, 0x0, 0x8, 0xffff, 0x7, 0x7fff, 0x1, 0x452, 0x401, 0x2, 0x0, 0x5, 0xfffffe00, 0xfffffffc, 0x2, 0x0, 0xe49d, 0x65, 0x40000000, 0xa2, 0x0, 0x200, 0x200, 0x7ff, 0x6, 0xff, 0x6, 0x1, 0x101, 0xfffffff7, 0x7, 0x2, 0x7, 0x0, 0x7, 0x1000, 0x2, 0x7, 0x8000, 0x6, 0x1, 0x3]}) (async, rerun: 32) r1 = gettid() (rerun: 32) wait4(r1, &(0x7f0000001040), 0x20000000, &(0x7f0000001080)) [ 531.050397][ T2810] name failslab, interval 1, probability 0, space 0, times 0 [ 531.065449][ T2810] CPU: 1 PID: 2810 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 531.075600][ T2810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 531.075603][ T2810] Call Trace: [ 531.075617][ T2810] dump_stack+0x18e/0x1de [ 531.075628][ T2810] should_fail+0x5d8/0x740 [ 531.075643][ T2810] ? blk_alloc_flush_queue+0x7e/0x230 [ 531.102960][ T2810] should_failslab+0x5/0x20 14:29:51 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1b9}, 0x7) 14:29:51 executing program 3: ioctl$PIO_UNISCRNMAP(0xffffffffffffffff, 0x4b6a, &(0x7f0000000040)="a97e8477a439b841f09284a4a107f357844fb2958ff5f31bf9375bd1c02f15a59c377624d4a70861a1") syz_open_dev$tty1(0xc, 0x4, 0x1) pipe2$9p(&(0x7f00000000c0), 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) write$P9_RLINK(r0, 0x0, 0x0) write$P9_RWSTAT(r0, &(0x7f0000000000)={0x7, 0x7f, 0x1}, 0x7) ioctl$PIO_UNISCRNMAP(0xffffffffffffffff, 0x4b6a, &(0x7f0000000040)="a97e8477a439b841f09284a4a107f357844fb2958ff5f31bf9375bd1c02f15a59c377624d4a70861a1") (async) syz_open_dev$tty1(0xc, 0x4, 0x1) (async) pipe2$9p(&(0x7f00000000c0), 0x0) (async) pipe2$9p(&(0x7f0000000100), 0x84800) (async) write$P9_RLINK(r0, 0x0, 0x0) (async) write$P9_RWSTAT(r0, &(0x7f0000000000)={0x7, 0x7f, 0x1}, 0x7) (async) 14:29:51 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1b9}, 0x7) 14:29:51 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 30) 14:29:51 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1b9}, 0x7) 14:29:51 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 31) [ 531.102978][ T2810] kmem_cache_alloc_trace+0x39/0x2b0 [ 531.112723][ T2810] blk_alloc_flush_queue+0x7e/0x230 [ 531.112734][ T2810] blk_mq_realloc_hw_ctxs+0x873/0x1440 [ 531.112748][ T2810] blk_mq_init_allocated_queue+0x4d8/0x16e0 [ 531.112759][ T2810] ? blk_alloc_queue_node+0x4e0/0x570 [ 531.112767][ T2810] blk_mq_init_queue+0x48/0xa0 [ 531.112776][ T2810] loop_add+0x256/0x710 [ 531.112785][ T2810] ? radix_tree_lookup+0x1c0/0x1d0 [ 531.112794][ T2810] loop_control_ioctl+0x468/0x680 [ 531.112802][ T2810] ? xor_init+0x60/0x60 [ 531.112813][ T2810] do_vfs_ioctl+0x6fb/0x15b0 [ 531.112826][ T2810] __x64_sys_ioctl+0xd4/0x110 [ 531.112837][ T2810] do_syscall_64+0xcb/0x1e0 [ 531.112848][ T2810] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 531.112856][ T2810] RIP: 0033:0x7fe6f0f01059 [ 531.112865][ T2810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 531.112869][ T2810] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 531.112879][ T2810] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 531.112883][ T2810] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 531.112887][ T2810] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 531.112892][ T2810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 531.112897][ T2810] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 531.139270][ T2839] FAULT_INJECTION: forcing a failure. [ 531.139270][ T2839] name failslab, interval 1, probability 0, space 0, times 0 [ 531.139283][ T2839] CPU: 1 PID: 2839 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 531.139289][ T2839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 531.139292][ T2839] Call Trace: [ 531.139305][ T2839] dump_stack+0x18e/0x1de [ 531.139318][ T2839] should_fail+0x5d8/0x740 [ 531.139329][ T2839] ? blk_alloc_flush_queue+0xdf/0x230 [ 531.139340][ T2839] should_failslab+0x5/0x20 [ 531.139349][ T2839] __kmalloc+0x5f/0x2f0 [ 531.139357][ T2839] ? blk_alloc_flush_queue+0x7e/0x230 [ 531.139367][ T2839] blk_alloc_flush_queue+0xdf/0x230 [ 531.139377][ T2839] blk_mq_realloc_hw_ctxs+0x873/0x1440 [ 531.139390][ T2839] blk_mq_init_allocated_queue+0x4d8/0x16e0 [ 531.139402][ T2839] ? blk_alloc_queue_node+0x4e0/0x570 [ 531.139411][ T2839] blk_mq_init_queue+0x48/0xa0 [ 531.139419][ T2839] loop_add+0x256/0x710 [ 531.139428][ T2839] ? radix_tree_lookup+0x1c0/0x1d0 [ 531.139437][ T2839] loop_control_ioctl+0x468/0x680 [ 531.139445][ T2839] ? xor_init+0x60/0x60 [ 531.139455][ T2839] do_vfs_ioctl+0x6fb/0x15b0 [ 531.139467][ T2839] __x64_sys_ioctl+0xd4/0x110 [ 531.139476][ T2839] do_syscall_64+0xcb/0x1e0 [ 531.139487][ T2839] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 531.139494][ T2839] RIP: 0033:0x7fe6f0f01059 [ 531.139504][ T2839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 531.139508][ T2839] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 531.139517][ T2839] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 531.139522][ T2839] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 531.139527][ T2839] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 531.139532][ T2839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 531.139538][ T2839] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 531.161231][ T2843] FAULT_INJECTION: forcing a failure. [ 531.161231][ T2843] name failslab, interval 1, probability 0, space 0, times 0 [ 531.479310][ T2843] CPU: 1 PID: 2843 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 531.489461][ T2843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 531.489464][ T2843] Call Trace: [ 531.489481][ T2843] dump_stack+0x18e/0x1de [ 531.489492][ T2843] should_fail+0x5d8/0x740 [ 531.489509][ T2843] ? __alloc_disk_node+0x76/0x5a0 [ 531.516464][ T2843] should_failslab+0x5/0x20 [ 531.520945][ T2843] kmem_cache_alloc_trace+0x39/0x2b0 [ 531.526204][ T2843] __alloc_disk_node+0x76/0x5a0 [ 531.531152][ T2843] loop_add+0x323/0x710 [ 531.535301][ T2843] loop_control_ioctl+0x468/0x680 [ 531.540300][ T2843] ? xor_init+0x60/0x60 [ 531.544428][ T2843] do_vfs_ioctl+0x6fb/0x15b0 [ 531.548988][ T2843] __x64_sys_ioctl+0xd4/0x110 [ 531.553639][ T2843] do_syscall_64+0xcb/0x1e0 [ 531.563237][ T2843] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 531.569105][ T2843] RIP: 0033:0x7fe6f0f01059 [ 531.573511][ T2843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 531.593279][ T2843] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 531.601661][ T2843] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 14:29:52 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0xd) 14:29:52 executing program 3: ioctl$PIO_UNISCRNMAP(0xffffffffffffffff, 0x4b6a, &(0x7f0000000040)="a97e8477a439b841f09284a4a107f357844fb2958ff5f31bf9375bd1c02f15a59c377624d4a70861a1") syz_open_dev$tty1(0xc, 0x4, 0x1) pipe2$9p(&(0x7f00000000c0), 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) write$P9_RLINK(r0, 0x0, 0x0) write$P9_RWSTAT(r0, &(0x7f0000000000)={0x7, 0x7f, 0x1}, 0x7) ioctl$PIO_UNISCRNMAP(0xffffffffffffffff, 0x4b6a, &(0x7f0000000040)="a97e8477a439b841f09284a4a107f357844fb2958ff5f31bf9375bd1c02f15a59c377624d4a70861a1") (async) syz_open_dev$tty1(0xc, 0x4, 0x1) (async) pipe2$9p(&(0x7f00000000c0), 0x0) (async) pipe2$9p(&(0x7f0000000100), 0x84800) (async) write$P9_RLINK(r0, 0x0, 0x0) (async) write$P9_RWSTAT(r0, &(0x7f0000000000)={0x7, 0x7f, 0x1}, 0x7) (async) 14:29:52 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:52 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:52 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 32) [ 531.609598][ T2843] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 531.617541][ T2843] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 531.625481][ T2843] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 531.633430][ T2843] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 14:29:52 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$KDSKBSENT(r1, 0x4b49, &(0x7f0000000000)={0x4, "86b305dbc41783f8f1bc75d3eaa003f6debddbb8ae72aa089a9c6272e5790614dd1a320cb3603e08a99ef7b403dbcc3843e36748b5721149e1db479debdf1df0ad2fecfc075ea3a0d58cf7463dcb02ea8dd6a0292b0e9fc2f551899a45aa19e067091130a643556d64d9cb6023aad98b4fe2b69cc5597969d68db858c43ac365419dc4bc48c4530a39845bdebcc23c79024774d327d43547b22dea8d22b70ff6374f3cc62f93cd9124e54c3057a24260734f65909ddc7df7cef31365effb59de7192d70f16925a70d056a0430f901b62c95fcb9ea496e1102bc6c45b722430794efcbca1511687206580b982ff17f71c7f4eed8990c593fe30bb995badb7f8279e11e316500fcce2406f4f283c38ff1edfcd82f5f3e8a142e157046d2800c2b9c6bae155a9cf5531ef5997433c2e35a3e12778d62dcae3ee57fb1d04187fc8c0313fc4c0fbf46f510e4dcda6ac6d71804a5f78630c07de824a60d2634376b9993819729ccca48c23c8e5aca490c241c640360b6e3b6a9d4be4b0971385acf2a2b878700e7071f4983876ca8dcdfb43caf5c188e000fd8c912c03313d320d169af7405075ef29fecdc7f57138789d423ce44bf6f6d3b277298ae37676585d42dbdd1774cbdaac79a75a350098a97f98e9421794ff3dd2cacf76e39cbb889b03f51fd242a3754c1c38cc329f57041b0c6edc247d7c9108964726f189e274ec2b29"}) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:52 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) [ 531.664303][ T2853] FAULT_INJECTION: forcing a failure. [ 531.664303][ T2853] name failslab, interval 1, probability 0, space 0, times 0 [ 531.676958][ T2853] CPU: 1 PID: 2853 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 531.687351][ T2853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 531.687355][ T2853] Call Trace: [ 531.687369][ T2853] dump_stack+0x18e/0x1de [ 531.687386][ T2853] should_fail+0x5d8/0x740 [ 531.709563][ T2853] ? __alloc_disk_node+0x319/0x5a0 14:29:52 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f0000000000)={0x7, 0x7f, 0x1}, 0x7) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RXATTRWALK(r1, &(0x7f0000000080)={0xf, 0x1f, 0x1, 0x1}, 0xf) 14:29:52 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) 14:29:52 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 33) 14:29:52 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$KDSKBSENT(r1, 0x4b49, &(0x7f0000000000)={0x4, "86b305dbc41783f8f1bc75d3eaa003f6debddbb8ae72aa089a9c6272e5790614dd1a320cb3603e08a99ef7b403dbcc3843e36748b5721149e1db479debdf1df0ad2fecfc075ea3a0d58cf7463dcb02ea8dd6a0292b0e9fc2f551899a45aa19e067091130a643556d64d9cb6023aad98b4fe2b69cc5597969d68db858c43ac365419dc4bc48c4530a39845bdebcc23c79024774d327d43547b22dea8d22b70ff6374f3cc62f93cd9124e54c3057a24260734f65909ddc7df7cef31365effb59de7192d70f16925a70d056a0430f901b62c95fcb9ea496e1102bc6c45b722430794efcbca1511687206580b982ff17f71c7f4eed8990c593fe30bb995badb7f8279e11e316500fcce2406f4f283c38ff1edfcd82f5f3e8a142e157046d2800c2b9c6bae155a9cf5531ef5997433c2e35a3e12778d62dcae3ee57fb1d04187fc8c0313fc4c0fbf46f510e4dcda6ac6d71804a5f78630c07de824a60d2634376b9993819729ccca48c23c8e5aca490c241c640360b6e3b6a9d4be4b0971385acf2a2b878700e7071f4983876ca8dcdfb43caf5c188e000fd8c912c03313d320d169af7405075ef29fecdc7f57138789d423ce44bf6f6d3b277298ae37676585d42dbdd1774cbdaac79a75a350098a97f98e9421794ff3dd2cacf76e39cbb889b03f51fd242a3754c1c38cc329f57041b0c6edc247d7c9108964726f189e274ec2b29"}) write$P9_RWSTAT(r0, 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) syz_open_dev$ttys(0xc, 0x2, 0x0) (async) ioctl$KDSKBSENT(r1, 0x4b49, &(0x7f0000000000)={0x4, "86b305dbc41783f8f1bc75d3eaa003f6debddbb8ae72aa089a9c6272e5790614dd1a320cb3603e08a99ef7b403dbcc3843e36748b5721149e1db479debdf1df0ad2fecfc075ea3a0d58cf7463dcb02ea8dd6a0292b0e9fc2f551899a45aa19e067091130a643556d64d9cb6023aad98b4fe2b69cc5597969d68db858c43ac365419dc4bc48c4530a39845bdebcc23c79024774d327d43547b22dea8d22b70ff6374f3cc62f93cd9124e54c3057a24260734f65909ddc7df7cef31365effb59de7192d70f16925a70d056a0430f901b62c95fcb9ea496e1102bc6c45b722430794efcbca1511687206580b982ff17f71c7f4eed8990c593fe30bb995badb7f8279e11e316500fcce2406f4f283c38ff1edfcd82f5f3e8a142e157046d2800c2b9c6bae155a9cf5531ef5997433c2e35a3e12778d62dcae3ee57fb1d04187fc8c0313fc4c0fbf46f510e4dcda6ac6d71804a5f78630c07de824a60d2634376b9993819729ccca48c23c8e5aca490c241c640360b6e3b6a9d4be4b0971385acf2a2b878700e7071f4983876ca8dcdfb43caf5c188e000fd8c912c03313d320d169af7405075ef29fecdc7f57138789d423ce44bf6f6d3b277298ae37676585d42dbdd1774cbdaac79a75a350098a97f98e9421794ff3dd2cacf76e39cbb889b03f51fd242a3754c1c38cc329f57041b0c6edc247d7c9108964726f189e274ec2b29"}) (async) write$P9_RWSTAT(r0, 0x0, 0x0) (async) [ 531.709579][ T2853] should_failslab+0x5/0x20 [ 531.719151][ T2853] kmem_cache_alloc_trace+0x39/0x2b0 [ 531.719164][ T2853] __alloc_disk_node+0x319/0x5a0 [ 531.719174][ T2853] loop_add+0x323/0x710 [ 531.719184][ T2853] loop_control_ioctl+0x468/0x680 [ 531.719192][ T2853] ? xor_init+0x60/0x60 [ 531.719209][ T2853] do_vfs_ioctl+0x6fb/0x15b0 [ 531.719221][ T2853] __x64_sys_ioctl+0xd4/0x110 [ 531.719231][ T2853] do_syscall_64+0xcb/0x1e0 [ 531.719241][ T2853] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 531.719250][ T2853] RIP: 0033:0x7fe6f0f01059 [ 531.719260][ T2853] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 531.719265][ T2853] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 531.719274][ T2853] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 531.719279][ T2853] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 14:29:52 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) [ 531.719284][ T2853] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 531.719289][ T2853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 531.719294][ T2853] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 531.739365][ T2870] FAULT_INJECTION: forcing a failure. [ 531.739365][ T2870] name failslab, interval 1, probability 0, space 0, times 0 [ 531.851816][ T2870] CPU: 0 PID: 2870 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 14:29:52 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0xe) 14:29:52 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:52 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 34) [ 531.862145][ T2870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 531.862149][ T2870] Call Trace: [ 531.862162][ T2870] dump_stack+0x18e/0x1de [ 531.862173][ T2870] should_fail+0x5d8/0x740 [ 531.862184][ T2870] ? rand_initialize_disk+0x4b/0xb0 [ 531.862193][ T2870] should_failslab+0x5/0x20 [ 531.862204][ T2870] kmem_cache_alloc_trace+0x39/0x2b0 [ 531.862212][ T2870] ? part_release+0xc0/0xc0 14:29:52 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) (async) r1 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$KDSKBSENT(r1, 0x4b49, &(0x7f0000000000)={0x4, "86b305dbc41783f8f1bc75d3eaa003f6debddbb8ae72aa089a9c6272e5790614dd1a320cb3603e08a99ef7b403dbcc3843e36748b5721149e1db479debdf1df0ad2fecfc075ea3a0d58cf7463dcb02ea8dd6a0292b0e9fc2f551899a45aa19e067091130a643556d64d9cb6023aad98b4fe2b69cc5597969d68db858c43ac365419dc4bc48c4530a39845bdebcc23c79024774d327d43547b22dea8d22b70ff6374f3cc62f93cd9124e54c3057a24260734f65909ddc7df7cef31365effb59de7192d70f16925a70d056a0430f901b62c95fcb9ea496e1102bc6c45b722430794efcbca1511687206580b982ff17f71c7f4eed8990c593fe30bb995badb7f8279e11e316500fcce2406f4f283c38ff1edfcd82f5f3e8a142e157046d2800c2b9c6bae155a9cf5531ef5997433c2e35a3e12778d62dcae3ee57fb1d04187fc8c0313fc4c0fbf46f510e4dcda6ac6d71804a5f78630c07de824a60d2634376b9993819729ccca48c23c8e5aca490c241c640360b6e3b6a9d4be4b0971385acf2a2b878700e7071f4983876ca8dcdfb43caf5c188e000fd8c912c03313d320d169af7405075ef29fecdc7f57138789d423ce44bf6f6d3b277298ae37676585d42dbdd1774cbdaac79a75a350098a97f98e9421794ff3dd2cacf76e39cbb889b03f51fd242a3754c1c38cc329f57041b0c6edc247d7c9108964726f189e274ec2b29"}) (async) write$P9_RWSTAT(r0, 0x0, 0x0) [ 531.862221][ T2870] ? percpu_ref_init+0x189/0x230 [ 531.862230][ T2870] rand_initialize_disk+0x4b/0xb0 [ 531.862239][ T2870] __alloc_disk_node+0x3f6/0x5a0 [ 531.862249][ T2870] loop_add+0x323/0x710 [ 531.862258][ T2870] loop_control_ioctl+0x468/0x680 [ 531.862266][ T2870] ? xor_init+0x60/0x60 [ 531.862275][ T2870] do_vfs_ioctl+0x6fb/0x15b0 [ 531.862288][ T2870] __x64_sys_ioctl+0xd4/0x110 [ 531.862297][ T2870] do_syscall_64+0xcb/0x1e0 [ 531.862307][ T2870] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 531.862315][ T2870] RIP: 0033:0x7fe6f0f01059 [ 531.862322][ T2870] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 531.862326][ T2870] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 531.862334][ T2870] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 531.862339][ T2870] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 14:29:52 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f0000000000)={0x7, 0x7f, 0x1}, 0x7) (async, rerun: 64) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) (rerun: 64) write$P9_RXATTRWALK(r1, &(0x7f0000000080)={0xf, 0x1f, 0x1, 0x1}, 0xf) [ 531.862343][ T2870] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 531.862348][ T2870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 531.862353][ T2870] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 531.944621][ T2887] FAULT_INJECTION: forcing a failure. [ 531.944621][ T2887] name failslab, interval 1, probability 0, space 0, times 0 [ 532.049337][ T2887] CPU: 1 PID: 2887 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 14:29:52 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0xf) 14:29:52 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) sendmsg$NL80211_CMD_GET_SURVEY(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4800210}, 0xc, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="00042cbddf258620c02680321fe07342bfce7900bcf1bec30300000000008f3ea49e621e23496f0934f7a470976a20898fecf31f5090b7e3917daa45f67c9d3a2920db025644992131e991be94b43a2553164f34138ec4d26de4da8606d3ddc391dc0354d2c2587ec415053c94a66978aa93cf66b6bfc10f141143be18eaad0f5f99bb2d7321e185b64d9f79f530db82a1e8582d98bceaa6a1284c375113981cc52452cab2779023dc1dca546a43201258c6b94104dc7b5ffd8847e43a7017cd37b6e9375d0ed8b38f7066e52655d3", @ANYRES32=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x20008804) write$P9_RWSTAT(r0, 0x0, 0x0) [ 532.049348][ T2887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 532.069701][ T2887] Call Trace: [ 532.069716][ T2887] dump_stack+0x18e/0x1de [ 532.069734][ T2887] should_fail+0x5d8/0x740 [ 532.081705][ T2887] ? blk_mq_init_tags+0x74/0x290 [ 532.081717][ T2887] should_failslab+0x5/0x20 [ 532.081726][ T2887] kmem_cache_alloc_trace+0x39/0x2b0 [ 532.081740][ T2887] ? mutex_unlock+0x19/0x40 [ 532.101142][ T2887] blk_mq_init_tags+0x74/0x290 [ 532.101164][ T2887] ? blk_mq_hw_queue_to_node+0xeb/0x100 [ 532.111435][ T2887] blk_mq_alloc_rq_map+0x93/0x1a0 14:29:52 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) [ 532.111446][ T2887] blk_mq_init_sched+0x1d6/0xb10 [ 532.111459][ T2887] elevator_init_mq+0x2cd/0x3f0 [ 532.111469][ T2887] __device_add_disk+0x87/0x1220 [ 532.111479][ T2887] ? loop_add+0x3f0/0x710 [ 532.111487][ T2887] loop_add+0x554/0x710 [ 532.111498][ T2887] loop_control_ioctl+0x468/0x680 [ 532.111506][ T2887] ? xor_init+0x60/0x60 [ 532.111516][ T2887] do_vfs_ioctl+0x6fb/0x15b0 [ 532.111528][ T2887] __x64_sys_ioctl+0xd4/0x110 [ 532.111537][ T2887] do_syscall_64+0xcb/0x1e0 [ 532.111548][ T2887] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 532.111557][ T2887] RIP: 0033:0x7fe6f0f01059 [ 532.111567][ T2887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 532.111572][ T2887] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 532.111581][ T2887] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 532.111586][ T2887] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 14:29:52 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f0000000000)={0x7, 0x7f, 0x1}, 0x7) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RXATTRWALK(r1, &(0x7f0000000080)={0xf, 0x1f, 0x1, 0x1}, 0xf) 14:29:52 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:52 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) sendmsg$NL80211_CMD_GET_SURVEY(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4800210}, 0xc, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="00042cbddf258620c02680321fe07342bfce7900bcf1bec30300000000008f3ea49e621e23496f0934f7a470976a20898fecf31f5090b7e3917daa45f67c9d3a2920db025644992131e991be94b43a2553164f34138ec4d26de4da8606d3ddc391dc0354d2c2587ec415053c94a66978aa93cf66b6bfc10f141143be18eaad0f5f99bb2d7321e185b64d9f79f530db82a1e8582d98bceaa6a1284c375113981cc52452cab2779023dc1dca546a43201258c6b94104dc7b5ffd8847e43a7017cd37b6e9375d0ed8b38f7066e52655d3", @ANYRES32=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x20008804) (async) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:52 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x18) 14:29:52 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) 14:29:52 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 35) 14:29:52 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) 14:29:52 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x3d, 0x7f, 0x2}, 0x7) [ 532.111591][ T2887] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 532.111596][ T2887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 532.111601][ T2887] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 532.116888][ T2887] "mq-deadline" elevator initialization failed, falling back to "none" 14:29:52 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x1a) 14:29:52 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) sendmsg$NL80211_CMD_GET_SURVEY(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4800210}, 0xc, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="00042cbddf258620c02680321fe07342bfce7900bcf1bec30300000000008f3ea49e621e23496f0934f7a470976a20898fecf31f5090b7e3917daa45f67c9d3a2920db025644992131e991be94b43a2553164f34138ec4d26de4da8606d3ddc391dc0354d2c2587ec415053c94a66978aa93cf66b6bfc10f141143be18eaad0f5f99bb2d7321e185b64d9f79f530db82a1e8582d98bceaa6a1284c375113981cc52452cab2779023dc1dca546a43201258c6b94104dc7b5ffd8847e43a7017cd37b6e9375d0ed8b38f7066e52655d3", @ANYRES32=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x20008804) (async, rerun: 32) write$P9_RWSTAT(r0, 0x0, 0x0) (rerun: 32) 14:29:52 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x8) 14:29:52 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) 14:29:52 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000000)={0x8001, 0x5, 0x8, 0x800000, 0x8, "f3d841bc67e05a3cc9ac69d98b2dd585363bef", 0xc2, 0x6}) write$P9_RWSTAT(r0, 0x0, 0x0) r2 = syz_open_pts(r0, 0x400400) ioctl$TIOCGPTPEER(r2, 0x5441, 0x1) ioctl$GIO_SCRNMAP(r0, 0x4b40, &(0x7f0000000040)=""/95) 14:29:52 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:52 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x1) (async) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x3d, 0x7f, 0x2}, 0x7) 14:29:52 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x1b) 14:29:52 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0xb}, 0x7) [ 532.322046][ T2920] FAULT_INJECTION: forcing a failure. [ 532.322046][ T2920] name failslab, interval 1, probability 0, space 0, times 0 [ 532.342740][ T2920] CPU: 0 PID: 2920 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 532.352895][ T2920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 532.352905][ T2920] Call Trace: [ 532.366221][ T2920] dump_stack+0x18e/0x1de [ 532.366239][ T2920] should_fail+0x5d8/0x740 [ 532.375031][ T2920] ? sbitmap_init_node+0x145/0x3d0 [ 532.375047][ T2920] should_failslab+0x5/0x20 [ 532.384611][ T2920] __kmalloc+0x5f/0x2f0 [ 532.384622][ T2920] sbitmap_init_node+0x145/0x3d0 [ 532.384636][ T2920] sbitmap_queue_init_node+0x2f/0xbe0 [ 532.399274][ T2920] ? kmem_cache_alloc_trace+0x139/0x2b0 [ 532.399282][ T2920] ? blk_mq_init_tags+0x74/0x290 [ 532.399295][ T2920] ? mutex_unlock+0x19/0x40 [ 532.414312][ T2920] blk_mq_init_tags+0xef/0x290 [ 532.414327][ T2920] blk_mq_alloc_rq_map+0x93/0x1a0 [ 532.424074][ T2920] blk_mq_init_sched+0x1d6/0xb10 [ 532.424089][ T2920] elevator_init_mq+0x2cd/0x3f0 [ 532.433836][ T2920] __device_add_disk+0x87/0x1220 [ 532.433851][ T2920] ? loop_add+0x3f0/0x710 [ 532.443083][ T2920] loop_add+0x554/0x710 [ 532.443096][ T2920] loop_control_ioctl+0x468/0x680 [ 532.452229][ T2920] ? xor_init+0x60/0x60 [ 532.452241][ T2920] do_vfs_ioctl+0x6fb/0x15b0 [ 532.452254][ T2920] __x64_sys_ioctl+0xd4/0x110 [ 532.452264][ T2920] do_syscall_64+0xcb/0x1e0 [ 532.452276][ T2920] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 532.452285][ T2920] RIP: 0033:0x7fe6f0f01059 [ 532.452294][ T2920] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 532.452299][ T2920] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 532.452309][ T2920] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 14:29:53 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 36) 14:29:53 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x200000c7) 14:29:53 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) 14:29:53 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x1) (async) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x3d, 0x7f, 0x2}, 0x7) 14:29:53 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000000)={0x8001, 0x5, 0x8, 0x800000, 0x8, "f3d841bc67e05a3cc9ac69d98b2dd585363bef", 0xc2, 0x6}) (async) write$P9_RWSTAT(r0, 0x0, 0x0) (async) r2 = syz_open_pts(r0, 0x400400) ioctl$TIOCGPTPEER(r2, 0x5441, 0x1) (async) ioctl$GIO_SCRNMAP(r0, 0x4b40, &(0x7f0000000040)=""/95) 14:29:53 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) [ 532.452314][ T2920] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 532.452319][ T2920] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 532.452324][ T2920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 532.452329][ T2920] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 532.461966][ T2920] "mq-deadline" elevator initialization failed, falling back to "none" 14:29:53 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000000)={0x8001, 0x5, 0x8, 0x800000, 0x8, "f3d841bc67e05a3cc9ac69d98b2dd585363bef", 0xc2, 0x6}) write$P9_RWSTAT(r0, 0x0, 0x0) r2 = syz_open_pts(r0, 0x400400) ioctl$TIOCGPTPEER(r2, 0x5441, 0x1) ioctl$GIO_SCRNMAP(r0, 0x4b40, &(0x7f0000000040)=""/95) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async) syz_open_pts(r1, 0x0) (async) ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000000)={0x8001, 0x5, 0x8, 0x800000, 0x8, "f3d841bc67e05a3cc9ac69d98b2dd585363bef", 0xc2, 0x6}) (async) write$P9_RWSTAT(r0, 0x0, 0x0) (async) syz_open_pts(r0, 0x400400) (async) ioctl$TIOCGPTPEER(r2, 0x5441, 0x1) (async) ioctl$GIO_SCRNMAP(r0, 0x4b40, &(0x7f0000000040)=""/95) (async) 14:29:53 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f0000000000)={0x7, 0x7f, 0x1}, 0x7) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r2, 0x0, 0x0) write$P9_RAUTH(r2, &(0x7f0000000140)={0x14, 0x67, 0x2, {0x8, 0x4, 0x3}}, 0x14) write$P9_RLINK(r1, 0x0, 0x0) ioctl$TIOCGRS485(r0, 0x542e, &(0x7f0000000180)) write$P9_RLERROR(r1, &(0x7f0000000040)={0x9, 0x7, 0x1}, 0x9) ioctl$EVIOCSABS0(0xffffffffffffffff, 0x401845c0, &(0x7f0000000080)={0x5, 0x0, 0xfffffff8, 0x3, 0x7f, 0x10001}) ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, &(0x7f00000000c0)=0x40) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r3, 0x0, 0x0) write$P9_RWRITE(r3, &(0x7f0000000100)={0xb, 0x77, 0x2, 0xfffffffe}, 0xb) 14:29:53 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0xa}, 0x7) 14:29:53 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0xa, 0x1}, 0x7) [ 532.582162][ T2883] udevd[2883]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory [ 532.621769][ T2950] FAULT_INJECTION: forcing a failure. [ 532.621769][ T2950] name failslab, interval 1, probability 0, space 0, times 0 [ 532.621782][ T2950] CPU: 1 PID: 2950 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 532.621788][ T2950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 532.621791][ T2950] Call Trace: [ 532.621805][ T2950] dump_stack+0x18e/0x1de [ 532.621817][ T2950] should_fail+0x5d8/0x740 [ 532.621827][ T2950] ? sbitmap_queue_init_node+0x3db/0xbe0 [ 532.621839][ T2950] should_failslab+0x5/0x20 [ 532.621849][ T2950] kmem_cache_alloc_trace+0x39/0x2b0 [ 532.621859][ T2950] sbitmap_queue_init_node+0x3db/0xbe0 [ 532.621870][ T2950] blk_mq_init_tags+0xef/0x290 [ 532.621878][ T2950] blk_mq_alloc_rq_map+0x93/0x1a0 [ 532.621887][ T2950] blk_mq_init_sched+0x1d6/0xb10 [ 532.621905][ T2950] elevator_init_mq+0x2cd/0x3f0 [ 532.621941][ T2950] __device_add_disk+0x87/0x1220 [ 532.621951][ T2950] ? loop_add+0x3f0/0x710 [ 532.621961][ T2950] loop_add+0x554/0x710 [ 532.621970][ T2950] loop_control_ioctl+0x468/0x680 [ 532.621978][ T2950] ? xor_init+0x60/0x60 14:29:53 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) [ 532.621988][ T2950] do_vfs_ioctl+0x6fb/0x15b0 [ 532.622002][ T2950] __x64_sys_ioctl+0xd4/0x110 [ 532.622011][ T2950] do_syscall_64+0xcb/0x1e0 [ 532.622022][ T2950] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 532.622030][ T2950] RIP: 0033:0x7fe6f0f01059 [ 532.622039][ T2950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 532.622044][ T2950] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 14:29:53 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f0000000000)={0x7, 0x7f, 0x1}, 0x7) (async) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) (async) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r2, 0x0, 0x0) (async, rerun: 64) write$P9_RAUTH(r2, &(0x7f0000000140)={0x14, 0x67, 0x2, {0x8, 0x4, 0x3}}, 0x14) (rerun: 64) write$P9_RLINK(r1, 0x0, 0x0) ioctl$TIOCGRS485(r0, 0x542e, &(0x7f0000000180)) (async, rerun: 64) write$P9_RLERROR(r1, &(0x7f0000000040)={0x9, 0x7, 0x1}, 0x9) (async, rerun: 64) ioctl$EVIOCSABS0(0xffffffffffffffff, 0x401845c0, &(0x7f0000000080)={0x5, 0x0, 0xfffffff8, 0x3, 0x7f, 0x10001}) (async, rerun: 64) ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, &(0x7f00000000c0)=0x40) (rerun: 64) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r3, 0x0, 0x0) (async) write$P9_RWRITE(r3, &(0x7f0000000100)={0xb, 0x77, 0x2, 0xfffffffe}, 0xb) 14:29:53 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 37) [ 532.622053][ T2950] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 532.622058][ T2950] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 532.622063][ T2950] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 532.622068][ T2950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 532.622073][ T2950] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 532.622102][ T2950] "mq-deadline" elevator initialization failed, falling back to "none" [ 532.913262][ T2985] FAULT_INJECTION: forcing a failure. [ 532.913262][ T2985] name failslab, interval 1, probability 0, space 0, times 0 [ 532.913275][ T2985] CPU: 0 PID: 2985 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 532.913288][ T2985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 532.946136][ T2985] Call Trace: [ 532.946157][ T2985] dump_stack+0x18e/0x1de [ 532.946170][ T2985] should_fail+0x5d8/0x740 [ 532.946185][ T2985] ? sbitmap_queue_init_node+0x3db/0xbe0 [ 532.963768][ T2985] should_failslab+0x5/0x20 [ 532.963784][ T2985] kmem_cache_alloc_trace+0x39/0x2b0 [ 532.973557][ T2985] sbitmap_queue_init_node+0x3db/0xbe0 [ 532.973569][ T2985] blk_mq_init_tags+0x153/0x290 [ 532.973578][ T2985] blk_mq_alloc_rq_map+0x93/0x1a0 [ 532.973588][ T2985] blk_mq_init_sched+0x1d6/0xb10 [ 532.973601][ T2985] elevator_init_mq+0x2cd/0x3f0 [ 532.973611][ T2985] __device_add_disk+0x87/0x1220 [ 532.973621][ T2985] ? loop_add+0x3f0/0x710 [ 532.973630][ T2985] loop_add+0x554/0x710 [ 532.973640][ T2985] loop_control_ioctl+0x468/0x680 [ 532.973649][ T2985] ? xor_init+0x60/0x60 [ 532.973659][ T2985] do_vfs_ioctl+0x6fb/0x15b0 [ 532.973673][ T2985] __x64_sys_ioctl+0xd4/0x110 [ 532.973683][ T2985] do_syscall_64+0xcb/0x1e0 [ 532.973694][ T2985] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 532.973703][ T2985] RIP: 0033:0x7fe6f0f01059 [ 532.973713][ T2985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 532.973717][ T2985] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 532.973727][ T2985] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 532.973732][ T2985] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 532.973738][ T2985] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 532.973743][ T2985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 532.973753][ T2985] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 532.975473][ T2985] "mq-deadline" elevator initialization failed, falling back to "none" 14:29:53 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7ffff000) 14:29:53 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f0000000000)={0x7, 0x7f, 0x1}, 0x7) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r2, 0x0, 0x0) write$P9_RAUTH(r2, &(0x7f0000000140)={0x14, 0x67, 0x2, {0x8, 0x4, 0x3}}, 0x14) write$P9_RLINK(r1, 0x0, 0x0) ioctl$TIOCGRS485(r0, 0x542e, &(0x7f0000000180)) write$P9_RLERROR(r1, &(0x7f0000000040)={0x9, 0x7, 0x1}, 0x9) ioctl$EVIOCSABS0(0xffffffffffffffff, 0x401845c0, &(0x7f0000000080)={0x5, 0x0, 0xfffffff8, 0x3, 0x7f, 0x10001}) ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, &(0x7f00000000c0)=0x40) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r3, 0x0, 0x0) write$P9_RWRITE(r3, &(0x7f0000000100)={0xb, 0x77, 0x2, 0xfffffffe}, 0xb) 14:29:53 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) (async) write$P9_RWSTAT(r0, 0x0, 0x0) (async) 14:29:53 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f0000000000)={0x7, 0x7f, 0x1}, 0x7) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r2, 0x0, 0x0) write$P9_RAUTH(r2, &(0x7f0000000140)={0x14, 0x67, 0x2, {0x8, 0x4, 0x3}}, 0x14) write$P9_RLINK(r1, 0x0, 0x0) ioctl$TIOCGRS485(r0, 0x542e, &(0x7f0000000180)) write$P9_RLERROR(r1, &(0x7f0000000040)={0x9, 0x7, 0x1}, 0x9) ioctl$EVIOCSABS0(0xffffffffffffffff, 0x401845c0, &(0x7f0000000080)={0x5, 0x0, 0xfffffff8, 0x3, 0x7f, 0x10001}) ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, &(0x7f00000000c0)=0x40) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r3, 0x0, 0x0) write$P9_RWRITE(r3, &(0x7f0000000100)={0xb, 0x77, 0x2, 0xfffffffe}, 0xb) syz_open_dev$tty1(0xc, 0x4, 0x1) (async) write$P9_RWSTAT(r0, &(0x7f0000000000)={0x7, 0x7f, 0x1}, 0x7) (async) pipe2$9p(&(0x7f0000000400), 0x0) (async) pipe2$9p(&(0x7f0000000400), 0x0) (async) write$P9_RLINK(r2, 0x0, 0x0) (async) write$P9_RAUTH(r2, &(0x7f0000000140)={0x14, 0x67, 0x2, {0x8, 0x4, 0x3}}, 0x14) (async) write$P9_RLINK(r1, 0x0, 0x0) (async) ioctl$TIOCGRS485(r0, 0x542e, &(0x7f0000000180)) (async) write$P9_RLERROR(r1, &(0x7f0000000040)={0x9, 0x7, 0x1}, 0x9) (async) ioctl$EVIOCSABS0(0xffffffffffffffff, 0x401845c0, &(0x7f0000000080)={0x5, 0x0, 0xfffffff8, 0x3, 0x7f, 0x10001}) (async) ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, &(0x7f00000000c0)=0x40) (async) pipe2$9p(&(0x7f0000000400), 0x0) (async) write$P9_RLINK(r3, 0x0, 0x0) (async) write$P9_RWRITE(r3, &(0x7f0000000100)={0xb, 0x77, 0x2, 0xfffffffe}, 0xb) (async) 14:29:53 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 38) 14:29:53 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0xa}, 0x7) 14:29:53 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x200000c7) 14:29:53 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) write$P9_RLCREATE(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0xf, 0x1, {{0x0, 0x3, 0x7}, 0x6}}, 0x18) 14:29:53 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0xa}, 0x7) 14:29:53 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) (async) write$P9_RWSTAT(r0, 0x0, 0x0) (async) 14:29:53 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) write$P9_RLCREATE(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0xf, 0x1, {{0x0, 0x3, 0x7}, 0x6}}, 0x18) syz_open_dev$tty1(0xc, 0x4, 0x1) (async) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) write$P9_RLCREATE(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0xf, 0x1, {{0x0, 0x3, 0x7}, 0x6}}, 0x18) (async) [ 533.467556][ T2995] FAULT_INJECTION: forcing a failure. [ 533.467556][ T2995] name failslab, interval 1, probability 0, space 0, times 0 [ 533.467570][ T2995] CPU: 0 PID: 2995 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 533.467575][ T2995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 533.467578][ T2995] Call Trace: [ 533.467592][ T2995] dump_stack+0x18e/0x1de [ 533.467605][ T2995] should_fail+0x5d8/0x740 [ 533.467614][ T2995] ? blk_mq_alloc_rq_map+0xb3/0x1a0 [ 533.467631][ T2995] should_failslab+0x5/0x20 [ 533.522595][ T2995] __kmalloc+0x5f/0x2f0 [ 533.522606][ T2995] ? blk_mq_init_tags+0x209/0x290 [ 533.522619][ T2995] blk_mq_alloc_rq_map+0xb3/0x1a0 [ 533.536781][ T2995] blk_mq_init_sched+0x1d6/0xb10 [ 533.536796][ T2995] elevator_init_mq+0x2cd/0x3f0 [ 533.536804][ T2995] __device_add_disk+0x87/0x1220 [ 533.536819][ T2995] ? loop_add+0x3f0/0x710 [ 533.555781][ T2995] loop_add+0x554/0x710 [ 533.555797][ T2995] loop_control_ioctl+0x468/0x680 14:29:54 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x6, 0x581400) ioctl$EVIOCRMFF(r0, 0x40044581, &(0x7f0000000040)=0x9) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r1, 0x0, 0x0) [ 533.564958][ T2995] ? xor_init+0x60/0x60 [ 533.564967][ T2995] do_vfs_ioctl+0x6fb/0x15b0 [ 533.564982][ T2995] __x64_sys_ioctl+0xd4/0x110 [ 533.578340][ T2995] do_syscall_64+0xcb/0x1e0 [ 533.578356][ T2995] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 533.588701][ T2995] RIP: 0033:0x7fe6f0f01059 [ 533.588711][ T2995] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 533.588716][ T2995] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 533.588725][ T2995] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 533.588730][ T2995] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 533.588736][ T2995] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 533.588741][ T2995] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 533.588746][ T2995] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 533.594481][ T2995] "mq-deadline" elevator initialization failed, falling back to "none" 14:29:54 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0xffffff9b) 14:29:54 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) write$P9_RLCREATE(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0xf, 0x1, {{0x0, 0x3, 0x7}, 0x6}}, 0x18) 14:29:54 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 39) 14:29:54 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x7, 0x80401) ioctl$EVIOCGREP(r1, 0x80084503, &(0x7f0000000100)=""/172) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:54 executing program 2: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0xa}, 0x7) 14:29:54 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x6, 0x581400) ioctl$EVIOCRMFF(r0, 0x40044581, &(0x7f0000000040)=0x9) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r1, 0x0, 0x0) 14:29:54 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x200000c7) 14:29:54 executing program 2: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0xa}, 0x7) 14:29:54 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 40) 14:29:54 executing program 2: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0xa}, 0x7) [ 534.306685][ T3032] FAULT_INJECTION: forcing a failure. [ 534.306685][ T3032] name failslab, interval 1, probability 0, space 0, times 0 [ 534.306698][ T3032] CPU: 0 PID: 3032 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 534.306704][ T3032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 534.306707][ T3032] Call Trace: [ 534.306721][ T3032] dump_stack+0x18e/0x1de [ 534.306734][ T3032] should_fail+0x5d8/0x740 14:29:54 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0xa}, 0x7) [ 534.306744][ T3032] ? blk_mq_alloc_rq_map+0xe9/0x1a0 [ 534.306756][ T3032] should_failslab+0x5/0x20 [ 534.306766][ T3032] __kmalloc+0x5f/0x2f0 [ 534.306774][ T3032] ? blk_mq_alloc_rq_map+0xb3/0x1a0 [ 534.306783][ T3032] blk_mq_alloc_rq_map+0xe9/0x1a0 [ 534.306793][ T3032] blk_mq_init_sched+0x1d6/0xb10 [ 534.306805][ T3032] elevator_init_mq+0x2cd/0x3f0 [ 534.306815][ T3032] __device_add_disk+0x87/0x1220 [ 534.306824][ T3032] ? loop_add+0x3f0/0x710 [ 534.306833][ T3032] loop_add+0x554/0x710 [ 534.306843][ T3032] loop_control_ioctl+0x468/0x680 [ 534.306851][ T3032] ? xor_init+0x60/0x60 [ 534.306861][ T3032] do_vfs_ioctl+0x6fb/0x15b0 [ 534.306877][ T3032] __x64_sys_ioctl+0xd4/0x110 [ 534.306886][ T3032] do_syscall_64+0xcb/0x1e0 [ 534.306897][ T3032] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 534.306915][ T3032] RIP: 0033:0x7fe6f0f01059 [ 534.306924][ T3032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 534.306929][ T3032] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 534.306938][ T3032] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 534.306943][ T3032] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 534.306948][ T3032] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 534.306953][ T3032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 534.306958][ T3032] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 14:29:55 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) (async) r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x7, 0x80401) ioctl$EVIOCGREP(r1, 0x80084503, &(0x7f0000000100)=""/172) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) [ 534.307016][ T3032] "mq-deadline" elevator initialization failed, falling back to "none" [ 534.368566][ T3046] FAULT_INJECTION: forcing a failure. [ 534.368566][ T3046] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 534.529452][ T3046] CPU: 1 PID: 3046 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 534.529457][ T3046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 534.529460][ T3046] Call Trace: [ 534.529476][ T3046] dump_stack+0x18e/0x1de [ 534.529489][ T3046] should_fail+0x5d8/0x740 [ 534.529502][ T3046] __alloc_pages_nodemask+0x12e/0x740 [ 534.529513][ T3046] blk_mq_alloc_rqs+0x252/0x660 [ 534.529524][ T3046] ? blk_mq_alloc_rq_map+0x11a/0x1a0 [ 534.529534][ T3046] blk_mq_init_sched+0x235/0xb10 [ 534.529546][ T3046] elevator_init_mq+0x2cd/0x3f0 [ 534.529557][ T3046] __device_add_disk+0x87/0x1220 [ 534.529567][ T3046] ? loop_add+0x3f0/0x710 [ 534.529576][ T3046] loop_add+0x554/0x710 [ 534.529591][ T3046] loop_control_ioctl+0x468/0x680 [ 534.529599][ T3046] ? xor_init+0x60/0x60 [ 534.529609][ T3046] do_vfs_ioctl+0x6fb/0x15b0 [ 534.529623][ T3046] __x64_sys_ioctl+0xd4/0x110 [ 534.529633][ T3046] do_syscall_64+0xcb/0x1e0 [ 534.529643][ T3046] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 534.529650][ T3046] RIP: 0033:0x7fe6f0f01059 [ 534.529659][ T3046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 534.529663][ T3046] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 534.529671][ T3046] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 534.529675][ T3046] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 534.529680][ T3046] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 534.529684][ T3046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 534.529689][ T3046] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 14:29:55 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 41) 14:29:55 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x7, 0x80401) ioctl$EVIOCGREP(r1, 0x80084503, &(0x7f0000000100)=""/172) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) syz_open_dev$tty1(0xc, 0x4, 0x1) (async) syz_open_dev$evdev(&(0x7f0000000000), 0x7, 0x80401) (async) ioctl$EVIOCGREP(r1, 0x80084503, &(0x7f0000000100)=""/172) (async) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) 14:29:55 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0xffffffffffffffff) 14:29:55 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0xa}, 0x7) 14:29:55 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x6, 0x581400) ioctl$EVIOCRMFF(r0, 0x40044581, &(0x7f0000000040)=0x9) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r1, 0x0, 0x0) syz_open_dev$evdev(&(0x7f0000000000), 0x6, 0x581400) (async) ioctl$EVIOCRMFF(r0, 0x40044581, &(0x7f0000000040)=0x9) (async) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) write$P9_RWSTAT(r1, 0x0, 0x0) (async) 14:29:55 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0xa}, 0x7) [ 535.171619][ T3057] FAULT_INJECTION: forcing a failure. [ 535.171619][ T3057] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 535.191461][ T3057] CPU: 1 PID: 3057 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 535.191467][ T3057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 535.191471][ T3057] Call Trace: [ 535.191485][ T3057] dump_stack+0x18e/0x1de [ 535.191498][ T3057] should_fail+0x5d8/0x740 [ 535.191512][ T3057] __alloc_pages_nodemask+0x12e/0x740 [ 535.191523][ T3057] blk_mq_alloc_rqs+0x252/0x660 [ 535.191533][ T3057] ? blk_mq_alloc_rq_map+0x11a/0x1a0 [ 535.191542][ T3057] blk_mq_init_sched+0x235/0xb10 [ 535.191555][ T3057] elevator_init_mq+0x2cd/0x3f0 [ 535.191566][ T3057] __device_add_disk+0x87/0x1220 [ 535.191575][ T3057] ? loop_add+0x3f0/0x710 [ 535.191585][ T3057] loop_add+0x554/0x710 [ 535.191595][ T3057] loop_control_ioctl+0x468/0x680 [ 535.191603][ T3057] ? xor_init+0x60/0x60 [ 535.191613][ T3057] do_vfs_ioctl+0x6fb/0x15b0 [ 535.191626][ T3057] __x64_sys_ioctl+0xd4/0x110 [ 535.191636][ T3057] do_syscall_64+0xcb/0x1e0 [ 535.191647][ T3057] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 535.191656][ T3057] RIP: 0033:0x7fe6f0f01059 [ 535.191666][ T3057] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 14:29:55 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x200000c7) 14:29:55 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x1) pipe2$9p(&(0x7f0000000000), 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:55 executing program 4: sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x0, 0x70bd26, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x4000011) r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:55 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0xa}, 0x7) 14:29:55 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 42) 14:29:55 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000000)=0x2) ioctl$TIOCGPTPEER(r0, 0x5441, 0x9) r1 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000440)={0x2, 0x0, 0x16, 0x4, 0xe6, &(0x7f0000000040)="e21c1f64c5ec469395698c1fa2232a4ea84bf8ed297e2eb44598af6c0248b7860af36f4278e2e630f4c120608c75311d41730f10b2a4cb0dcb03d746acd6a88f6800cc7897c3dc0d8ff95b74a19b3c4f0d659fd0489e5e311b9dea15a55c3fda448e057505616b0b6f7400e0785779ff8c600a288146aa709dc08f28366ebde75b9c578a397065d47385bfe702ca2fa9933bc1463ba0078c79fcd2be94190bab7ea0be08200d0672993f80a2e5709dc612bb5f20c51612e50e4041865001cb3131502c0e898b7a6f4831e486fe2835813aea3a64e91463c08fcc0b3620c49e440bb8b613e719a806762f589e102faaf8fd255ff0703f2cb93cb50eea1986d6b07d6c94d53aaace41aa16898eed9dd1b7ebaa6d83f4d8e57fb93bef9b925e1b70ee22c46667276de5d30985af6fe6d700e6d9b8bfaa5b37a7adc0f0246bf75471cd6faa2de1395ce9a3c0d7225a21995dbdc33b264496bc6001673a18db81f67819bacf795b7574e467568d93d4918d4599a4af425b1321e98c6e8b445db9bd10150f1bfb1aa6e9116faf28022f50cdc7923957321684a43cd26137353fa55676ca9a21df43dce8a42ca090b205f5ab80a6c9f1ff1b21f8156d29c7689df7d67caeecc90cf15c20d499dcb3df0d555baa431d4bbde64890b1445275607b31dbe47543f0bbb43506162f5c1b86d1a34708d4720d8320406a49888bfb224ab2a984b91e996cc7057ff75585ac57422d75dc79318d2ae034a2dd568cdd9fdab4e036a2f47f8e8160471980949bc1c9ed3be5cf9d786a23557ab3b3499da63974843dc52d4d1963ddf86243580332d24cb69e0351218eac5ec909af8f1d6336bc5c7c79dc2800128b2951ca8d87dd3b06d09ec411a7f9f78929b97c17c38fdc8b18983908e62724424416abadce18ba8fd6ff842420cea0e6b4b41547f6d4d9d8df36c85fb2eef5f29134362dd6d9d17bf564db6a6b697ea20d034117b5360e44d0f00eac3ff761862c67896d093fbf17f663dcb8144b539cccbe942805ea4dca3cb7469aa7842d4b1d0337043a772baadb6f1f368a2b5cbcc18013011bafa0dc4ec5a8937a2d9027b20389092de093e879bb3f193f5f83d9ea8d37970cfd580d5fa62da64016b65ba4ea0f3a12dbc70f361a21dc5969a2e420d6e58bcabb866731469e86b15f84cc5bf0e30ce8aed5e36d8162251dbe588f97351751421cb8a8fd330b98275c397a9f741f391e0b0008734726e6601dd9f80ae38db9281a3b5776bec088770e20646ffdc201c63276b48cfe71f1c790825ce9f2d69bd23a100e00a46e2e520207fccf5874ed6950f572359df90386f684b253929b7145b15bc7f40e1eabe3c6dff2867559ceaa8ac89c8a6994beee9a0b8270b9d514b267f97d280c72f8b42ff13cad3c6dbd2b353a1b92cff19dcdbe08d288ef656e39791c8121a5"}) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:55 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:55 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x1) pipe2$9p(&(0x7f0000000000), 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) syz_open_dev$tty1(0xc, 0x4, 0x1) (async) pipe2$9p(&(0x7f0000000000), 0x0) (async) pipe2$9p(&(0x7f0000000040), 0x80800) (async) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) 14:29:55 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000000)=0x2) (async) ioctl$TIOCGPTPEER(r0, 0x5441, 0x9) r1 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000440)={0x2, 0x0, 0x16, 0x4, 0xe6, &(0x7f0000000040)="e21c1f64c5ec469395698c1fa2232a4ea84bf8ed297e2eb44598af6c0248b7860af36f4278e2e630f4c120608c75311d41730f10b2a4cb0dcb03d746acd6a88f6800cc7897c3dc0d8ff95b74a19b3c4f0d659fd0489e5e311b9dea15a55c3fda448e057505616b0b6f7400e0785779ff8c600a288146aa709dc08f28366ebde75b9c578a397065d47385bfe702ca2fa9933bc1463ba0078c79fcd2be94190bab7ea0be08200d0672993f80a2e5709dc612bb5f20c51612e50e4041865001cb3131502c0e898b7a6f4831e486fe2835813aea3a64e91463c08fcc0b3620c49e440bb8b613e719a806762f589e102faaf8fd255ff0703f2cb93cb50eea1986d6b07d6c94d53aaace41aa16898eed9dd1b7ebaa6d83f4d8e57fb93bef9b925e1b70ee22c46667276de5d30985af6fe6d700e6d9b8bfaa5b37a7adc0f0246bf75471cd6faa2de1395ce9a3c0d7225a21995dbdc33b264496bc6001673a18db81f67819bacf795b7574e467568d93d4918d4599a4af425b1321e98c6e8b445db9bd10150f1bfb1aa6e9116faf28022f50cdc7923957321684a43cd26137353fa55676ca9a21df43dce8a42ca090b205f5ab80a6c9f1ff1b21f8156d29c7689df7d67caeecc90cf15c20d499dcb3df0d555baa431d4bbde64890b1445275607b31dbe47543f0bbb43506162f5c1b86d1a34708d4720d8320406a49888bfb224ab2a984b91e996cc7057ff75585ac57422d75dc79318d2ae034a2dd568cdd9fdab4e036a2f47f8e8160471980949bc1c9ed3be5cf9d786a23557ab3b3499da63974843dc52d4d1963ddf86243580332d24cb69e0351218eac5ec909af8f1d6336bc5c7c79dc2800128b2951ca8d87dd3b06d09ec411a7f9f78929b97c17c38fdc8b18983908e62724424416abadce18ba8fd6ff842420cea0e6b4b41547f6d4d9d8df36c85fb2eef5f29134362dd6d9d17bf564db6a6b697ea20d034117b5360e44d0f00eac3ff761862c67896d093fbf17f663dcb8144b539cccbe942805ea4dca3cb7469aa7842d4b1d0337043a772baadb6f1f368a2b5cbcc18013011bafa0dc4ec5a8937a2d9027b20389092de093e879bb3f193f5f83d9ea8d37970cfd580d5fa62da64016b65ba4ea0f3a12dbc70f361a21dc5969a2e420d6e58bcabb866731469e86b15f84cc5bf0e30ce8aed5e36d8162251dbe588f97351751421cb8a8fd330b98275c397a9f741f391e0b0008734726e6601dd9f80ae38db9281a3b5776bec088770e20646ffdc201c63276b48cfe71f1c790825ce9f2d69bd23a100e00a46e2e520207fccf5874ed6950f572359df90386f684b253929b7145b15bc7f40e1eabe3c6dff2867559ceaa8ac89c8a6994beee9a0b8270b9d514b267f97d280c72f8b42ff13cad3c6dbd2b353a1b92cff19dcdbe08d288ef656e39791c8121a5"}) write$P9_RWSTAT(r0, 0x0, 0x0) [ 535.191671][ T3057] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 535.191680][ T3057] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 535.191685][ T3057] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 535.191690][ T3057] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 535.191695][ T3057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 535.191700][ T3057] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 14:29:55 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:55 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 43) [ 535.402186][ T3083] FAULT_INJECTION: forcing a failure. [ 535.402186][ T3083] name failslab, interval 1, probability 0, space 0, times 0 [ 535.402198][ T3083] CPU: 1 PID: 3083 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 535.402203][ T3083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 535.402206][ T3083] Call Trace: [ 535.402219][ T3083] dump_stack+0x18e/0x1de [ 535.402232][ T3083] should_fail+0x5d8/0x740 [ 535.402242][ T3083] ? elevator_alloc+0x4b/0xc0 [ 535.402253][ T3083] should_failslab+0x5/0x20 [ 535.402263][ T3083] kmem_cache_alloc_trace+0x39/0x2b0 [ 535.402273][ T3083] elevator_alloc+0x4b/0xc0 [ 535.402281][ T3083] dd_init_queue+0x1f/0x330 [ 535.402290][ T3083] blk_mq_init_sched+0x444/0xb10 [ 535.402302][ T3083] elevator_init_mq+0x2cd/0x3f0 [ 535.402311][ T3083] __device_add_disk+0x87/0x1220 [ 535.402321][ T3083] ? loop_add+0x3f0/0x710 [ 535.402330][ T3083] loop_add+0x554/0x710 [ 535.402340][ T3083] loop_control_ioctl+0x468/0x680 [ 535.402348][ T3083] ? xor_init+0x60/0x60 [ 535.402358][ T3083] do_vfs_ioctl+0x6fb/0x15b0 [ 535.402371][ T3083] __x64_sys_ioctl+0xd4/0x110 [ 535.402380][ T3083] do_syscall_64+0xcb/0x1e0 [ 535.402390][ T3083] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 535.402398][ T3083] RIP: 0033:0x7fe6f0f01059 [ 535.402407][ T3083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 535.402412][ T3083] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 535.402421][ T3083] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 535.402426][ T3083] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 535.402431][ T3083] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 535.402436][ T3083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 535.402444][ T3083] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 14:29:56 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) [ 535.402523][ T3083] "mq-deadline" elevator initialization failed, falling back to "none" [ 535.484302][ T3095] FAULT_INJECTION: forcing a failure. [ 535.484302][ T3095] name failslab, interval 1, probability 0, space 0, times 0 [ 535.619879][ T3095] CPU: 1 PID: 3095 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 535.619885][ T3095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 535.619888][ T3095] Call Trace: [ 535.619901][ T3095] dump_stack+0x18e/0x1de [ 535.619912][ T3095] should_fail+0x5d8/0x740 [ 535.619922][ T3095] ? elevator_alloc+0x4b/0xc0 [ 535.619929][ T3095] ? dd_init_queue+0x69/0x330 [ 535.619938][ T3095] should_failslab+0x5/0x20 [ 535.619947][ T3095] kmem_cache_alloc_trace+0x39/0x2b0 [ 535.619954][ T3095] ? memset+0x1f/0x40 [ 535.619963][ T3095] dd_init_queue+0x69/0x330 [ 535.619972][ T3095] blk_mq_init_sched+0x444/0xb10 [ 535.619982][ T3095] elevator_init_mq+0x2cd/0x3f0 [ 535.619992][ T3095] __device_add_disk+0x87/0x1220 [ 535.620001][ T3095] ? loop_add+0x3f0/0x710 [ 535.620010][ T3095] loop_add+0x554/0x710 [ 535.620021][ T3095] loop_control_ioctl+0x468/0x680 [ 535.620029][ T3095] ? xor_init+0x60/0x60 [ 535.620039][ T3095] do_vfs_ioctl+0x6fb/0x15b0 [ 535.620053][ T3095] __x64_sys_ioctl+0xd4/0x110 [ 535.620063][ T3095] do_syscall_64+0xcb/0x1e0 [ 535.620074][ T3095] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 535.620082][ T3095] RIP: 0033:0x7fe6f0f01059 [ 535.620091][ T3095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 535.620096][ T3095] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 535.620105][ T3095] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 535.620110][ T3095] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 535.620116][ T3095] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 535.620121][ T3095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 535.620126][ T3095] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 535.620222][ T3095] "mq-deadline" elevator initialization failed, falling back to "none" 14:29:56 executing program 1: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x200000c7) 14:29:56 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000000)=0x2) (async) ioctl$TIOCGPTPEER(r0, 0x5441, 0x9) (async) r1 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000440)={0x2, 0x0, 0x16, 0x4, 0xe6, &(0x7f0000000040)="e21c1f64c5ec469395698c1fa2232a4ea84bf8ed297e2eb44598af6c0248b7860af36f4278e2e630f4c120608c75311d41730f10b2a4cb0dcb03d746acd6a88f6800cc7897c3dc0d8ff95b74a19b3c4f0d659fd0489e5e311b9dea15a55c3fda448e057505616b0b6f7400e0785779ff8c600a288146aa709dc08f28366ebde75b9c578a397065d47385bfe702ca2fa9933bc1463ba0078c79fcd2be94190bab7ea0be08200d0672993f80a2e5709dc612bb5f20c51612e50e4041865001cb3131502c0e898b7a6f4831e486fe2835813aea3a64e91463c08fcc0b3620c49e440bb8b613e719a806762f589e102faaf8fd255ff0703f2cb93cb50eea1986d6b07d6c94d53aaace41aa16898eed9dd1b7ebaa6d83f4d8e57fb93bef9b925e1b70ee22c46667276de5d30985af6fe6d700e6d9b8bfaa5b37a7adc0f0246bf75471cd6faa2de1395ce9a3c0d7225a21995dbdc33b264496bc6001673a18db81f67819bacf795b7574e467568d93d4918d4599a4af425b1321e98c6e8b445db9bd10150f1bfb1aa6e9116faf28022f50cdc7923957321684a43cd26137353fa55676ca9a21df43dce8a42ca090b205f5ab80a6c9f1ff1b21f8156d29c7689df7d67caeecc90cf15c20d499dcb3df0d555baa431d4bbde64890b1445275607b31dbe47543f0bbb43506162f5c1b86d1a34708d4720d8320406a49888bfb224ab2a984b91e996cc7057ff75585ac57422d75dc79318d2ae034a2dd568cdd9fdab4e036a2f47f8e8160471980949bc1c9ed3be5cf9d786a23557ab3b3499da63974843dc52d4d1963ddf86243580332d24cb69e0351218eac5ec909af8f1d6336bc5c7c79dc2800128b2951ca8d87dd3b06d09ec411a7f9f78929b97c17c38fdc8b18983908e62724424416abadce18ba8fd6ff842420cea0e6b4b41547f6d4d9d8df36c85fb2eef5f29134362dd6d9d17bf564db6a6b697ea20d034117b5360e44d0f00eac3ff761862c67896d093fbf17f663dcb8144b539cccbe942805ea4dca3cb7469aa7842d4b1d0337043a772baadb6f1f368a2b5cbcc18013011bafa0dc4ec5a8937a2d9027b20389092de093e879bb3f193f5f83d9ea8d37970cfd580d5fa62da64016b65ba4ea0f3a12dbc70f361a21dc5969a2e420d6e58bcabb866731469e86b15f84cc5bf0e30ce8aed5e36d8162251dbe588f97351751421cb8a8fd330b98275c397a9f741f391e0b0008734726e6601dd9f80ae38db9281a3b5776bec088770e20646ffdc201c63276b48cfe71f1c790825ce9f2d69bd23a100e00a46e2e520207fccf5874ed6950f572359df90386f684b253929b7145b15bc7f40e1eabe3c6dff2867559ceaa8ac89c8a6994beee9a0b8270b9d514b267f97d280c72f8b42ff13cad3c6dbd2b353a1b92cff19dcdbe08d288ef656e39791c8121a5"}) (async) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:56 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x1) (async) pipe2$9p(&(0x7f0000000000), 0x0) (async) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:56 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) 14:29:56 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 44) 14:29:56 executing program 4: sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x0, 0x70bd26, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x4000011) r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:56 executing program 4: sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x0, 0x70bd26, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x4000011) (async) r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:56 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) 14:29:56 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x125100, 0x0) syz_open_pts(r1, 0x200080) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:56 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:56 executing program 1: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x200000c7) 14:29:56 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f0000000040)) syz_open_pts(r1, 0x0) ioctl$TCSBRK(r1, 0x5409, 0x5) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) ioctl$PIO_FONTRESET(0xffffffffffffffff, 0x4b6d, 0x0) write$P9_RWSTAT(r2, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:56 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:56 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) (async) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x125100, 0x0) syz_open_pts(r1, 0x200080) (async) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:56 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) [ 536.285943][ T3112] FAULT_INJECTION: forcing a failure. [ 536.285943][ T3112] name failslab, interval 1, probability 0, space 0, times 0 [ 536.298913][ T3112] CPU: 0 PID: 3112 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 536.298919][ T3112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 536.298922][ T3112] Call Trace: [ 536.298937][ T3112] dump_stack+0x18e/0x1de [ 536.298949][ T3112] should_fail+0x5d8/0x740 [ 536.298960][ T3112] ? device_create_vargs+0x7d/0x210 [ 536.298970][ T3112] should_failslab+0x5/0x20 [ 536.298981][ T3112] kmem_cache_alloc_trace+0x39/0x2b0 [ 536.298988][ T3112] ? number+0xf64/0x11e0 [ 536.298998][ T3112] device_create_vargs+0x7d/0x210 [ 536.299006][ T3112] device_create+0x86/0xb0 [ 536.299013][ T3112] ? vsnprintf+0x1a07/0x1aa0 [ 536.299023][ T3112] bdi_register_va+0x89/0x5e0 [ 536.299031][ T3112] bdi_register+0x80/0xa0 [ 536.299041][ T3112] ? __device_add_disk+0x50a/0x1220 [ 536.299050][ T3112] bdi_register_owner+0x56/0xf0 [ 536.299057][ T3112] __device_add_disk+0x583/0x1220 [ 536.299066][ T3112] loop_add+0x554/0x710 [ 536.299081][ T3112] loop_control_ioctl+0x468/0x680 [ 536.397559][ T3112] ? xor_init+0x60/0x60 [ 536.397570][ T3112] do_vfs_ioctl+0x6fb/0x15b0 [ 536.397585][ T3112] __x64_sys_ioctl+0xd4/0x110 [ 536.411050][ T3112] do_syscall_64+0xcb/0x1e0 [ 536.411061][ T3112] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 536.411073][ T3112] RIP: 0033:0x7fe6f0f01059 [ 536.425802][ T3112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 536.425813][ T3112] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 536.453789][ T3112] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 536.453794][ T3112] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 536.453798][ T3112] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 536.453811][ T3112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 536.485696][ T3112] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 536.490170][ T3112] ------------[ cut here ]------------ [ 536.499118][ T3112] WARNING: CPU: 0 PID: 3112 at block/genhd.c:742 __device_add_disk+0xe90/0x1220 [ 536.499127][ T3112] Modules linked in: [ 536.511996][ T3112] CPU: 0 PID: 3112 Comm: syz-executor.0 Not tainted 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 536.522110][ T3112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 536.532145][ T3112] RIP: 0010:__device_add_disk+0xe90/0x1220 [ 536.537919][ T3112] Code: ff e8 24 3a 4c ff 0f 0b e9 6b fe ff ff e8 18 3a 4c ff 0f 0b e9 a1 f2 ff ff e8 0c 3a 4c ff 0f 0b e9 5d f8 ff ff e8 00 3a 4c ff <0f> 0b e9 04 f7 ff ff e8 f4 39 4c ff 43 80 3c 26 00 0f 85 4f fd ff [ 536.557497][ T3112] RSP: 0018:ffff8881ccd67ce8 EFLAGS: 00010246 [ 536.563540][ T3112] RAX: ffffffff82146c60 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 536.571488][ T3112] RDX: ffffc90000144000 RSI: 000000000003ffff RDI: 0000000000040000 [ 536.579437][ T3112] RBP: ffff8881ef165e88 R08: ffffffff8214635e R09: fffffbfff0bac7d3 [ 536.587384][ T3112] R10: fffffbfff0bac7d3 R11: 0000000000000000 R12: dffffc0000000000 [ 536.595419][ T3112] R13: 1ffff1103dc1b601 R14: 1ffff1103dc1b69d R15: ffff8881ee0db000 [ 536.603364][ T3112] FS: 00007fe6f0077700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 536.612261][ T3112] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 536.618814][ T3112] CR2: 00005555561cdb38 CR3: 00000001e82e4000 CR4: 00000000003406f0 [ 536.626775][ T3112] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 536.634715][ T3112] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 536.642698][ T3112] Call Trace: [ 536.645977][ T3112] loop_add+0x554/0x710 [ 536.650113][ T3112] loop_control_ioctl+0x468/0x680 [ 536.655125][ T3112] ? xor_init+0x60/0x60 [ 536.659251][ T3112] do_vfs_ioctl+0x6fb/0x15b0 [ 536.663827][ T3112] __x64_sys_ioctl+0xd4/0x110 [ 536.668477][ T3112] do_syscall_64+0xcb/0x1e0 [ 536.672966][ T3112] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 536.678828][ T3112] RIP: 0033:0x7fe6f0f01059 [ 536.683227][ T3112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 536.702972][ T3112] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 536.711355][ T3112] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 536.719303][ T3112] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 536.727264][ T3112] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 14:29:57 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 45) 14:29:57 executing program 1: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x200000c7) 14:29:57 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) syz_open_dev$tty1(0xc, 0x4, 0x1) (async) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) 14:29:57 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) (async) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f0000000040)) (async) syz_open_pts(r1, 0x0) (async) ioctl$TCSBRK(r1, 0x5409, 0x5) (async, rerun: 64) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) (rerun: 64) ioctl$PIO_FONTRESET(0xffffffffffffffff, 0x4b6d, 0x0) (async) write$P9_RWSTAT(r2, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:57 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x125100, 0x0) syz_open_pts(r1, 0x200080) (async) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:57 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x7) 14:29:57 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x80040, 0x0) ioctl$TIOCGWINSZ(r1, 0x5413, &(0x7f0000000040)) 14:29:57 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) (async) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f0000000040)) (async) syz_open_pts(r1, 0x0) (async) ioctl$TCSBRK(r1, 0x5409, 0x5) (async, rerun: 32) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) (async, rerun: 32) ioctl$PIO_FONTRESET(0xffffffffffffffff, 0x4b6d, 0x0) write$P9_RWSTAT(r2, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:57 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_NOACK_MAP(r0, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r1, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}}, 0x20}}, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r1, 0x200, 0x70bd2a, 0x25dfdbff, {{}, {@void, @void, @void}}, ["", "", "", "", "", "", ""]}, 0x14}}, 0x8014) r2 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r2, 0x0, 0x0) [ 536.735217][ T3112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 536.743172][ T3112] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 536.751117][ T3112] ---[ end trace 362e18c8762015e8 ]--- 14:29:57 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x200000c7) 14:29:57 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000000)=0x2) ioctl$TIOCGPTPEER(r0, 0x5441, 0x9) r1 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000440)={0x2, 0x0, 0x16, 0x4, 0xe6, &(0x7f0000000040)="e21c1f64c5ec469395698c1fa2232a4ea84bf8ed297e2eb44598af6c0248b7860af36f4278e2e630f4c120608c75311d41730f10b2a4cb0dcb03d746acd6a88f6800cc7897c3dc0d8ff95b74a19b3c4f0d659fd0489e5e311b9dea15a55c3fda448e057505616b0b6f7400e0785779ff8c600a288146aa709dc08f28366ebde75b9c578a397065d47385bfe702ca2fa9933bc1463ba0078c79fcd2be94190bab7ea0be08200d0672993f80a2e5709dc612bb5f20c51612e50e4041865001cb3131502c0e898b7a6f4831e486fe2835813aea3a64e91463c08fcc0b3620c49e440bb8b613e719a806762f589e102faaf8fd255ff0703f2cb93cb50eea1986d6b07d6c94d53aaace41aa16898eed9dd1b7ebaa6d83f4d8e57fb93bef9b925e1b70ee22c46667276de5d30985af6fe6d700e6d9b8bfaa5b37a7adc0f0246bf75471cd6faa2de1395ce9a3c0d7225a21995dbdc33b264496bc6001673a18db81f67819bacf795b7574e467568d93d4918d4599a4af425b1321e98c6e8b445db9bd10150f1bfb1aa6e9116faf28022f50cdc7923957321684a43cd26137353fa55676ca9a21df43dce8a42ca090b205f5ab80a6c9f1ff1b21f8156d29c7689df7d67caeecc90cf15c20d499dcb3df0d555baa431d4bbde64890b1445275607b31dbe47543f0bbb43506162f5c1b86d1a34708d4720d8320406a49888bfb224ab2a984b91e996cc7057ff75585ac57422d75dc79318d2ae034a2dd568cdd9fdab4e036a2f47f8e8160471980949bc1c9ed3be5cf9d786a23557ab3b3499da63974843dc52d4d1963ddf86243580332d24cb69e0351218eac5ec909af8f1d6336bc5c7c79dc2800128b2951ca8d87dd3b06d09ec411a7f9f78929b97c17c38fdc8b18983908e62724424416abadce18ba8fd6ff842420cea0e6b4b41547f6d4d9d8df36c85fb2eef5f29134362dd6d9d17bf564db6a6b697ea20d034117b5360e44d0f00eac3ff761862c67896d093fbf17f663dcb8144b539cccbe942805ea4dca3cb7469aa7842d4b1d0337043a772baadb6f1f368a2b5cbcc18013011bafa0dc4ec5a8937a2d9027b20389092de093e879bb3f193f5f83d9ea8d37970cfd580d5fa62da64016b65ba4ea0f3a12dbc70f361a21dc5969a2e420d6e58bcabb866731469e86b15f84cc5bf0e30ce8aed5e36d8162251dbe588f97351751421cb8a8fd330b98275c397a9f741f391e0b0008734726e6601dd9f80ae38db9281a3b5776bec088770e20646ffdc201c63276b48cfe71f1c790825ce9f2d69bd23a100e00a46e2e520207fccf5874ed6950f572359df90386f684b253929b7145b15bc7f40e1eabe3c6dff2867559ceaa8ac89c8a6994beee9a0b8270b9d514b267f97d280c72f8b42ff13cad3c6dbd2b353a1b92cff19dcdbe08d288ef656e39791c8121a5"}) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:57 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_NOACK_MAP(r0, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r1, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}}, 0x20}}, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r1, 0x200, 0x70bd2a, 0x25dfdbff, {{}, {@void, @void, @void}}, ["", "", "", "", "", "", ""]}, 0x14}}, 0x8014) r2 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r2, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async) sendmsg$NL80211_CMD_SET_NOACK_MAP(r0, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r1, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}}, 0x20}}, 0x0) (async) sendmsg$NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r1, 0x200, 0x70bd2a, 0x25dfdbff, {{}, {@void, @void, @void}}, ["", "", "", "", "", "", ""]}, 0x14}}, 0x8014) (async) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) write$P9_RWSTAT(r2, 0x0, 0x0) (async) 14:29:57 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 46) 14:29:57 executing program 4: pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, 0x0, 0x0) write$P9_RSTAT(r0, &(0x7f0000000040)={0x43, 0x7d, 0x2, {0x0, 0x3c, 0x8, 0x4, {0x80, 0x4, 0x6}, 0x30100000, 0x905, 0x5, 0x1f, 0x3, '(!)', 0x3, '(!)', 0x0, '', 0x3, '(!)'}}, 0x43) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) r2 = gettid() ptrace$getsig(0x4202, r2, 0x0, 0x0) r3 = gettid() ptrace$getsig(0x4202, r3, 0x0, 0x0) write$P9_RGETLOCK(r0, &(0x7f0000000100)={0x20, 0x37, 0x1, {0x0, 0x6, 0x180000000, r3, 0x2, '/.'}}, 0x20) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000000)={0x21, 0x37, 0x2, {0x0, 0x9, 0x400, r2, 0x3, '(!)'}}, 0x73) [ 536.812156][ T3150] FAULT_INJECTION: forcing a failure. [ 536.812156][ T3150] name failslab, interval 1, probability 0, space 0, times 0 [ 536.827203][ T3150] CPU: 1 PID: 3150 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 536.827210][ T3150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 536.827213][ T3150] Call Trace: [ 536.827228][ T3150] dump_stack+0x18e/0x1de [ 536.827254][ T3150] should_fail+0x5d8/0x740 [ 536.827265][ T3150] ? kobject_set_name_vargs+0x5d/0x110 [ 536.827276][ T3150] should_failslab+0x5/0x20 [ 536.827286][ T3150] __kmalloc_track_caller+0x5d/0x2e0 [ 536.827297][ T3150] kstrdup_const+0x51/0x90 [ 536.827307][ T3150] kobject_set_name_vargs+0x5d/0x110 [ 536.827317][ T3150] device_create_vargs+0x182/0x210 [ 536.827326][ T3150] device_create+0x86/0xb0 [ 536.827333][ T3150] ? vsnprintf+0x1a07/0x1aa0 [ 536.827344][ T3150] bdi_register_va+0x89/0x5e0 [ 536.827354][ T3150] bdi_register+0x80/0xa0 [ 536.827364][ T3150] ? __device_add_disk+0x50a/0x1220 [ 536.827373][ T3150] bdi_register_owner+0x56/0xf0 [ 536.827383][ T3150] __device_add_disk+0x583/0x1220 [ 536.827395][ T3150] loop_add+0x554/0x710 [ 536.827405][ T3150] loop_control_ioctl+0x468/0x680 [ 536.827414][ T3150] ? xor_init+0x60/0x60 [ 536.827424][ T3150] do_vfs_ioctl+0x6fb/0x15b0 [ 536.827447][ T3150] __x64_sys_ioctl+0xd4/0x110 [ 536.827457][ T3150] do_syscall_64+0xcb/0x1e0 [ 536.827469][ T3150] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 536.827477][ T3150] RIP: 0033:0x7fe6f0f01059 [ 536.827486][ T3150] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 536.827491][ T3150] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 536.827500][ T3150] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 536.827506][ T3150] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 536.827511][ T3150] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 536.827522][ T3150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 536.827528][ T3150] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 536.827630][ T3150] ------------[ cut here ]------------ [ 536.827644][ T3150] WARNING: CPU: 1 PID: 3150 at block/genhd.c:742 __device_add_disk+0xe90/0x1220 [ 536.827646][ T3150] Modules linked in: [ 536.827658][ T3150] CPU: 1 PID: 3150 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 536.827663][ T3150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 536.827672][ T3150] RIP: 0010:__device_add_disk+0xe90/0x1220 [ 536.827680][ T3150] Code: ff e8 24 3a 4c ff 0f 0b e9 6b fe ff ff e8 18 3a 4c ff 0f 0b e9 a1 f2 ff ff e8 0c 3a 4c ff 0f 0b e9 5d f8 ff ff e8 00 3a 4c ff <0f> 0b e9 04 f7 ff ff e8 f4 39 4c ff 43 80 3c 26 00 0f 85 4f fd ff [ 536.827685][ T3150] RSP: 0018:ffff8881ecb5fce8 EFLAGS: 00010287 [ 536.827692][ T3150] RAX: ffffffff82146c60 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 536.827697][ T3150] RDX: ffffc90000144000 RSI: 000000000001ac21 RDI: 000000000001ac22 [ 536.827703][ T3150] RBP: ffff8881eec3d5f8 R08: ffffffff8214635e R09: ffffed103d96bed0 [ 536.827708][ T3150] R10: ffffed103d96bed0 R11: 0000000000000000 R12: dffffc0000000000 [ 536.827713][ T3150] R13: 1ffff1103a2d6a01 R14: 1ffff1103a2d6a9d R15: ffff8881d16b5000 [ 536.827721][ T3150] FS: 00007fe6f0077700(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 536.827726][ T3150] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 536.827732][ T3150] CR2: 0000000020000000 CR3: 00000001e891e000 CR4: 00000000003406e0 [ 536.827740][ T3150] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 536.827745][ T3150] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 536.827748][ T3150] Call Trace: [ 536.827759][ T3150] loop_add+0x554/0x710 [ 536.827769][ T3150] loop_control_ioctl+0x468/0x680 [ 536.827777][ T3150] ? xor_init+0x60/0x60 [ 536.827787][ T3150] do_vfs_ioctl+0x6fb/0x15b0 [ 536.827800][ T3150] __x64_sys_ioctl+0xd4/0x110 [ 536.827809][ T3150] do_syscall_64+0xcb/0x1e0 [ 536.827819][ T3150] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 536.827825][ T3150] RIP: 0033:0x7fe6f0f01059 [ 536.827832][ T3150] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 536.827837][ T3150] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 536.827845][ T3150] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 536.827850][ T3150] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 536.827860][ T3150] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 536.827865][ T3150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 536.827870][ T3150] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 536.827877][ T3150] ---[ end trace 362e18c8762015e9 ]--- [ 536.885000][ T3173] FAULT_INJECTION: forcing a failure. [ 536.885000][ T3173] name failslab, interval 1, probability 0, space 0, times 0 14:29:57 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_NOACK_MAP(r0, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r1, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}}, 0x20}}, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r1, 0x200, 0x70bd2a, 0x25dfdbff, {{}, {@void, @void, @void}}, ["", "", "", "", "", "", ""]}, 0x14}}, 0x8014) r2 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r2, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async) sendmsg$NL80211_CMD_SET_NOACK_MAP(r0, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r1, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}}, 0x20}}, 0x0) (async) sendmsg$NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r1, 0x200, 0x70bd2a, 0x25dfdbff, {{}, {@void, @void, @void}}, ["", "", "", "", "", "", ""]}, 0x14}}, 0x8014) (async) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) write$P9_RWSTAT(r2, 0x0, 0x0) (async) 14:29:57 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0xffffff9b) [ 537.315660][ T3173] CPU: 0 PID: 3173 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 537.315666][ T3173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 537.315669][ T3173] Call Trace: [ 537.315681][ T3173] dump_stack+0x18e/0x1de [ 537.315697][ T3173] should_fail+0x5d8/0x740 [ 537.349205][ T3173] ? device_add+0xcb/0x1820 [ 537.349222][ T3173] should_failslab+0x5/0x20 [ 537.358193][ T3173] kmem_cache_alloc_trace+0x39/0x2b0 [ 537.358205][ T3173] device_add+0xcb/0x1820 [ 537.358214][ T3173] ? kobject_set_name_vargs+0x5d/0x110 [ 537.358223][ T3173] ? kstrdup_const+0x6c/0x90 [ 537.358230][ T3173] ? memcpy+0x38/0x50 [ 537.358240][ T3173] device_create_vargs+0x1b8/0x210 [ 537.358249][ T3173] device_create+0x86/0xb0 [ 537.358256][ T3173] ? vsnprintf+0x1a07/0x1aa0 [ 537.358267][ T3173] bdi_register_va+0x89/0x5e0 [ 537.358277][ T3173] bdi_register+0x80/0xa0 [ 537.358286][ T3173] ? __device_add_disk+0x50a/0x1220 [ 537.358296][ T3173] bdi_register_owner+0x56/0xf0 [ 537.358305][ T3173] __device_add_disk+0x583/0x1220 [ 537.358316][ T3173] loop_add+0x554/0x710 [ 537.358326][ T3173] loop_control_ioctl+0x468/0x680 [ 537.358335][ T3173] ? xor_init+0x60/0x60 [ 537.358345][ T3173] do_vfs_ioctl+0x6fb/0x15b0 [ 537.358356][ T3173] __x64_sys_ioctl+0xd4/0x110 [ 537.358366][ T3173] do_syscall_64+0xcb/0x1e0 [ 537.358377][ T3173] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 537.358385][ T3173] RIP: 0033:0x7fe6f0f01059 [ 537.358394][ T3173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 537.358398][ T3173] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 537.358406][ T3173] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 537.358411][ T3173] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 537.358416][ T3173] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 14:29:58 executing program 4: pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, 0x0, 0x0) (async) write$P9_RSTAT(r0, &(0x7f0000000040)={0x43, 0x7d, 0x2, {0x0, 0x3c, 0x8, 0x4, {0x80, 0x4, 0x6}, 0x30100000, 0x905, 0x5, 0x1f, 0x3, '(!)', 0x3, '(!)', 0x0, '', 0x3, '(!)'}}, 0x43) (async) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) r2 = gettid() ptrace$getsig(0x4202, r2, 0x0, 0x0) (async) r3 = gettid() ptrace$getsig(0x4202, r3, 0x0, 0x0) (async) write$P9_RGETLOCK(r0, &(0x7f0000000100)={0x20, 0x37, 0x1, {0x0, 0x6, 0x180000000, r3, 0x2, '/.'}}, 0x20) (async) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000000)={0x21, 0x37, 0x2, {0x0, 0x9, 0x400, r2, 0x3, '(!)'}}, 0x73) 14:29:58 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 47) [ 537.358421][ T3173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 537.358425][ T3173] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 537.360892][ T3173] ------------[ cut here ]------------ [ 537.531353][ T3173] WARNING: CPU: 0 PID: 3173 at block/genhd.c:742 __device_add_disk+0xe90/0x1220 [ 537.531361][ T3173] Modules linked in: [ 537.544236][ T3173] CPU: 0 PID: 3173 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 537.544241][ T3173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 537.544257][ T3173] RIP: 0010:__device_add_disk+0xe90/0x1220 [ 537.544266][ T3173] Code: ff e8 24 3a 4c ff 0f 0b e9 6b fe ff ff e8 18 3a 4c ff 0f 0b e9 a1 f2 ff ff e8 0c 3a 4c ff 0f 0b e9 5d f8 ff ff e8 00 3a 4c ff <0f> 0b e9 04 f7 ff ff e8 f4 39 4c ff 43 80 3c 26 00 0f 85 4f fd ff [ 537.544272][ T3173] RSP: 0018:ffff8881e971fce8 EFLAGS: 00010246 [ 537.544280][ T3173] RAX: ffffffff82146c60 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 537.544285][ T3173] RDX: ffffc90000144000 RSI: 000000000003ffff RDI: 0000000000040000 [ 537.544290][ T3173] RBP: ffff8881ef162298 R08: ffffffff8214635e R09: ffffed103d2e3ed6 [ 537.544294][ T3173] R10: ffffed103d2e3ed6 R11: 0000000000000000 R12: dffffc0000000000 [ 537.544299][ T3173] R13: 1ffff1103cb85801 R14: 1ffff1103cb8589d R15: ffff8881e5c2c000 [ 537.544305][ T3173] FS: 00007fe6f0077700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 537.544310][ T3173] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 537.544314][ T3173] CR2: 00007fe6f0076ff8 CR3: 00000001ea765000 CR4: 00000000003406f0 [ 537.544321][ T3173] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 537.544325][ T3173] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 537.544327][ T3173] Call Trace: [ 537.544341][ T3173] loop_add+0x554/0x710 [ 537.544349][ T3173] loop_control_ioctl+0x468/0x680 [ 537.544358][ T3173] ? xor_init+0x60/0x60 [ 537.544368][ T3173] do_vfs_ioctl+0x6fb/0x15b0 [ 537.544378][ T3173] __x64_sys_ioctl+0xd4/0x110 [ 537.544388][ T3173] do_syscall_64+0xcb/0x1e0 [ 537.544398][ T3173] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 537.544404][ T3173] RIP: 0033:0x7fe6f0f01059 [ 537.544410][ T3173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 537.544414][ T3173] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 537.544421][ T3173] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 537.544425][ T3173] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 537.544428][ T3173] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 537.544432][ T3173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 537.544436][ T3173] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 537.544442][ T3173] ---[ end trace 362e18c8762015ea ]--- [ 537.612781][ T3198] FAULT_INJECTION: forcing a failure. [ 537.612781][ T3198] name failslab, interval 1, probability 0, space 0, times 0 [ 537.810757][ T3198] CPU: 0 PID: 3198 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 537.810768][ T3198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 537.832318][ T3198] Call Trace: [ 537.832332][ T3198] dump_stack+0x18e/0x1de [ 537.832345][ T3198] should_fail+0x5d8/0x740 [ 537.832358][ T3198] ? __kernfs_new_node+0x47/0x630 [ 537.832368][ T3198] should_failslab+0x5/0x20 [ 537.832378][ T3198] __kmalloc_track_caller+0x5d/0x2e0 [ 537.832391][ T3198] kstrdup_const+0x51/0x90 [ 537.832400][ T3198] __kernfs_new_node+0x47/0x630 [ 537.832409][ T3198] ? bdi_register+0x80/0xa0 [ 537.832416][ T3198] ? bdi_register_owner+0x56/0xf0 [ 537.832424][ T3198] ? loop_add+0x554/0x710 [ 537.832431][ T3198] ? loop_control_ioctl+0x468/0x680 [ 537.832440][ T3198] ? do_vfs_ioctl+0x6fb/0x15b0 [ 537.832449][ T3198] ? __x64_sys_ioctl+0xd4/0x110 [ 537.832458][ T3198] ? do_syscall_64+0xcb/0x1e0 [ 537.832468][ T3198] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 537.832479][ T3198] kernfs_create_dir_ns+0x90/0x220 [ 537.832489][ T3198] sysfs_create_dir_ns+0x14e/0x2f0 [ 537.832500][ T3198] kobject_add_internal+0x595/0xbd0 [ 537.832511][ T3198] kobject_add+0x100/0x1a0 [ 537.832522][ T3198] ? get_device_parent+0x2cd/0x430 [ 537.832530][ T3198] device_add+0x417/0x1820 [ 537.832543][ T3198] device_create_vargs+0x1b8/0x210 [ 537.832552][ T3198] device_create+0x86/0xb0 [ 537.832560][ T3198] ? vsnprintf+0x1a07/0x1aa0 [ 537.832570][ T3198] bdi_register_va+0x89/0x5e0 [ 537.832580][ T3198] bdi_register+0x80/0xa0 [ 537.832590][ T3198] ? __device_add_disk+0x50a/0x1220 [ 537.832600][ T3198] bdi_register_owner+0x56/0xf0 [ 537.832609][ T3198] __device_add_disk+0x583/0x1220 [ 537.832621][ T3198] loop_add+0x554/0x710 [ 537.832631][ T3198] loop_control_ioctl+0x468/0x680 [ 537.832639][ T3198] ? xor_init+0x60/0x60 [ 537.832649][ T3198] do_vfs_ioctl+0x6fb/0x15b0 [ 537.832662][ T3198] __x64_sys_ioctl+0xd4/0x110 [ 537.832671][ T3198] do_syscall_64+0xcb/0x1e0 [ 537.832682][ T3198] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 537.832690][ T3198] RIP: 0033:0x7fe6f0f01059 [ 537.832699][ T3198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 537.832704][ T3198] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 537.832713][ T3198] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 537.832719][ T3198] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 537.832724][ T3198] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 537.832729][ T3198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 537.832735][ T3198] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 537.834919][ T3198] kobject_add_internal failed for 7:0 (error: -12 parent: bdi) [ 538.090636][ T3198] ------------[ cut here ]------------ [ 538.096121][ T3198] WARNING: CPU: 0 PID: 3198 at block/genhd.c:742 __device_add_disk+0xe90/0x1220 [ 538.096123][ T3198] Modules linked in: [ 538.096138][ T3198] CPU: 0 PID: 3198 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 538.096143][ T3198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 538.096154][ T3198] RIP: 0010:__device_add_disk+0xe90/0x1220 [ 538.096164][ T3198] Code: ff e8 24 3a 4c ff 0f 0b e9 6b fe ff ff e8 18 3a 4c ff 0f 0b e9 a1 f2 ff ff e8 0c 3a 4c ff 0f 0b e9 5d f8 ff ff e8 00 3a 4c ff <0f> 0b e9 04 f7 ff ff e8 f4 39 4c ff 43 80 3c 26 00 0f 85 4f fd ff [ 538.096169][ T3198] RSP: 0018:ffff8881ebe87ce8 EFLAGS: 00010246 [ 538.096176][ T3198] RAX: ffffffff82146c60 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 538.096182][ T3198] RDX: ffffc90000144000 RSI: 000000000003ffff RDI: 0000000000040000 [ 538.096187][ T3198] RBP: ffff8881ef1644d8 R08: ffffffff8214635e R09: 0000000000000010 [ 538.096192][ T3198] R10: ffffffff84600000 R11: 0000000000000000 R12: dffffc0000000000 [ 538.096198][ T3198] R13: 1ffff1103c2f9001 R14: 1ffff1103c2f909d R15: ffff8881e17c8000 [ 538.096205][ T3198] FS: 00007fe6f0077700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 538.096210][ T3198] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 538.096215][ T3198] CR2: 00007fe6f0076ff8 CR3: 00000001eddb1000 CR4: 00000000003406f0 [ 538.096224][ T3198] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 538.096229][ T3198] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 538.096231][ T3198] Call Trace: [ 538.096246][ T3198] loop_add+0x554/0x710 [ 538.096256][ T3198] loop_control_ioctl+0x468/0x680 [ 538.096264][ T3198] ? xor_init+0x60/0x60 [ 538.096274][ T3198] do_vfs_ioctl+0x6fb/0x15b0 [ 538.096287][ T3198] __x64_sys_ioctl+0xd4/0x110 [ 538.096297][ T3198] do_syscall_64+0xcb/0x1e0 [ 538.096308][ T3198] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 538.096315][ T3198] RIP: 0033:0x7fe6f0f01059 [ 538.096323][ T3198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 538.096327][ T3198] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 14:29:58 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x80040, 0x0) ioctl$TIOCGWINSZ(r1, 0x5413, &(0x7f0000000040)) 14:29:58 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x7, 0x80401) ioctl$EVIOCGREP(r1, 0x80084503, &(0x7f0000000100)=""/172) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:29:58 executing program 5: ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x9) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x6000424}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000027bd7000fcdbdf25020000000c0002800c000200090000003400098008000100130b000008070000000000000800010002000000080002dd9000000008000100ffffffff0800fa0706000000"], 0x54}, 0x1, 0x0, 0x0, 0x8020}, 0x5000) write$P9_RWSTAT(0xffffffffffffffff, 0x0, 0x0) 14:29:58 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x200000c7) 14:29:58 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 48) 14:29:58 executing program 4: pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, 0x0, 0x0) (async) write$P9_RSTAT(r0, &(0x7f0000000040)={0x43, 0x7d, 0x2, {0x0, 0x3c, 0x8, 0x4, {0x80, 0x4, 0x6}, 0x30100000, 0x905, 0x5, 0x1f, 0x3, '(!)', 0x3, '(!)', 0x0, '', 0x3, '(!)'}}, 0x43) (async) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) r2 = gettid() ptrace$getsig(0x4202, r2, 0x0, 0x0) (async) r3 = gettid() ptrace$getsig(0x4202, r3, 0x0, 0x0) (async) write$P9_RGETLOCK(r0, &(0x7f0000000100)={0x20, 0x37, 0x1, {0x0, 0x6, 0x180000000, r3, 0x2, '/.'}}, 0x20) (async, rerun: 64) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000000)={0x21, 0x37, 0x2, {0x0, 0x9, 0x400, r2, 0x3, '(!)'}}, 0x73) (rerun: 64) 14:29:58 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x200000c7) 14:29:58 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x80040, 0x0) ioctl$TIOCGWINSZ(r1, 0x5413, &(0x7f0000000040)) 14:29:58 executing program 5: ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x9) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x6000424}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000027bd7000fcdbdf25020000000c0002800c000200090000003400098008000100130b000008070000000000000800010002000000080002dd9000000008000100ffffffff0800fa0706000000"], 0x54}, 0x1, 0x0, 0x0, 0x8020}, 0x5000) write$P9_RWSTAT(0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x9) (async) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x6000424}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000027bd7000fcdbdf25020000000c0002800c000200090000003400098008000100130b000008070000000000000800010002000000080002dd9000000008000100ffffffff0800fa0706000000"], 0x54}, 0x1, 0x0, 0x0, 0x8020}, 0x5000) (async) write$P9_RWSTAT(0xffffffffffffffff, 0x0, 0x0) (async) 14:29:58 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0xfffffffffffffffa) ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, &(0x7f0000000100)="9d8c95bcc8ac8c6479a4c9594acf03b4e434a2159a5e6bf690034d45a3fec5dfd9e87782608f2377a95d5ed287c8df8e9a37046786ae742c8940c41eb4e88b408c4fc9c5c0bea19105a329d670465128d6344f59d216214cf009288915f14c5edc00b051fa515d1f330337ea6ec708684fee1e337208fe37dd616d42575e3713da4b0473875edc72267f6f2525955d8ad0f4635f8313e0cac2ab68758df212eb8306c7b0dc24fdddea5a0abf5e67257c71258e1aa3b8c0b2c51030583878091973a2529b6b5e280153e429e22f814b92bcc3ce8e29a2f77dda0aa2") [ 538.096334][ T3198] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 538.096340][ T3198] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 538.096344][ T3198] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 538.096349][ T3198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 538.096353][ T3198] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 538.096360][ T3198] ---[ end trace 362e18c8762015eb ]--- 14:29:58 executing program 5: ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x9) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x6000424}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000027bd7000fcdbdf25020000000c0002800c000200090000003400098008000100130b000008070000000000000800010002000000080002dd9000000008000100ffffffff0800fa0706000000"], 0x54}, 0x1, 0x0, 0x0, 0x8020}, 0x5000) write$P9_RWSTAT(0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x9) (async) sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x6000424}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000027bd7000fcdbdf25020000000c0002800c000200090000003400098008000100130b000008070000000000000800010002000000080002dd9000000008000100ffffffff0800fa0706000000"], 0x54}, 0x1, 0x0, 0x0, 0x8020}, 0x5000) (async) write$P9_RWSTAT(0xffffffffffffffff, 0x0, 0x0) (async) 14:29:58 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0xfffffffffffffffa) ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, &(0x7f0000000100)="9d8c95bcc8ac8c6479a4c9594acf03b4e434a2159a5e6bf690034d45a3fec5dfd9e87782608f2377a95d5ed287c8df8e9a37046786ae742c8940c41eb4e88b408c4fc9c5c0bea19105a329d670465128d6344f59d216214cf009288915f14c5edc00b051fa515d1f330337ea6ec708684fee1e337208fe37dd616d42575e3713da4b0473875edc72267f6f2525955d8ad0f4635f8313e0cac2ab68758df212eb8306c7b0dc24fdddea5a0abf5e67257c71258e1aa3b8c0b2c51030583878091973a2529b6b5e280153e429e22f814b92bcc3ce8e29a2f77dda0aa2") syz_open_dev$tty1(0xc, 0x4, 0x3) (async) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) ioctl$TIOCGPTPEER(r0, 0x5441, 0xfffffffffffffffa) (async) ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, &(0x7f0000000100)="9d8c95bcc8ac8c6479a4c9594acf03b4e434a2159a5e6bf690034d45a3fec5dfd9e87782608f2377a95d5ed287c8df8e9a37046786ae742c8940c41eb4e88b408c4fc9c5c0bea19105a329d670465128d6344f59d216214cf009288915f14c5edc00b051fa515d1f330337ea6ec708684fee1e337208fe37dd616d42575e3713da4b0473875edc72267f6f2525955d8ad0f4635f8313e0cac2ab68758df212eb8306c7b0dc24fdddea5a0abf5e67257c71258e1aa3b8c0b2c51030583878091973a2529b6b5e280153e429e22f814b92bcc3ce8e29a2f77dda0aa2") (async) 14:29:58 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) [ 538.412432][ T3209] FAULT_INJECTION: forcing a failure. [ 538.412432][ T3209] name failslab, interval 1, probability 0, space 0, times 0 [ 538.412446][ T3209] CPU: 1 PID: 3209 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 538.412451][ T3209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 538.412455][ T3209] Call Trace: [ 538.412469][ T3209] dump_stack+0x18e/0x1de [ 538.412481][ T3209] should_fail+0x5d8/0x740 [ 538.412493][ T3209] ? __kernfs_new_node+0x8b/0x630 [ 538.412503][ T3209] should_failslab+0x5/0x20 [ 538.412513][ T3209] kmem_cache_alloc+0x36/0x290 [ 538.412520][ T3209] ? memcpy+0x38/0x50 [ 538.412530][ T3209] __kernfs_new_node+0x8b/0x630 [ 538.412538][ T3209] ? bdi_register+0x80/0xa0 [ 538.412545][ T3209] ? bdi_register_owner+0x56/0xf0 [ 538.412554][ T3209] ? loop_add+0x554/0x710 [ 538.412562][ T3209] ? loop_control_ioctl+0x468/0x680 [ 538.412571][ T3209] ? do_vfs_ioctl+0x6fb/0x15b0 [ 538.412580][ T3209] ? __x64_sys_ioctl+0xd4/0x110 [ 538.412588][ T3209] ? do_syscall_64+0xcb/0x1e0 [ 538.412597][ T3209] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 538.412609][ T3209] kernfs_create_dir_ns+0x90/0x220 [ 538.412618][ T3209] sysfs_create_dir_ns+0x14e/0x2f0 [ 538.412633][ T3209] kobject_add_internal+0x595/0xbd0 [ 538.536720][ T3209] kobject_add+0x100/0x1a0 [ 538.536736][ T3209] ? get_device_parent+0x2cd/0x430 [ 538.546226][ T3209] device_add+0x417/0x1820 [ 538.546244][ T3209] device_create_vargs+0x1b8/0x210 [ 538.555730][ T3209] device_create+0x86/0xb0 14:29:59 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0xfffffffffffffffa) ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, &(0x7f0000000100)="9d8c95bcc8ac8c6479a4c9594acf03b4e434a2159a5e6bf690034d45a3fec5dfd9e87782608f2377a95d5ed287c8df8e9a37046786ae742c8940c41eb4e88b408c4fc9c5c0bea19105a329d670465128d6344f59d216214cf009288915f14c5edc00b051fa515d1f330337ea6ec708684fee1e337208fe37dd616d42575e3713da4b0473875edc72267f6f2525955d8ad0f4635f8313e0cac2ab68758df212eb8306c7b0dc24fdddea5a0abf5e67257c71258e1aa3b8c0b2c51030583878091973a2529b6b5e280153e429e22f814b92bcc3ce8e29a2f77dda0aa2") 14:29:59 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) write$P9_RWSTAT(r0, 0x0, 0x0) (async) [ 538.555743][ T3209] ? vsnprintf+0x1a07/0x1aa0 [ 538.564714][ T3209] bdi_register_va+0x89/0x5e0 [ 538.564724][ T3209] bdi_register+0x80/0xa0 [ 538.564735][ T3209] ? __device_add_disk+0x50a/0x1220 [ 538.564748][ T3209] bdi_register_owner+0x56/0xf0 [ 538.564763][ T3209] __device_add_disk+0x583/0x1220 [ 538.564777][ T3209] loop_add+0x554/0x710 [ 538.564786][ T3209] loop_control_ioctl+0x468/0x680 [ 538.564793][ T3209] ? xor_init+0x60/0x60 [ 538.564802][ T3209] do_vfs_ioctl+0x6fb/0x15b0 [ 538.564818][ T3209] __x64_sys_ioctl+0xd4/0x110 [ 538.564827][ T3209] do_syscall_64+0xcb/0x1e0 [ 538.564839][ T3209] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 538.564847][ T3209] RIP: 0033:0x7fe6f0f01059 [ 538.564856][ T3209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 538.564861][ T3209] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 538.564869][ T3209] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 538.564873][ T3209] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 538.564877][ T3209] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 538.564882][ T3209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 538.564886][ T3209] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 538.565308][ T3209] kobject_add_internal failed for 7:0 (error: -12 parent: bdi) [ 538.565411][ T3209] ------------[ cut here ]------------ [ 538.565426][ T3209] WARNING: CPU: 1 PID: 3209 at block/genhd.c:742 __device_add_disk+0xe90/0x1220 [ 538.565428][ T3209] Modules linked in: [ 538.565441][ T3209] CPU: 1 PID: 3209 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 538.565446][ T3209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 538.565457][ T3209] RIP: 0010:__device_add_disk+0xe90/0x1220 [ 538.565466][ T3209] Code: ff e8 24 3a 4c ff 0f 0b e9 6b fe ff ff e8 18 3a 4c ff 0f 0b e9 a1 f2 ff ff e8 0c 3a 4c ff 0f 0b e9 5d f8 ff ff e8 00 3a 4c ff <0f> 0b e9 04 f7 ff ff e8 f4 39 4c ff 43 80 3c 26 00 0f 85 4f fd ff [ 538.565470][ T3209] RSP: 0018:ffff8881e6947ce8 EFLAGS: 00010246 [ 538.565478][ T3209] RAX: ffffffff82146c60 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 538.565483][ T3209] RDX: ffffc90000144000 RSI: 000000000003ffff RDI: 0000000000040000 [ 538.565488][ T3209] RBP: ffff8881ef3d55f8 R08: ffffffff8214635e R09: 0000000000000010 [ 538.565493][ T3209] R10: ffffffff84600000 R11: 0000000000000000 R12: dffffc0000000000 [ 538.565499][ T3209] R13: 1ffff1103d1efc01 R14: 1ffff1103d1efc9d R15: ffff8881e8f7e000 [ 538.565506][ T3209] FS: 00007fe6f0077700(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 538.565512][ T3209] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 538.565517][ T3209] CR2: 00007fe6f0076ff8 CR3: 00000001ec8f2000 CR4: 00000000003406e0 [ 538.565526][ T3209] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 538.565531][ T3209] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 538.565533][ T3209] Call Trace: [ 538.565546][ T3209] loop_add+0x554/0x710 [ 538.565557][ T3209] loop_control_ioctl+0x468/0x680 [ 538.565565][ T3209] ? xor_init+0x60/0x60 [ 538.565576][ T3209] do_vfs_ioctl+0x6fb/0x15b0 [ 538.565589][ T3209] __x64_sys_ioctl+0xd4/0x110 [ 538.565599][ T3209] do_syscall_64+0xcb/0x1e0 [ 538.565610][ T3209] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 538.565617][ T3209] RIP: 0033:0x7fe6f0f01059 [ 538.565625][ T3209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 538.565629][ T3209] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 538.565636][ T3209] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 538.565640][ T3209] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 538.565644][ T3209] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 538.565649][ T3209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 538.565654][ T3209] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 538.565661][ T3209] ---[ end trace 362e18c8762015ec ]--- 14:29:59 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 49) 14:29:59 executing program 1: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x200000c7) 14:29:59 executing program 4: write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000000)={0x47, 0x7d, 0x1, {0x0, 0x40, 0x8, 0x5, {0x8, 0x2, 0x2}, 0x800000, 0x9, 0x6, 0x8, 0x3, '#&{', 0x5, ',!\\\x1b\\', 0x1, '%', 0x4, '{:]*'}}, 0x47) r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000080)={0x40, 0x4, 0x4, 0xcc8, 0x1b, "4ac1ccf582b9fdd1991c53044e9e09de5ed404"}) 14:29:59 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x200000c7) 14:29:59 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:59 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) write$P9_RXATTRCREATE(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x21, 0x1}, 0x7) ioctl$PIO_FONTRESET(r0, 0x4b6d, 0x0) 14:29:59 executing program 4: write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000000)={0x47, 0x7d, 0x1, {0x0, 0x40, 0x8, 0x5, {0x8, 0x2, 0x2}, 0x800000, 0x9, 0x6, 0x8, 0x3, '#&{', 0x5, ',!\\\x1b\\', 0x1, '%', 0x4, '{:]*'}}, 0x47) r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000080)={0x40, 0x4, 0x4, 0xcc8, 0x1b, "4ac1ccf582b9fdd1991c53044e9e09de5ed404"}) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000000)={0x47, 0x7d, 0x1, {0x0, 0x40, 0x8, 0x5, {0x8, 0x2, 0x2}, 0x800000, 0x9, 0x6, 0x8, 0x3, '#&{', 0x5, ',!\\\x1b\\', 0x1, '%', 0x4, '{:]*'}}, 0x47) (async) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async) syz_open_pts(r1, 0x0) (async) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000080)={0x40, 0x4, 0x4, 0xcc8, 0x1b, "4ac1ccf582b9fdd1991c53044e9e09de5ed404"}) (async) 14:29:59 executing program 1: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x200000c7) 14:29:59 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r1, 0x0, 0x0) write$P9_RMKDIR(r1, &(0x7f0000000000)={0x14, 0x49, 0x2, {0x0, 0x1, 0x8}}, 0x14) 14:29:59 executing program 1: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x200000c7) 14:29:59 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:29:59 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 50) [ 539.261970][ T3252] FAULT_INJECTION: forcing a failure. [ 539.261970][ T3252] name failslab, interval 1, probability 0, space 0, times 0 [ 539.274656][ T3252] CPU: 1 PID: 3252 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 539.274662][ T3252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 539.274666][ T3252] Call Trace: [ 539.274681][ T3252] dump_stack+0x18e/0x1de [ 539.274695][ T3252] should_fail+0x5d8/0x740 [ 539.274706][ T3252] ? __kernfs_new_node+0x8b/0x630 [ 539.274717][ T3252] should_failslab+0x5/0x20 [ 539.274727][ T3252] kmem_cache_alloc+0x36/0x290 [ 539.274736][ T3252] ? kernfs_activate+0x3fc/0x420 [ 539.274746][ T3252] __kernfs_new_node+0x8b/0x630 [ 539.274756][ T3252] ? kernfs_create_dir_ns+0x1df/0x220 [ 539.274766][ T3252] kernfs_new_node+0x95/0x160 [ 539.274776][ T3252] __kernfs_create_file+0x45/0x260 [ 539.274785][ T3252] sysfs_add_file_mode_ns+0x293/0x340 [ 539.274795][ T3252] sysfs_create_file_ns+0x146/0x230 [ 539.274804][ T3252] device_add+0x5d7/0x1820 [ 539.274816][ T3252] device_create_vargs+0x1b8/0x210 [ 539.274825][ T3252] device_create+0x86/0xb0 [ 539.274832][ T3252] ? vsnprintf+0x1a07/0x1aa0 [ 539.274842][ T3252] bdi_register_va+0x89/0x5e0 [ 539.274851][ T3252] bdi_register+0x80/0xa0 [ 539.274866][ T3252] ? __device_add_disk+0x50a/0x1220 [ 539.274876][ T3252] bdi_register_owner+0x56/0xf0 [ 539.274885][ T3252] __device_add_disk+0x583/0x1220 [ 539.274897][ T3252] loop_add+0x554/0x710 [ 539.274906][ T3252] loop_control_ioctl+0x468/0x680 [ 539.274915][ T3252] ? xor_init+0x60/0x60 [ 539.274924][ T3252] do_vfs_ioctl+0x6fb/0x15b0 [ 539.274937][ T3252] __x64_sys_ioctl+0xd4/0x110 [ 539.274946][ T3252] do_syscall_64+0xcb/0x1e0 [ 539.274956][ T3252] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 539.274965][ T3252] RIP: 0033:0x7fe6f0f01059 [ 539.274974][ T3252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 539.274978][ T3252] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 539.274986][ T3252] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 539.274991][ T3252] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 539.274996][ T3252] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 539.275002][ T3252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 539.275007][ T3252] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 539.275984][ T3252] ------------[ cut here ]------------ [ 539.276002][ T3252] WARNING: CPU: 1 PID: 3252 at block/genhd.c:742 __device_add_disk+0xe90/0x1220 [ 539.276004][ T3252] Modules linked in: [ 539.276017][ T3252] CPU: 1 PID: 3252 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 539.276021][ T3252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 539.276030][ T3252] RIP: 0010:__device_add_disk+0xe90/0x1220 [ 539.276037][ T3252] Code: ff e8 24 3a 4c ff 0f 0b e9 6b fe ff ff e8 18 3a 4c ff 0f 0b e9 a1 f2 ff ff e8 0c 3a 4c ff 0f 0b e9 5d f8 ff ff e8 00 3a 4c ff <0f> 0b e9 04 f7 ff ff e8 f4 39 4c ff 43 80 3c 26 00 0f 85 4f fd ff [ 539.276041][ T3252] RSP: 0018:ffff8881e110fce8 EFLAGS: 00010287 [ 539.276045][ T3252] RAX: ffffffff82146c60 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 539.276051][ T3252] RDX: ffffc90000144000 RSI: 0000000000019c3b RDI: 0000000000019c3c [ 539.276054][ T3252] RBP: ffff8881ef3d4d68 R08: ffffffff8214635e R09: 0000000000000010 [ 539.276058][ T3252] R10: ffffffff84600000 R11: 0000000000000000 R12: dffffc0000000000 [ 539.276062][ T3252] R13: 1ffff1103dea2601 R14: 1ffff1103dea269d R15: ffff8881ef513000 [ 539.276067][ T3252] FS: 00007fe6f0077700(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 539.276071][ T3252] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 539.276075][ T3252] CR2: 00007fe6f0076ff8 CR3: 00000001cfefd000 CR4: 00000000003406e0 [ 539.276081][ T3252] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 539.276085][ T3252] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 539.276086][ T3252] Call Trace: [ 539.276097][ T3252] loop_add+0x554/0x710 [ 539.276106][ T3252] loop_control_ioctl+0x468/0x680 [ 539.276113][ T3252] ? xor_init+0x60/0x60 [ 539.276122][ T3252] do_vfs_ioctl+0x6fb/0x15b0 [ 539.276133][ T3252] __x64_sys_ioctl+0xd4/0x110 [ 539.276142][ T3252] do_syscall_64+0xcb/0x1e0 [ 539.276152][ T3252] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 539.276158][ T3252] RIP: 0033:0x7fe6f0f01059 [ 539.276166][ T3252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 539.276170][ T3252] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 539.276178][ T3252] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 539.276183][ T3252] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 539.276188][ T3252] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 539.276193][ T3252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 539.276198][ T3252] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 539.276206][ T3252] ---[ end trace 362e18c8762015ed ]--- [ 539.367527][ T3272] FAULT_INJECTION: forcing a failure. [ 539.367527][ T3272] name failslab, interval 1, probability 0, space 0, times 0 [ 539.792984][ T3272] CPU: 1 PID: 3272 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 539.792990][ T3272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 539.792993][ T3272] Call Trace: [ 539.793010][ T3272] dump_stack+0x18e/0x1de [ 539.793023][ T3272] should_fail+0x5d8/0x740 [ 539.793032][ T3272] ? device_add+0x5d7/0x1820 [ 539.793042][ T3272] ? radix_tree_node_alloc+0x18c/0x370 [ 539.793052][ T3272] should_failslab+0x5/0x20 [ 539.793062][ T3272] kmem_cache_alloc+0x36/0x290 [ 539.793072][ T3272] ? __x64_sys_ioctl+0xd4/0x110 [ 539.793081][ T3272] ? do_syscall_64+0xcb/0x1e0 [ 539.793091][ T3272] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 539.793100][ T3272] radix_tree_node_alloc+0x18c/0x370 [ 539.793111][ T3272] idr_get_free+0x29a/0x870 [ 539.793123][ T3272] idr_alloc_cyclic+0x170/0x510 [ 539.793136][ T3272] __kernfs_new_node+0xdd/0x630 [ 539.793148][ T3272] ? kernfs_create_dir_ns+0x1df/0x220 [ 539.793158][ T3272] kernfs_new_node+0x95/0x160 [ 539.793169][ T3272] __kernfs_create_file+0x45/0x260 [ 539.793178][ T3272] sysfs_add_file_mode_ns+0x293/0x340 [ 539.793189][ T3272] sysfs_create_file_ns+0x146/0x230 [ 539.793198][ T3272] device_add+0x5d7/0x1820 [ 539.793209][ T3272] device_create_vargs+0x1b8/0x210 [ 539.793218][ T3272] device_create+0x86/0xb0 [ 539.793226][ T3272] ? vsnprintf+0x1a07/0x1aa0 [ 539.793242][ T3272] bdi_register_va+0x89/0x5e0 [ 539.793251][ T3272] bdi_register+0x80/0xa0 [ 539.793261][ T3272] ? __device_add_disk+0x50a/0x1220 [ 539.793270][ T3272] bdi_register_owner+0x56/0xf0 [ 539.793280][ T3272] __device_add_disk+0x583/0x1220 [ 539.793291][ T3272] loop_add+0x554/0x710 [ 539.793301][ T3272] loop_control_ioctl+0x468/0x680 [ 539.793309][ T3272] ? xor_init+0x60/0x60 [ 539.793318][ T3272] do_vfs_ioctl+0x6fb/0x15b0 [ 539.793332][ T3272] __x64_sys_ioctl+0xd4/0x110 [ 539.793341][ T3272] do_syscall_64+0xcb/0x1e0 [ 539.793351][ T3272] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 539.793360][ T3272] RIP: 0033:0x7fe6f0f01059 [ 539.793370][ T3272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 539.793374][ T3272] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 14:30:00 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 51) 14:30:00 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) (async) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r1, 0x0, 0x0) (async) write$P9_RMKDIR(r1, &(0x7f0000000000)={0x14, 0x49, 0x2, {0x0, 0x1, 0x8}}, 0x14) 14:30:00 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) write$P9_RXATTRCREATE(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x21, 0x1}, 0x7) (async) ioctl$PIO_FONTRESET(r0, 0x4b6d, 0x0) [ 539.793384][ T3272] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 539.793389][ T3272] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 539.793394][ T3272] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 539.793399][ T3272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 539.793410][ T3272] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 14:30:00 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) write$P9_RXATTRCREATE(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x21, 0x1}, 0x7) ioctl$PIO_FONTRESET(r0, 0x4b6d, 0x0) 14:30:00 executing program 4: write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000000)={0x47, 0x7d, 0x1, {0x0, 0x40, 0x8, 0x5, {0x8, 0x2, 0x2}, 0x800000, 0x9, 0x6, 0x8, 0x3, '#&{', 0x5, ',!\\\x1b\\', 0x1, '%', 0x4, '{:]*'}}, 0x47) (async, rerun: 32) r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) (rerun: 32) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async, rerun: 32) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (rerun: 32) syz_open_pts(r1, 0x0) (async) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000080)={0x40, 0x4, 0x4, 0xcc8, 0x1b, "4ac1ccf582b9fdd1991c53044e9e09de5ed404"}) 14:30:00 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) (async) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r1, 0x0, 0x0) (async) write$P9_RMKDIR(r1, &(0x7f0000000000)={0x14, 0x49, 0x2, {0x0, 0x1, 0x8}}, 0x14) 14:30:00 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:30:00 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) write$P9_RXATTRCREATE(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x21, 0x1}, 0x7) ioctl$PIO_FONTRESET(r0, 0x4b6d, 0x0) 14:30:00 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x200000c7) [ 540.122486][ T3280] FAULT_INJECTION: forcing a failure. [ 540.122486][ T3280] name failslab, interval 1, probability 0, space 0, times 0 [ 540.135402][ T3280] CPU: 1 PID: 3280 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 540.135409][ T3280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 540.135412][ T3280] Call Trace: [ 540.135426][ T3280] dump_stack+0x18e/0x1de [ 540.135439][ T3280] should_fail+0x5d8/0x740 [ 540.135450][ T3280] ? __kernfs_new_node+0x47/0x630 [ 540.135460][ T3280] should_failslab+0x5/0x20 [ 540.135471][ T3280] __kmalloc_track_caller+0x5d/0x2e0 [ 540.135483][ T3280] kstrdup_const+0x51/0x90 [ 540.135491][ T3280] __kernfs_new_node+0x47/0x630 [ 540.135500][ T3280] ? mutex_lock+0x6c/0xc0 [ 540.135510][ T3280] ? kernfs_activate+0x3fc/0x420 [ 540.135521][ T3280] kernfs_new_node+0x95/0x160 [ 540.135529][ T3280] kernfs_create_link+0x9c/0x1f0 [ 540.135538][ T3280] sysfs_do_create_link_sd+0x85/0x100 [ 540.135547][ T3280] device_add+0x93a/0x1820 [ 540.135558][ T3280] device_create_vargs+0x1b8/0x210 [ 540.135566][ T3280] device_create+0x86/0xb0 [ 540.135574][ T3280] ? vsnprintf+0x1a07/0x1aa0 [ 540.135584][ T3280] bdi_register_va+0x89/0x5e0 [ 540.135593][ T3280] bdi_register+0x80/0xa0 [ 540.135602][ T3280] ? __device_add_disk+0x50a/0x1220 [ 540.135611][ T3280] bdi_register_owner+0x56/0xf0 [ 540.135620][ T3280] __device_add_disk+0x583/0x1220 [ 540.135629][ T3280] loop_add+0x554/0x710 [ 540.135640][ T3280] loop_control_ioctl+0x468/0x680 [ 540.135648][ T3280] ? xor_init+0x60/0x60 [ 540.135658][ T3280] do_vfs_ioctl+0x6fb/0x15b0 [ 540.135671][ T3280] __x64_sys_ioctl+0xd4/0x110 [ 540.135681][ T3280] do_syscall_64+0xcb/0x1e0 [ 540.135691][ T3280] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 540.135698][ T3280] RIP: 0033:0x7fe6f0f01059 [ 540.135707][ T3280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 540.135711][ T3280] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 540.135720][ T3280] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 540.135725][ T3280] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 540.135730][ T3280] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 540.135734][ T3280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 540.135746][ T3280] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 540.136862][ T3280] ------------[ cut here ]------------ 14:30:00 executing program 3: write$P9_RAUTH(0xffffffffffffffff, &(0x7f0000000000)={0x14, 0x67, 0x1, {0x20, 0x4, 0x5}}, 0x14) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = syz_open_dev$ttys(0xc, 0x2, 0x1) syz_open_pts(r1, 0x1c200) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:30:00 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) ioctl$TIOCNOTTY(0xffffffffffffffff, 0x5422) r2 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_TESTMODE(r0, &(0x7f0000000240)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="6c110000", @ANYRES16=0x0, @ANYBLOB="000126bd7000fddbdf252d0000000c00990000000080420000008f004500739b0d33c370e3b3c63c8c1be68b87fe6b746da2710a212f3fa9ada4ffc61cd24db91bf9b8481b3e5b5095dae719f6aff60e874e7c293ddf3f910000200045003bc2369fbf4992093e0b7b97314ac6fd676d06a748eb59efff9d6081041045007cfad5813e2b1566edc45d2514c3ec15f56c81594a6bae8d5b02ee66eb4abf877351c7d0820ebb410eba51375d43d51c057f895d89cd304b20ddb4bc71d657555e78d5809455c2935d2eade8afb503476ef1f9e88baf2557ccab2d99267ff06fac28b62ff27c410ac8c257ab843c6e9bc2a17abf30d7d0a2ee5764e7c24e68bead96a391540722566d4ca6f3469a455c4fb048b08d981f7fb66ff9877b1304bb896d9db630bd427db277dacb73b382cb29be5a1e71b798accfe8caf771664bccaa83f10498b83ef8477ff1769ab9ae9bafc6b7c776d86a42022f1b2a7e32a85282edcd9179f4c2041931f964460f368613719c759b474872fbcba774819f823c07b425a6094114da6b3d71bdb9b64f0093de4e49c065be24d2970f53c1f7891b2885885bbdebe6a942a547a155fc24e10b5a259ab9a70c4d872ad511ce5091dd27414899c39385f0c69832cd67e8eda91d2e48ec54b6e196d5d5510d4271e58b9cd9968bf9c35e8d6fa1c89fe1ae34c45734181e2325deecb64a973b0315aa0210e0b5280351df39425bcb21fe3b49a533b56d2a556c0a5dc4f88132abc55e4656068e514842074d5dd7a43ad61877de9fb69be8f660737dbbe9952b262f19b5c699570bff5dfbf76e2fab216050dedc0889cb3ff692965cb515a9156917d366c58bdf0f8833fee306bef04f0ecab677d2d5127c77a32062e195c61f9eb9ab43b9d7e17f286283d58de1572f72ed14efde79be46d649eac17e6b038e8f07706afa4c276a871cb653ffbab10502b8061069a4afc63afc7d6237b30a5dbd91bf5b80caa4b7a3f7b387e4b9759b0e35bd98846f2ca288c231e57199e4c468fc7069a3f2b08617691dcf5b32fa66d02e86daf81e32e1f7a751ba8f5e08b4e9a136a7161f049b2cde67eda60781f47fd932af81993d3ff5339dff16f6183df75690a81d0936027f1800688c72e030e8af0dcc374fee1a016e99d3f98a71cabac788240655e58e65376b3c3f12941a6895cbdb57405888e2d000e94fd2166e70c80e8b72ac1a204618e903a95c09efb0ae7322160e3b6ca8a8b3b453ff456c6212863fe5708b4339b921d3dabc603ad32085d40213f55237c10e53be57d9c896bebabe72cf7d57fe144131416fe29e473ea21f31b2139d43f25eb8831ae42f38ab0a88fe373629bafd0196943117506df318d3cc1d4040feec69ae528c2ef73b9071c54da91636e39c9c9d22e3579e7bb8fc0448f13b71ecd58ef0666a86bc5e594aae608079f0ccdd509360d7ff5db00e8342023bb9bd42392cee187c184f4511b659f1ca3201d37b23649849c37f26e4ffadd666f68ab960afd53ede8023a2cd3aa9a6cedbe7dd5ffb0975c12a5379ee8be0581f7308b343242186d64e982f1397dbbb0c685cdac20a42451bf414a9b96d4241e0d6708c5176adfc2a8eb4b40ff5ca28a55f84aeaff5108cf73a1c84daf025f5815982a4ad36dcbc70e88669ecd64b6d5a1ff4af33b87d8269783919749bc3473e0f73e99570f747ea854bb61ba467aa10c29cd141d66477736af3f9ef22dd5d11b3adccdb60e32c5b51b50a1837d1aaad9d69a282c2f690aabba0e44f80503e0bf0ec7fcd5e1b082672e7a5eb23f7516f5bc38da2298dab186f8875646ab4530f46b4ed4a4088466a35bcef706a030da6f35db5f5c010a88d17278503a93bc91e6dbbc3056095fd7c0e2c7b974ea2a086ec0df3d72f0a083844515228a733c7d8afd28e2e1a8b677d7514f4b096a2ff5dbaa0e71b31cb2808cbcd7162c31975f94c5e8f78c121395e58eb6a39628b4c77e255888cb90220dd5b7663c2dc2c1a16bf60f34883ee9bfec2f4e30cfef77adb0fbeb90fe976ef508a501c35c72d8cc6e202c5b01d085098d7e80128000d6f625e558cd398195350d936fa293dbb75e67d6a4585f62964bddfcd057f2f084ee954ed67edae3b9f8c9524d68fec3ae59f00d42bb1d5804e6972515f9e0ef220bc63ef00c1ff9f8aebc5b925470a54a9650d9fb5ec5baca78f47a8347fed68eb8a3801b2eee0d4b95dbaa2b0074336204de6f14a1fa3139dd68552b8f7c9f6e5e054505760a28378551b89e4789b9694dcf8d8e381c796748ef5a2aa9cd707b341c97cb0dfc27a6266db262377f298deb91bfcd913094947415810de27bbb5e3a8fb20d9b2dc5a6bfdde7ecf6ae738f142029cb63761f8e0a000fd439e6b82faf5fd9cc0ef51f9afc5513be36fed5717eee4c301de30704d3de8ba64b311833af522bcc4d0f3622344ad81a26f6a41ed45d2eaa703819544e2058e45eff46660d56b2c1a3a9582209ed964a7f6a52489a76bf89b9ec96aab8713ff10acda5a940494b007e42e58eac7a28cc6fa6256302f304d8471b8478910367bd4c9afb5646b01dfe08b51d22012824097575d4a7a9f3804dc12d20d300a13c5bae8d9eee4bdb788730c1674be597769a238480702d5ccd31eb57babaaea3cc075076fed06f09f867b0d0f73aee4176a0715512b17faf6b6c6f16808e59723cb968d7bff3ed117d0f29a24b1d75f69de13876285d45063be253a48dad7792a59151e0d87bfde50f573e5426a3025f15226ebd1335baac88ccbdb7ab97725d945ec7a11ecb4d18fcbde33a95978180a5a1c28cd867d8654b23486f12dc17b2f18ba05fab7b9d09a5a776105a1729f596950211c0e7c1f365e749d293080e393bd71a6ee2000986525078514b8bb35d83034d8da672177065a6024ec7ef0c1b0a4b4c608d1b88f85bd201c8a0b98624631a51285259ce2d64764d6b5b59000df88c0c65fab34ce8d9ff18a4e729ac52fe954a722be8ee592e239498d649d31abd608b12b69c465c4cd941e55069670a46108805c1952148f5572d7bab702f58c4beaf47e3db54ffca8a5a7c62266a039d4d2dac49c4d25c261ef96aec1885cb121d5dc7e486528a1bb1fc7bec02ff2030fd2b1b4a263b8b734773b7cb6f826c89ceffdf385752427796c8d55dc1f534cfcbdde12f0a6cfce68dfe87cf09bd029e981d8ddb02f78a62d6411e05c2a9ffaff82a23eecfabb6d5092d859e642729d9c07bca317047abcf64dc697d9f6d11f762c5efd060ee45c670338f561f5a4ef3ce4455b145c4334cb2a54870fc29e4253131e07f6168a792cc0a2b2ceee9ef18c209978e5fa070ef081fa58d6546965877f65ebe853a0c7293dbbf5f9faaec440962f01b7c3229599c667a1772b40bd71d16a075c99f4b3483e4d66de16cdeb792bb735c18554f36fe1c4a9dac9853624a2483ff8dded54d9bb77b4f62c7a65f4bcabc8a95a04ad366e06ca6d1affc6545a1ee4801d32fcc0719a7369ab6bb37817419ebb92033e324186ae2b9b0f91cfb240280a806bdaee6ad4963b73431ee28a38de51c1bda0c003039a545004ae3c71e45db1019337cc68acebb8d654f80f1d9029fecb4ab1e036d4428a0b34c5c388d9f0ffc1cc0787d1c87f0efed0170bf03e4bb1d79daf3a9aad916d7a00fe0c64b1ccd99bb0f569511b81488bf1b6fd580ed6c0c6b0e5f08dc643246e470741ae3ca7f5053166838dab2ad9b9e726d62d6d86eb81b8c5cfae5173b12fd2def9187096222eca7df5bdb3e69239dbe47137da3cbfeb1fb1d465c959fe415dfe918cb0ddd1a35b9b5846967a39dba80df7eb01f473c76b8c456409ea4ebb5c63b99bde6a568eece7e780fb6a679ec5d6ce058588a8e6e2ff91dfc6a009d950ccbcf8735bf1cf2259b009fb3db121275a7bc4307edd5a7c13809530f6fcdbad17f0bd4ed42c77841f9056b2c522b001268419ef2cc3daa34f5693276d1aabda63cbc1d2328db6827f281cb38b3bb0d4d1b4c07c5f6523e94d731527a49f614acdd4ea032ef181a6068f22179e2c3ea3e980e44261fc5142de5a7a3278abe785f139a096fbd07b340178c9e6ac86970be40ffe5254ab70c127b44a258421abd85e53352a7495d0dd20c907a3b369551f0fc23e7485f2666295a74a45c2a8317b2ef7903ed0524a654b71761797479c33ea1e2a0595d8d9b24c1d529f6ccea3402f8c5dd6ea47148e94ca005903e4fd809cfae99d952e792386ae4f217296a85b36a7390de1219d9a2b3ede45a5b7d6c5c9f7742e34e145c3923a75b3d60736584cfdc403295bcbae56cff74a27237640a1d49c86f72f3124bb8d96211fe021765680a3fe704af5d764c0f0069019855f537a0d608dc491f4b5c0afcbde264a41a483f5e986dfd1fed7b047ab6318e37f2d570dc855f0af22660a92bd6bee31ede05a6442f3638f880e470766ea4f00e0950ec9ca94c61b2c14384d0c71b8ba5ccf6ce9ef5115787749f97cc93383f1c2e34f9280dc4b328018ba7798112d69532b74730b4d21a35ccce7c3cb8d4e9ae779860689fe97032f55d937ba3c068ea475985bd2fb9a094035dac87d7826b6ca175dfae3c26c00da5d421c740a32b6db79b56b7fc0c4f9f719446135b4ab718ccc6e8275cdcd404e6e91073744e715d45656a75100d73ce01cd8d1efedb2b0444f37ffb877f0c658f4bad8e299e27fdaf93cb306dd851b180c3b880188bda6f7455b052ba7572cf568438791106a69521b4ced68515de6eaa4bfbced7cff4ea5bd68b473c7e15ce47e6de03da73ec6fb70eaa5e2f4cc74cfb3bdbd57df1bf05772fa499106ce06dedfa26e7580962964ab57e0fb574a489a5531ebd847218c8c1190e8485474ffbeea5e21216995cdbe97cd53c1725ef1390f3bd215c550d153d310b6d5079f6381b646193c7675d38b21191d01377acb04a71fc0e340d31272b373eaaf7e6b5b31f480ff4d9e23fe151e4c876e78934a20a364e6cfde5f51c69eb829f17226278f9e638924dee527a0845dac52c817328cbfe5a89f7fe11afff3815b3d29da8989fe6e773ebe91f2e0d1ac0eeaff8b7f5a22f414dcc696631cd5e3da493556a8a1c75b5cfb973019dd9f7f68e74d44f1573347882d49e62f324a8f7a2249962179241a7293f4b3579aa2816bdecf928fb3b476b708611e7e67cf0d709d1125f12f5c49dedc38019246d716f8badcfba56a9fcfa9ff8e06f57ddfb8b76ec0e93efd5b05fcc9ff9263300f07796f282673d66e320984394d15fb16a496a9b122815844a1f83d03f63eb1ad3853aa38972772c8beac048c7756699aebe3b1c753a7e03df42b319cfb30e1df9c623cc5f7e3a52a714a32d090e6e265b0cc64baab1363da1bfdf8fd47b37d3a11c477121583f376622e177278cda1278ac3abe9cb478866f79fe5a50d858f984f5456d7321abf63c7ecf064755b093dcc90d056ff65dd9d3f691e0e7c72ddd140629a0d2e4dc2e5299111a709bde64b21f536b48d9260e83a7fcd145ebb8689f1e07bf986773d51f6096045a4f7a7d2a239e3cf95eb836d8c5851ebe1f978a482134d222c3efe6ae54b679adef9d7a2dd419f1108f00dae2761b969f75910c9cd2108cca7d3e3bc18f278c94d382198c47b4051850af2434f70b1c3ff4885e6bb868b7626f1341501f9d759f34db0abf7ca59793f76061437332d9ab5db02c07be73bfb10edfc1128cd735328874171c8e5b7b1c5b5ce034c92b3c79e4e7dafb9713fc3ace5229ead30c248ce9a878df1e6cb1676963a3a909ea58c4604eeba448cfb25b4d0efa726dbdfb8b77f390382fed2c133640e4062148a14638b7a56c53b0863a1200942840e477e60431096fb32d4c135bdec256f4e6ff6cea94143f774bd4de71a524591d9feae2f5eae07e42e0a55830f76abc934c8f13884c854e08c396e4ef00e7881681ee74efdce5b7ecc48a4cbe600450098b4bb99560bc48fe4026024553754aaa0982aa39f44ef6b9fed20f8fd2fabe72b21e8daa304a24ad3e038bf68fb57d1d041671892575997b067554e7ef3de32d8eb3a24c7a4b1a6541eaa16d6be36c1348f32baba77eaa7243a0e49010df2cc06b6599748eb370ddd249b24000cd1cc00dd99642246622261440429c497ea34b8878048bfe09c1f633ee85ff8e7942a1ce2af9eda9ef6544ecd950de4d35777dbe8995ed565bfc4c9a5d88e7f8a95e41bfb45f02a2229f5b47704fb243f7c0c8f32dd7d215a7244ea4428334e5386c0e7c46fd1cc06a35d88946f804ae4767f0b330000"], 0x116c}, 0x1, 0x0, 0x0, 0x801}, 0x20000084) sendmsg$TIPC_NL_PEER_REMOVE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x70, r1, 0x1, 0x70bd29, 0x0, {}, [@TIPC_NLA_BEARER={0x48, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}, 0x40}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x7fffffff, @remote, 0x100}}}}]}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ADDR={0x8}]}]}, 0x70}}, 0x0) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_PEER_REMOVE(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={0x2c, r3, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0x4}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ADDR={0x8}]}]}, 0x2c}}, 0x0) sendmsg$TIPC_NL_BEARER_SET(r2, &(0x7f0000001640)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001600)={&(0x7f00000014c0)={0x12c, r3, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [@TIPC_NLA_NET={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x5}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x4}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x80}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xb01e}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}]}, @TIPC_NLA_NODE={0x8, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY_MASTER={0x4}]}, @TIPC_NLA_MON={0x3c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xfb31}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9ea}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}]}, @TIPC_NLA_MEDIA={0x18, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x4}]}, @TIPC_NLA_MEDIA={0x80, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000000}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}]}, @TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x100}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x20f518cd}]}]}]}, 0x12c}, 0x1, 0x0, 0x0, 0x2004c000}, 0x9bb49aeba9895d2a) ioctl$EVIOCSREP(0xffffffffffffffff, 0x40084503, &(0x7f0000000100)=[0x8, 0x5]) sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="000427bd7000fddbdf25130000002c00038008000200050000000800030000800000080001000500000008000200ff070000081b030001000000"], 0x40}}, 0x4080) r5 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r5, 0x0, 0x0) 14:30:00 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 52) [ 540.370662][ T3280] WARNING: CPU: 1 PID: 3280 at block/genhd.c:742 __device_add_disk+0xe90/0x1220 [ 540.370665][ T3280] Modules linked in: [ 540.370679][ T3280] CPU: 1 PID: 3280 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 540.370684][ T3280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 540.370695][ T3280] RIP: 0010:__device_add_disk+0xe90/0x1220 [ 540.370705][ T3280] Code: ff e8 24 3a 4c ff 0f 0b e9 6b fe ff ff e8 18 3a 4c ff 0f 0b e9 a1 f2 ff ff e8 0c 3a 4c ff 0f 0b e9 5d f8 ff ff e8 00 3a 4c ff <0f> 0b e9 04 f7 ff ff e8 f4 39 4c ff 43 80 3c 26 00 0f 85 4f fd ff [ 540.370709][ T3280] RSP: 0018:ffff8881e1547ce8 EFLAGS: 00010287 [ 540.370717][ T3280] RAX: ffffffff82146c60 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 540.370722][ T3280] RDX: ffffc90000144000 RSI: 000000000001cb8d RDI: 000000000001cb8e [ 540.370727][ T3280] RBP: ffff8881ef3d6fa8 R08: ffffffff8214635e R09: 0000000000000010 [ 540.370733][ T3280] R10: ffffffff84600000 R11: 0000000000000000 R12: dffffc0000000000 [ 540.370738][ T3280] R13: 1ffff1103dbc5c01 R14: 1ffff1103dbc5c9d R15: ffff8881ede2e000 [ 540.370746][ T3280] FS: 00007fe6f0077700(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 540.370752][ T3280] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 540.370757][ T3280] CR2: 00007ffd5d877fd8 CR3: 00000001e4f95000 CR4: 00000000003406e0 [ 540.370766][ T3280] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 540.370771][ T3280] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 540.370773][ T3280] Call Trace: [ 540.370789][ T3280] loop_add+0x554/0x710 [ 540.370800][ T3280] loop_control_ioctl+0x468/0x680 [ 540.370809][ T3280] ? xor_init+0x60/0x60 [ 540.370819][ T3280] do_vfs_ioctl+0x6fb/0x15b0 [ 540.370832][ T3280] __x64_sys_ioctl+0xd4/0x110 [ 540.370842][ T3280] do_syscall_64+0xcb/0x1e0 [ 540.370854][ T3280] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 540.370861][ T3280] RIP: 0033:0x7fe6f0f01059 [ 540.370870][ T3280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 540.370874][ T3280] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 540.370883][ T3280] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 540.370888][ T3280] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 14:30:01 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r1, 0x0, 0x0) write$P9_RSTAT(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="470000007d0100000040003f000800000008040000000500000000000000400008000100008009000000000020100000000003002929000500253c287d7d04002d27ec0001002e"], 0x47) write$P9_RFLUSH(r1, 0xffffffffffffffff, 0x0) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x2, {0x1, 0x1, 0x4}}, 0x14) 14:30:01 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) (async) ioctl$TIOCNOTTY(0xffffffffffffffff, 0x5422) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_TESTMODE(r0, &(0x7f0000000240)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="6c110000", @ANYRES16=0x0, @ANYBLOB="000126bd7000fddbdf252d0000000c00990000000080420000008f004500739b0d33c370e3b3c63c8c1be68b87fe6b746da2710a212f3fa9ada4ffc61cd24db91bf9b8481b3e5b5095dae719f6aff60e874e7c293ddf3f910000200045003bc2369fbf4992093e0b7b97314ac6fd676d06a748eb59efff9d6081041045007cfad5813e2b1566edc45d2514c3ec15f56c81594a6bae8d5b02ee66eb4abf877351c7d0820ebb410eba51375d43d51c057f895d89cd304b20ddb4bc71d657555e78d5809455c2935d2eade8afb503476ef1f9e88baf2557ccab2d99267ff06fac28b62ff27c410ac8c257ab843c6e9bc2a17abf30d7d0a2ee5764e7c24e68bead96a391540722566d4ca6f3469a455c4fb048b08d981f7fb66ff9877b1304bb896d9db630bd427db277dacb73b382cb29be5a1e71b798accfe8caf771664bccaa83f10498b83ef8477ff1769ab9ae9bafc6b7c776d86a42022f1b2a7e32a85282edcd9179f4c2041931f964460f368613719c759b474872fbcba774819f823c07b425a6094114da6b3d71bdb9b64f0093de4e49c065be24d2970f53c1f7891b2885885bbdebe6a942a547a155fc24e10b5a259ab9a70c4d872ad511ce5091dd27414899c39385f0c69832cd67e8eda91d2e48ec54b6e196d5d5510d4271e58b9cd9968bf9c35e8d6fa1c89fe1ae34c45734181e2325deecb64a973b0315aa0210e0b5280351df39425bcb21fe3b49a533b56d2a556c0a5dc4f88132abc55e4656068e514842074d5dd7a43ad61877de9fb69be8f660737dbbe9952b262f19b5c699570bff5dfbf76e2fab216050dedc0889cb3ff692965cb515a9156917d366c58bdf0f8833fee306bef04f0ecab677d2d5127c77a32062e195c61f9eb9ab43b9d7e17f286283d58de1572f72ed14efde79be46d649eac17e6b038e8f07706afa4c276a871cb653ffbab10502b8061069a4afc63afc7d6237b30a5dbd91bf5b80caa4b7a3f7b387e4b9759b0e35bd98846f2ca288c231e57199e4c468fc7069a3f2b08617691dcf5b32fa66d02e86daf81e32e1f7a751ba8f5e08b4e9a136a7161f049b2cde67eda60781f47fd932af81993d3ff5339dff16f6183df75690a81d0936027f1800688c72e030e8af0dcc374fee1a016e99d3f98a71cabac788240655e58e65376b3c3f12941a6895cbdb57405888e2d000e94fd2166e70c80e8b72ac1a204618e903a95c09efb0ae7322160e3b6ca8a8b3b453ff456c6212863fe5708b4339b921d3dabc603ad32085d40213f55237c10e53be57d9c896bebabe72cf7d57fe144131416fe29e473ea21f31b2139d43f25eb8831ae42f38ab0a88fe373629bafd0196943117506df318d3cc1d4040feec69ae528c2ef73b9071c54da91636e39c9c9d22e3579e7bb8fc0448f13b71ecd58ef0666a86bc5e594aae608079f0ccdd509360d7ff5db00e8342023bb9bd42392cee187c184f4511b659f1ca3201d37b23649849c37f26e4ffadd666f68ab960afd53ede8023a2cd3aa9a6cedbe7dd5ffb0975c12a5379ee8be0581f7308b343242186d64e982f1397dbbb0c685cdac20a42451bf414a9b96d4241e0d6708c5176adfc2a8eb4b40ff5ca28a55f84aeaff5108cf73a1c84daf025f5815982a4ad36dcbc70e88669ecd64b6d5a1ff4af33b87d8269783919749bc3473e0f73e99570f747ea854bb61ba467aa10c29cd141d66477736af3f9ef22dd5d11b3adccdb60e32c5b51b50a1837d1aaad9d69a282c2f690aabba0e44f80503e0bf0ec7fcd5e1b082672e7a5eb23f7516f5bc38da2298dab186f8875646ab4530f46b4ed4a4088466a35bcef706a030da6f35db5f5c010a88d17278503a93bc91e6dbbc3056095fd7c0e2c7b974ea2a086ec0df3d72f0a083844515228a733c7d8afd28e2e1a8b677d7514f4b096a2ff5dbaa0e71b31cb2808cbcd7162c31975f94c5e8f78c121395e58eb6a39628b4c77e255888cb90220dd5b7663c2dc2c1a16bf60f34883ee9bfec2f4e30cfef77adb0fbeb90fe976ef508a501c35c72d8cc6e202c5b01d085098d7e80128000d6f625e558cd398195350d936fa293dbb75e67d6a4585f62964bddfcd057f2f084ee954ed67edae3b9f8c9524d68fec3ae59f00d42bb1d5804e6972515f9e0ef220bc63ef00c1ff9f8aebc5b925470a54a9650d9fb5ec5baca78f47a8347fed68eb8a3801b2eee0d4b95dbaa2b0074336204de6f14a1fa3139dd68552b8f7c9f6e5e054505760a28378551b89e4789b9694dcf8d8e381c796748ef5a2aa9cd707b341c97cb0dfc27a6266db262377f298deb91bfcd913094947415810de27bbb5e3a8fb20d9b2dc5a6bfdde7ecf6ae738f142029cb63761f8e0a000fd439e6b82faf5fd9cc0ef51f9afc5513be36fed5717eee4c301de30704d3de8ba64b311833af522bcc4d0f3622344ad81a26f6a41ed45d2eaa703819544e2058e45eff46660d56b2c1a3a9582209ed964a7f6a52489a76bf89b9ec96aab8713ff10acda5a940494b007e42e58eac7a28cc6fa6256302f304d8471b8478910367bd4c9afb5646b01dfe08b51d22012824097575d4a7a9f3804dc12d20d300a13c5bae8d9eee4bdb788730c1674be597769a238480702d5ccd31eb57babaaea3cc075076fed06f09f867b0d0f73aee4176a0715512b17faf6b6c6f16808e59723cb968d7bff3ed117d0f29a24b1d75f69de13876285d45063be253a48dad7792a59151e0d87bfde50f573e5426a3025f15226ebd1335baac88ccbdb7ab97725d945ec7a11ecb4d18fcbde33a95978180a5a1c28cd867d8654b23486f12dc17b2f18ba05fab7b9d09a5a776105a1729f596950211c0e7c1f365e749d293080e393bd71a6ee2000986525078514b8bb35d83034d8da672177065a6024ec7ef0c1b0a4b4c608d1b88f85bd201c8a0b98624631a51285259ce2d64764d6b5b59000df88c0c65fab34ce8d9ff18a4e729ac52fe954a722be8ee592e239498d649d31abd608b12b69c465c4cd941e55069670a46108805c1952148f5572d7bab702f58c4beaf47e3db54ffca8a5a7c62266a039d4d2dac49c4d25c261ef96aec1885cb121d5dc7e486528a1bb1fc7bec02ff2030fd2b1b4a263b8b734773b7cb6f826c89ceffdf385752427796c8d55dc1f534cfcbdde12f0a6cfce68dfe87cf09bd029e981d8ddb02f78a62d6411e05c2a9ffaff82a23eecfabb6d5092d859e642729d9c07bca317047abcf64dc697d9f6d11f762c5efd060ee45c670338f561f5a4ef3ce4455b145c4334cb2a54870fc29e4253131e07f6168a792cc0a2b2ceee9ef18c209978e5fa070ef081fa58d6546965877f65ebe853a0c7293dbbf5f9faaec440962f01b7c3229599c667a1772b40bd71d16a075c99f4b3483e4d66de16cdeb792bb735c18554f36fe1c4a9dac9853624a2483ff8dded54d9bb77b4f62c7a65f4bcabc8a95a04ad366e06ca6d1affc6545a1ee4801d32fcc0719a7369ab6bb37817419ebb92033e324186ae2b9b0f91cfb240280a806bdaee6ad4963b73431ee28a38de51c1bda0c003039a545004ae3c71e45db1019337cc68acebb8d654f80f1d9029fecb4ab1e036d4428a0b34c5c388d9f0ffc1cc0787d1c87f0efed0170bf03e4bb1d79daf3a9aad916d7a00fe0c64b1ccd99bb0f569511b81488bf1b6fd580ed6c0c6b0e5f08dc643246e470741ae3ca7f5053166838dab2ad9b9e726d62d6d86eb81b8c5cfae5173b12fd2def9187096222eca7df5bdb3e69239dbe47137da3cbfeb1fb1d465c959fe415dfe918cb0ddd1a35b9b5846967a39dba80df7eb01f473c76b8c456409ea4ebb5c63b99bde6a568eece7e780fb6a679ec5d6ce058588a8e6e2ff91dfc6a009d950ccbcf8735bf1cf2259b009fb3db121275a7bc4307edd5a7c13809530f6fcdbad17f0bd4ed42c77841f9056b2c522b001268419ef2cc3daa34f5693276d1aabda63cbc1d2328db6827f281cb38b3bb0d4d1b4c07c5f6523e94d731527a49f614acdd4ea032ef181a6068f22179e2c3ea3e980e44261fc5142de5a7a3278abe785f139a096fbd07b340178c9e6ac86970be40ffe5254ab70c127b44a258421abd85e53352a7495d0dd20c907a3b369551f0fc23e7485f2666295a74a45c2a8317b2ef7903ed0524a654b71761797479c33ea1e2a0595d8d9b24c1d529f6ccea3402f8c5dd6ea47148e94ca005903e4fd809cfae99d952e792386ae4f217296a85b36a7390de1219d9a2b3ede45a5b7d6c5c9f7742e34e145c3923a75b3d60736584cfdc403295bcbae56cff74a27237640a1d49c86f72f3124bb8d96211fe021765680a3fe704af5d764c0f0069019855f537a0d608dc491f4b5c0afcbde264a41a483f5e986dfd1fed7b047ab6318e37f2d570dc855f0af22660a92bd6bee31ede05a6442f3638f880e470766ea4f00e0950ec9ca94c61b2c14384d0c71b8ba5ccf6ce9ef5115787749f97cc93383f1c2e34f9280dc4b328018ba7798112d69532b74730b4d21a35ccce7c3cb8d4e9ae779860689fe97032f55d937ba3c068ea475985bd2fb9a094035dac87d7826b6ca175dfae3c26c00da5d421c740a32b6db79b56b7fc0c4f9f719446135b4ab718ccc6e8275cdcd404e6e91073744e715d45656a75100d73ce01cd8d1efedb2b0444f37ffb877f0c658f4bad8e299e27fdaf93cb306dd851b180c3b880188bda6f7455b052ba7572cf568438791106a69521b4ced68515de6eaa4bfbced7cff4ea5bd68b473c7e15ce47e6de03da73ec6fb70eaa5e2f4cc74cfb3bdbd57df1bf05772fa499106ce06dedfa26e7580962964ab57e0fb574a489a5531ebd847218c8c1190e8485474ffbeea5e21216995cdbe97cd53c1725ef1390f3bd215c550d153d310b6d5079f6381b646193c7675d38b21191d01377acb04a71fc0e340d31272b373eaaf7e6b5b31f480ff4d9e23fe151e4c876e78934a20a364e6cfde5f51c69eb829f17226278f9e638924dee527a0845dac52c817328cbfe5a89f7fe11afff3815b3d29da8989fe6e773ebe91f2e0d1ac0eeaff8b7f5a22f414dcc696631cd5e3da493556a8a1c75b5cfb973019dd9f7f68e74d44f1573347882d49e62f324a8f7a2249962179241a7293f4b3579aa2816bdecf928fb3b476b708611e7e67cf0d709d1125f12f5c49dedc38019246d716f8badcfba56a9fcfa9ff8e06f57ddfb8b76ec0e93efd5b05fcc9ff9263300f07796f282673d66e320984394d15fb16a496a9b122815844a1f83d03f63eb1ad3853aa38972772c8beac048c7756699aebe3b1c753a7e03df42b319cfb30e1df9c623cc5f7e3a52a714a32d090e6e265b0cc64baab1363da1bfdf8fd47b37d3a11c477121583f376622e177278cda1278ac3abe9cb478866f79fe5a50d858f984f5456d7321abf63c7ecf064755b093dcc90d056ff65dd9d3f691e0e7c72ddd140629a0d2e4dc2e5299111a709bde64b21f536b48d9260e83a7fcd145ebb8689f1e07bf986773d51f6096045a4f7a7d2a239e3cf95eb836d8c5851ebe1f978a482134d222c3efe6ae54b679adef9d7a2dd419f1108f00dae2761b969f75910c9cd2108cca7d3e3bc18f278c94d382198c47b4051850af2434f70b1c3ff4885e6bb868b7626f1341501f9d759f34db0abf7ca59793f76061437332d9ab5db02c07be73bfb10edfc1128cd735328874171c8e5b7b1c5b5ce034c92b3c79e4e7dafb9713fc3ace5229ead30c248ce9a878df1e6cb1676963a3a909ea58c4604eeba448cfb25b4d0efa726dbdfb8b77f390382fed2c133640e4062148a14638b7a56c53b0863a1200942840e477e60431096fb32d4c135bdec256f4e6ff6cea94143f774bd4de71a524591d9feae2f5eae07e42e0a55830f76abc934c8f13884c854e08c396e4ef00e7881681ee74efdce5b7ecc48a4cbe600450098b4bb99560bc48fe4026024553754aaa0982aa39f44ef6b9fed20f8fd2fabe72b21e8daa304a24ad3e038bf68fb57d1d041671892575997b067554e7ef3de32d8eb3a24c7a4b1a6541eaa16d6be36c1348f32baba77eaa7243a0e49010df2cc06b6599748eb370ddd249b24000cd1cc00dd99642246622261440429c497ea34b8878048bfe09c1f633ee85ff8e7942a1ce2af9eda9ef6544ecd950de4d35777dbe8995ed565bfc4c9a5d88e7f8a95e41bfb45f02a2229f5b47704fb243f7c0c8f32dd7d215a7244ea4428334e5386c0e7c46fd1cc06a35d88946f804ae4767f0b330000"], 0x116c}, 0x1, 0x0, 0x0, 0x801}, 0x20000084) (async) sendmsg$TIPC_NL_PEER_REMOVE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x70, r1, 0x1, 0x70bd29, 0x0, {}, [@TIPC_NLA_BEARER={0x48, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}, 0x40}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x7fffffff, @remote, 0x100}}}}]}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ADDR={0x8}]}]}, 0x70}}, 0x0) (async) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) (async) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_PEER_REMOVE(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={0x2c, r3, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0x4}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ADDR={0x8}]}]}, 0x2c}}, 0x0) sendmsg$TIPC_NL_BEARER_SET(r2, &(0x7f0000001640)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001600)={&(0x7f00000014c0)={0x12c, r3, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [@TIPC_NLA_NET={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x5}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x4}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x80}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xb01e}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}]}, @TIPC_NLA_NODE={0x8, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY_MASTER={0x4}]}, @TIPC_NLA_MON={0x3c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xfb31}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9ea}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}]}, @TIPC_NLA_MEDIA={0x18, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x4}]}, @TIPC_NLA_MEDIA={0x80, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000000}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}]}, @TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x100}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x20f518cd}]}]}]}, 0x12c}, 0x1, 0x0, 0x0, 0x2004c000}, 0x9bb49aeba9895d2a) (async) ioctl$EVIOCSREP(0xffffffffffffffff, 0x40084503, &(0x7f0000000100)=[0x8, 0x5]) sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="000427bd7000fddbdf25130000002c00038008000200050000000800030000800000080001000500000008000200ff070000081b030001000000"], 0x40}}, 0x4080) r5 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r5, 0x0, 0x0) [ 540.370893][ T3280] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 540.370898][ T3280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 540.370903][ T3280] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 540.370911][ T3280] ---[ end trace 362e18c8762015ee ]--- [ 540.497878][ T3309] FAULT_INJECTION: forcing a failure. [ 540.497878][ T3309] name failslab, interval 1, probability 0, space 0, times 0 14:30:01 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 53) [ 540.677244][ T3309] CPU: 0 PID: 3309 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 540.677250][ T3309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 540.677253][ T3309] Call Trace: [ 540.677267][ T3309] dump_stack+0x18e/0x1de [ 540.677280][ T3309] should_fail+0x5d8/0x740 [ 540.677292][ T3309] ? __kernfs_new_node+0x8b/0x630 [ 540.677302][ T3309] should_failslab+0x5/0x20 [ 540.677312][ T3309] kmem_cache_alloc+0x36/0x290 [ 540.677320][ T3309] ? memcpy+0x38/0x50 [ 540.677330][ T3309] __kernfs_new_node+0x8b/0x630 [ 540.677338][ T3309] ? mutex_lock+0x6c/0xc0 [ 540.677348][ T3309] ? kernfs_activate+0x3fc/0x420 [ 540.677358][ T3309] kernfs_new_node+0x95/0x160 [ 540.677368][ T3309] kernfs_create_link+0x9c/0x1f0 [ 540.677377][ T3309] sysfs_do_create_link_sd+0x85/0x100 [ 540.677387][ T3309] device_add+0x93a/0x1820 [ 540.677399][ T3309] device_create_vargs+0x1b8/0x210 [ 540.677409][ T3309] device_create+0x86/0xb0 [ 540.677416][ T3309] ? vsnprintf+0x1a07/0x1aa0 [ 540.677427][ T3309] bdi_register_va+0x89/0x5e0 [ 540.677437][ T3309] bdi_register+0x80/0xa0 [ 540.677447][ T3309] ? __device_add_disk+0x50a/0x1220 [ 540.677457][ T3309] bdi_register_owner+0x56/0xf0 [ 540.677466][ T3309] __device_add_disk+0x583/0x1220 [ 540.677478][ T3309] loop_add+0x554/0x710 [ 540.677487][ T3309] loop_control_ioctl+0x468/0x680 [ 540.677495][ T3309] ? xor_init+0x60/0x60 [ 540.677505][ T3309] do_vfs_ioctl+0x6fb/0x15b0 [ 540.677525][ T3309] __x64_sys_ioctl+0xd4/0x110 [ 540.677535][ T3309] do_syscall_64+0xcb/0x1e0 [ 540.677546][ T3309] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 540.677554][ T3309] RIP: 0033:0x7fe6f0f01059 [ 540.677569][ T3309] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 540.677574][ T3309] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 540.677584][ T3309] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 540.677589][ T3309] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 540.677594][ T3309] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 540.677599][ T3309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 540.677604][ T3309] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 540.677849][ T3309] ------------[ cut here ]------------ [ 540.677865][ T3309] WARNING: CPU: 0 PID: 3309 at block/genhd.c:742 __device_add_disk+0xe90/0x1220 14:30:01 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) [ 540.677867][ T3309] Modules linked in: [ 540.677879][ T3309] CPU: 0 PID: 3309 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 540.677884][ T3309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 540.677892][ T3309] RIP: 0010:__device_add_disk+0xe90/0x1220 [ 540.677899][ T3309] Code: ff e8 24 3a 4c ff 0f 0b e9 6b fe ff ff e8 18 3a 4c ff 0f 0b e9 a1 f2 ff ff e8 0c 3a 4c ff 0f 0b e9 5d f8 ff ff e8 00 3a 4c ff <0f> 0b e9 04 f7 ff ff e8 f4 39 4c ff 43 80 3c 26 00 0f 85 4f fd ff [ 540.677904][ T3309] RSP: 0018:ffff8881e971fce8 EFLAGS: 00010246 [ 540.677910][ T3309] RAX: ffffffff82146c60 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 540.677915][ T3309] RDX: ffffc90000144000 RSI: 000000000003ffff RDI: 0000000000040000 [ 540.677921][ T3309] RBP: ffff8881ef160058 R08: ffffffff8214635e R09: 0000000000000010 [ 540.677925][ T3309] R10: ffffffff84600000 R11: 0000000000000000 R12: dffffc0000000000 [ 540.677930][ T3309] R13: 1ffff1103c483a01 R14: 1ffff1103c483a9d R15: ffff8881e241d000 [ 540.677937][ T3309] FS: 00007fe6f0077700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 540.677942][ T3309] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 540.677948][ T3309] CR2: 00007f4584595d38 CR3: 00000001f0f2a000 CR4: 00000000003406f0 [ 540.677956][ T3309] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 540.677961][ T3309] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 540.677963][ T3309] Call Trace: [ 540.677975][ T3309] loop_add+0x554/0x710 [ 540.677986][ T3309] loop_control_ioctl+0x468/0x680 [ 540.677994][ T3309] ? xor_init+0x60/0x60 [ 540.678004][ T3309] do_vfs_ioctl+0x6fb/0x15b0 [ 540.678017][ T3309] __x64_sys_ioctl+0xd4/0x110 [ 540.678026][ T3309] do_syscall_64+0xcb/0x1e0 [ 540.678036][ T3309] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 540.678042][ T3309] RIP: 0033:0x7fe6f0f01059 [ 540.678050][ T3309] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 540.678054][ T3309] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 540.678061][ T3309] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 540.678066][ T3309] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 540.678070][ T3309] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 540.678075][ T3309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 540.678079][ T3309] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 540.678086][ T3309] ---[ end trace 362e18c8762015ef ]--- 14:30:01 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r1, 0x0, 0x0) (async) write$P9_RSTAT(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="470000007d0100000040003f000800000008040000000500000000000000400008000100008009000000000020100000000003002929000500253c287d7d04002d27ec0001002e"], 0x47) (async) write$P9_RFLUSH(r1, 0xffffffffffffffff, 0x0) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x2, {0x1, 0x1, 0x4}}, 0x14) 14:30:01 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) ioctl$TIOCNOTTY(0xffffffffffffffff, 0x5422) r2 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_TESTMODE(r0, &(0x7f0000000240)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="6c110000", @ANYRES16=0x0, @ANYBLOB="000126bd7000fddbdf252d0000000c00990000000080420000008f004500739b0d33c370e3b3c63c8c1be68b87fe6b746da2710a212f3fa9ada4ffc61cd24db91bf9b8481b3e5b5095dae719f6aff60e874e7c293ddf3f910000200045003bc2369fbf4992093e0b7b97314ac6fd676d06a748eb59efff9d6081041045007cfad5813e2b1566edc45d2514c3ec15f56c81594a6bae8d5b02ee66eb4abf877351c7d0820ebb410eba51375d43d51c057f895d89cd304b20ddb4bc71d657555e78d5809455c2935d2eade8afb503476ef1f9e88baf2557ccab2d99267ff06fac28b62ff27c410ac8c257ab843c6e9bc2a17abf30d7d0a2ee5764e7c24e68bead96a391540722566d4ca6f3469a455c4fb048b08d981f7fb66ff9877b1304bb896d9db630bd427db277dacb73b382cb29be5a1e71b798accfe8caf771664bccaa83f10498b83ef8477ff1769ab9ae9bafc6b7c776d86a42022f1b2a7e32a85282edcd9179f4c2041931f964460f368613719c759b474872fbcba774819f823c07b425a6094114da6b3d71bdb9b64f0093de4e49c065be24d2970f53c1f7891b2885885bbdebe6a942a547a155fc24e10b5a259ab9a70c4d872ad511ce5091dd27414899c39385f0c69832cd67e8eda91d2e48ec54b6e196d5d5510d4271e58b9cd9968bf9c35e8d6fa1c89fe1ae34c45734181e2325deecb64a973b0315aa0210e0b5280351df39425bcb21fe3b49a533b56d2a556c0a5dc4f88132abc55e4656068e514842074d5dd7a43ad61877de9fb69be8f660737dbbe9952b262f19b5c699570bff5dfbf76e2fab216050dedc0889cb3ff692965cb515a9156917d366c58bdf0f8833fee306bef04f0ecab677d2d5127c77a32062e195c61f9eb9ab43b9d7e17f286283d58de1572f72ed14efde79be46d649eac17e6b038e8f07706afa4c276a871cb653ffbab10502b8061069a4afc63afc7d6237b30a5dbd91bf5b80caa4b7a3f7b387e4b9759b0e35bd98846f2ca288c231e57199e4c468fc7069a3f2b08617691dcf5b32fa66d02e86daf81e32e1f7a751ba8f5e08b4e9a136a7161f049b2cde67eda60781f47fd932af81993d3ff5339dff16f6183df75690a81d0936027f1800688c72e030e8af0dcc374fee1a016e99d3f98a71cabac788240655e58e65376b3c3f12941a6895cbdb57405888e2d000e94fd2166e70c80e8b72ac1a204618e903a95c09efb0ae7322160e3b6ca8a8b3b453ff456c6212863fe5708b4339b921d3dabc603ad32085d40213f55237c10e53be57d9c896bebabe72cf7d57fe144131416fe29e473ea21f31b2139d43f25eb8831ae42f38ab0a88fe373629bafd0196943117506df318d3cc1d4040feec69ae528c2ef73b9071c54da91636e39c9c9d22e3579e7bb8fc0448f13b71ecd58ef0666a86bc5e594aae608079f0ccdd509360d7ff5db00e8342023bb9bd42392cee187c184f4511b659f1ca3201d37b23649849c37f26e4ffadd666f68ab960afd53ede8023a2cd3aa9a6cedbe7dd5ffb0975c12a5379ee8be0581f7308b343242186d64e982f1397dbbb0c685cdac20a42451bf414a9b96d4241e0d6708c5176adfc2a8eb4b40ff5ca28a55f84aeaff5108cf73a1c84daf025f5815982a4ad36dcbc70e88669ecd64b6d5a1ff4af33b87d8269783919749bc3473e0f73e99570f747ea854bb61ba467aa10c29cd141d66477736af3f9ef22dd5d11b3adccdb60e32c5b51b50a1837d1aaad9d69a282c2f690aabba0e44f80503e0bf0ec7fcd5e1b082672e7a5eb23f7516f5bc38da2298dab186f8875646ab4530f46b4ed4a4088466a35bcef706a030da6f35db5f5c010a88d17278503a93bc91e6dbbc3056095fd7c0e2c7b974ea2a086ec0df3d72f0a083844515228a733c7d8afd28e2e1a8b677d7514f4b096a2ff5dbaa0e71b31cb2808cbcd7162c31975f94c5e8f78c121395e58eb6a39628b4c77e255888cb90220dd5b7663c2dc2c1a16bf60f34883ee9bfec2f4e30cfef77adb0fbeb90fe976ef508a501c35c72d8cc6e202c5b01d085098d7e80128000d6f625e558cd398195350d936fa293dbb75e67d6a4585f62964bddfcd057f2f084ee954ed67edae3b9f8c9524d68fec3ae59f00d42bb1d5804e6972515f9e0ef220bc63ef00c1ff9f8aebc5b925470a54a9650d9fb5ec5baca78f47a8347fed68eb8a3801b2eee0d4b95dbaa2b0074336204de6f14a1fa3139dd68552b8f7c9f6e5e054505760a28378551b89e4789b9694dcf8d8e381c796748ef5a2aa9cd707b341c97cb0dfc27a6266db262377f298deb91bfcd913094947415810de27bbb5e3a8fb20d9b2dc5a6bfdde7ecf6ae738f142029cb63761f8e0a000fd439e6b82faf5fd9cc0ef51f9afc5513be36fed5717eee4c301de30704d3de8ba64b311833af522bcc4d0f3622344ad81a26f6a41ed45d2eaa703819544e2058e45eff46660d56b2c1a3a9582209ed964a7f6a52489a76bf89b9ec96aab8713ff10acda5a940494b007e42e58eac7a28cc6fa6256302f304d8471b8478910367bd4c9afb5646b01dfe08b51d22012824097575d4a7a9f3804dc12d20d300a13c5bae8d9eee4bdb788730c1674be597769a238480702d5ccd31eb57babaaea3cc075076fed06f09f867b0d0f73aee4176a0715512b17faf6b6c6f16808e59723cb968d7bff3ed117d0f29a24b1d75f69de13876285d45063be253a48dad7792a59151e0d87bfde50f573e5426a3025f15226ebd1335baac88ccbdb7ab97725d945ec7a11ecb4d18fcbde33a95978180a5a1c28cd867d8654b23486f12dc17b2f18ba05fab7b9d09a5a776105a1729f596950211c0e7c1f365e749d293080e393bd71a6ee2000986525078514b8bb35d83034d8da672177065a6024ec7ef0c1b0a4b4c608d1b88f85bd201c8a0b98624631a51285259ce2d64764d6b5b59000df88c0c65fab34ce8d9ff18a4e729ac52fe954a722be8ee592e239498d649d31abd608b12b69c465c4cd941e55069670a46108805c1952148f5572d7bab702f58c4beaf47e3db54ffca8a5a7c62266a039d4d2dac49c4d25c261ef96aec1885cb121d5dc7e486528a1bb1fc7bec02ff2030fd2b1b4a263b8b734773b7cb6f826c89ceffdf385752427796c8d55dc1f534cfcbdde12f0a6cfce68dfe87cf09bd029e981d8ddb02f78a62d6411e05c2a9ffaff82a23eecfabb6d5092d859e642729d9c07bca317047abcf64dc697d9f6d11f762c5efd060ee45c670338f561f5a4ef3ce4455b145c4334cb2a54870fc29e4253131e07f6168a792cc0a2b2ceee9ef18c209978e5fa070ef081fa58d6546965877f65ebe853a0c7293dbbf5f9faaec440962f01b7c3229599c667a1772b40bd71d16a075c99f4b3483e4d66de16cdeb792bb735c18554f36fe1c4a9dac9853624a2483ff8dded54d9bb77b4f62c7a65f4bcabc8a95a04ad366e06ca6d1affc6545a1ee4801d32fcc0719a7369ab6bb37817419ebb92033e324186ae2b9b0f91cfb240280a806bdaee6ad4963b73431ee28a38de51c1bda0c003039a545004ae3c71e45db1019337cc68acebb8d654f80f1d9029fecb4ab1e036d4428a0b34c5c388d9f0ffc1cc0787d1c87f0efed0170bf03e4bb1d79daf3a9aad916d7a00fe0c64b1ccd99bb0f569511b81488bf1b6fd580ed6c0c6b0e5f08dc643246e470741ae3ca7f5053166838dab2ad9b9e726d62d6d86eb81b8c5cfae5173b12fd2def9187096222eca7df5bdb3e69239dbe47137da3cbfeb1fb1d465c959fe415dfe918cb0ddd1a35b9b5846967a39dba80df7eb01f473c76b8c456409ea4ebb5c63b99bde6a568eece7e780fb6a679ec5d6ce058588a8e6e2ff91dfc6a009d950ccbcf8735bf1cf2259b009fb3db121275a7bc4307edd5a7c13809530f6fcdbad17f0bd4ed42c77841f9056b2c522b001268419ef2cc3daa34f5693276d1aabda63cbc1d2328db6827f281cb38b3bb0d4d1b4c07c5f6523e94d731527a49f614acdd4ea032ef181a6068f22179e2c3ea3e980e44261fc5142de5a7a3278abe785f139a096fbd07b340178c9e6ac86970be40ffe5254ab70c127b44a258421abd85e53352a7495d0dd20c907a3b369551f0fc23e7485f2666295a74a45c2a8317b2ef7903ed0524a654b71761797479c33ea1e2a0595d8d9b24c1d529f6ccea3402f8c5dd6ea47148e94ca005903e4fd809cfae99d952e792386ae4f217296a85b36a7390de1219d9a2b3ede45a5b7d6c5c9f7742e34e145c3923a75b3d60736584cfdc403295bcbae56cff74a27237640a1d49c86f72f3124bb8d96211fe021765680a3fe704af5d764c0f0069019855f537a0d608dc491f4b5c0afcbde264a41a483f5e986dfd1fed7b047ab6318e37f2d570dc855f0af22660a92bd6bee31ede05a6442f3638f880e470766ea4f00e0950ec9ca94c61b2c14384d0c71b8ba5ccf6ce9ef5115787749f97cc93383f1c2e34f9280dc4b328018ba7798112d69532b74730b4d21a35ccce7c3cb8d4e9ae779860689fe97032f55d937ba3c068ea475985bd2fb9a094035dac87d7826b6ca175dfae3c26c00da5d421c740a32b6db79b56b7fc0c4f9f719446135b4ab718ccc6e8275cdcd404e6e91073744e715d45656a75100d73ce01cd8d1efedb2b0444f37ffb877f0c658f4bad8e299e27fdaf93cb306dd851b180c3b880188bda6f7455b052ba7572cf568438791106a69521b4ced68515de6eaa4bfbced7cff4ea5bd68b473c7e15ce47e6de03da73ec6fb70eaa5e2f4cc74cfb3bdbd57df1bf05772fa499106ce06dedfa26e7580962964ab57e0fb574a489a5531ebd847218c8c1190e8485474ffbeea5e21216995cdbe97cd53c1725ef1390f3bd215c550d153d310b6d5079f6381b646193c7675d38b21191d01377acb04a71fc0e340d31272b373eaaf7e6b5b31f480ff4d9e23fe151e4c876e78934a20a364e6cfde5f51c69eb829f17226278f9e638924dee527a0845dac52c817328cbfe5a89f7fe11afff3815b3d29da8989fe6e773ebe91f2e0d1ac0eeaff8b7f5a22f414dcc696631cd5e3da493556a8a1c75b5cfb973019dd9f7f68e74d44f1573347882d49e62f324a8f7a2249962179241a7293f4b3579aa2816bdecf928fb3b476b708611e7e67cf0d709d1125f12f5c49dedc38019246d716f8badcfba56a9fcfa9ff8e06f57ddfb8b76ec0e93efd5b05fcc9ff9263300f07796f282673d66e320984394d15fb16a496a9b122815844a1f83d03f63eb1ad3853aa38972772c8beac048c7756699aebe3b1c753a7e03df42b319cfb30e1df9c623cc5f7e3a52a714a32d090e6e265b0cc64baab1363da1bfdf8fd47b37d3a11c477121583f376622e177278cda1278ac3abe9cb478866f79fe5a50d858f984f5456d7321abf63c7ecf064755b093dcc90d056ff65dd9d3f691e0e7c72ddd140629a0d2e4dc2e5299111a709bde64b21f536b48d9260e83a7fcd145ebb8689f1e07bf986773d51f6096045a4f7a7d2a239e3cf95eb836d8c5851ebe1f978a482134d222c3efe6ae54b679adef9d7a2dd419f1108f00dae2761b969f75910c9cd2108cca7d3e3bc18f278c94d382198c47b4051850af2434f70b1c3ff4885e6bb868b7626f1341501f9d759f34db0abf7ca59793f76061437332d9ab5db02c07be73bfb10edfc1128cd735328874171c8e5b7b1c5b5ce034c92b3c79e4e7dafb9713fc3ace5229ead30c248ce9a878df1e6cb1676963a3a909ea58c4604eeba448cfb25b4d0efa726dbdfb8b77f390382fed2c133640e4062148a14638b7a56c53b0863a1200942840e477e60431096fb32d4c135bdec256f4e6ff6cea94143f774bd4de71a524591d9feae2f5eae07e42e0a55830f76abc934c8f13884c854e08c396e4ef00e7881681ee74efdce5b7ecc48a4cbe600450098b4bb99560bc48fe4026024553754aaa0982aa39f44ef6b9fed20f8fd2fabe72b21e8daa304a24ad3e038bf68fb57d1d041671892575997b067554e7ef3de32d8eb3a24c7a4b1a6541eaa16d6be36c1348f32baba77eaa7243a0e49010df2cc06b6599748eb370ddd249b24000cd1cc00dd99642246622261440429c497ea34b8878048bfe09c1f633ee85ff8e7942a1ce2af9eda9ef6544ecd950de4d35777dbe8995ed565bfc4c9a5d88e7f8a95e41bfb45f02a2229f5b47704fb243f7c0c8f32dd7d215a7244ea4428334e5386c0e7c46fd1cc06a35d88946f804ae4767f0b330000"], 0x116c}, 0x1, 0x0, 0x0, 0x801}, 0x20000084) sendmsg$TIPC_NL_PEER_REMOVE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x70, r1, 0x1, 0x70bd29, 0x0, {}, [@TIPC_NLA_BEARER={0x48, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}, 0x40}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x7fffffff, @remote, 0x100}}}}]}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ADDR={0x8}]}]}, 0x70}}, 0x0) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_PEER_REMOVE(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={0x2c, r3, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0x4}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ADDR={0x8}]}]}, 0x2c}}, 0x0) sendmsg$TIPC_NL_BEARER_SET(r2, &(0x7f0000001640)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001600)={&(0x7f00000014c0)={0x12c, r3, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [@TIPC_NLA_NET={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x5}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x4}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x80}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xb01e}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}]}, @TIPC_NLA_NODE={0x8, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY_MASTER={0x4}]}, @TIPC_NLA_MON={0x3c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xfb31}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9ea}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}]}, @TIPC_NLA_MEDIA={0x18, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x4}]}, @TIPC_NLA_MEDIA={0x80, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000000}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}]}, @TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x100}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x20f518cd}]}]}]}, 0x12c}, 0x1, 0x0, 0x0, 0x2004c000}, 0x9bb49aeba9895d2a) ioctl$EVIOCSREP(0xffffffffffffffff, 0x40084503, &(0x7f0000000100)=[0x8, 0x5]) sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="000427bd7000fddbdf25130000002c00038008000200050000000800030000800000080001000500000008000200ff070000081b030001000000"], 0x40}}, 0x4080) r5 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r5, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) (async) ioctl$TIOCNOTTY(0xffffffffffffffff, 0x5422) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_TESTMODE(r0, &(0x7f0000000240)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="6c110000", @ANYRES16=0x0, @ANYBLOB="000126bd7000fddbdf252d0000000c00990000000080420000008f004500739b0d33c370e3b3c63c8c1be68b87fe6b746da2710a212f3fa9ada4ffc61cd24db91bf9b8481b3e5b5095dae719f6aff60e874e7c293ddf3f910000200045003bc2369fbf4992093e0b7b97314ac6fd676d06a748eb59efff9d6081041045007cfad5813e2b1566edc45d2514c3ec15f56c81594a6bae8d5b02ee66eb4abf877351c7d0820ebb410eba51375d43d51c057f895d89cd304b20ddb4bc71d657555e78d5809455c2935d2eade8afb503476ef1f9e88baf2557ccab2d99267ff06fac28b62ff27c410ac8c257ab843c6e9bc2a17abf30d7d0a2ee5764e7c24e68bead96a391540722566d4ca6f3469a455c4fb048b08d981f7fb66ff9877b1304bb896d9db630bd427db277dacb73b382cb29be5a1e71b798accfe8caf771664bccaa83f10498b83ef8477ff1769ab9ae9bafc6b7c776d86a42022f1b2a7e32a85282edcd9179f4c2041931f964460f368613719c759b474872fbcba774819f823c07b425a6094114da6b3d71bdb9b64f0093de4e49c065be24d2970f53c1f7891b2885885bbdebe6a942a547a155fc24e10b5a259ab9a70c4d872ad511ce5091dd27414899c39385f0c69832cd67e8eda91d2e48ec54b6e196d5d5510d4271e58b9cd9968bf9c35e8d6fa1c89fe1ae34c45734181e2325deecb64a973b0315aa0210e0b5280351df39425bcb21fe3b49a533b56d2a556c0a5dc4f88132abc55e4656068e514842074d5dd7a43ad61877de9fb69be8f660737dbbe9952b262f19b5c699570bff5dfbf76e2fab216050dedc0889cb3ff692965cb515a9156917d366c58bdf0f8833fee306bef04f0ecab677d2d5127c77a32062e195c61f9eb9ab43b9d7e17f286283d58de1572f72ed14efde79be46d649eac17e6b038e8f07706afa4c276a871cb653ffbab10502b8061069a4afc63afc7d6237b30a5dbd91bf5b80caa4b7a3f7b387e4b9759b0e35bd98846f2ca288c231e57199e4c468fc7069a3f2b08617691dcf5b32fa66d02e86daf81e32e1f7a751ba8f5e08b4e9a136a7161f049b2cde67eda60781f47fd932af81993d3ff5339dff16f6183df75690a81d0936027f1800688c72e030e8af0dcc374fee1a016e99d3f98a71cabac788240655e58e65376b3c3f12941a6895cbdb57405888e2d000e94fd2166e70c80e8b72ac1a204618e903a95c09efb0ae7322160e3b6ca8a8b3b453ff456c6212863fe5708b4339b921d3dabc603ad32085d40213f55237c10e53be57d9c896bebabe72cf7d57fe144131416fe29e473ea21f31b2139d43f25eb8831ae42f38ab0a88fe373629bafd0196943117506df318d3cc1d4040feec69ae528c2ef73b9071c54da91636e39c9c9d22e3579e7bb8fc0448f13b71ecd58ef0666a86bc5e594aae608079f0ccdd509360d7ff5db00e8342023bb9bd42392cee187c184f4511b659f1ca3201d37b23649849c37f26e4ffadd666f68ab960afd53ede8023a2cd3aa9a6cedbe7dd5ffb0975c12a5379ee8be0581f7308b343242186d64e982f1397dbbb0c685cdac20a42451bf414a9b96d4241e0d6708c5176adfc2a8eb4b40ff5ca28a55f84aeaff5108cf73a1c84daf025f5815982a4ad36dcbc70e88669ecd64b6d5a1ff4af33b87d8269783919749bc3473e0f73e99570f747ea854bb61ba467aa10c29cd141d66477736af3f9ef22dd5d11b3adccdb60e32c5b51b50a1837d1aaad9d69a282c2f690aabba0e44f80503e0bf0ec7fcd5e1b082672e7a5eb23f7516f5bc38da2298dab186f8875646ab4530f46b4ed4a4088466a35bcef706a030da6f35db5f5c010a88d17278503a93bc91e6dbbc3056095fd7c0e2c7b974ea2a086ec0df3d72f0a083844515228a733c7d8afd28e2e1a8b677d7514f4b096a2ff5dbaa0e71b31cb2808cbcd7162c31975f94c5e8f78c121395e58eb6a39628b4c77e255888cb90220dd5b7663c2dc2c1a16bf60f34883ee9bfec2f4e30cfef77adb0fbeb90fe976ef508a501c35c72d8cc6e202c5b01d085098d7e80128000d6f625e558cd398195350d936fa293dbb75e67d6a4585f62964bddfcd057f2f084ee954ed67edae3b9f8c9524d68fec3ae59f00d42bb1d5804e6972515f9e0ef220bc63ef00c1ff9f8aebc5b925470a54a9650d9fb5ec5baca78f47a8347fed68eb8a3801b2eee0d4b95dbaa2b0074336204de6f14a1fa3139dd68552b8f7c9f6e5e054505760a28378551b89e4789b9694dcf8d8e381c796748ef5a2aa9cd707b341c97cb0dfc27a6266db262377f298deb91bfcd913094947415810de27bbb5e3a8fb20d9b2dc5a6bfdde7ecf6ae738f142029cb63761f8e0a000fd439e6b82faf5fd9cc0ef51f9afc5513be36fed5717eee4c301de30704d3de8ba64b311833af522bcc4d0f3622344ad81a26f6a41ed45d2eaa703819544e2058e45eff46660d56b2c1a3a9582209ed964a7f6a52489a76bf89b9ec96aab8713ff10acda5a940494b007e42e58eac7a28cc6fa6256302f304d8471b8478910367bd4c9afb5646b01dfe08b51d22012824097575d4a7a9f3804dc12d20d300a13c5bae8d9eee4bdb788730c1674be597769a238480702d5ccd31eb57babaaea3cc075076fed06f09f867b0d0f73aee4176a0715512b17faf6b6c6f16808e59723cb968d7bff3ed117d0f29a24b1d75f69de13876285d45063be253a48dad7792a59151e0d87bfde50f573e5426a3025f15226ebd1335baac88ccbdb7ab97725d945ec7a11ecb4d18fcbde33a95978180a5a1c28cd867d8654b23486f12dc17b2f18ba05fab7b9d09a5a776105a1729f596950211c0e7c1f365e749d293080e393bd71a6ee2000986525078514b8bb35d83034d8da672177065a6024ec7ef0c1b0a4b4c608d1b88f85bd201c8a0b98624631a51285259ce2d64764d6b5b59000df88c0c65fab34ce8d9ff18a4e729ac52fe954a722be8ee592e239498d649d31abd608b12b69c465c4cd941e55069670a46108805c1952148f5572d7bab702f58c4beaf47e3db54ffca8a5a7c62266a039d4d2dac49c4d25c261ef96aec1885cb121d5dc7e486528a1bb1fc7bec02ff2030fd2b1b4a263b8b734773b7cb6f826c89ceffdf385752427796c8d55dc1f534cfcbdde12f0a6cfce68dfe87cf09bd029e981d8ddb02f78a62d6411e05c2a9ffaff82a23eecfabb6d5092d859e642729d9c07bca317047abcf64dc697d9f6d11f762c5efd060ee45c670338f561f5a4ef3ce4455b145c4334cb2a54870fc29e4253131e07f6168a792cc0a2b2ceee9ef18c209978e5fa070ef081fa58d6546965877f65ebe853a0c7293dbbf5f9faaec440962f01b7c3229599c667a1772b40bd71d16a075c99f4b3483e4d66de16cdeb792bb735c18554f36fe1c4a9dac9853624a2483ff8dded54d9bb77b4f62c7a65f4bcabc8a95a04ad366e06ca6d1affc6545a1ee4801d32fcc0719a7369ab6bb37817419ebb92033e324186ae2b9b0f91cfb240280a806bdaee6ad4963b73431ee28a38de51c1bda0c003039a545004ae3c71e45db1019337cc68acebb8d654f80f1d9029fecb4ab1e036d4428a0b34c5c388d9f0ffc1cc0787d1c87f0efed0170bf03e4bb1d79daf3a9aad916d7a00fe0c64b1ccd99bb0f569511b81488bf1b6fd580ed6c0c6b0e5f08dc643246e470741ae3ca7f5053166838dab2ad9b9e726d62d6d86eb81b8c5cfae5173b12fd2def9187096222eca7df5bdb3e69239dbe47137da3cbfeb1fb1d465c959fe415dfe918cb0ddd1a35b9b5846967a39dba80df7eb01f473c76b8c456409ea4ebb5c63b99bde6a568eece7e780fb6a679ec5d6ce058588a8e6e2ff91dfc6a009d950ccbcf8735bf1cf2259b009fb3db121275a7bc4307edd5a7c13809530f6fcdbad17f0bd4ed42c77841f9056b2c522b001268419ef2cc3daa34f5693276d1aabda63cbc1d2328db6827f281cb38b3bb0d4d1b4c07c5f6523e94d731527a49f614acdd4ea032ef181a6068f22179e2c3ea3e980e44261fc5142de5a7a3278abe785f139a096fbd07b340178c9e6ac86970be40ffe5254ab70c127b44a258421abd85e53352a7495d0dd20c907a3b369551f0fc23e7485f2666295a74a45c2a8317b2ef7903ed0524a654b71761797479c33ea1e2a0595d8d9b24c1d529f6ccea3402f8c5dd6ea47148e94ca005903e4fd809cfae99d952e792386ae4f217296a85b36a7390de1219d9a2b3ede45a5b7d6c5c9f7742e34e145c3923a75b3d60736584cfdc403295bcbae56cff74a27237640a1d49c86f72f3124bb8d96211fe021765680a3fe704af5d764c0f0069019855f537a0d608dc491f4b5c0afcbde264a41a483f5e986dfd1fed7b047ab6318e37f2d570dc855f0af22660a92bd6bee31ede05a6442f3638f880e470766ea4f00e0950ec9ca94c61b2c14384d0c71b8ba5ccf6ce9ef5115787749f97cc93383f1c2e34f9280dc4b328018ba7798112d69532b74730b4d21a35ccce7c3cb8d4e9ae779860689fe97032f55d937ba3c068ea475985bd2fb9a094035dac87d7826b6ca175dfae3c26c00da5d421c740a32b6db79b56b7fc0c4f9f719446135b4ab718ccc6e8275cdcd404e6e91073744e715d45656a75100d73ce01cd8d1efedb2b0444f37ffb877f0c658f4bad8e299e27fdaf93cb306dd851b180c3b880188bda6f7455b052ba7572cf568438791106a69521b4ced68515de6eaa4bfbced7cff4ea5bd68b473c7e15ce47e6de03da73ec6fb70eaa5e2f4cc74cfb3bdbd57df1bf05772fa499106ce06dedfa26e7580962964ab57e0fb574a489a5531ebd847218c8c1190e8485474ffbeea5e21216995cdbe97cd53c1725ef1390f3bd215c550d153d310b6d5079f6381b646193c7675d38b21191d01377acb04a71fc0e340d31272b373eaaf7e6b5b31f480ff4d9e23fe151e4c876e78934a20a364e6cfde5f51c69eb829f17226278f9e638924dee527a0845dac52c817328cbfe5a89f7fe11afff3815b3d29da8989fe6e773ebe91f2e0d1ac0eeaff8b7f5a22f414dcc696631cd5e3da493556a8a1c75b5cfb973019dd9f7f68e74d44f1573347882d49e62f324a8f7a2249962179241a7293f4b3579aa2816bdecf928fb3b476b708611e7e67cf0d709d1125f12f5c49dedc38019246d716f8badcfba56a9fcfa9ff8e06f57ddfb8b76ec0e93efd5b05fcc9ff9263300f07796f282673d66e320984394d15fb16a496a9b122815844a1f83d03f63eb1ad3853aa38972772c8beac048c7756699aebe3b1c753a7e03df42b319cfb30e1df9c623cc5f7e3a52a714a32d090e6e265b0cc64baab1363da1bfdf8fd47b37d3a11c477121583f376622e177278cda1278ac3abe9cb478866f79fe5a50d858f984f5456d7321abf63c7ecf064755b093dcc90d056ff65dd9d3f691e0e7c72ddd140629a0d2e4dc2e5299111a709bde64b21f536b48d9260e83a7fcd145ebb8689f1e07bf986773d51f6096045a4f7a7d2a239e3cf95eb836d8c5851ebe1f978a482134d222c3efe6ae54b679adef9d7a2dd419f1108f00dae2761b969f75910c9cd2108cca7d3e3bc18f278c94d382198c47b4051850af2434f70b1c3ff4885e6bb868b7626f1341501f9d759f34db0abf7ca59793f76061437332d9ab5db02c07be73bfb10edfc1128cd735328874171c8e5b7b1c5b5ce034c92b3c79e4e7dafb9713fc3ace5229ead30c248ce9a878df1e6cb1676963a3a909ea58c4604eeba448cfb25b4d0efa726dbdfb8b77f390382fed2c133640e4062148a14638b7a56c53b0863a1200942840e477e60431096fb32d4c135bdec256f4e6ff6cea94143f774bd4de71a524591d9feae2f5eae07e42e0a55830f76abc934c8f13884c854e08c396e4ef00e7881681ee74efdce5b7ecc48a4cbe600450098b4bb99560bc48fe4026024553754aaa0982aa39f44ef6b9fed20f8fd2fabe72b21e8daa304a24ad3e038bf68fb57d1d041671892575997b067554e7ef3de32d8eb3a24c7a4b1a6541eaa16d6be36c1348f32baba77eaa7243a0e49010df2cc06b6599748eb370ddd249b24000cd1cc00dd99642246622261440429c497ea34b8878048bfe09c1f633ee85ff8e7942a1ce2af9eda9ef6544ecd950de4d35777dbe8995ed565bfc4c9a5d88e7f8a95e41bfb45f02a2229f5b47704fb243f7c0c8f32dd7d215a7244ea4428334e5386c0e7c46fd1cc06a35d88946f804ae4767f0b330000"], 0x116c}, 0x1, 0x0, 0x0, 0x801}, 0x20000084) (async) sendmsg$TIPC_NL_PEER_REMOVE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x70, r1, 0x1, 0x70bd29, 0x0, {}, [@TIPC_NLA_BEARER={0x48, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}, 0x40}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x7fffffff, @remote, 0x100}}}}]}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ADDR={0x8}]}]}, 0x70}}, 0x0) (async) syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$TIPC_NL_PEER_REMOVE(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={0x2c, r3, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0x4}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ADDR={0x8}]}]}, 0x2c}}, 0x0) (async) sendmsg$TIPC_NL_BEARER_SET(r2, &(0x7f0000001640)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001600)={&(0x7f00000014c0)={0x12c, r3, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [@TIPC_NLA_NET={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x5}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x4}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x80}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xb01e}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}]}, @TIPC_NLA_NODE={0x8, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY_MASTER={0x4}]}, @TIPC_NLA_MON={0x3c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xfb31}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9ea}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}]}, @TIPC_NLA_MEDIA={0x18, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x4}]}, @TIPC_NLA_MEDIA={0x80, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000000}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}]}, @TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x100}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x20f518cd}]}]}]}, 0x12c}, 0x1, 0x0, 0x0, 0x2004c000}, 0x9bb49aeba9895d2a) (async) ioctl$EVIOCSREP(0xffffffffffffffff, 0x40084503, &(0x7f0000000100)=[0x8, 0x5]) (async) sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="000427bd7000fddbdf25130000002c00038008000200050000000800030000800000080001000500000008000200ff070000081b030001000000"], 0x40}}, 0x4080) (async) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) write$P9_RWSTAT(r5, 0x0, 0x0) (async) 14:30:01 executing program 3: write$P9_RAUTH(0xffffffffffffffff, &(0x7f0000000000)={0x14, 0x67, 0x1, {0x20, 0x4, 0x5}}, 0x14) (async) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) (async) r1 = syz_open_dev$ttys(0xc, 0x2, 0x1) syz_open_pts(r1, 0x1c200) (async) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:30:01 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x200000c7) 14:30:01 executing program 3: write$P9_RAUTH(0xffffffffffffffff, &(0x7f0000000000)={0x14, 0x67, 0x1, {0x20, 0x4, 0x5}}, 0x14) (async) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) (async) r1 = syz_open_dev$ttys(0xc, 0x2, 0x1) syz_open_pts(r1, 0x1c200) (async) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:30:01 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x200000c7) [ 540.709101][ T2883] udevd[2883]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory 14:30:01 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x3) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) write$P9_RWSTAT(r0, 0x0, 0x0) 14:30:01 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x3df18f518fc88f4e) write$P9_RREMOVE(r1, &(0x7f0000000000)={0x7, 0x7b, 0x1}, 0x7) write$P9_RXATTRCREATE(r1, &(0x7f0000000040)={0x7, 0x21, 0x2}, 0x7) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:30:01 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x3) (async) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) write$P9_RWSTAT(r0, 0x0, 0x0) [ 541.222808][ T3321] FAULT_INJECTION: forcing a failure. [ 541.222808][ T3321] name failslab, interval 1, probability 0, space 0, times 0 [ 541.222822][ T3321] CPU: 0 PID: 3321 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 541.222827][ T3321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 541.222830][ T3321] Call Trace: [ 541.222843][ T3321] dump_stack+0x18e/0x1de [ 541.222857][ T3321] should_fail+0x5d8/0x740 [ 541.222869][ T3321] ? __kernfs_new_node+0x8b/0x630 [ 541.222879][ T3321] should_failslab+0x5/0x20 [ 541.222889][ T3321] kmem_cache_alloc+0x36/0x290 [ 541.222896][ T3321] ? memcpy+0x38/0x50 [ 541.222906][ T3321] __kernfs_new_node+0x8b/0x630 [ 541.222914][ T3321] ? mutex_lock+0x6c/0xc0 [ 541.222924][ T3321] ? kernfs_activate+0x3fc/0x420 [ 541.222934][ T3321] kernfs_new_node+0x95/0x160 [ 541.222943][ T3321] kernfs_create_link+0x9c/0x1f0 [ 541.222952][ T3321] sysfs_do_create_link_sd+0x85/0x100 [ 541.222960][ T3321] device_add+0x93a/0x1820 [ 541.222972][ T3321] device_create_vargs+0x1b8/0x210 [ 541.222981][ T3321] device_create+0x86/0xb0 [ 541.222988][ T3321] ? vsnprintf+0x1a07/0x1aa0 [ 541.222999][ T3321] bdi_register_va+0x89/0x5e0 [ 541.223008][ T3321] bdi_register+0x80/0xa0 [ 541.223017][ T3321] ? __device_add_disk+0x50a/0x1220 [ 541.223027][ T3321] bdi_register_owner+0x56/0xf0 [ 541.223036][ T3321] __device_add_disk+0x583/0x1220 [ 541.223047][ T3321] loop_add+0x554/0x710 [ 541.223056][ T3321] loop_control_ioctl+0x468/0x680 [ 541.223068][ T3321] ? xor_init+0x60/0x60 14:30:01 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x3) (async) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) write$P9_RWSTAT(r0, 0x0, 0x0) [ 541.372369][ T3321] do_vfs_ioctl+0x6fb/0x15b0 [ 541.372385][ T3321] __x64_sys_ioctl+0xd4/0x110 [ 541.381663][ T3321] do_syscall_64+0xcb/0x1e0 [ 541.381680][ T3321] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 541.392023][ T3321] RIP: 0033:0x7fe6f0f01059 [ 541.392032][ T3321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 14:30:01 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 54) 14:30:01 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r1, 0x0, 0x0) (async) write$P9_RSTAT(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="470000007d0100000040003f000800000008040000000500000000000000400008000100008009000000000020100000000003002929000500253c287d7d04002d27ec0001002e"], 0x47) write$P9_RFLUSH(r1, 0xffffffffffffffff, 0x0) (async) write$P9_RAUTH(r1, &(0x7f0000000080)={0x14, 0x67, 0x2, {0x1, 0x1, 0x4}}, 0x14) [ 541.392036][ T3321] RSP: 002b:00007fe6f0056168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 541.392045][ T3321] RAX: ffffffffffffffda RBX: 00007fe6f1014030 RCX: 00007fe6f0f01059 [ 541.392050][ T3321] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 541.392054][ T3321] RBP: 00007fe6f00561d0 R08: 0000000000000000 R09: 0000000000000000 [ 541.392059][ T3321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 541.392063][ T3321] R13: 00007ffff4cae1af R14: 00007fe6f0056300 R15: 0000000000022000 [ 541.397404][ T3321] ------------[ cut here ]------------ [ 541.397422][ T3321] WARNING: CPU: 0 PID: 3321 at block/genhd.c:742 __device_add_disk+0xe90/0x1220 [ 541.397424][ T3321] Modules linked in: [ 541.397438][ T3321] CPU: 0 PID: 3321 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 541.397443][ T3321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 541.397453][ T3321] RIP: 0010:__device_add_disk+0xe90/0x1220 [ 541.397462][ T3321] Code: ff e8 24 3a 4c ff 0f 0b e9 6b fe ff ff e8 18 3a 4c ff 0f 0b e9 a1 f2 ff ff e8 0c 3a 4c ff 0f 0b e9 5d f8 ff ff e8 00 3a 4c ff <0f> 0b e9 04 f7 ff ff e8 f4 39 4c ff 43 80 3c 26 00 0f 85 4f fd ff [ 541.397466][ T3321] RSP: 0018:ffff8881e970fce8 EFLAGS: 00010246 [ 541.397473][ T3321] RAX: ffffffff82146c60 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 541.397478][ T3321] RDX: ffffc90000345000 RSI: 000000000003ffff RDI: 0000000000040000 [ 541.397483][ T3321] RBP: ffff8881ef166fa8 R08: ffffffff8214635e R09: 0000000000000010 [ 541.397488][ T3321] R10: ffffffff84600000 R11: 0000000000000000 R12: dffffc0000000000 [ 541.397494][ T3321] R13: 1ffff1103e0a7a01 R14: 1ffff1103e0a7a9d R15: ffff8881f053d000 [ 541.397501][ T3321] FS: 00007fe6f0056700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 541.397507][ T3321] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 541.397512][ T3321] CR2: 0000555556cf6b38 CR3: 00000001f0f2a000 CR4: 00000000003406f0 [ 541.397527][ T3321] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 541.397532][ T3321] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 541.397534][ T3321] Call Trace: [ 541.397548][ T3321] loop_add+0x554/0x710 [ 541.397557][ T3321] loop_control_ioctl+0x468/0x680 [ 541.397565][ T3321] ? xor_init+0x60/0x60 [ 541.397575][ T3321] do_vfs_ioctl+0x6fb/0x15b0 [ 541.397587][ T3321] __x64_sys_ioctl+0xd4/0x110 [ 541.397596][ T3321] do_syscall_64+0xcb/0x1e0 [ 541.397607][ T3321] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 541.397612][ T3321] RIP: 0033:0x7fe6f0f01059 [ 541.397619][ T3321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 541.397623][ T3321] RSP: 002b:00007fe6f0056168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 541.397631][ T3321] RAX: ffffffffffffffda RBX: 00007fe6f1014030 RCX: 00007fe6f0f01059 [ 541.397636][ T3321] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 541.397641][ T3321] RBP: 00007fe6f00561d0 R08: 0000000000000000 R09: 0000000000000000 [ 541.397645][ T3321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 541.397650][ T3321] R13: 00007ffff4cae1af R14: 00007fe6f0056300 R15: 0000000000022000 [ 541.397658][ T3321] ---[ end trace 362e18c8762015f0 ]--- [ 541.487738][ T3372] FAULT_INJECTION: forcing a failure. [ 541.487738][ T3372] name failslab, interval 1, probability 0, space 0, times 0 [ 541.487752][ T3372] CPU: 1 PID: 3372 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 541.487757][ T3372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 541.487760][ T3372] Call Trace: [ 541.487773][ T3372] dump_stack+0x18e/0x1de [ 541.487785][ T3372] should_fail+0x5d8/0x740 [ 541.487797][ T3372] ? __kernfs_new_node+0x8b/0x630 [ 541.487814][ T3372] should_failslab+0x5/0x20 [ 541.487823][ T3372] kmem_cache_alloc+0x36/0x290 [ 541.487838][ T3372] __kernfs_new_node+0x8b/0x630 [ 541.802898][ T3372] ? mutex_unlock+0x19/0x40 [ 541.802904][ T3372] ? kernfs_xattr_get+0x81/0x90 [ 541.802911][ T3372] ? selinux_kernfs_init_security+0x12d/0x720 [ 541.802917][ T3372] kernfs_new_node+0x95/0x160 [ 541.802924][ T3372] __kernfs_create_file+0x45/0x260 [ 541.802929][ T3372] sysfs_add_file_mode_ns+0x293/0x340 [ 541.802935][ T3372] internal_create_group+0x486/0xd70 [ 541.802942][ T3372] sysfs_create_groups+0x5d/0x130 [ 541.802949][ T3372] device_add+0x9fa/0x1820 [ 541.802955][ T3372] device_create_vargs+0x1b8/0x210 [ 541.802961][ T3372] device_create+0x86/0xb0 [ 541.802966][ T3372] ? vsnprintf+0x1a07/0x1aa0 [ 541.802973][ T3372] bdi_register_va+0x89/0x5e0 [ 541.802978][ T3372] bdi_register+0x80/0xa0 [ 541.802985][ T3372] ? __device_add_disk+0x50a/0x1220 [ 541.802990][ T3372] bdi_register_owner+0x56/0xf0 [ 541.802996][ T3372] __device_add_disk+0x583/0x1220 [ 541.803003][ T3372] loop_add+0x554/0x710 [ 541.803008][ T3372] loop_control_ioctl+0x468/0x680 [ 541.803013][ T3372] ? xor_init+0x60/0x60 [ 541.803020][ T3372] do_vfs_ioctl+0x6fb/0x15b0 [ 541.803027][ T3372] __x64_sys_ioctl+0xd4/0x110 [ 541.803033][ T3372] do_syscall_64+0xcb/0x1e0 [ 541.803040][ T3372] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 541.803046][ T3372] RIP: 0033:0x7fe6f0f01059 [ 541.803052][ T3372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 541.803055][ T3372] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 541.803061][ T3372] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 541.803064][ T3372] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 541.803066][ T3372] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 14:30:02 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r1, 0x0, 0x0) write$P9_RMKDIR(r1, &(0x7f0000000000)={0x14, 0x49, 0x1, {0x20, 0x1, 0x2}}, 0x5) 14:30:02 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 55) [ 541.803069][ T3372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 541.803072][ T3372] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 541.805534][ T3372] ------------[ cut here ]------------ [ 541.996456][ T3372] WARNING: CPU: 0 PID: 3372 at block/genhd.c:742 __device_add_disk+0xe90/0x1220 [ 541.996458][ T3372] Modules linked in: [ 541.996467][ T3372] CPU: 0 PID: 3372 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 541.996470][ T3372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 541.996477][ T3372] RIP: 0010:__device_add_disk+0xe90/0x1220 [ 541.996484][ T3372] Code: ff e8 24 3a 4c ff 0f 0b e9 6b fe ff ff e8 18 3a 4c ff 0f 0b e9 a1 f2 ff ff e8 0c 3a 4c ff 0f 0b e9 5d f8 ff ff e8 00 3a 4c ff <0f> 0b e9 04 f7 ff ff e8 f4 39 4c ff 43 80 3c 26 00 0f 85 4f fd ff [ 541.996486][ T3372] RSP: 0018:ffff8881e2b57ce8 EFLAGS: 00010246 [ 541.996491][ T3372] RAX: ffffffff82146c60 RBX: 00000000fffffff4 RCX: 0000000000040000 14:30:02 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x200000c7) [ 541.996494][ T3372] RDX: ffffc90000144000 RSI: 000000000003ffff RDI: 0000000000040000 [ 541.996497][ T3372] RBP: ffff8881ef3d3c48 R08: ffffffff8214635e R09: 0000000000000010 [ 541.996499][ T3372] R10: ffffffff84600000 R11: 0000000000000000 R12: dffffc0000000000 [ 541.996502][ T3372] R13: 1ffff1103dea2801 R14: 1ffff1103dea289d R15: ffff8881ef514000 [ 541.996506][ T3372] FS: 00007fe6f0077700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 541.996509][ T3372] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 541.996512][ T3372] CR2: 00007f4584554718 CR3: 00000001e57de000 CR4: 00000000003406f0 [ 541.996517][ T3372] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 541.996520][ T3372] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 541.996521][ T3372] Call Trace: [ 541.996532][ T3372] loop_add+0x554/0x710 [ 541.996539][ T3372] loop_control_ioctl+0x468/0x680 [ 541.996543][ T3372] ? xor_init+0x60/0x60 [ 541.996550][ T3372] do_vfs_ioctl+0x6fb/0x15b0 [ 541.996557][ T3372] __x64_sys_ioctl+0xd4/0x110 [ 541.996563][ T3372] do_syscall_64+0xcb/0x1e0 [ 541.996570][ T3372] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 541.996575][ T3372] RIP: 0033:0x7fe6f0f01059 [ 541.996581][ T3372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 541.996583][ T3372] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 541.996588][ T3372] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 541.996590][ T3372] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 541.996593][ T3372] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 541.996595][ T3372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 541.996598][ T3372] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 541.996602][ T3372] ---[ end trace 362e18c8762015f1 ]--- [ 542.085182][ T3378] FAULT_INJECTION: forcing a failure. [ 542.085182][ T3378] name failslab, interval 1, probability 0, space 0, times 0 [ 542.085196][ T3378] CPU: 0 PID: 3378 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 542.085202][ T3378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 542.085205][ T3378] Call Trace: [ 542.085219][ T3378] dump_stack+0x18e/0x1de [ 542.085232][ T3378] should_fail+0x5d8/0x740 [ 542.085244][ T3378] ? __kernfs_new_node+0x8b/0x630 [ 542.085254][ T3378] should_failslab+0x5/0x20 [ 542.085263][ T3378] kmem_cache_alloc+0x36/0x290 [ 542.085273][ T3378] __kernfs_new_node+0x8b/0x630 [ 542.085282][ T3378] ? mutex_lock+0x6c/0xc0 [ 542.085291][ T3378] ? kernfs_activate+0x3fc/0x420 [ 542.085301][ T3378] kernfs_new_node+0x95/0x160 [ 542.085311][ T3378] __kernfs_create_file+0x45/0x260 [ 542.085319][ T3378] sysfs_add_file_mode_ns+0x293/0x340 [ 542.085329][ T3378] internal_create_group+0x486/0xd70 [ 542.085340][ T3378] sysfs_create_groups+0x5d/0x130 [ 542.085349][ T3378] device_add+0x9fa/0x1820 [ 542.085360][ T3378] device_create_vargs+0x1b8/0x210 [ 542.085369][ T3378] device_create+0x86/0xb0 [ 542.085376][ T3378] ? vsnprintf+0x1a07/0x1aa0 [ 542.085387][ T3378] bdi_register_va+0x89/0x5e0 [ 542.085396][ T3378] bdi_register+0x80/0xa0 [ 542.085405][ T3378] ? __device_add_disk+0x50a/0x1220 [ 542.085415][ T3378] bdi_register_owner+0x56/0xf0 [ 542.085424][ T3378] __device_add_disk+0x583/0x1220 [ 542.085435][ T3378] loop_add+0x554/0x710 [ 542.085444][ T3378] loop_control_ioctl+0x468/0x680 [ 542.085452][ T3378] ? xor_init+0x60/0x60 [ 542.085462][ T3378] do_vfs_ioctl+0x6fb/0x15b0 [ 542.085474][ T3378] __x64_sys_ioctl+0xd4/0x110 [ 542.085484][ T3378] do_syscall_64+0xcb/0x1e0 [ 542.085494][ T3378] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 542.085502][ T3378] RIP: 0033:0x7fe6f0f01059 [ 542.085510][ T3378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 542.085515][ T3378] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 542.085525][ T3378] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 542.085530][ T3378] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 542.085535][ T3378] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 542.085540][ T3378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 542.085545][ T3378] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 542.085791][ T3378] ------------[ cut here ]------------ [ 542.085804][ T3378] WARNING: CPU: 0 PID: 3378 at block/genhd.c:742 __device_add_disk+0xe90/0x1220 [ 542.085806][ T3378] Modules linked in: [ 542.085818][ T3378] CPU: 0 PID: 3378 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 542.085823][ T3378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 542.085833][ T3378] RIP: 0010:__device_add_disk+0xe90/0x1220 [ 542.085840][ T3378] Code: ff e8 24 3a 4c ff 0f 0b e9 6b fe ff ff e8 18 3a 4c ff 0f 0b e9 a1 f2 ff ff e8 0c 3a 4c ff 0f 0b e9 5d f8 ff ff e8 00 3a 4c ff <0f> 0b e9 04 f7 ff ff e8 f4 39 4c ff 43 80 3c 26 00 0f 85 4f fd ff [ 542.085845][ T3378] RSP: 0018:ffff8881eac97ce8 EFLAGS: 00010287 [ 542.085851][ T3378] RAX: ffffffff82146c60 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 542.085861][ T3378] RDX: ffffc90000144000 RSI: 000000000000681d RDI: 000000000000681e [ 542.085866][ T3378] RBP: ffff8881ef2b3c48 R08: ffffffff8214635e R09: 0000000000000010 [ 542.085871][ T3378] R10: ffffffff84600000 R11: 0000000000000000 R12: dffffc0000000000 [ 542.085876][ T3378] R13: 1ffff1103c437801 R14: 1ffff1103c43789d R15: ffff8881e21bc000 [ 542.085884][ T3378] FS: 00007fe6f0077700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 542.085889][ T3378] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 542.085895][ T3378] CR2: 00007fe6f0076ff8 CR3: 00000001e7b30000 CR4: 00000000003406f0 [ 542.085902][ T3378] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 542.085907][ T3378] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 542.085909][ T3378] Call Trace: [ 542.085921][ T3378] loop_add+0x554/0x710 [ 542.085931][ T3378] loop_control_ioctl+0x468/0x680 [ 542.085939][ T3378] ? xor_init+0x60/0x60 [ 542.085949][ T3378] do_vfs_ioctl+0x6fb/0x15b0 [ 542.085960][ T3378] __x64_sys_ioctl+0xd4/0x110 [ 542.085969][ T3378] do_syscall_64+0xcb/0x1e0 [ 542.085979][ T3378] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 542.085985][ T3378] RIP: 0033:0x7fe6f0f01059 [ 542.085992][ T3378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 14:30:03 executing program 2: write$P9_RAUTH(0xffffffffffffffff, &(0x7f0000000000)={0x14, 0x67, 0x1, {0x20, 0x4, 0x5}}, 0x14) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = syz_open_dev$ttys(0xc, 0x2, 0x1) syz_open_pts(r1, 0x1c200) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:30:03 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) (async) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x3df18f518fc88f4e) write$P9_RREMOVE(r1, &(0x7f0000000000)={0x7, 0x7b, 0x1}, 0x7) (async) write$P9_RXATTRCREATE(r1, &(0x7f0000000040)={0x7, 0x21, 0x2}, 0x7) (async, rerun: 32) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (rerun: 32) 14:30:03 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 56) 14:30:03 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000000)={0x1, 0xa3cd, 0x8, 0x69, 0x3, "935f30b4cd36ea2a2ebd17646476bd9c50301a", 0x0, 0x7876}) [ 542.085997][ T3378] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 542.086005][ T3378] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 542.086009][ T3378] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 542.086014][ T3378] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 542.086019][ T3378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 542.086024][ T3378] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 542.086031][ T3378] ---[ end trace 362e18c8762015f2 ]--- 14:30:03 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r1, 0x0, 0x0) write$P9_RMKDIR(r1, &(0x7f0000000000)={0x14, 0x49, 0x1, {0x20, 0x1, 0x2}}, 0x5) 14:30:03 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000000)={0x1, 0xa3cd, 0x8, 0x69, 0x3, "935f30b4cd36ea2a2ebd17646476bd9c50301a", 0x0, 0x7876}) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) write$P9_RWSTAT(r0, 0x0, 0x0) (async) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async) syz_open_pts(r1, 0x0) (async) ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000000)={0x1, 0xa3cd, 0x8, 0x69, 0x3, "935f30b4cd36ea2a2ebd17646476bd9c50301a", 0x0, 0x7876}) (async) 14:30:03 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x200000c7) 14:30:03 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r1, 0x0, 0x0) (async) write$P9_RMKDIR(r1, &(0x7f0000000000)={0x14, 0x49, 0x1, {0x20, 0x1, 0x2}}, 0x5) 14:30:03 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x9}, 0x7) 14:30:03 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_SET(r0, 0x0, 0x0) sendmsg$NL80211_CMD_GET_KEY(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000040)={&(0x7f0000000100)={0x88, 0x0, 0x400, 0x70bd2a, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_SEQ={0xa, 0xa, "527238991260"}, @NL80211_ATTR_KEY={0x24, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "aef4be6b90"}, @NL80211_KEY_MODE={0x5, 0x9, 0x2}]}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "1f4517aca010ae68953da4613f"}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x24, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x8000}, 0x1) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:30:03 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x9, 0x1}, 0x7) 14:30:03 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) (async) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) (async) ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000000)={0x1, 0xa3cd, 0x8, 0x69, 0x3, "935f30b4cd36ea2a2ebd17646476bd9c50301a", 0x0, 0x7876}) 14:30:03 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x3df18f518fc88f4e) write$P9_RREMOVE(r1, &(0x7f0000000000)={0x7, 0x7b, 0x1}, 0x7) write$P9_RXATTRCREATE(r1, &(0x7f0000000040)={0x7, 0x21, 0x2}, 0x7) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) syz_open_dev$tty1(0xc, 0x4, 0x1) (async) pipe2$9p(&(0x7f0000000080), 0x3df18f518fc88f4e) (async) write$P9_RREMOVE(r1, &(0x7f0000000000)={0x7, 0x7b, 0x1}, 0x7) (async) write$P9_RXATTRCREATE(r1, &(0x7f0000000040)={0x7, 0x21, 0x2}, 0x7) (async) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) 14:30:03 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_SET(r0, 0x0, 0x0) (async) sendmsg$NL80211_CMD_GET_KEY(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000040)={&(0x7f0000000100)={0x88, 0x0, 0x400, 0x70bd2a, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_SEQ={0xa, 0xa, "527238991260"}, @NL80211_ATTR_KEY={0x24, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "aef4be6b90"}, @NL80211_KEY_MODE={0x5, 0x9, 0x2}]}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "1f4517aca010ae68953da4613f"}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x24, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x8000}, 0x1) (async, rerun: 32) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) (rerun: 32) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) [ 542.852553][ T3393] FAULT_INJECTION: forcing a failure. [ 542.852553][ T3393] name failslab, interval 1, probability 0, space 0, times 0 [ 542.852567][ T3393] CPU: 1 PID: 3393 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 542.852572][ T3393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 542.852575][ T3393] Call Trace: [ 542.852588][ T3393] dump_stack+0x18e/0x1de [ 542.852601][ T3393] should_fail+0x5d8/0x740 [ 542.852613][ T3393] ? __kernfs_new_node+0x8b/0x630 [ 542.852625][ T3393] should_failslab+0x5/0x20 [ 542.852635][ T3393] kmem_cache_alloc+0x36/0x290 [ 542.852646][ T3393] __kernfs_new_node+0x8b/0x630 [ 542.852654][ T3393] ? mutex_lock+0x6c/0xc0 [ 542.852664][ T3393] ? kernfs_activate+0x3fc/0x420 [ 542.852674][ T3393] kernfs_new_node+0x95/0x160 [ 542.852685][ T3393] __kernfs_create_file+0x45/0x260 [ 542.852694][ T3393] sysfs_add_file_mode_ns+0x293/0x340 [ 542.852704][ T3393] internal_create_group+0x486/0xd70 [ 542.852715][ T3393] sysfs_create_groups+0x5d/0x130 [ 542.852725][ T3393] device_add+0x9fa/0x1820 [ 542.852736][ T3393] device_create_vargs+0x1b8/0x210 [ 542.852745][ T3393] device_create+0x86/0xb0 [ 542.852753][ T3393] ? vsnprintf+0x1a07/0x1aa0 [ 542.852764][ T3393] bdi_register_va+0x89/0x5e0 [ 542.852773][ T3393] bdi_register+0x80/0xa0 [ 542.852782][ T3393] ? __device_add_disk+0x50a/0x1220 [ 542.852791][ T3393] bdi_register_owner+0x56/0xf0 [ 542.852800][ T3393] __device_add_disk+0x583/0x1220 [ 542.852811][ T3393] loop_add+0x554/0x710 [ 542.852821][ T3393] loop_control_ioctl+0x468/0x680 [ 542.852829][ T3393] ? xor_init+0x60/0x60 [ 542.852839][ T3393] do_vfs_ioctl+0x6fb/0x15b0 [ 542.852856][ T3393] __x64_sys_ioctl+0xd4/0x110 [ 543.017088][ T3393] do_syscall_64+0xcb/0x1e0 [ 543.017103][ T3393] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 543.027463][ T3393] RIP: 0033:0x7fe6f0f01059 [ 543.027472][ T3393] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 543.027483][ T3393] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 543.059838][ T3393] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 543.059843][ T3393] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 543.059854][ T3393] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 543.083710][ T3393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 14:30:03 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 57) 14:30:03 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x9, 0x1}, 0x7) 14:30:03 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000840)={0x2, 0x0, 0x16, 0x5, 0x124, &(0x7f0000000440)="3c9569f6cdfbb9d07a1f1ddfa6937a96d3b45c82c946697b48e2e836e80f49a2d1bd3c301097658160bee1dd16b5fd750366c6c4bd4e349d2542c29dd2a893f4396a99cc8dd985b0e51355313924850c087b20cb9aeaf11d323fe8bb48b997682db135351e3c8d965e53da2d77602cdd149fd37332088ef5c615e7b1a8064775fb86b8afddbdca19e26d7fc4dbe5f96172cc2e5e2a358bf0888a26a9606bb4f21043c8e2ec078f8e9b6d9d2e158941cbd6ac4233860896ade7c57b0afb2dd12c72720c64970b5c9a767447e2526e52ce2f00dc6df1ac7d22caf80b5dc06348c9bb6384dec6b34dd9ef231ad0e6fa2f3e6b76977db22c5557a035d0e0af47ba34f2dc3dba607e378b1280bb354fb6a88dd169ec4701eb2fc970457f4806f332bac1361aa90e507b82c33c356167b961f7f9a29920a54f51233d84bebf1d59509df47f5db7d679d3c203a3965abfe11040f0284e6cb9aa951aaacb18d6a2cc22d89e1af6137c5176092682d530d989d26b55f4c1fd33641b24d7de849ee9b6a4a36eded3bfac19f88457d360ae2a0326b53c7f3544c4e5102fb21c9db3f65805cb3318c25a59597a228c34c2cdfc83ae9855bcb7766e5eab5f0df8d15bd8c0788f0978506065ad1cfc840cee637b1877c9092dbfeef169cecb074199aa30dcf5136cded114e07fc3007eeb970ca8ff105855cd36b43700818edba05377f480a452d1301754bdb75618c8cd57f7b23726ff887a164d82f91892e2fc7a4a605d49a754ee8b5284259149f752a2680dbdfd726f813b2ce5257346508b9356e712c3d9534b882ae231e8ae0520d72d33da77f6140bf358f0c06afb59cd78a4427c5b4dd6591e1c68737a0f3ac8abbf6a1d63f68dfa9cc05ae5ccbeeb0fb9bd3f232ca3299224d19499e67be2b8bc9a54e72ba70934a2900de0b61ec619703357bdf85f20d64bc21d4a95f642084ed6d87c650d4653e45d444a76ad6175f00b8693ecdc498af1d5b2fbf40ab3e72649bb049e8d2fddec8368f3a3e3126cbd9769c28d734fc1dd9cacbb82b13987057490293e67df9a3cfc4a6c6f4b8ba494f8775df2219b1db022bbc68f1dfb78ce6800354b7aff14649d5c54643ede43d853258363987194dead58df948f0629dfccb8b22b79a8305b7dff02475c4103b062cb5587b9d5f45f02e032fe636a6a5c7a5116512f4febc93b57378889e3d5008674ee0e69d251c554d7274b7c7b1403c75aeb0a2cb6c2a12007973ceb55b910b1b39dd8242ca7a4ab11d66890fb20702176a01a2546c3b2c920e6bd2300a177daf4a485202766eb780ae1a3bac15c732f1467fee8876f43046db36540c15adff0a3fa5403273d6760aebb549c3037a5ca9559ff41d00b872539ce20cbe937860fff5fa70c6c029c989d6078fab6731ae89a8f77c9f28406a281bdea35cdd63afccd96f571"}) write$P9_RWSTAT(r0, 0x0, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000400)={0x2, 0x1, 0x2, 0x20, 0x1fe, &(0x7f0000000000)="56a74373b19c8adaf5a3a1c66d8dff499cd831a6c2716979fcdda0fe5d980f1d01285d0eae0a42ca43702fd364b691cd29778b2eda2959b47056c5bf3b2fb9736a2bb0c1208bd838e1e69cf8c03ad2f0e882f5825b8820f4243930c299882c0a9b1726d88b31b8e7b4b2ab36cbd52e69b0faf92af10bf37eb6caedb71c0820ef6f36ee566e6f04340b43ec0dd4072dab8c36268c03831b38e1608338889a4a7d8a81f619f3930a3eeb577fa4d93de25ca95d47bb06b917332293af4707379188869161d6e700a43e6f24515356c479890dff0228d2a48b11ce201a62ecfb0e310590a6dc41f5759c51961dc5ad69eb2aa1f45da4e15668570598935a9cb6ecdc01986dd121b020777726521b302238c69d26f9baea9d4bd4477d3a3b30dcc862d878ad474072ba59cc99298f37212cc5c2310c751a6ec342c80f2e6825dc944243f93928202ab074c7da6aee0a735530a798de13cf2223bfcf415dfbc122cedb328c795faf5e3a772c2e3ee4d60f1c09cf7a0064a28113378d2fa6264938d52c07feddb2034724ac175bb4c8a06abe94ea3ff5c4f60e5f1887e51d4191899a90bca07496a1aced8a9c95b47f62ce0d7a3a25affa14b4de175ba223282d6e967cdb0bd698f90448d733a1076358b9509a69d5e86d07e928ccb3be8a23f9a1120903d661ca714e53b9c5bccadee653c72b60b8e84f6900ce663b8026a05de5f14137c0ef36fa8962fbb6354c609086e11a9919fcd248de4d70a892aebcf709f0538fe9a94f25a4bdf6eeeda94b0f0f124445eacdd289aa8d0123ba835bd013a28132255195d08eea5dceb2af108c7f1ed659b18edbf48fdb3d471eff12f9b681abd7eb0b8faf59fd18627107ca89c06b6ab464333bd119d83655cd2c9b7de52c1d312d89af6ee44b56a8bd030adcda05fea3922cb8dc5dfc9402dc1af0f859de28c09b011650ce4741fe24dede7b637a8312b223d01ec2a112c3cc584d088fd9a89260fe3b2bcc9c93ca06d8eefd5cd84677d436c7a3ec83ffa22159246c79a8c0d0582c56dd0b1e340fa0cb5f2a274d9f402a62654d8c86351948f4537930d052ad57d1dce3743ebabebb2400de40429a9f7e7bf6f012bc858e667d5498220f67acfbefe4d2ed1dbc94fae605817093fd5291117bf3b0b68c17095095471e4118d4ecc60fc8fe46df97418030c4bb3e437690c933eb39e6f0f5610c4bc7785b206ec683af8b1407536499392f34327d1fd2d1a6f62cfa2e44969cac38a6522343e362ab73ae8b72a4d07e5c64bdaaabef4e3ea2a41d31271466d72529e7701c49f8ddbb4de28cd1c36e6cca24634d8986c09eaed038738d16825c209f004a3eac0f8c11d32f5839ce4001b02f5c2499a92393c5a1bc3f042ac2702d2127d288df455487390fc8989a5a56eaf98f2a0e93ffc61c22653c23a6192de15ce9c5b709"}) [ 543.083716][ T3393] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 543.093944][ T3393] ------------[ cut here ]------------ [ 543.093963][ T3393] WARNING: CPU: 1 PID: 3393 at block/genhd.c:742 __device_add_disk+0xe90/0x1220 [ 543.093965][ T3393] Modules linked in: [ 543.093977][ T3393] CPU: 1 PID: 3393 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 543.093982][ T3393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 543.093992][ T3393] RIP: 0010:__device_add_disk+0xe90/0x1220 [ 543.094000][ T3393] Code: ff e8 24 3a 4c ff 0f 0b e9 6b fe ff ff e8 18 3a 4c ff 0f 0b e9 a1 f2 ff ff e8 0c 3a 4c ff 0f 0b e9 5d f8 ff ff e8 00 3a 4c ff <0f> 0b e9 04 f7 ff ff e8 f4 39 4c ff 43 80 3c 26 00 0f 85 4f fd ff [ 543.094004][ T3393] RSP: 0018:ffff8881e1547ce8 EFLAGS: 00010246 [ 543.094011][ T3393] RAX: ffffffff82146c60 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 543.094016][ T3393] RDX: ffffc90000144000 RSI: 000000000003ffff RDI: 0000000000040000 [ 543.094020][ T3393] RBP: ffff8881ef3d6718 R08: ffffffff8214635e R09: 0000000000000010 [ 543.094025][ T3393] R10: ffffffff84600000 R11: 0000000000000000 R12: dffffc0000000000 [ 543.094029][ T3393] R13: 1ffff11039e82001 R14: 1ffff11039e8209d R15: ffff8881cf410000 [ 543.094037][ T3393] FS: 00007fe6f0077700(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 543.094042][ T3393] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 543.094048][ T3393] CR2: 00007f7eb1d21058 CR3: 00000001ea259000 CR4: 00000000003406e0 [ 543.094056][ T3393] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 543.094061][ T3393] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 543.094063][ T3393] Call Trace: [ 543.094077][ T3393] loop_add+0x554/0x710 [ 543.094087][ T3393] loop_control_ioctl+0x468/0x680 [ 543.094096][ T3393] ? xor_init+0x60/0x60 [ 543.094107][ T3393] do_vfs_ioctl+0x6fb/0x15b0 [ 543.094119][ T3393] __x64_sys_ioctl+0xd4/0x110 [ 543.094129][ T3393] do_syscall_64+0xcb/0x1e0 [ 543.094141][ T3393] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 543.094148][ T3393] RIP: 0033:0x7fe6f0f01059 [ 543.094156][ T3393] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 543.094160][ T3393] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 543.094168][ T3393] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 543.094173][ T3393] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 543.094178][ T3393] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 543.094183][ T3393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 543.094188][ T3393] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 543.094195][ T3393] ---[ end trace 362e18c8762015f3 ]--- [ 543.176163][ T3434] FAULT_INJECTION: forcing a failure. [ 543.176163][ T3434] name failslab, interval 1, probability 0, space 0, times 0 [ 543.390363][ T3434] CPU: 0 PID: 3434 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 14:30:03 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_SET(r0, 0x0, 0x0) sendmsg$NL80211_CMD_GET_KEY(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000040)={&(0x7f0000000100)={0x88, 0x0, 0x400, 0x70bd2a, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_SEQ={0xa, 0xa, "527238991260"}, @NL80211_ATTR_KEY={0x24, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "aef4be6b90"}, @NL80211_KEY_MODE={0x5, 0x9, 0x2}]}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "1f4517aca010ae68953da4613f"}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x24, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x8000}, 0x1) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$TIPC_NL_BEARER_SET(r0, 0x0, 0x0) (async) sendmsg$NL80211_CMD_GET_KEY(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000040)={&(0x7f0000000100)={0x88, 0x0, 0x400, 0x70bd2a, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_SEQ={0xa, 0xa, "527238991260"}, @NL80211_ATTR_KEY={0x24, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "aef4be6b90"}, @NL80211_KEY_MODE={0x5, 0x9, 0x2}]}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "1f4517aca010ae68953da4613f"}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x24, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x8000}, 0x1) (async) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) [ 543.390369][ T3434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 543.390372][ T3434] Call Trace: [ 543.390387][ T3434] dump_stack+0x18e/0x1de [ 543.390398][ T3434] should_fail+0x5d8/0x740 [ 543.390413][ T3434] ? __kernfs_new_node+0x8b/0x630 [ 543.429028][ T3434] should_failslab+0x5/0x20 [ 543.429044][ T3434] kmem_cache_alloc+0x36/0x290 [ 543.438275][ T3434] __kernfs_new_node+0x8b/0x630 [ 543.438295][ T3434] ? kernfs_add_one+0x49e/0x5c0 [ 543.447946][ T3434] kernfs_new_node+0x95/0x160 [ 543.447958][ T3434] __kernfs_create_file+0x45/0x260 [ 543.447966][ T3434] sysfs_add_file_mode_ns+0x293/0x340 [ 543.447975][ T3434] sysfs_create_file_ns+0x146/0x230 [ 543.447984][ T3434] device_add+0xbc7/0x1820 [ 543.447995][ T3434] device_create_vargs+0x1b8/0x210 [ 543.448004][ T3434] device_create+0x86/0xb0 [ 543.448012][ T3434] ? vsnprintf+0x1a07/0x1aa0 [ 543.448023][ T3434] bdi_register_va+0x89/0x5e0 [ 543.448032][ T3434] bdi_register+0x80/0xa0 [ 543.448042][ T3434] ? __device_add_disk+0x50a/0x1220 [ 543.448051][ T3434] bdi_register_owner+0x56/0xf0 [ 543.448059][ T3434] __device_add_disk+0x583/0x1220 [ 543.448069][ T3434] loop_add+0x554/0x710 [ 543.448078][ T3434] loop_control_ioctl+0x468/0x680 [ 543.448087][ T3434] ? xor_init+0x60/0x60 [ 543.448097][ T3434] do_vfs_ioctl+0x6fb/0x15b0 [ 543.448110][ T3434] __x64_sys_ioctl+0xd4/0x110 [ 543.448120][ T3434] do_syscall_64+0xcb/0x1e0 [ 543.448130][ T3434] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 543.448138][ T3434] RIP: 0033:0x7fe6f0f01059 [ 543.448145][ T3434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 543.448150][ T3434] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 543.448158][ T3434] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 543.448163][ T3434] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 543.448167][ T3434] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 543.448172][ T3434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 543.448177][ T3434] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 543.451626][ T3434] ------------[ cut here ]------------ [ 543.624155][ T3434] WARNING: CPU: 0 PID: 3434 at block/genhd.c:742 __device_add_disk+0xe90/0x1220 [ 543.624164][ T3434] Modules linked in: [ 543.637057][ T3434] CPU: 0 PID: 3434 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 543.637063][ T3434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 543.637079][ T3434] RIP: 0010:__device_add_disk+0xe90/0x1220 [ 543.637088][ T3434] Code: ff e8 24 3a 4c ff 0f 0b e9 6b fe ff ff e8 18 3a 4c ff 0f 0b e9 a1 f2 ff ff e8 0c 3a 4c ff 0f 0b e9 5d f8 ff ff e8 00 3a 4c ff <0f> 0b e9 04 f7 ff ff e8 f4 39 4c ff 43 80 3c 26 00 0f 85 4f fd ff [ 543.637094][ T3434] RSP: 0018:ffff8881e7a87ce8 EFLAGS: 00010246 [ 543.637101][ T3434] RAX: ffffffff82146c60 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 543.637107][ T3434] RDX: ffffc90000144000 RSI: 000000000003ffff RDI: 0000000000040000 [ 543.637112][ T3434] RBP: ffff8881ef2b6fa8 R08: ffffffff8214635e R09: 0000000000000010 [ 543.637117][ T3434] R10: ffffffff84600000 R11: 0000000000000000 R12: dffffc0000000000 [ 543.637123][ T3434] R13: 1ffff1103c652e01 R14: 1ffff1103c652e9d R15: ffff8881e3297000 [ 543.637130][ T3434] FS: 00007fe6f0077700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 543.637136][ T3434] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 543.637141][ T3434] CR2: 00007fe6f0076ff8 CR3: 00000001e3b59000 CR4: 00000000003406f0 [ 543.637150][ T3434] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 543.637155][ T3434] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 543.637157][ T3434] Call Trace: [ 543.637171][ T3434] loop_add+0x554/0x710 [ 543.637182][ T3434] loop_control_ioctl+0x468/0x680 [ 543.637191][ T3434] ? xor_init+0x60/0x60 [ 543.637201][ T3434] do_vfs_ioctl+0x6fb/0x15b0 [ 543.637214][ T3434] __x64_sys_ioctl+0xd4/0x110 [ 543.637225][ T3434] do_syscall_64+0xcb/0x1e0 [ 543.637236][ T3434] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 543.637243][ T3434] RIP: 0033:0x7fe6f0f01059 [ 543.637250][ T3434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 543.637255][ T3434] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 543.637263][ T3434] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 14:30:04 executing program 4: syz_open_dev$tty1(0xc, 0x4, 0x3) pipe2$9p(&(0x7f0000000000), 0xc0000) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x100000) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x2}, 0x7) 14:30:04 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x9, 0x1}, 0x7) 14:30:04 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000840)={0x2, 0x0, 0x16, 0x5, 0x124, &(0x7f0000000440)="3c9569f6cdfbb9d07a1f1ddfa6937a96d3b45c82c946697b48e2e836e80f49a2d1bd3c301097658160bee1dd16b5fd750366c6c4bd4e349d2542c29dd2a893f4396a99cc8dd985b0e51355313924850c087b20cb9aeaf11d323fe8bb48b997682db135351e3c8d965e53da2d77602cdd149fd37332088ef5c615e7b1a8064775fb86b8afddbdca19e26d7fc4dbe5f96172cc2e5e2a358bf0888a26a9606bb4f21043c8e2ec078f8e9b6d9d2e158941cbd6ac4233860896ade7c57b0afb2dd12c72720c64970b5c9a767447e2526e52ce2f00dc6df1ac7d22caf80b5dc06348c9bb6384dec6b34dd9ef231ad0e6fa2f3e6b76977db22c5557a035d0e0af47ba34f2dc3dba607e378b1280bb354fb6a88dd169ec4701eb2fc970457f4806f332bac1361aa90e507b82c33c356167b961f7f9a29920a54f51233d84bebf1d59509df47f5db7d679d3c203a3965abfe11040f0284e6cb9aa951aaacb18d6a2cc22d89e1af6137c5176092682d530d989d26b55f4c1fd33641b24d7de849ee9b6a4a36eded3bfac19f88457d360ae2a0326b53c7f3544c4e5102fb21c9db3f65805cb3318c25a59597a228c34c2cdfc83ae9855bcb7766e5eab5f0df8d15bd8c0788f0978506065ad1cfc840cee637b1877c9092dbfeef169cecb074199aa30dcf5136cded114e07fc3007eeb970ca8ff105855cd36b43700818edba05377f480a452d1301754bdb75618c8cd57f7b23726ff887a164d82f91892e2fc7a4a605d49a754ee8b5284259149f752a2680dbdfd726f813b2ce5257346508b9356e712c3d9534b882ae231e8ae0520d72d33da77f6140bf358f0c06afb59cd78a4427c5b4dd6591e1c68737a0f3ac8abbf6a1d63f68dfa9cc05ae5ccbeeb0fb9bd3f232ca3299224d19499e67be2b8bc9a54e72ba70934a2900de0b61ec619703357bdf85f20d64bc21d4a95f642084ed6d87c650d4653e45d444a76ad6175f00b8693ecdc498af1d5b2fbf40ab3e72649bb049e8d2fddec8368f3a3e3126cbd9769c28d734fc1dd9cacbb82b13987057490293e67df9a3cfc4a6c6f4b8ba494f8775df2219b1db022bbc68f1dfb78ce6800354b7aff14649d5c54643ede43d853258363987194dead58df948f0629dfccb8b22b79a8305b7dff02475c4103b062cb5587b9d5f45f02e032fe636a6a5c7a5116512f4febc93b57378889e3d5008674ee0e69d251c554d7274b7c7b1403c75aeb0a2cb6c2a12007973ceb55b910b1b39dd8242ca7a4ab11d66890fb20702176a01a2546c3b2c920e6bd2300a177daf4a485202766eb780ae1a3bac15c732f1467fee8876f43046db36540c15adff0a3fa5403273d6760aebb549c3037a5ca9559ff41d00b872539ce20cbe937860fff5fa70c6c029c989d6078fab6731ae89a8f77c9f28406a281bdea35cdd63afccd96f571"}) (async) write$P9_RWSTAT(r0, 0x0, 0x0) (async) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000400)={0x2, 0x1, 0x2, 0x20, 0x1fe, &(0x7f0000000000)="56a74373b19c8adaf5a3a1c66d8dff499cd831a6c2716979fcdda0fe5d980f1d01285d0eae0a42ca43702fd364b691cd29778b2eda2959b47056c5bf3b2fb9736a2bb0c1208bd838e1e69cf8c03ad2f0e882f5825b8820f4243930c299882c0a9b1726d88b31b8e7b4b2ab36cbd52e69b0faf92af10bf37eb6caedb71c0820ef6f36ee566e6f04340b43ec0dd4072dab8c36268c03831b38e1608338889a4a7d8a81f619f3930a3eeb577fa4d93de25ca95d47bb06b917332293af4707379188869161d6e700a43e6f24515356c479890dff0228d2a48b11ce201a62ecfb0e310590a6dc41f5759c51961dc5ad69eb2aa1f45da4e15668570598935a9cb6ecdc01986dd121b020777726521b302238c69d26f9baea9d4bd4477d3a3b30dcc862d878ad474072ba59cc99298f37212cc5c2310c751a6ec342c80f2e6825dc944243f93928202ab074c7da6aee0a735530a798de13cf2223bfcf415dfbc122cedb328c795faf5e3a772c2e3ee4d60f1c09cf7a0064a28113378d2fa6264938d52c07feddb2034724ac175bb4c8a06abe94ea3ff5c4f60e5f1887e51d4191899a90bca07496a1aced8a9c95b47f62ce0d7a3a25affa14b4de175ba223282d6e967cdb0bd698f90448d733a1076358b9509a69d5e86d07e928ccb3be8a23f9a1120903d661ca714e53b9c5bccadee653c72b60b8e84f6900ce663b8026a05de5f14137c0ef36fa8962fbb6354c609086e11a9919fcd248de4d70a892aebcf709f0538fe9a94f25a4bdf6eeeda94b0f0f124445eacdd289aa8d0123ba835bd013a28132255195d08eea5dceb2af108c7f1ed659b18edbf48fdb3d471eff12f9b681abd7eb0b8faf59fd18627107ca89c06b6ab464333bd119d83655cd2c9b7de52c1d312d89af6ee44b56a8bd030adcda05fea3922cb8dc5dfc9402dc1af0f859de28c09b011650ce4741fe24dede7b637a8312b223d01ec2a112c3cc584d088fd9a89260fe3b2bcc9c93ca06d8eefd5cd84677d436c7a3ec83ffa22159246c79a8c0d0582c56dd0b1e340fa0cb5f2a274d9f402a62654d8c86351948f4537930d052ad57d1dce3743ebabebb2400de40429a9f7e7bf6f012bc858e667d5498220f67acfbefe4d2ed1dbc94fae605817093fd5291117bf3b0b68c17095095471e4118d4ecc60fc8fe46df97418030c4bb3e437690c933eb39e6f0f5610c4bc7785b206ec683af8b1407536499392f34327d1fd2d1a6f62cfa2e44969cac38a6522343e362ab73ae8b72a4d07e5c64bdaaabef4e3ea2a41d31271466d72529e7701c49f8ddbb4de28cd1c36e6cca24634d8986c09eaed038738d16825c209f004a3eac0f8c11d32f5839ce4001b02f5c2499a92393c5a1bc3f042ac2702d2127d288df455487390fc8989a5a56eaf98f2a0e93ffc61c22653c23a6192de15ce9c5b709"}) 14:30:04 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 58) 14:30:04 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x1) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, 0x0, 0x0) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x3}, 0x7) 14:30:04 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x200000c7) 14:30:04 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x1) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, 0x0, 0x0) (async) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x3}, 0x7) 14:30:04 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000840)={0x2, 0x0, 0x16, 0x5, 0x124, &(0x7f0000000440)="3c9569f6cdfbb9d07a1f1ddfa6937a96d3b45c82c946697b48e2e836e80f49a2d1bd3c301097658160bee1dd16b5fd750366c6c4bd4e349d2542c29dd2a893f4396a99cc8dd985b0e51355313924850c087b20cb9aeaf11d323fe8bb48b997682db135351e3c8d965e53da2d77602cdd149fd37332088ef5c615e7b1a8064775fb86b8afddbdca19e26d7fc4dbe5f96172cc2e5e2a358bf0888a26a9606bb4f21043c8e2ec078f8e9b6d9d2e158941cbd6ac4233860896ade7c57b0afb2dd12c72720c64970b5c9a767447e2526e52ce2f00dc6df1ac7d22caf80b5dc06348c9bb6384dec6b34dd9ef231ad0e6fa2f3e6b76977db22c5557a035d0e0af47ba34f2dc3dba607e378b1280bb354fb6a88dd169ec4701eb2fc970457f4806f332bac1361aa90e507b82c33c356167b961f7f9a29920a54f51233d84bebf1d59509df47f5db7d679d3c203a3965abfe11040f0284e6cb9aa951aaacb18d6a2cc22d89e1af6137c5176092682d530d989d26b55f4c1fd33641b24d7de849ee9b6a4a36eded3bfac19f88457d360ae2a0326b53c7f3544c4e5102fb21c9db3f65805cb3318c25a59597a228c34c2cdfc83ae9855bcb7766e5eab5f0df8d15bd8c0788f0978506065ad1cfc840cee637b1877c9092dbfeef169cecb074199aa30dcf5136cded114e07fc3007eeb970ca8ff105855cd36b43700818edba05377f480a452d1301754bdb75618c8cd57f7b23726ff887a164d82f91892e2fc7a4a605d49a754ee8b5284259149f752a2680dbdfd726f813b2ce5257346508b9356e712c3d9534b882ae231e8ae0520d72d33da77f6140bf358f0c06afb59cd78a4427c5b4dd6591e1c68737a0f3ac8abbf6a1d63f68dfa9cc05ae5ccbeeb0fb9bd3f232ca3299224d19499e67be2b8bc9a54e72ba70934a2900de0b61ec619703357bdf85f20d64bc21d4a95f642084ed6d87c650d4653e45d444a76ad6175f00b8693ecdc498af1d5b2fbf40ab3e72649bb049e8d2fddec8368f3a3e3126cbd9769c28d734fc1dd9cacbb82b13987057490293e67df9a3cfc4a6c6f4b8ba494f8775df2219b1db022bbc68f1dfb78ce6800354b7aff14649d5c54643ede43d853258363987194dead58df948f0629dfccb8b22b79a8305b7dff02475c4103b062cb5587b9d5f45f02e032fe636a6a5c7a5116512f4febc93b57378889e3d5008674ee0e69d251c554d7274b7c7b1403c75aeb0a2cb6c2a12007973ceb55b910b1b39dd8242ca7a4ab11d66890fb20702176a01a2546c3b2c920e6bd2300a177daf4a485202766eb780ae1a3bac15c732f1467fee8876f43046db36540c15adff0a3fa5403273d6760aebb549c3037a5ca9559ff41d00b872539ce20cbe937860fff5fa70c6c029c989d6078fab6731ae89a8f77c9f28406a281bdea35cdd63afccd96f571"}) write$P9_RWSTAT(r0, 0x0, 0x0) (async) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000400)={0x2, 0x1, 0x2, 0x20, 0x1fe, &(0x7f0000000000)="56a74373b19c8adaf5a3a1c66d8dff499cd831a6c2716979fcdda0fe5d980f1d01285d0eae0a42ca43702fd364b691cd29778b2eda2959b47056c5bf3b2fb9736a2bb0c1208bd838e1e69cf8c03ad2f0e882f5825b8820f4243930c299882c0a9b1726d88b31b8e7b4b2ab36cbd52e69b0faf92af10bf37eb6caedb71c0820ef6f36ee566e6f04340b43ec0dd4072dab8c36268c03831b38e1608338889a4a7d8a81f619f3930a3eeb577fa4d93de25ca95d47bb06b917332293af4707379188869161d6e700a43e6f24515356c479890dff0228d2a48b11ce201a62ecfb0e310590a6dc41f5759c51961dc5ad69eb2aa1f45da4e15668570598935a9cb6ecdc01986dd121b020777726521b302238c69d26f9baea9d4bd4477d3a3b30dcc862d878ad474072ba59cc99298f37212cc5c2310c751a6ec342c80f2e6825dc944243f93928202ab074c7da6aee0a735530a798de13cf2223bfcf415dfbc122cedb328c795faf5e3a772c2e3ee4d60f1c09cf7a0064a28113378d2fa6264938d52c07feddb2034724ac175bb4c8a06abe94ea3ff5c4f60e5f1887e51d4191899a90bca07496a1aced8a9c95b47f62ce0d7a3a25affa14b4de175ba223282d6e967cdb0bd698f90448d733a1076358b9509a69d5e86d07e928ccb3be8a23f9a1120903d661ca714e53b9c5bccadee653c72b60b8e84f6900ce663b8026a05de5f14137c0ef36fa8962fbb6354c609086e11a9919fcd248de4d70a892aebcf709f0538fe9a94f25a4bdf6eeeda94b0f0f124445eacdd289aa8d0123ba835bd013a28132255195d08eea5dceb2af108c7f1ed659b18edbf48fdb3d471eff12f9b681abd7eb0b8faf59fd18627107ca89c06b6ab464333bd119d83655cd2c9b7de52c1d312d89af6ee44b56a8bd030adcda05fea3922cb8dc5dfc9402dc1af0f859de28c09b011650ce4741fe24dede7b637a8312b223d01ec2a112c3cc584d088fd9a89260fe3b2bcc9c93ca06d8eefd5cd84677d436c7a3ec83ffa22159246c79a8c0d0582c56dd0b1e340fa0cb5f2a274d9f402a62654d8c86351948f4537930d052ad57d1dce3743ebabebb2400de40429a9f7e7bf6f012bc858e667d5498220f67acfbefe4d2ed1dbc94fae605817093fd5291117bf3b0b68c17095095471e4118d4ecc60fc8fe46df97418030c4bb3e437690c933eb39e6f0f5610c4bc7785b206ec683af8b1407536499392f34327d1fd2d1a6f62cfa2e44969cac38a6522343e362ab73ae8b72a4d07e5c64bdaaabef4e3ea2a41d31271466d72529e7701c49f8ddbb4de28cd1c36e6cca24634d8986c09eaed038738d16825c209f004a3eac0f8c11d32f5839ce4001b02f5c2499a92393c5a1bc3f042ac2702d2127d288df455487390fc8989a5a56eaf98f2a0e93ffc61c22653c23a6192de15ce9c5b709"}) 14:30:04 executing program 4: syz_open_dev$tty1(0xc, 0x4, 0x3) pipe2$9p(&(0x7f0000000000), 0xc0000) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x100000) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x2}, 0x7) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) pipe2$9p(&(0x7f0000000000), 0xc0000) (async) pipe2$9p(&(0x7f0000000040), 0x100000) (async) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x2}, 0x7) (async) 14:30:04 executing program 2: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x9, 0x1}, 0x7) [ 543.637268][ T3434] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 543.637273][ T3434] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 543.637278][ T3434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 543.637283][ T3434] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 543.637291][ T3434] ---[ end trace 362e18c8762015f4 ]--- 14:30:04 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) write$P9_RSTAT(r1, &(0x7f0000000040)={0x3d, 0x7d, 0x2, {0x0, 0x36, 0xfe01, 0xbc0, {0x4, 0x1, 0x5}, 0x0, 0x5, 0x3, 0x8, 0x2, '\\.', 0x0, '', 0x1, '!'}}, 0x3d) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r2, 0x0, 0x0) write$P9_RREADLINK(r2, &(0x7f0000000080)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10) 14:30:04 executing program 3: syz_open_dev$tty1(0xc, 0x4, 0x1) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, 0x0, 0x0) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x3}, 0x7) syz_open_dev$tty1(0xc, 0x4, 0x1) (async) pipe2$9p(&(0x7f0000000400), 0x0) (async) write$P9_RLINK(r0, 0x0, 0x0) (async) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x3}, 0x7) (async) 14:30:04 executing program 2: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x9, 0x1}, 0x7) 14:30:04 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 59) 14:30:04 executing program 2: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x9, 0x1}, 0x7) 14:30:04 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x9, 0x1}, 0x7) [ 543.942135][ T3453] FAULT_INJECTION: forcing a failure. [ 543.942135][ T3453] name failslab, interval 1, probability 0, space 0, times 0 [ 543.942149][ T3453] CPU: 1 PID: 3453 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 543.942154][ T3453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 543.942157][ T3453] Call Trace: [ 543.942171][ T3453] dump_stack+0x18e/0x1de [ 543.942184][ T3453] should_fail+0x5d8/0x740 [ 543.942197][ T3453] ? __kernfs_new_node+0x8b/0x630 [ 543.942208][ T3453] should_failslab+0x5/0x20 [ 543.942217][ T3453] kmem_cache_alloc+0x36/0x290 [ 543.942228][ T3453] ? security_kernfs_init_security+0x9a/0xb0 [ 543.942238][ T3453] __kernfs_new_node+0x8b/0x630 [ 543.942245][ T3453] ? mutex_lock+0x6c/0xc0 [ 543.942254][ T3453] ? kernfs_activate+0x3fc/0x420 [ 543.942262][ T3453] ? mutex_unlock+0x19/0x40 [ 543.942272][ T3453] kernfs_create_dir_ns+0x90/0x220 [ 543.942281][ T3453] internal_create_group+0x20e/0xd70 [ 543.942292][ T3453] dpm_sysfs_add+0x59/0x260 [ 543.942301][ T3453] device_add+0xcec/0x1820 [ 543.942316][ T3453] device_create_vargs+0x1b8/0x210 [ 543.942325][ T3453] device_create+0x86/0xb0 [ 543.942332][ T3453] ? vsnprintf+0x1a07/0x1aa0 [ 543.942343][ T3453] bdi_register_va+0x89/0x5e0 [ 543.942353][ T3453] bdi_register+0x80/0xa0 [ 543.942363][ T3453] ? __device_add_disk+0x50a/0x1220 [ 543.942372][ T3453] bdi_register_owner+0x56/0xf0 [ 543.942381][ T3453] __device_add_disk+0x583/0x1220 [ 543.942393][ T3453] loop_add+0x554/0x710 [ 543.942402][ T3453] loop_control_ioctl+0x468/0x680 [ 543.942410][ T3453] ? xor_init+0x60/0x60 [ 543.942420][ T3453] do_vfs_ioctl+0x6fb/0x15b0 [ 543.942439][ T3453] __x64_sys_ioctl+0xd4/0x110 [ 543.942449][ T3453] do_syscall_64+0xcb/0x1e0 [ 543.942460][ T3453] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 543.942468][ T3453] RIP: 0033:0x7fe6f0f01059 [ 543.942478][ T3453] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 543.942483][ T3453] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 543.942492][ T3453] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 543.942497][ T3453] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 543.942502][ T3453] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 543.942507][ T3453] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 543.942512][ T3453] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 543.942781][ T3453] ------------[ cut here ]------------ [ 543.942797][ T3453] WARNING: CPU: 1 PID: 3453 at block/genhd.c:742 __device_add_disk+0xe90/0x1220 [ 543.942799][ T3453] Modules linked in: [ 543.942811][ T3453] CPU: 1 PID: 3453 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 543.942816][ T3453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 543.942825][ T3453] RIP: 0010:__device_add_disk+0xe90/0x1220 [ 543.942834][ T3453] Code: ff e8 24 3a 4c ff 0f 0b e9 6b fe ff ff e8 18 3a 4c ff 0f 0b e9 a1 f2 ff ff e8 0c 3a 4c ff 0f 0b e9 5d f8 ff ff e8 00 3a 4c ff <0f> 0b e9 04 f7 ff ff e8 f4 39 4c ff 43 80 3c 26 00 0f 85 4f fd ff [ 543.942838][ T3453] RSP: 0018:ffff8881e5787ce8 EFLAGS: 00010283 [ 543.942845][ T3453] RAX: ffffffff82146c60 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 543.942850][ T3453] RDX: ffffc90000144000 RSI: 0000000000006a31 RDI: 0000000000006a32 [ 543.942854][ T3453] RBP: ffff8881ef3d1a08 R08: ffffffff8214635e R09: 0000000000000010 [ 543.942860][ T3453] R10: ffffffff84600000 R11: 0000000000000000 R12: dffffc0000000000 [ 543.942865][ T3453] R13: 1ffff11039f8b201 R14: 1ffff11039f8b29d R15: ffff8881cfc59000 [ 543.942872][ T3453] FS: 00007fe6f0077700(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 543.942878][ T3453] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 543.942884][ T3453] CR2: 00007fe6f0076ff8 CR3: 00000001ef32f000 CR4: 00000000003406e0 [ 543.942892][ T3453] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 543.942897][ T3453] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 543.942899][ T3453] Call Trace: [ 543.942911][ T3453] loop_add+0x554/0x710 [ 543.942921][ T3453] loop_control_ioctl+0x468/0x680 [ 543.942929][ T3453] ? xor_init+0x60/0x60 [ 543.942938][ T3453] do_vfs_ioctl+0x6fb/0x15b0 [ 543.942950][ T3453] __x64_sys_ioctl+0xd4/0x110 [ 543.942958][ T3453] do_syscall_64+0xcb/0x1e0 [ 543.942968][ T3453] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 543.942974][ T3453] RIP: 0033:0x7fe6f0f01059 [ 543.942982][ T3453] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 543.942987][ T3453] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 543.942994][ T3453] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 543.942999][ T3453] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 543.943004][ T3453] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 543.943009][ T3453] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 543.943014][ T3453] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 543.943021][ T3453] ---[ end trace 362e18c8762015f5 ]--- [ 544.018370][ T3479] FAULT_INJECTION: forcing a failure. [ 544.018370][ T3479] name failslab, interval 1, probability 0, space 0, times 0 [ 544.481079][ T3479] CPU: 0 PID: 3479 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 14:30:05 executing program 4: syz_open_dev$tty1(0xc, 0x4, 0x3) pipe2$9p(&(0x7f0000000000), 0xc0000) (async) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x100000) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x2}, 0x7) [ 544.481085][ T3479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 544.481088][ T3479] Call Trace: [ 544.481102][ T3479] dump_stack+0x18e/0x1de [ 544.481116][ T3479] should_fail+0x5d8/0x740 [ 544.481128][ T3479] ? __kernfs_new_node+0x8b/0x630 [ 544.481139][ T3479] should_failslab+0x5/0x20 [ 544.481149][ T3479] kmem_cache_alloc+0x36/0x290 [ 544.481160][ T3479] ? selinux_kernfs_init_security+0x12d/0x720 [ 544.481170][ T3479] __kernfs_new_node+0x8b/0x630 [ 544.481187][ T3479] ? mutex_lock+0x6c/0xc0 [ 544.481198][ T3479] kernfs_new_node+0x95/0x160 [ 544.481209][ T3479] __kernfs_create_file+0x45/0x260 [ 544.481219][ T3479] sysfs_add_file_mode_ns+0x293/0x340 [ 544.481229][ T3479] sysfs_merge_group+0x19b/0x320 [ 544.481239][ T3479] dpm_sysfs_add+0xbd/0x260 [ 544.481249][ T3479] device_add+0xcec/0x1820 [ 544.481261][ T3479] device_create_vargs+0x1b8/0x210 [ 544.481270][ T3479] device_create+0x86/0xb0 [ 544.481278][ T3479] ? vsnprintf+0x1a07/0x1aa0 [ 544.481289][ T3479] bdi_register_va+0x89/0x5e0 [ 544.481298][ T3479] bdi_register+0x80/0xa0 [ 544.481308][ T3479] ? __device_add_disk+0x50a/0x1220 [ 544.481318][ T3479] bdi_register_owner+0x56/0xf0 [ 544.481328][ T3479] __device_add_disk+0x583/0x1220 [ 544.481340][ T3479] loop_add+0x554/0x710 [ 544.481350][ T3479] loop_control_ioctl+0x468/0x680 [ 544.481358][ T3479] ? xor_init+0x60/0x60 [ 544.481369][ T3479] do_vfs_ioctl+0x6fb/0x15b0 [ 544.481382][ T3479] __x64_sys_ioctl+0xd4/0x110 [ 544.481392][ T3479] do_syscall_64+0xcb/0x1e0 [ 544.481403][ T3479] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 544.481412][ T3479] RIP: 0033:0x7fe6f0f01059 [ 544.481421][ T3479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 544.481426][ T3479] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 544.481435][ T3479] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 544.481440][ T3479] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 544.481445][ T3479] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 544.481451][ T3479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 544.481456][ T3479] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 544.481725][ T3479] ------------[ cut here ]------------ [ 544.481740][ T3479] WARNING: CPU: 0 PID: 3479 at block/genhd.c:742 __device_add_disk+0xe90/0x1220 [ 544.481742][ T3479] Modules linked in: [ 544.481754][ T3479] CPU: 0 PID: 3479 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 544.481758][ T3479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 544.481768][ T3479] RIP: 0010:__device_add_disk+0xe90/0x1220 [ 544.481776][ T3479] Code: ff e8 24 3a 4c ff 0f 0b e9 6b fe ff ff e8 18 3a 4c ff 0f 0b e9 a1 f2 ff ff e8 0c 3a 4c ff 0f 0b e9 5d f8 ff ff e8 00 3a 4c ff <0f> 0b e9 04 f7 ff ff e8 f4 39 4c ff 43 80 3c 26 00 0f 85 4f fd ff [ 544.481781][ T3479] RSP: 0018:ffff8881e5787ce8 EFLAGS: 00010246 [ 544.481788][ T3479] RAX: ffffffff82146c60 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 544.481793][ T3479] RDX: ffffc90000144000 RSI: 000000000003ffff RDI: 0000000000040000 [ 544.481799][ T3479] RBP: ffff8881ef3d08e8 R08: ffffffff8214635e R09: 0000000000000010 [ 544.481804][ T3479] R10: ffffffff84600000 R11: 0000000000000000 R12: dffffc0000000000 [ 544.481809][ T3479] R13: 1ffff1103c652601 R14: 1ffff1103c65269d R15: ffff8881e3293000 [ 544.481817][ T3479] FS: 00007fe6f0077700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 544.481823][ T3479] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 544.481828][ T3479] CR2: 0000000020017000 CR3: 00000001ebffd000 CR4: 00000000003406f0 [ 544.481836][ T3479] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 544.481841][ T3479] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 544.481844][ T3479] Call Trace: [ 544.481856][ T3479] loop_add+0x554/0x710 [ 544.481866][ T3479] loop_control_ioctl+0x468/0x680 [ 544.481874][ T3479] ? xor_init+0x60/0x60 [ 544.481884][ T3479] do_vfs_ioctl+0x6fb/0x15b0 [ 544.481897][ T3479] __x64_sys_ioctl+0xd4/0x110 [ 544.481906][ T3479] do_syscall_64+0xcb/0x1e0 [ 544.481917][ T3479] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 544.481923][ T3479] RIP: 0033:0x7fe6f0f01059 [ 544.481931][ T3479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 544.481935][ T3479] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 14:30:05 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x200000c7) 14:30:05 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 60) 14:30:05 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) write$P9_RSTAT(r1, &(0x7f0000000040)={0x3d, 0x7d, 0x2, {0x0, 0x36, 0xfe01, 0xbc0, {0x4, 0x1, 0x5}, 0x0, 0x5, 0x3, 0x8, 0x2, '\\.', 0x0, '', 0x1, '!'}}, 0x3d) (async, rerun: 64) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) (rerun: 64) write$P9_RLINK(r2, 0x0, 0x0) write$P9_RREADLINK(r2, &(0x7f0000000080)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10) 14:30:05 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r1, 0x0, 0x0) write$P9_RXATTRCREATE(r1, &(0x7f0000000000)={0x7, 0x21, 0x2}, 0x7) 14:30:05 executing program 4: socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000880), 0xffffffffffffffff) syz_open_dev$tty1(0xc, 0x4, 0x3) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, 0x0, 0x0) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r1, 0x0, 0x0) write$P9_RWSTAT(r1, &(0x7f0000000000)={0x7, 0x7f, 0x1}, 0x7) 14:30:05 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x9, 0x1}, 0x7) 14:30:05 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x9, 0x1}, 0x7) 14:30:05 executing program 4: socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000880), 0xffffffffffffffff) (async) syz_open_dev$tty1(0xc, 0x4, 0x3) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, 0x0, 0x0) (async) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r1, 0x0, 0x0) write$P9_RWSTAT(r1, &(0x7f0000000000)={0x7, 0x7f, 0x1}, 0x7) [ 544.481944][ T3479] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 544.481949][ T3479] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 544.481954][ T3479] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 544.481959][ T3479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 544.481964][ T3479] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 544.481972][ T3479] ---[ end trace 362e18c8762015f6 ]--- 14:30:05 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x9, 0x1}, 0x7) 14:30:05 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) (async) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) write$P9_RSTAT(r1, &(0x7f0000000040)={0x3d, 0x7d, 0x2, {0x0, 0x36, 0xfe01, 0xbc0, {0x4, 0x1, 0x5}, 0x0, 0x5, 0x3, 0x8, 0x2, '\\.', 0x0, '', 0x1, '!'}}, 0x3d) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r2, 0x0, 0x0) (async, rerun: 32) write$P9_RREADLINK(r2, &(0x7f0000000080)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10) (rerun: 32) 14:30:05 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x9, 0x1}, 0x7) 14:30:05 executing program 4: socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000880), 0xffffffffffffffff) syz_open_dev$tty1(0xc, 0x4, 0x3) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, 0x0, 0x0) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r1, 0x0, 0x0) write$P9_RWSTAT(r1, &(0x7f0000000000)={0x7, 0x7f, 0x1}, 0x7) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000880), 0xffffffffffffffff) (async) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) pipe2$9p(&(0x7f0000000400), 0x0) (async) write$P9_RLINK(r0, 0x0, 0x0) (async) pipe2$9p(&(0x7f0000000400), 0x0) (async) write$P9_RLINK(r1, 0x0, 0x0) (async) write$P9_RWSTAT(r1, &(0x7f0000000000)={0x7, 0x7f, 0x1}, 0x7) (async) [ 545.062064][ T3504] FAULT_INJECTION: forcing a failure. [ 545.062064][ T3504] name failslab, interval 1, probability 0, space 0, times 0 [ 545.062079][ T3504] CPU: 0 PID: 3504 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 545.062084][ T3504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 545.062087][ T3504] Call Trace: [ 545.062100][ T3504] dump_stack+0x18e/0x1de [ 545.062113][ T3504] should_fail+0x5d8/0x740 [ 545.062125][ T3504] ? __kernfs_new_node+0x8b/0x630 [ 545.062135][ T3504] should_failslab+0x5/0x20 [ 545.062145][ T3504] kmem_cache_alloc+0x36/0x290 [ 545.062156][ T3504] __kernfs_new_node+0x8b/0x630 [ 545.062164][ T3504] ? mutex_lock+0x6c/0xc0 [ 545.062174][ T3504] ? kernfs_activate+0x3fc/0x420 [ 545.062184][ T3504] kernfs_new_node+0x95/0x160 [ 545.062195][ T3504] __kernfs_create_file+0x45/0x260 [ 545.062203][ T3504] sysfs_add_file_mode_ns+0x293/0x340 [ 545.062213][ T3504] sysfs_merge_group+0x19b/0x320 [ 545.062222][ T3504] dpm_sysfs_add+0xbd/0x260 [ 545.062230][ T3504] device_add+0xcec/0x1820 [ 545.062240][ T3504] device_create_vargs+0x1b8/0x210 [ 545.062248][ T3504] device_create+0x86/0xb0 [ 545.062255][ T3504] ? vsnprintf+0x1a07/0x1aa0 [ 545.062266][ T3504] bdi_register_va+0x89/0x5e0 [ 545.062275][ T3504] bdi_register+0x80/0xa0 [ 545.062284][ T3504] ? __device_add_disk+0x50a/0x1220 [ 545.062294][ T3504] bdi_register_owner+0x56/0xf0 [ 545.062303][ T3504] __device_add_disk+0x583/0x1220 [ 545.062313][ T3504] loop_add+0x554/0x710 [ 545.062323][ T3504] loop_control_ioctl+0x468/0x680 [ 545.062331][ T3504] ? xor_init+0x60/0x60 [ 545.062341][ T3504] do_vfs_ioctl+0x6fb/0x15b0 [ 545.062353][ T3504] __x64_sys_ioctl+0xd4/0x110 [ 545.062362][ T3504] do_syscall_64+0xcb/0x1e0 [ 545.062373][ T3504] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 545.062380][ T3504] RIP: 0033:0x7fe6f0f01059 [ 545.062389][ T3504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 545.062394][ T3504] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 545.062403][ T3504] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 545.062409][ T3504] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 545.062414][ T3504] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 545.062419][ T3504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 545.062425][ T3504] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 545.062679][ T3504] ------------[ cut here ]------------ [ 545.062694][ T3504] WARNING: CPU: 0 PID: 3504 at block/genhd.c:742 __device_add_disk+0xe90/0x1220 [ 545.062695][ T3504] Modules linked in: [ 545.062708][ T3504] CPU: 0 PID: 3504 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 545.062714][ T3504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 545.062724][ T3504] RIP: 0010:__device_add_disk+0xe90/0x1220 [ 545.062731][ T3504] Code: ff e8 24 3a 4c ff 0f 0b e9 6b fe ff ff e8 18 3a 4c ff 0f 0b e9 a1 f2 ff ff e8 0c 3a 4c ff 0f 0b e9 5d f8 ff ff e8 00 3a 4c ff <0f> 0b e9 04 f7 ff ff e8 f4 39 4c ff 43 80 3c 26 00 0f 85 4f fd ff [ 545.062735][ T3504] RSP: 0018:ffff8881e971fce8 EFLAGS: 00010287 [ 545.062742][ T3504] RAX: ffffffff82146c60 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 545.062747][ T3504] RDX: ffffc90000144000 RSI: 0000000000006c43 RDI: 0000000000006c44 [ 545.062752][ T3504] RBP: ffff8881ef2b4d68 R08: ffffffff8214635e R09: 0000000000000010 [ 545.062757][ T3504] R10: ffffffff84600000 R11: 0000000000000000 R12: dffffc0000000000 [ 545.062762][ T3504] R13: 1ffff1103bdfa601 R14: 1ffff1103bdfa69d R15: ffff8881defd3000 [ 545.062769][ T3504] FS: 00007fe6f0077700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 545.062774][ T3504] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 545.062780][ T3504] CR2: 00007fe6f0076ff8 CR3: 00000001e0c15000 CR4: 00000000003406f0 [ 545.062788][ T3504] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 545.062793][ T3504] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 545.062795][ T3504] Call Trace: [ 545.062807][ T3504] loop_add+0x554/0x710 [ 545.062816][ T3504] loop_control_ioctl+0x468/0x680 [ 545.062824][ T3504] ? xor_init+0x60/0x60 [ 545.062834][ T3504] do_vfs_ioctl+0x6fb/0x15b0 [ 545.062846][ T3504] __x64_sys_ioctl+0xd4/0x110 [ 545.062854][ T3504] do_syscall_64+0xcb/0x1e0 [ 545.062863][ T3504] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 545.062869][ T3504] RIP: 0033:0x7fe6f0f01059 [ 545.062876][ T3504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 545.062880][ T3504] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 545.062886][ T3504] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 545.062891][ T3504] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 545.062895][ T3504] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 545.062900][ T3504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 545.062905][ T3504] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 545.062912][ T3504] ---[ end trace 362e18c8762015f7 ]--- 14:30:06 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x200000c7) 14:30:06 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:30:06 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r2 = syz_open_pts(r1, 0x49042) ioctl$TIOCGSOFTCAR(r2, 0x5419, &(0x7f0000000040)) ioctl$TCSETS2(r2, 0x402c542b, &(0x7f0000000000)={0xfdb, 0x0, 0x5, 0x1c9, 0x2, "b7b1cee94689152778f5eb294a6abdea77ec77", 0x2f92, 0x1}) write$P9_RWSTAT(r0, 0x0, 0x0) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r3, 0x0) ioctl$PIO_FONTRESET(r3, 0x4b6d, 0x0) r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x202100, 0x0) r5 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCGRS485(r5, 0x542e, &(0x7f00000000c0)) ioctl$TIOCNOTTY(r4, 0x5422) 14:30:06 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 61) 14:30:06 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$GIO_SCRNMAP(r0, 0x4b40, &(0x7f0000000040)=""/33) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x8000, 0x0) ioctl$GIO_FONTX(r1, 0x4b6b, &(0x7f0000000500)={0x1d, 0x17, &(0x7f0000000100)}) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r2, 0x0) ioctl$TIOCGSOFTCAR(r2, 0x5419, &(0x7f0000000540)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000000)={0x2a, 0x29, 0x1, {0xff, [{{0x30, 0x3}, 0x3269, 0x1, 0x7, './file0'}]}}, 0x2a) 14:30:06 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r1, 0x0, 0x0) write$P9_RXATTRCREATE(r1, &(0x7f0000000000)={0x7, 0x21, 0x2}, 0x7) 14:30:06 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r1, 0x0, 0x0) write$P9_RXATTRCREATE(r1, &(0x7f0000000000)={0x7, 0x21, 0x2}, 0x7) 14:30:06 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:30:06 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r2 = syz_open_pts(r1, 0x49042) ioctl$TIOCGSOFTCAR(r2, 0x5419, &(0x7f0000000040)) (async) ioctl$TCSETS2(r2, 0x402c542b, &(0x7f0000000000)={0xfdb, 0x0, 0x5, 0x1c9, 0x2, "b7b1cee94689152778f5eb294a6abdea77ec77", 0x2f92, 0x1}) (async) write$P9_RWSTAT(r0, 0x0, 0x0) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r3, 0x0) ioctl$PIO_FONTRESET(r3, 0x4b6d, 0x0) (async) r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x202100, 0x0) (async) r5 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCGRS485(r5, 0x542e, &(0x7f00000000c0)) (async) ioctl$TIOCNOTTY(r4, 0x5422) 14:30:06 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$GIO_SCRNMAP(r0, 0x4b40, &(0x7f0000000040)=""/33) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x8000, 0x0) ioctl$GIO_FONTX(r1, 0x4b6b, &(0x7f0000000500)={0x1d, 0x17, &(0x7f0000000100)}) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r2, 0x0) ioctl$TIOCGSOFTCAR(r2, 0x5419, &(0x7f0000000540)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000000)={0x2a, 0x29, 0x1, {0xff, [{{0x30, 0x3}, 0x3269, 0x1, 0x7, './file0'}]}}, 0x2a) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) ioctl$GIO_SCRNMAP(r0, 0x4b40, &(0x7f0000000040)=""/33) (async) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x8000, 0x0) (async) ioctl$GIO_FONTX(r1, 0x4b6b, &(0x7f0000000500)={0x1d, 0x17, &(0x7f0000000100)}) (async) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async) syz_open_pts(r2, 0x0) (async) ioctl$TIOCGSOFTCAR(r2, 0x5419, &(0x7f0000000540)) (async) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000000)={0x2a, 0x29, 0x1, {0xff, [{{0x30, 0x3}, 0x3269, 0x1, 0x7, './file0'}]}}, 0x2a) (async) 14:30:06 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) (async) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r2 = syz_open_pts(r1, 0x49042) ioctl$TIOCGSOFTCAR(r2, 0x5419, &(0x7f0000000040)) (async) ioctl$TCSETS2(r2, 0x402c542b, &(0x7f0000000000)={0xfdb, 0x0, 0x5, 0x1c9, 0x2, "b7b1cee94689152778f5eb294a6abdea77ec77", 0x2f92, 0x1}) (async, rerun: 64) write$P9_RWSTAT(r0, 0x0, 0x0) (async, rerun: 64) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r3, 0x0) ioctl$PIO_FONTRESET(r3, 0x4b6d, 0x0) r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x202100, 0x0) (async) r5 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCGRS485(r5, 0x542e, &(0x7f00000000c0)) (async, rerun: 64) ioctl$TIOCNOTTY(r4, 0x5422) (rerun: 64) 14:30:06 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$GIO_SCRNMAP(r0, 0x4b40, &(0x7f0000000040)=""/33) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x8000, 0x0) ioctl$GIO_FONTX(r1, 0x4b6b, &(0x7f0000000500)={0x1d, 0x17, &(0x7f0000000100)}) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r2, 0x0) ioctl$TIOCGSOFTCAR(r2, 0x5419, &(0x7f0000000540)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000000)={0x2a, 0x29, 0x1, {0xff, [{{0x30, 0x3}, 0x3269, 0x1, 0x7, './file0'}]}}, 0x2a) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) ioctl$GIO_SCRNMAP(r0, 0x4b40, &(0x7f0000000040)=""/33) (async) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x8000, 0x0) (async) ioctl$GIO_FONTX(r1, 0x4b6b, &(0x7f0000000500)={0x1d, 0x17, &(0x7f0000000100)}) (async) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async) syz_open_pts(r2, 0x0) (async) ioctl$TIOCGSOFTCAR(r2, 0x5419, &(0x7f0000000540)) (async) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000000)={0x2a, 0x29, 0x1, {0xff, [{{0x30, 0x3}, 0x3269, 0x1, 0x7, './file0'}]}}, 0x2a) (async) [ 545.922870][ T3538] FAULT_INJECTION: forcing a failure. [ 545.922870][ T3538] name failslab, interval 1, probability 0, space 0, times 0 [ 545.922888][ T3538] CPU: 1 PID: 3538 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 545.947138][ T3538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 545.947141][ T3538] Call Trace: [ 545.947165][ T3538] dump_stack+0x18e/0x1de [ 545.964777][ T3538] should_fail+0x5d8/0x740 [ 545.964793][ T3538] ? __kernfs_new_node+0x8b/0x630 [ 545.974191][ T3538] should_failslab+0x5/0x20 [ 545.974201][ T3538] kmem_cache_alloc+0x36/0x290 [ 545.974215][ T3538] __kernfs_new_node+0x8b/0x630 [ 545.988251][ T3538] ? mutex_lock+0x6c/0xc0 [ 545.988262][ T3538] ? kernfs_activate+0x3fc/0x420 [ 545.988272][ T3538] kernfs_new_node+0x95/0x160 [ 545.988284][ T3538] __kernfs_create_file+0x45/0x260 [ 545.988293][ T3538] sysfs_add_file_mode_ns+0x293/0x340 [ 545.988305][ T3538] sysfs_merge_group+0x19b/0x320 [ 545.988316][ T3538] dpm_sysfs_add+0xbd/0x260 [ 545.988325][ T3538] device_add+0xcec/0x1820 [ 545.988337][ T3538] device_create_vargs+0x1b8/0x210 [ 545.988347][ T3538] device_create+0x86/0xb0 [ 545.988355][ T3538] ? vsnprintf+0x1a07/0x1aa0 [ 545.988366][ T3538] bdi_register_va+0x89/0x5e0 [ 545.988376][ T3538] bdi_register+0x80/0xa0 [ 545.988386][ T3538] ? __device_add_disk+0x50a/0x1220 [ 545.988396][ T3538] bdi_register_owner+0x56/0xf0 [ 545.988405][ T3538] __device_add_disk+0x583/0x1220 [ 545.988418][ T3538] loop_add+0x554/0x710 [ 545.988428][ T3538] loop_control_ioctl+0x468/0x680 [ 545.988436][ T3538] ? xor_init+0x60/0x60 [ 545.988446][ T3538] do_vfs_ioctl+0x6fb/0x15b0 [ 545.988460][ T3538] __x64_sys_ioctl+0xd4/0x110 [ 545.988471][ T3538] do_syscall_64+0xcb/0x1e0 [ 545.988487][ T3538] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 545.988496][ T3538] RIP: 0033:0x7fe6f0f01059 [ 545.988506][ T3538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 545.988510][ T3538] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 545.988519][ T3538] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 545.988524][ T3538] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 545.988529][ T3538] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 545.988534][ T3538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 545.988539][ T3538] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 545.989686][ T3538] ------------[ cut here ]------------ [ 546.174856][ T3538] WARNING: CPU: 1 PID: 3538 at block/genhd.c:742 __device_add_disk+0xe90/0x1220 [ 546.174864][ T3538] Modules linked in: [ 546.187736][ T3538] CPU: 1 PID: 3538 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 546.187741][ T3538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 546.187758][ T3538] RIP: 0010:__device_add_disk+0xe90/0x1220 [ 546.215054][ T3538] Code: ff e8 24 3a 4c ff 0f 0b e9 6b fe ff ff e8 18 3a 4c ff 0f 0b e9 a1 f2 ff ff e8 0c 3a 4c ff 0f 0b e9 5d f8 ff ff e8 00 3a 4c ff <0f> 0b e9 04 f7 ff ff e8 f4 39 4c ff 43 80 3c 26 00 0f 85 4f fd ff [ 546.215058][ T3538] RSP: 0018:ffff8881eea5fce8 EFLAGS: 00010246 [ 546.215066][ T3538] RAX: ffffffff82146c60 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 546.215072][ T3538] RDX: ffffc90000144000 RSI: 000000000003ffff RDI: 0000000000040000 [ 546.215077][ T3538] RBP: ffff8881ef3d1178 R08: ffffffff8214635e R09: 0000000000000010 [ 546.215083][ T3538] R10: ffffffff84600000 R11: 0000000000000000 R12: dffffc0000000000 [ 546.215088][ T3538] R13: 1ffff1103e030001 R14: 1ffff1103e03009d R15: ffff8881f0180000 [ 546.215096][ T3538] FS: 00007fe6f0077700(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 546.215102][ T3538] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 546.215107][ T3538] CR2: 00007fe6f0076ff8 CR3: 00000001e57df000 CR4: 00000000003406e0 [ 546.215117][ T3538] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 546.215122][ T3538] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 546.215125][ T3538] Call Trace: [ 546.215143][ T3538] loop_add+0x554/0x710 [ 546.215154][ T3538] loop_control_ioctl+0x468/0x680 [ 546.215162][ T3538] ? xor_init+0x60/0x60 [ 546.215173][ T3538] do_vfs_ioctl+0x6fb/0x15b0 [ 546.215186][ T3538] __x64_sys_ioctl+0xd4/0x110 [ 546.215196][ T3538] do_syscall_64+0xcb/0x1e0 [ 546.215208][ T3538] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 546.215216][ T3538] RIP: 0033:0x7fe6f0f01059 [ 546.215224][ T3538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 546.215229][ T3538] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 546.215238][ T3538] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 546.215243][ T3538] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 546.215248][ T3538] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 546.215253][ T3538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 546.215259][ T3538] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 546.215266][ T3538] ---[ end trace 362e18c8762015f8 ]--- 14:30:07 executing program 1: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7}, 0x200000c7) 14:30:07 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x85800) write$P9_RMKNOD(r1, &(0x7f0000000040)={0x14, 0x13, 0x2, {0x10, 0x1, 0x5}}, 0x14) 14:30:07 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x5a9540, 0x0) ioctl$TIOCL_GETKMSGREDIRECT(r1, 0x541c, &(0x7f0000000080)) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) write$P9_RWSTAT(r2, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) r3 = syz_open_dev$evdev(&(0x7f0000000240), 0x0, 0x0) ioctl$EVIOCGEFFECTS(r3, 0x80044584, &(0x7f0000000280)=""/206) ioctl$EVIOCSABS3F(r3, 0x401845ff, &(0x7f0000000140)={0x7f, 0x7fffffff, 0xa759, 0x7fff, 0x8, 0x7}) ioctl$TIOCL_GETKMSGREDIRECT(r0, 0x541c, &(0x7f0000000100)) 14:30:07 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 62) 14:30:07 executing program 3: r0 = gettid() r1 = gettid() ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r1, 0x10, &(0x7f0000000000)={0x2e28}) pidfd_open(r0, 0x0) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x5) 14:30:07 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:30:07 executing program 1: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7}, 0x200000c7) 14:30:07 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) (async) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x85800) write$P9_RMKNOD(r1, &(0x7f0000000040)={0x14, 0x13, 0x2, {0x10, 0x1, 0x5}}, 0x14) 14:30:07 executing program 1: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7}, 0x200000c7) 14:30:07 executing program 3: r0 = gettid() r1 = gettid() ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r1, 0x10, &(0x7f0000000000)={0x2e28}) (async) pidfd_open(r0, 0x0) (async) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x5) 14:30:07 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x5a9540, 0x0) ioctl$TIOCL_GETKMSGREDIRECT(r1, 0x541c, &(0x7f0000000080)) (async) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) write$P9_RWSTAT(r2, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) r3 = syz_open_dev$evdev(&(0x7f0000000240), 0x0, 0x0) ioctl$EVIOCGEFFECTS(r3, 0x80044584, &(0x7f0000000280)=""/206) (async) ioctl$EVIOCSABS3F(r3, 0x401845ff, &(0x7f0000000140)={0x7f, 0x7fffffff, 0xa759, 0x7fff, 0x8, 0x7}) ioctl$TIOCL_GETKMSGREDIRECT(r0, 0x541c, &(0x7f0000000100)) 14:30:07 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x9}, 0x7) 14:30:07 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x200000c7) 14:30:07 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000840)={0x2, 0x0, 0x16, 0x5, 0x124, &(0x7f0000000440)="3c9569f6cdfbb9d07a1f1ddfa6937a96d3b45c82c946697b48e2e836e80f49a2d1bd3c301097658160bee1dd16b5fd750366c6c4bd4e349d2542c29dd2a893f4396a99cc8dd985b0e51355313924850c087b20cb9aeaf11d323fe8bb48b997682db135351e3c8d965e53da2d77602cdd149fd37332088ef5c615e7b1a8064775fb86b8afddbdca19e26d7fc4dbe5f96172cc2e5e2a358bf0888a26a9606bb4f21043c8e2ec078f8e9b6d9d2e158941cbd6ac4233860896ade7c57b0afb2dd12c72720c64970b5c9a767447e2526e52ce2f00dc6df1ac7d22caf80b5dc06348c9bb6384dec6b34dd9ef231ad0e6fa2f3e6b76977db22c5557a035d0e0af47ba34f2dc3dba607e378b1280bb354fb6a88dd169ec4701eb2fc970457f4806f332bac1361aa90e507b82c33c356167b961f7f9a29920a54f51233d84bebf1d59509df47f5db7d679d3c203a3965abfe11040f0284e6cb9aa951aaacb18d6a2cc22d89e1af6137c5176092682d530d989d26b55f4c1fd33641b24d7de849ee9b6a4a36eded3bfac19f88457d360ae2a0326b53c7f3544c4e5102fb21c9db3f65805cb3318c25a59597a228c34c2cdfc83ae9855bcb7766e5eab5f0df8d15bd8c0788f0978506065ad1cfc840cee637b1877c9092dbfeef169cecb074199aa30dcf5136cded114e07fc3007eeb970ca8ff105855cd36b43700818edba05377f480a452d1301754bdb75618c8cd57f7b23726ff887a164d82f91892e2fc7a4a605d49a754ee8b5284259149f752a2680dbdfd726f813b2ce5257346508b9356e712c3d9534b882ae231e8ae0520d72d33da77f6140bf358f0c06afb59cd78a4427c5b4dd6591e1c68737a0f3ac8abbf6a1d63f68dfa9cc05ae5ccbeeb0fb9bd3f232ca3299224d19499e67be2b8bc9a54e72ba70934a2900de0b61ec619703357bdf85f20d64bc21d4a95f642084ed6d87c650d4653e45d444a76ad6175f00b8693ecdc498af1d5b2fbf40ab3e72649bb049e8d2fddec8368f3a3e3126cbd9769c28d734fc1dd9cacbb82b13987057490293e67df9a3cfc4a6c6f4b8ba494f8775df2219b1db022bbc68f1dfb78ce6800354b7aff14649d5c54643ede43d853258363987194dead58df948f0629dfccb8b22b79a8305b7dff02475c4103b062cb5587b9d5f45f02e032fe636a6a5c7a5116512f4febc93b57378889e3d5008674ee0e69d251c554d7274b7c7b1403c75aeb0a2cb6c2a12007973ceb55b910b1b39dd8242ca7a4ab11d66890fb20702176a01a2546c3b2c920e6bd2300a177daf4a485202766eb780ae1a3bac15c732f1467fee8876f43046db36540c15adff0a3fa5403273d6760aebb549c3037a5ca9559ff41d00b872539ce20cbe937860fff5fa70c6c029c989d6078fab6731ae89a8f77c9f28406a281bdea35cdd63afccd96f571"}) write$P9_RWSTAT(r0, 0x0, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000400)={0x2, 0x1, 0x2, 0x20, 0x1fe, &(0x7f0000000000)="56a74373b19c8adaf5a3a1c66d8dff499cd831a6c2716979fcdda0fe5d980f1d01285d0eae0a42ca43702fd364b691cd29778b2eda2959b47056c5bf3b2fb9736a2bb0c1208bd838e1e69cf8c03ad2f0e882f5825b8820f4243930c299882c0a9b1726d88b31b8e7b4b2ab36cbd52e69b0faf92af10bf37eb6caedb71c0820ef6f36ee566e6f04340b43ec0dd4072dab8c36268c03831b38e1608338889a4a7d8a81f619f3930a3eeb577fa4d93de25ca95d47bb06b917332293af4707379188869161d6e700a43e6f24515356c479890dff0228d2a48b11ce201a62ecfb0e310590a6dc41f5759c51961dc5ad69eb2aa1f45da4e15668570598935a9cb6ecdc01986dd121b020777726521b302238c69d26f9baea9d4bd4477d3a3b30dcc862d878ad474072ba59cc99298f37212cc5c2310c751a6ec342c80f2e6825dc944243f93928202ab074c7da6aee0a735530a798de13cf2223bfcf415dfbc122cedb328c795faf5e3a772c2e3ee4d60f1c09cf7a0064a28113378d2fa6264938d52c07feddb2034724ac175bb4c8a06abe94ea3ff5c4f60e5f1887e51d4191899a90bca07496a1aced8a9c95b47f62ce0d7a3a25affa14b4de175ba223282d6e967cdb0bd698f90448d733a1076358b9509a69d5e86d07e928ccb3be8a23f9a1120903d661ca714e53b9c5bccadee653c72b60b8e84f6900ce663b8026a05de5f14137c0ef36fa8962fbb6354c609086e11a9919fcd248de4d70a892aebcf709f0538fe9a94f25a4bdf6eeeda94b0f0f124445eacdd289aa8d0123ba835bd013a28132255195d08eea5dceb2af108c7f1ed659b18edbf48fdb3d471eff12f9b681abd7eb0b8faf59fd18627107ca89c06b6ab464333bd119d83655cd2c9b7de52c1d312d89af6ee44b56a8bd030adcda05fea3922cb8dc5dfc9402dc1af0f859de28c09b011650ce4741fe24dede7b637a8312b223d01ec2a112c3cc584d088fd9a89260fe3b2bcc9c93ca06d8eefd5cd84677d436c7a3ec83ffa22159246c79a8c0d0582c56dd0b1e340fa0cb5f2a274d9f402a62654d8c86351948f4537930d052ad57d1dce3743ebabebb2400de40429a9f7e7bf6f012bc858e667d5498220f67acfbefe4d2ed1dbc94fae605817093fd5291117bf3b0b68c17095095471e4118d4ecc60fc8fe46df97418030c4bb3e437690c933eb39e6f0f5610c4bc7785b206ec683af8b1407536499392f34327d1fd2d1a6f62cfa2e44969cac38a6522343e362ab73ae8b72a4d07e5c64bdaaabef4e3ea2a41d31271466d72529e7701c49f8ddbb4de28cd1c36e6cca24634d8986c09eaed038738d16825c209f004a3eac0f8c11d32f5839ce4001b02f5c2499a92393c5a1bc3f042ac2702d2127d288df455487390fc8989a5a56eaf98f2a0e93ffc61c22653c23a6192de15ce9c5b709"}) 14:30:07 executing program 3: r0 = gettid() r1 = gettid() ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r1, 0x10, &(0x7f0000000000)={0x2e28}) pidfd_open(r0, 0x0) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x5) gettid() (async) gettid() (async) ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r1, 0x10, &(0x7f0000000000)={0x2e28}) (async) pidfd_open(r0, 0x0) (async) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x5) (async) 14:30:07 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 63) 14:30:07 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) (async) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x5a9540, 0x0) ioctl$TIOCL_GETKMSGREDIRECT(r1, 0x541c, &(0x7f0000000080)) (async) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) write$P9_RWSTAT(r2, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) r3 = syz_open_dev$evdev(&(0x7f0000000240), 0x0, 0x0) ioctl$EVIOCGEFFECTS(r3, 0x80044584, &(0x7f0000000280)=""/206) (async) ioctl$EVIOCSABS3F(r3, 0x401845ff, &(0x7f0000000140)={0x7f, 0x7fffffff, 0xa759, 0x7fff, 0x8, 0x7}) (async) ioctl$TIOCL_GETKMSGREDIRECT(r0, 0x541c, &(0x7f0000000100)) 14:30:07 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) [ 546.781783][ T3588] FAULT_INJECTION: forcing a failure. [ 546.781783][ T3588] name failslab, interval 1, probability 0, space 0, times 0 [ 546.781797][ T3588] CPU: 1 PID: 3588 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 546.781802][ T3588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 546.781806][ T3588] Call Trace: [ 546.781819][ T3588] dump_stack+0x18e/0x1de [ 546.781832][ T3588] should_fail+0x5d8/0x740 [ 546.781844][ T3588] ? __kernfs_new_node+0x8b/0x630 [ 546.781855][ T3588] should_failslab+0x5/0x20 [ 546.781865][ T3588] kmem_cache_alloc+0x36/0x290 [ 546.781877][ T3588] __kernfs_new_node+0x8b/0x630 [ 546.781885][ T3588] ? mutex_lock+0x6c/0xc0 [ 546.781895][ T3588] ? kernfs_activate+0x3fc/0x420 [ 546.781905][ T3588] kernfs_new_node+0x95/0x160 [ 546.781915][ T3588] __kernfs_create_file+0x45/0x260 [ 546.781924][ T3588] sysfs_add_file_mode_ns+0x293/0x340 [ 546.781934][ T3588] sysfs_merge_group+0x19b/0x320 [ 546.781943][ T3588] dpm_sysfs_add+0xbd/0x260 [ 546.781951][ T3588] device_add+0xcec/0x1820 [ 546.781962][ T3588] device_create_vargs+0x1b8/0x210 [ 546.781971][ T3588] device_create+0x86/0xb0 [ 546.781978][ T3588] ? vsnprintf+0x1a07/0x1aa0 [ 546.781988][ T3588] bdi_register_va+0x89/0x5e0 [ 546.782004][ T3588] bdi_register+0x80/0xa0 [ 546.782014][ T3588] ? __device_add_disk+0x50a/0x1220 [ 546.782025][ T3588] bdi_register_owner+0x56/0xf0 [ 546.782034][ T3588] __device_add_disk+0x583/0x1220 [ 546.782045][ T3588] loop_add+0x554/0x710 [ 546.782054][ T3588] loop_control_ioctl+0x468/0x680 [ 546.782063][ T3588] ? xor_init+0x60/0x60 [ 546.782073][ T3588] do_vfs_ioctl+0x6fb/0x15b0 [ 546.782085][ T3588] __x64_sys_ioctl+0xd4/0x110 [ 546.782094][ T3588] do_syscall_64+0xcb/0x1e0 [ 546.782103][ T3588] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 546.782111][ T3588] RIP: 0033:0x7fe6f0f01059 [ 546.782120][ T3588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 546.782124][ T3588] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 546.782133][ T3588] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 546.782138][ T3588] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 546.782143][ T3588] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 546.782147][ T3588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 546.782153][ T3588] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 546.782418][ T3588] ------------[ cut here ]------------ [ 546.782433][ T3588] WARNING: CPU: 1 PID: 3588 at block/genhd.c:742 __device_add_disk+0xe90/0x1220 [ 546.782435][ T3588] Modules linked in: [ 546.782448][ T3588] CPU: 1 PID: 3588 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 546.782452][ T3588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 546.782462][ T3588] RIP: 0010:__device_add_disk+0xe90/0x1220 [ 546.782470][ T3588] Code: ff e8 24 3a 4c ff 0f 0b e9 6b fe ff ff e8 18 3a 4c ff 0f 0b e9 a1 f2 ff ff e8 0c 3a 4c ff 0f 0b e9 5d f8 ff ff e8 00 3a 4c ff <0f> 0b e9 04 f7 ff ff e8 f4 39 4c ff 43 80 3c 26 00 0f 85 4f fd ff [ 546.782474][ T3588] RSP: 0018:ffff8881e544fce8 EFLAGS: 00010287 [ 546.782481][ T3588] RAX: ffffffff82146c60 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 546.782486][ T3588] RDX: ffffc90000144000 RSI: 0000000000006dec RDI: 0000000000006ded [ 546.782491][ T3588] RBP: ffff8881ef3d33b8 R08: ffffffff8214635e R09: 0000000000000010 [ 546.782496][ T3588] R10: ffffffff84600000 R11: 0000000000000000 R12: dffffc0000000000 [ 546.782502][ T3588] R13: 1ffff1103e69c801 R14: 1ffff1103e69c89d R15: ffff8881f34e4000 [ 546.782509][ T3588] FS: 00007fe6f0077700(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 546.782514][ T3588] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 546.782520][ T3588] CR2: 00007fe6f0076ff8 CR3: 00000001e7a4f000 CR4: 00000000003406e0 [ 546.782529][ T3588] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 546.782534][ T3588] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 546.782536][ T3588] Call Trace: [ 546.782549][ T3588] loop_add+0x554/0x710 [ 546.782559][ T3588] loop_control_ioctl+0x468/0x680 [ 546.782567][ T3588] ? xor_init+0x60/0x60 [ 546.782576][ T3588] do_vfs_ioctl+0x6fb/0x15b0 [ 546.782588][ T3588] __x64_sys_ioctl+0xd4/0x110 [ 546.782596][ T3588] do_syscall_64+0xcb/0x1e0 [ 546.782606][ T3588] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 546.782611][ T3588] RIP: 0033:0x7fe6f0f01059 [ 546.782618][ T3588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 546.782622][ T3588] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 546.782630][ T3588] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 546.782634][ T3588] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 546.782638][ T3588] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 14:30:07 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x85800) write$P9_RMKNOD(r1, &(0x7f0000000040)={0x14, 0x13, 0x2, {0x10, 0x1, 0x5}}, 0x14) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) write$P9_RWSTAT(r0, 0x0, 0x0) (async) pipe2$9p(&(0x7f0000000000), 0x85800) (async) write$P9_RMKNOD(r1, &(0x7f0000000040)={0x14, 0x13, 0x2, {0x10, 0x1, 0x5}}, 0x14) (async) [ 546.782642][ T3588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 546.782646][ T3588] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 546.782654][ T3588] ---[ end trace 362e18c8762015f9 ]--- [ 546.864109][ T3616] FAULT_INJECTION: forcing a failure. [ 546.864109][ T3616] name failslab, interval 1, probability 0, space 0, times 0 [ 547.313292][ T3616] CPU: 0 PID: 3616 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 547.313297][ T3616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 547.313300][ T3616] Call Trace: [ 547.313322][ T3616] dump_stack+0x18e/0x1de [ 547.313342][ T3616] should_fail+0x5d8/0x740 [ 547.313353][ T3616] ? __kernfs_new_node+0x8b/0x630 [ 547.313361][ T3616] should_failslab+0x5/0x20 [ 547.313370][ T3616] kmem_cache_alloc+0x36/0x290 [ 547.313379][ T3616] __kernfs_new_node+0x8b/0x630 [ 547.313386][ T3616] ? mutex_lock+0x6c/0xc0 [ 547.313394][ T3616] ? kernfs_activate+0x3fc/0x420 [ 547.313403][ T3616] kernfs_new_node+0x95/0x160 [ 547.313414][ T3616] __kernfs_create_file+0x45/0x260 14:30:07 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) [ 547.313423][ T3616] sysfs_add_file_mode_ns+0x293/0x340 [ 547.313432][ T3616] sysfs_merge_group+0x19b/0x320 [ 547.313441][ T3616] dpm_sysfs_add+0xbd/0x260 [ 547.313449][ T3616] device_add+0xcec/0x1820 [ 547.313462][ T3616] device_create_vargs+0x1b8/0x210 [ 547.409116][ T3616] device_create+0x86/0xb0 [ 547.409131][ T3616] ? vsnprintf+0x1a07/0x1aa0 [ 547.418105][ T3616] bdi_register_va+0x89/0x5e0 [ 547.418116][ T3616] bdi_register+0x80/0xa0 [ 547.418127][ T3616] ? __device_add_disk+0x50a/0x1220 [ 547.418137][ T3616] bdi_register_owner+0x56/0xf0 [ 547.418146][ T3616] __device_add_disk+0x583/0x1220 [ 547.418158][ T3616] loop_add+0x554/0x710 [ 547.418168][ T3616] loop_control_ioctl+0x468/0x680 [ 547.418177][ T3616] ? xor_init+0x60/0x60 [ 547.418187][ T3616] do_vfs_ioctl+0x6fb/0x15b0 [ 547.418200][ T3616] __x64_sys_ioctl+0xd4/0x110 [ 547.418211][ T3616] do_syscall_64+0xcb/0x1e0 [ 547.418222][ T3616] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 547.418230][ T3616] RIP: 0033:0x7fe6f0f01059 [ 547.418240][ T3616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 547.418245][ T3616] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 547.418254][ T3616] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 547.418259][ T3616] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 547.418265][ T3616] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 14:30:08 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x541c, &(0x7f0000000000)) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000480), 0x40000, 0x0) ioctl$GIO_FONTX(r1, 0x4b6b, &(0x7f00000008c0)={0x195, 0xd, &(0x7f00000004c0)}) ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000440)={0x2, 0x1, 0x13, 0x8, 0x1b7, &(0x7f0000000040)="20b506b9478b08deeab66ee19274df7a670ff5c566376fedfbb3ce7281cc3a4832b3c64b096f4823460d5967238c5f825008a41dd9808173c365ae4c851bd13e59876bfea432e161ce14c98093c1445499bbaa3b269aae5d4da9a76a7585a76cac6d6e7dbb805d6446683336722d25465d52468d187a6cdf0f129ad05f9b16c4bf2b3647d854c2162add8438496ef992d6266c33f5cb33a8919c93678828e1aaffd60eb4683f43f0fb8fba6b27c2235a357aea1cb3fd009a286032c347f60bd8df5298bbdc0ff5e5609a16b3d842e00080bf5d9b53818746267214cf73af26e0cad80eede433999908ea0cedfb2766bb69f3eb4da82dff650675cd6e9c98ce4b254c07f5a340234bf112ebbf2e7b9d5ddde07fcb80fec99689b5427213b4668b08b9fa8d5a1bc61f4af67051b679edd2b0e17f9d1069810e828415d820753f598549d08c06fa6fd96441b4e3a571f440c08a9294d63612daed9f5a65b3dcfda52349ec5e895cb103fd6265d9473fde99464925b212957b476b7b71ebe741176ccf737abe8203a3b74accfc12bcd7a72d151e7601b360a2c19c441036938768d4f060846c7a254de7df08c0b1cb44703502d391028167ce40def8ea688a101e7f8e4afa7624596f56587bd1b726ac7e036409894a14af589233d7c6e5b38c73e7788c89277a238dbfcb0451a5945b80f7004ee154ad744975e11532ee33b8f9abd48d2a2ec847b306e4ebd995011d57d77d8793d4366344057f68844dbab12b384610bf4f149d2364b06c5542058ae303b73f1d4a6697fe48cd951b4b39b0b290c41fa9f4d1785ff98a3f291797aeb7a4784115e6a2aea3479edbf0266171a814f5c743d920df14fc915c81ecd9935765b5180f5295f849acb7cbd4e6a58288104d0d952f225ab8c154c4e2957747c368757490533f0476661cf919822d8e1601b4811d1b3495c171d666c4a4f8d8db02909b9caa0628829b908673363772b11ca371504d83decb14a9122e5c96b0567cd2d5d812f191397f69f24c30533c703d2f9b50619ed7c68370b8101053ac1f490ee4c07ff2aecb1e5c5e6cdace75057fcd0f034993f16445049b8059b156132f25bfa9de2cc9e1dc6616af208b0df5362915426fe42b49a4a0961c5c909bb2abf8a4ab13d09be34ad6c43cc9f22b6baedcc52d017eff310733d9821773a06c1b84af6d5121d1dd656e58adc6af66faddf08037b926c6fa955a8a9a1fa1fecf86f57493c4d8e9759db2d3cf95a1401f5f1eb0a5696e5c1894a2271d8b60935438f2ccaaa698a3693b46699c030bb6a048b14501964eafdedaa8d0ddbef321ced68b4616f351466faf1030cc7880f67dff4c7cf92506b82c80fdf55fba75150cf765c82363e2fe2637901bfd169dad1c26ef4c945a169548844b66040908fb69865ca69c04c1419863c881efa498bc8110"}) write$P9_RWSTAT(r0, 0x0, 0x0) r2 = syz_open_pts(r0, 0x80800) ioctl$GIO_FONTX(r2, 0x4b6b, &(0x7f0000000d00)={0xae, 0x5, &(0x7f0000000900)}) [ 547.418270][ T3616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 547.418275][ T3616] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 547.419501][ T3616] ------------[ cut here ]------------ [ 547.553124][ T3616] WARNING: CPU: 0 PID: 3616 at block/genhd.c:742 __device_add_disk+0xe90/0x1220 [ 547.553132][ T3616] Modules linked in: [ 547.566102][ T3616] CPU: 0 PID: 3616 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 14:30:08 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) syz_open_dev$tty1(0xc, 0x4, 0x1) (async) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) 14:30:08 executing program 4: syz_open_dev$tty1(0xc, 0x4, 0x1) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, 0x0, 0x0) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) write$P9_RUNLINKAT(r1, &(0x7f0000000000)={0x7, 0x4d, 0x1}, 0x7) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r2, 0x0, 0x0) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r3, 0x0, 0x0) write$P9_RMKNOD(r3, &(0x7f0000000100)={0x14, 0x13, 0x2, {0x5f9926e72974f04f, 0x2, 0x3}}, 0x14) write$P9_RFLUSH(r2, &(0x7f00000000c0)={0x7, 0x6d, 0x1}, 0x7) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x7f, 0xfffd}, 0x7) 14:30:08 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 64) [ 547.566108][ T3616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 547.566124][ T3616] RIP: 0010:__device_add_disk+0xe90/0x1220 [ 547.566134][ T3616] Code: ff e8 24 3a 4c ff 0f 0b e9 6b fe ff ff e8 18 3a 4c ff 0f 0b e9 a1 f2 ff ff e8 0c 3a 4c ff 0f 0b e9 5d f8 ff ff e8 00 3a 4c ff <0f> 0b e9 04 f7 ff ff e8 f4 39 4c ff 43 80 3c 26 00 0f 85 4f fd ff [ 547.566139][ T3616] RSP: 0018:ffff8881e3b3fce8 EFLAGS: 00010246 [ 547.566147][ T3616] RAX: ffffffff82146c60 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 547.566153][ T3616] RDX: ffffc90000144000 RSI: 000000000003ffff RDI: 0000000000040000 [ 547.566158][ T3616] RBP: ffff8881ef2b6718 R08: ffffffff8214635e R09: 0000000000000010 [ 547.566164][ T3616] R10: ffffffff84600000 R11: 0000000000000000 R12: dffffc0000000000 [ 547.566169][ T3616] R13: 1ffff1103e75ce01 R14: 1ffff1103e75ce9d R15: ffff8881f3ae7000 [ 547.566177][ T3616] FS: 00007fe6f0077700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 547.566183][ T3616] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 547.566188][ T3616] CR2: 00007fe6f0076ff8 CR3: 00000001cfefc000 CR4: 00000000003406f0 [ 547.566197][ T3616] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 547.566202][ T3616] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 547.566204][ T3616] Call Trace: [ 547.566219][ T3616] loop_add+0x554/0x710 [ 547.566230][ T3616] loop_control_ioctl+0x468/0x680 [ 547.566239][ T3616] ? xor_init+0x60/0x60 [ 547.566249][ T3616] do_vfs_ioctl+0x6fb/0x15b0 [ 547.566263][ T3616] __x64_sys_ioctl+0xd4/0x110 [ 547.566273][ T3616] do_syscall_64+0xcb/0x1e0 [ 547.566285][ T3616] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 547.566292][ T3616] RIP: 0033:0x7fe6f0f01059 [ 547.566300][ T3616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 547.566305][ T3616] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 547.566313][ T3616] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 547.566318][ T3616] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 547.566323][ T3616] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 547.566328][ T3616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 547.566333][ T3616] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 547.566341][ T3616] ---[ end trace 362e18c8762015fa ]--- [ 547.674085][ T3645] FAULT_INJECTION: forcing a failure. 14:30:08 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x200000c7) 14:30:08 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000840)={0x2, 0x0, 0x16, 0x5, 0x124, &(0x7f0000000440)="3c9569f6cdfbb9d07a1f1ddfa6937a96d3b45c82c946697b48e2e836e80f49a2d1bd3c301097658160bee1dd16b5fd750366c6c4bd4e349d2542c29dd2a893f4396a99cc8dd985b0e51355313924850c087b20cb9aeaf11d323fe8bb48b997682db135351e3c8d965e53da2d77602cdd149fd37332088ef5c615e7b1a8064775fb86b8afddbdca19e26d7fc4dbe5f96172cc2e5e2a358bf0888a26a9606bb4f21043c8e2ec078f8e9b6d9d2e158941cbd6ac4233860896ade7c57b0afb2dd12c72720c64970b5c9a767447e2526e52ce2f00dc6df1ac7d22caf80b5dc06348c9bb6384dec6b34dd9ef231ad0e6fa2f3e6b76977db22c5557a035d0e0af47ba34f2dc3dba607e378b1280bb354fb6a88dd169ec4701eb2fc970457f4806f332bac1361aa90e507b82c33c356167b961f7f9a29920a54f51233d84bebf1d59509df47f5db7d679d3c203a3965abfe11040f0284e6cb9aa951aaacb18d6a2cc22d89e1af6137c5176092682d530d989d26b55f4c1fd33641b24d7de849ee9b6a4a36eded3bfac19f88457d360ae2a0326b53c7f3544c4e5102fb21c9db3f65805cb3318c25a59597a228c34c2cdfc83ae9855bcb7766e5eab5f0df8d15bd8c0788f0978506065ad1cfc840cee637b1877c9092dbfeef169cecb074199aa30dcf5136cded114e07fc3007eeb970ca8ff105855cd36b43700818edba05377f480a452d1301754bdb75618c8cd57f7b23726ff887a164d82f91892e2fc7a4a605d49a754ee8b5284259149f752a2680dbdfd726f813b2ce5257346508b9356e712c3d9534b882ae231e8ae0520d72d33da77f6140bf358f0c06afb59cd78a4427c5b4dd6591e1c68737a0f3ac8abbf6a1d63f68dfa9cc05ae5ccbeeb0fb9bd3f232ca3299224d19499e67be2b8bc9a54e72ba70934a2900de0b61ec619703357bdf85f20d64bc21d4a95f642084ed6d87c650d4653e45d444a76ad6175f00b8693ecdc498af1d5b2fbf40ab3e72649bb049e8d2fddec8368f3a3e3126cbd9769c28d734fc1dd9cacbb82b13987057490293e67df9a3cfc4a6c6f4b8ba494f8775df2219b1db022bbc68f1dfb78ce6800354b7aff14649d5c54643ede43d853258363987194dead58df948f0629dfccb8b22b79a8305b7dff02475c4103b062cb5587b9d5f45f02e032fe636a6a5c7a5116512f4febc93b57378889e3d5008674ee0e69d251c554d7274b7c7b1403c75aeb0a2cb6c2a12007973ceb55b910b1b39dd8242ca7a4ab11d66890fb20702176a01a2546c3b2c920e6bd2300a177daf4a485202766eb780ae1a3bac15c732f1467fee8876f43046db36540c15adff0a3fa5403273d6760aebb549c3037a5ca9559ff41d00b872539ce20cbe937860fff5fa70c6c029c989d6078fab6731ae89a8f77c9f28406a281bdea35cdd63afccd96f571"}) write$P9_RWSTAT(r0, 0x0, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000400)={0x2, 0x1, 0x2, 0x20, 0x1fe, &(0x7f0000000000)="56a74373b19c8adaf5a3a1c66d8dff499cd831a6c2716979fcdda0fe5d980f1d01285d0eae0a42ca43702fd364b691cd29778b2eda2959b47056c5bf3b2fb9736a2bb0c1208bd838e1e69cf8c03ad2f0e882f5825b8820f4243930c299882c0a9b1726d88b31b8e7b4b2ab36cbd52e69b0faf92af10bf37eb6caedb71c0820ef6f36ee566e6f04340b43ec0dd4072dab8c36268c03831b38e1608338889a4a7d8a81f619f3930a3eeb577fa4d93de25ca95d47bb06b917332293af4707379188869161d6e700a43e6f24515356c479890dff0228d2a48b11ce201a62ecfb0e310590a6dc41f5759c51961dc5ad69eb2aa1f45da4e15668570598935a9cb6ecdc01986dd121b020777726521b302238c69d26f9baea9d4bd4477d3a3b30dcc862d878ad474072ba59cc99298f37212cc5c2310c751a6ec342c80f2e6825dc944243f93928202ab074c7da6aee0a735530a798de13cf2223bfcf415dfbc122cedb328c795faf5e3a772c2e3ee4d60f1c09cf7a0064a28113378d2fa6264938d52c07feddb2034724ac175bb4c8a06abe94ea3ff5c4f60e5f1887e51d4191899a90bca07496a1aced8a9c95b47f62ce0d7a3a25affa14b4de175ba223282d6e967cdb0bd698f90448d733a1076358b9509a69d5e86d07e928ccb3be8a23f9a1120903d661ca714e53b9c5bccadee653c72b60b8e84f6900ce663b8026a05de5f14137c0ef36fa8962fbb6354c609086e11a9919fcd248de4d70a892aebcf709f0538fe9a94f25a4bdf6eeeda94b0f0f124445eacdd289aa8d0123ba835bd013a28132255195d08eea5dceb2af108c7f1ed659b18edbf48fdb3d471eff12f9b681abd7eb0b8faf59fd18627107ca89c06b6ab464333bd119d83655cd2c9b7de52c1d312d89af6ee44b56a8bd030adcda05fea3922cb8dc5dfc9402dc1af0f859de28c09b011650ce4741fe24dede7b637a8312b223d01ec2a112c3cc584d088fd9a89260fe3b2bcc9c93ca06d8eefd5cd84677d436c7a3ec83ffa22159246c79a8c0d0582c56dd0b1e340fa0cb5f2a274d9f402a62654d8c86351948f4537930d052ad57d1dce3743ebabebb2400de40429a9f7e7bf6f012bc858e667d5498220f67acfbefe4d2ed1dbc94fae605817093fd5291117bf3b0b68c17095095471e4118d4ecc60fc8fe46df97418030c4bb3e437690c933eb39e6f0f5610c4bc7785b206ec683af8b1407536499392f34327d1fd2d1a6f62cfa2e44969cac38a6522343e362ab73ae8b72a4d07e5c64bdaaabef4e3ea2a41d31271466d72529e7701c49f8ddbb4de28cd1c36e6cca24634d8986c09eaed038738d16825c209f004a3eac0f8c11d32f5839ce4001b02f5c2499a92393c5a1bc3f042ac2702d2127d288df455487390fc8989a5a56eaf98f2a0e93ffc61c22653c23a6192de15ce9c5b709"}) [ 547.674085][ T3645] name failslab, interval 1, probability 0, space 0, times 0 [ 547.839856][ T3645] CPU: 0 PID: 3645 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 547.851391][ T3645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 547.851403][ T3645] Call Trace: [ 547.864713][ T3645] dump_stack+0x18e/0x1de [ 547.869039][ T3645] should_fail+0x5d8/0x740 [ 547.869050][ T3645] ? kobject_uevent_env+0x252/0x1000 [ 547.869066][ T3645] should_failslab+0x5/0x20 14:30:08 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x541c, &(0x7f0000000000)) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000480), 0x40000, 0x0) ioctl$GIO_FONTX(r1, 0x4b6b, &(0x7f00000008c0)={0x195, 0xd, &(0x7f00000004c0)}) ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000440)={0x2, 0x1, 0x13, 0x8, 0x1b7, &(0x7f0000000040)="20b506b9478b08deeab66ee19274df7a670ff5c566376fedfbb3ce7281cc3a4832b3c64b096f4823460d5967238c5f825008a41dd9808173c365ae4c851bd13e59876bfea432e161ce14c98093c1445499bbaa3b269aae5d4da9a76a7585a76cac6d6e7dbb805d6446683336722d25465d52468d187a6cdf0f129ad05f9b16c4bf2b3647d854c2162add8438496ef992d6266c33f5cb33a8919c93678828e1aaffd60eb4683f43f0fb8fba6b27c2235a357aea1cb3fd009a286032c347f60bd8df5298bbdc0ff5e5609a16b3d842e00080bf5d9b53818746267214cf73af26e0cad80eede433999908ea0cedfb2766bb69f3eb4da82dff650675cd6e9c98ce4b254c07f5a340234bf112ebbf2e7b9d5ddde07fcb80fec99689b5427213b4668b08b9fa8d5a1bc61f4af67051b679edd2b0e17f9d1069810e828415d820753f598549d08c06fa6fd96441b4e3a571f440c08a9294d63612daed9f5a65b3dcfda52349ec5e895cb103fd6265d9473fde99464925b212957b476b7b71ebe741176ccf737abe8203a3b74accfc12bcd7a72d151e7601b360a2c19c441036938768d4f060846c7a254de7df08c0b1cb44703502d391028167ce40def8ea688a101e7f8e4afa7624596f56587bd1b726ac7e036409894a14af589233d7c6e5b38c73e7788c89277a238dbfcb0451a5945b80f7004ee154ad744975e11532ee33b8f9abd48d2a2ec847b306e4ebd995011d57d77d8793d4366344057f68844dbab12b384610bf4f149d2364b06c5542058ae303b73f1d4a6697fe48cd951b4b39b0b290c41fa9f4d1785ff98a3f291797aeb7a4784115e6a2aea3479edbf0266171a814f5c743d920df14fc915c81ecd9935765b5180f5295f849acb7cbd4e6a58288104d0d952f225ab8c154c4e2957747c368757490533f0476661cf919822d8e1601b4811d1b3495c171d666c4a4f8d8db02909b9caa0628829b908673363772b11ca371504d83decb14a9122e5c96b0567cd2d5d812f191397f69f24c30533c703d2f9b50619ed7c68370b8101053ac1f490ee4c07ff2aecb1e5c5e6cdace75057fcd0f034993f16445049b8059b156132f25bfa9de2cc9e1dc6616af208b0df5362915426fe42b49a4a0961c5c909bb2abf8a4ab13d09be34ad6c43cc9f22b6baedcc52d017eff310733d9821773a06c1b84af6d5121d1dd656e58adc6af66faddf08037b926c6fa955a8a9a1fa1fecf86f57493c4d8e9759db2d3cf95a1401f5f1eb0a5696e5c1894a2271d8b60935438f2ccaaa698a3693b46699c030bb6a048b14501964eafdedaa8d0ddbef321ced68b4616f351466faf1030cc7880f67dff4c7cf92506b82c80fdf55fba75150cf765c82363e2fe2637901bfd169dad1c26ef4c945a169548844b66040908fb69865ca69c04c1419863c881efa498bc8110"}) (async) write$P9_RWSTAT(r0, 0x0, 0x0) (async) r2 = syz_open_pts(r0, 0x80800) ioctl$GIO_FONTX(r2, 0x4b6b, &(0x7f0000000d00)={0xae, 0x5, &(0x7f0000000900)}) 14:30:08 executing program 4: syz_open_dev$tty1(0xc, 0x4, 0x1) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, 0x0, 0x0) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) write$P9_RUNLINKAT(r1, &(0x7f0000000000)={0x7, 0x4d, 0x1}, 0x7) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r2, 0x0, 0x0) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r3, 0x0, 0x0) write$P9_RMKNOD(r3, &(0x7f0000000100)={0x14, 0x13, 0x2, {0x5f9926e72974f04f, 0x2, 0x3}}, 0x14) write$P9_RFLUSH(r2, &(0x7f00000000c0)={0x7, 0x6d, 0x1}, 0x7) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x7f, 0xfffd}, 0x7) syz_open_dev$tty1(0xc, 0x4, 0x1) (async) pipe2$9p(&(0x7f0000000400), 0x0) (async) write$P9_RLINK(r0, 0x0, 0x0) (async) pipe2$9p(&(0x7f0000000080), 0x80800) (async) write$P9_RUNLINKAT(r1, &(0x7f0000000000)={0x7, 0x4d, 0x1}, 0x7) (async) pipe2$9p(&(0x7f0000000400), 0x0) (async) write$P9_RLINK(r2, 0x0, 0x0) (async) pipe2$9p(&(0x7f0000000400), 0x0) (async) write$P9_RLINK(r3, 0x0, 0x0) (async) write$P9_RMKNOD(r3, &(0x7f0000000100)={0x14, 0x13, 0x2, {0x5f9926e72974f04f, 0x2, 0x3}}, 0x14) (async) write$P9_RFLUSH(r2, &(0x7f00000000c0)={0x7, 0x6d, 0x1}, 0x7) (async) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x7f, 0xfffd}, 0x7) (async) 14:30:08 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 65) [ 547.883224][ T3645] kmem_cache_alloc_trace+0x39/0x2b0 [ 547.883238][ T3645] ? sysfs_add_file_mode_ns+0x2b4/0x340 [ 547.894033][ T3645] kobject_uevent_env+0x252/0x1000 [ 547.894043][ T3645] ? mutex_lock+0x6c/0xc0 [ 547.894053][ T3645] device_add+0xecf/0x1820 [ 547.894065][ T3645] device_create_vargs+0x1b8/0x210 [ 547.894075][ T3645] device_create+0x86/0xb0 [ 547.894083][ T3645] ? vsnprintf+0x1a07/0x1aa0 [ 547.894093][ T3645] bdi_register_va+0x89/0x5e0 [ 547.894102][ T3645] bdi_register+0x80/0xa0 [ 547.894112][ T3645] ? __device_add_disk+0x50a/0x1220 [ 547.894120][ T3645] bdi_register_owner+0x56/0xf0 [ 547.894129][ T3645] __device_add_disk+0x583/0x1220 [ 547.894139][ T3645] loop_add+0x554/0x710 [ 547.894157][ T3645] loop_control_ioctl+0x468/0x680 [ 547.894164][ T3645] ? xor_init+0x60/0x60 [ 547.894175][ T3645] do_vfs_ioctl+0x6fb/0x15b0 [ 547.894186][ T3645] __x64_sys_ioctl+0xd4/0x110 [ 547.894196][ T3645] do_syscall_64+0xcb/0x1e0 [ 547.894205][ T3645] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 547.894213][ T3645] RIP: 0033:0x7fe6f0f01059 [ 547.894222][ T3645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 547.894227][ T3645] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 547.894235][ T3645] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 547.894239][ T3645] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 547.894243][ T3645] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 547.894247][ T3645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 547.894252][ T3645] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 547.956027][ T3663] FAULT_INJECTION: forcing a failure. [ 547.956027][ T3663] name failslab, interval 1, probability 0, space 0, times 0 14:30:08 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000003c0)={0xffffffffffffffff}) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)=ANY=[@ANYBLOB="05000000", @ANYRES16=0x0, @ANYBLOB="10002dbd7000fedbdf25010000000c00030007000000000000001c00078008000100", @ANYRES32=r3, @ANYBLOB="08000100", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32=r1, @ANYBLOB='\x00'/12], 0x48}, 0x1, 0x0, 0x0, 0x4000040}, 0x40) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) sendmsg$NBD_CMD_STATUS(r0, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x44, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x71edee4e52be3768}, @NBD_ATTR_BACKEND_IDENTIFIER={0xb, 0xa, '/),\'\\\\^'}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x2800000000000000}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x400c844}, 0x20004841) ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x80, 0x0, 0x108, 0x70bd2b, 0x25dfdbfc, {}, [@NBD_ATTR_SOCKETS={0x3c, 0x7, 0x0, 0x1, [{0x8, 0x1, r1}, {0x8}, {0x8, 0x1, r2}, {0x8}, {0x8, 0x1, r5}, {0x8, 0x1, r6}, {0x8}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xd3}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x9}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x20000}]}, 0x80}, 0x1, 0x0, 0x0, 0x1}, 0x41) r7 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r7, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:30:08 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 66) [ 548.078780][ T3663] CPU: 0 PID: 3663 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 548.078791][ T3663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 548.100339][ T3663] Call Trace: [ 548.100360][ T3663] dump_stack+0x18e/0x1de [ 548.107933][ T3663] should_fail+0x5d8/0x740 [ 548.107946][ T3663] ? kobject_uevent_env+0x252/0x1000 [ 548.107957][ T3663] should_failslab+0x5/0x20 [ 548.107968][ T3663] kmem_cache_alloc_trace+0x39/0x2b0 [ 548.107977][ T3663] ? sysfs_add_file_mode_ns+0x2b4/0x340 14:30:08 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x200000c7) [ 548.107986][ T3663] kobject_uevent_env+0x252/0x1000 [ 548.107995][ T3663] ? mutex_lock+0x6c/0xc0 [ 548.108004][ T3663] device_add+0xecf/0x1820 [ 548.108016][ T3663] device_create_vargs+0x1b8/0x210 [ 548.108026][ T3663] device_create+0x86/0xb0 [ 548.108034][ T3663] ? vsnprintf+0x1a07/0x1aa0 [ 548.108045][ T3663] bdi_register_va+0x89/0x5e0 [ 548.108055][ T3663] bdi_register+0x80/0xa0 [ 548.108065][ T3663] ? __device_add_disk+0x50a/0x1220 [ 548.108075][ T3663] bdi_register_owner+0x56/0xf0 [ 548.108084][ T3663] __device_add_disk+0x583/0x1220 [ 548.108096][ T3663] loop_add+0x554/0x710 [ 548.108105][ T3663] loop_control_ioctl+0x468/0x680 [ 548.108114][ T3663] ? xor_init+0x60/0x60 [ 548.108124][ T3663] do_vfs_ioctl+0x6fb/0x15b0 [ 548.108137][ T3663] __x64_sys_ioctl+0xd4/0x110 [ 548.108147][ T3663] do_syscall_64+0xcb/0x1e0 [ 548.108157][ T3663] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 548.108165][ T3663] RIP: 0033:0x7fe6f0f01059 [ 548.108173][ T3663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 548.108178][ T3663] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 548.108187][ T3663] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 548.108193][ T3663] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 548.108198][ T3663] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 548.108203][ T3663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 548.108207][ T3663] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 548.163257][ T3684] FAULT_INJECTION: forcing a failure. [ 548.163257][ T3684] name failslab, interval 1, probability 0, space 0, times 0 [ 548.309192][ T3684] CPU: 0 PID: 3684 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 548.320733][ T3684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 548.320737][ T3684] Call Trace: [ 548.320752][ T3684] dump_stack+0x18e/0x1de [ 548.320764][ T3684] should_fail+0x5d8/0x740 [ 548.320778][ T3684] ? __alloc_skb+0x75/0x4d0 [ 548.347983][ T3684] should_failslab+0x5/0x20 [ 548.353991][ T3684] kmem_cache_alloc+0x36/0x290 [ 548.358738][ T3684] __alloc_skb+0x75/0x4d0 [ 548.363042][ T3684] ? mutex_lock+0x6c/0xc0 [ 548.367342][ T3684] alloc_uevent_skb+0x73/0x220 [ 548.372092][ T3684] kobject_uevent_env+0xaee/0x1000 [ 548.377178][ T3684] device_add+0xecf/0x1820 [ 548.381577][ T3684] device_create_vargs+0x1b8/0x210 [ 548.386663][ T3684] device_create+0x86/0xb0 [ 548.391047][ T3684] ? vsnprintf+0x1a07/0x1aa0 [ 548.395603][ T3684] bdi_register_va+0x89/0x5e0 [ 548.400245][ T3684] bdi_register+0x80/0xa0 [ 548.404542][ T3684] ? __device_add_disk+0x50a/0x1220 [ 548.409704][ T3684] bdi_register_owner+0x56/0xf0 [ 548.414523][ T3684] __device_add_disk+0x583/0x1220 [ 548.419519][ T3684] loop_add+0x554/0x710 [ 548.423661][ T3684] loop_control_ioctl+0x468/0x680 [ 548.428660][ T3684] ? xor_init+0x60/0x60 [ 548.432801][ T3684] do_vfs_ioctl+0x6fb/0x15b0 [ 548.437364][ T3684] __x64_sys_ioctl+0xd4/0x110 [ 548.442009][ T3684] do_syscall_64+0xcb/0x1e0 [ 548.446490][ T3684] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 548.452354][ T3684] RIP: 0033:0x7fe6f0f01059 [ 548.456747][ T3684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 548.476317][ T3684] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 14:30:09 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x541c, &(0x7f0000000000)) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000480), 0x40000, 0x0) ioctl$GIO_FONTX(r1, 0x4b6b, &(0x7f00000008c0)={0x195, 0xd, &(0x7f00000004c0)}) ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000440)={0x2, 0x1, 0x13, 0x8, 0x1b7, &(0x7f0000000040)="20b506b9478b08deeab66ee19274df7a670ff5c566376fedfbb3ce7281cc3a4832b3c64b096f4823460d5967238c5f825008a41dd9808173c365ae4c851bd13e59876bfea432e161ce14c98093c1445499bbaa3b269aae5d4da9a76a7585a76cac6d6e7dbb805d6446683336722d25465d52468d187a6cdf0f129ad05f9b16c4bf2b3647d854c2162add8438496ef992d6266c33f5cb33a8919c93678828e1aaffd60eb4683f43f0fb8fba6b27c2235a357aea1cb3fd009a286032c347f60bd8df5298bbdc0ff5e5609a16b3d842e00080bf5d9b53818746267214cf73af26e0cad80eede433999908ea0cedfb2766bb69f3eb4da82dff650675cd6e9c98ce4b254c07f5a340234bf112ebbf2e7b9d5ddde07fcb80fec99689b5427213b4668b08b9fa8d5a1bc61f4af67051b679edd2b0e17f9d1069810e828415d820753f598549d08c06fa6fd96441b4e3a571f440c08a9294d63612daed9f5a65b3dcfda52349ec5e895cb103fd6265d9473fde99464925b212957b476b7b71ebe741176ccf737abe8203a3b74accfc12bcd7a72d151e7601b360a2c19c441036938768d4f060846c7a254de7df08c0b1cb44703502d391028167ce40def8ea688a101e7f8e4afa7624596f56587bd1b726ac7e036409894a14af589233d7c6e5b38c73e7788c89277a238dbfcb0451a5945b80f7004ee154ad744975e11532ee33b8f9abd48d2a2ec847b306e4ebd995011d57d77d8793d4366344057f68844dbab12b384610bf4f149d2364b06c5542058ae303b73f1d4a6697fe48cd951b4b39b0b290c41fa9f4d1785ff98a3f291797aeb7a4784115e6a2aea3479edbf0266171a814f5c743d920df14fc915c81ecd9935765b5180f5295f849acb7cbd4e6a58288104d0d952f225ab8c154c4e2957747c368757490533f0476661cf919822d8e1601b4811d1b3495c171d666c4a4f8d8db02909b9caa0628829b908673363772b11ca371504d83decb14a9122e5c96b0567cd2d5d812f191397f69f24c30533c703d2f9b50619ed7c68370b8101053ac1f490ee4c07ff2aecb1e5c5e6cdace75057fcd0f034993f16445049b8059b156132f25bfa9de2cc9e1dc6616af208b0df5362915426fe42b49a4a0961c5c909bb2abf8a4ab13d09be34ad6c43cc9f22b6baedcc52d017eff310733d9821773a06c1b84af6d5121d1dd656e58adc6af66faddf08037b926c6fa955a8a9a1fa1fecf86f57493c4d8e9759db2d3cf95a1401f5f1eb0a5696e5c1894a2271d8b60935438f2ccaaa698a3693b46699c030bb6a048b14501964eafdedaa8d0ddbef321ced68b4616f351466faf1030cc7880f67dff4c7cf92506b82c80fdf55fba75150cf765c82363e2fe2637901bfd169dad1c26ef4c945a169548844b66040908fb69865ca69c04c1419863c881efa498bc8110"}) write$P9_RWSTAT(r0, 0x0, 0x0) r2 = syz_open_pts(r0, 0x80800) ioctl$GIO_FONTX(r2, 0x4b6b, &(0x7f0000000d00)={0xae, 0x5, &(0x7f0000000900)}) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x541c, &(0x7f0000000000)) (async) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000480), 0x40000, 0x0) (async) ioctl$GIO_FONTX(r1, 0x4b6b, &(0x7f00000008c0)={0x195, 0xd, &(0x7f00000004c0)}) (async) ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000440)={0x2, 0x1, 0x13, 0x8, 0x1b7, &(0x7f0000000040)="20b506b9478b08deeab66ee19274df7a670ff5c566376fedfbb3ce7281cc3a4832b3c64b096f4823460d5967238c5f825008a41dd9808173c365ae4c851bd13e59876bfea432e161ce14c98093c1445499bbaa3b269aae5d4da9a76a7585a76cac6d6e7dbb805d6446683336722d25465d52468d187a6cdf0f129ad05f9b16c4bf2b3647d854c2162add8438496ef992d6266c33f5cb33a8919c93678828e1aaffd60eb4683f43f0fb8fba6b27c2235a357aea1cb3fd009a286032c347f60bd8df5298bbdc0ff5e5609a16b3d842e00080bf5d9b53818746267214cf73af26e0cad80eede433999908ea0cedfb2766bb69f3eb4da82dff650675cd6e9c98ce4b254c07f5a340234bf112ebbf2e7b9d5ddde07fcb80fec99689b5427213b4668b08b9fa8d5a1bc61f4af67051b679edd2b0e17f9d1069810e828415d820753f598549d08c06fa6fd96441b4e3a571f440c08a9294d63612daed9f5a65b3dcfda52349ec5e895cb103fd6265d9473fde99464925b212957b476b7b71ebe741176ccf737abe8203a3b74accfc12bcd7a72d151e7601b360a2c19c441036938768d4f060846c7a254de7df08c0b1cb44703502d391028167ce40def8ea688a101e7f8e4afa7624596f56587bd1b726ac7e036409894a14af589233d7c6e5b38c73e7788c89277a238dbfcb0451a5945b80f7004ee154ad744975e11532ee33b8f9abd48d2a2ec847b306e4ebd995011d57d77d8793d4366344057f68844dbab12b384610bf4f149d2364b06c5542058ae303b73f1d4a6697fe48cd951b4b39b0b290c41fa9f4d1785ff98a3f291797aeb7a4784115e6a2aea3479edbf0266171a814f5c743d920df14fc915c81ecd9935765b5180f5295f849acb7cbd4e6a58288104d0d952f225ab8c154c4e2957747c368757490533f0476661cf919822d8e1601b4811d1b3495c171d666c4a4f8d8db02909b9caa0628829b908673363772b11ca371504d83decb14a9122e5c96b0567cd2d5d812f191397f69f24c30533c703d2f9b50619ed7c68370b8101053ac1f490ee4c07ff2aecb1e5c5e6cdace75057fcd0f034993f16445049b8059b156132f25bfa9de2cc9e1dc6616af208b0df5362915426fe42b49a4a0961c5c909bb2abf8a4ab13d09be34ad6c43cc9f22b6baedcc52d017eff310733d9821773a06c1b84af6d5121d1dd656e58adc6af66faddf08037b926c6fa955a8a9a1fa1fecf86f57493c4d8e9759db2d3cf95a1401f5f1eb0a5696e5c1894a2271d8b60935438f2ccaaa698a3693b46699c030bb6a048b14501964eafdedaa8d0ddbef321ced68b4616f351466faf1030cc7880f67dff4c7cf92506b82c80fdf55fba75150cf765c82363e2fe2637901bfd169dad1c26ef4c945a169548844b66040908fb69865ca69c04c1419863c881efa498bc8110"}) (async) write$P9_RWSTAT(r0, 0x0, 0x0) (async) syz_open_pts(r0, 0x80800) (async) ioctl$GIO_FONTX(r2, 0x4b6b, &(0x7f0000000d00)={0xae, 0x5, &(0x7f0000000900)}) (async) 14:30:09 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7}, 0x200000c7) 14:30:09 executing program 1: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7}, 0x200000c7) 14:30:09 executing program 4: syz_open_dev$tty1(0xc, 0x4, 0x1) (async) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r0, 0x0, 0x0) (async, rerun: 32) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) (rerun: 32) write$P9_RUNLINKAT(r1, &(0x7f0000000000)={0x7, 0x4d, 0x1}, 0x7) (async, rerun: 64) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) (rerun: 64) write$P9_RLINK(r2, 0x0, 0x0) (async) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r3, 0x0, 0x0) (async) write$P9_RMKNOD(r3, &(0x7f0000000100)={0x14, 0x13, 0x2, {0x5f9926e72974f04f, 0x2, 0x3}}, 0x14) (async) write$P9_RFLUSH(r2, &(0x7f00000000c0)={0x7, 0x6d, 0x1}, 0x7) (async, rerun: 32) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x7f, 0xfffd}, 0x7) (rerun: 32) 14:30:09 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) (async) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) (async) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000003c0)={0xffffffffffffffff}) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)=ANY=[@ANYBLOB="05000000", @ANYRES16=0x0, @ANYBLOB="10002dbd7000fedbdf25010000000c00030007000000000000001c00078008000100", @ANYRES32=r3, @ANYBLOB="08000100", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32=r1, @ANYBLOB='\x00'/12], 0x48}, 0x1, 0x0, 0x0, 0x4000040}, 0x40) (async) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) sendmsg$NBD_CMD_STATUS(r0, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x44, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x71edee4e52be3768}, @NBD_ATTR_BACKEND_IDENTIFIER={0xb, 0xa, '/),\'\\\\^'}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x2800000000000000}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x400c844}, 0x20004841) (async) ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x80, 0x0, 0x108, 0x70bd2b, 0x25dfdbfc, {}, [@NBD_ATTR_SOCKETS={0x3c, 0x7, 0x0, 0x1, [{0x8, 0x1, r1}, {0x8}, {0x8, 0x1, r2}, {0x8}, {0x8, 0x1, r5}, {0x8, 0x1, r6}, {0x8}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xd3}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x9}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x20000}]}, 0x80}, 0x1, 0x0, 0x0, 0x1}, 0x41) (async) r7 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r7, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:30:09 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 67) 14:30:09 executing program 1: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7}, 0x200000c7) [ 548.484700][ T3684] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 548.492639][ T3684] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 548.500577][ T3684] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 548.508514][ T3684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 548.516455][ T3684] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 14:30:09 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x541c, &(0x7f0000000340)) syz_clone3(&(0x7f0000000200)={0x114140200, &(0x7f0000000000)=0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080), {0x2b}, &(0x7f0000000100)=""/26, 0x1a, &(0x7f0000000140)=""/69, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x4}, 0x58) waitid$P_PIDFD(0x3, r1, 0x0, 0x1, &(0x7f0000000280)) 14:30:09 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_PEER_REMOVE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={0x2c, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0x4}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ADDR={0x8}]}]}, 0x2c}}, 0x0) sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="1f000000d7c71a0a236f8a8e2900ec568dda3e0516a403000000000000eff100fccbc8c5e0d78ab5ee1f04ac9c2f343b6dd44b0c31ad", @ANYRES16=r1, @ANYBLOB="100029bd7000ffdbdf25090000005c0007800c0003000800000000000000080001000000000008000200000200000c000300f09a00dd06000000080001000300000008000100ffdd000008000100001000000c00030002000000000000000c0004009780000000000000e80004801300010062726f6164636173742d6c696e6b00000c00078008000200523c00000c000780080001000f0000000900010073797a30000000000900010073797a30000000002c00078008000400f7ffffff0800010006000000080001001e00000008000400e3070000080002002a0600003c0007800800040004000000080001000a0000000800010019000000080002000800000008000100010000000800030000020000080002000000ffff1400078008000400010400000800010005000000240007800800010011000000080003000100000008000300ff7f000008000300010100003c0002803400038008000200a2e90000080001008100000008000200010000000800020003000000080001008000000008000100fbffffff04000400580005805400028008000300060000000800040006000000080002000200000008000400bd000000080001001500000008000300f9ffffff080002007f6e5b2a080001000900000008000200010001000800020081000000980004802400078008000100140000000800030001040000080002000000000008000100110000004400078008000300080000000800040011be000008000200c20000000800040001f8ffff080001001d0000000800020000000000080003000600000008000200000400002c00078008000300018000000800010012000000080004000600000008000200000000000800010002000000bc0004805400078008000200000000000800040004000000080002004200000008000400040000000800030002000000080001001c00000008000300ff01000008000100040000000800020005000000080004000300000034000780080001000000000008000400060000000800030001010000080003001f000000080004000400000008000200090000000900010073797a31000000000900010073797a31000000000c00078008000300ffff00000c00078008000100ff010000"], 0x340}, 0x1, 0x0, 0x0, 0x40040}, 0x20019) write$P9_RWSTAT(r0, 0x0, 0x0) 14:30:09 executing program 1: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7}, 0x200000c7) 14:30:09 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 68) [ 548.587233][ T3701] FAULT_INJECTION: forcing a failure. [ 548.587233][ T3701] name failslab, interval 1, probability 0, space 0, times 0 [ 548.587245][ T3701] CPU: 0 PID: 3701 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 548.587250][ T3701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 548.587253][ T3701] Call Trace: [ 548.587267][ T3701] dump_stack+0x18e/0x1de [ 548.587279][ T3701] should_fail+0x5d8/0x740 [ 548.587289][ T3701] ? __alloc_skb+0x75/0x4d0 [ 548.587300][ T3701] should_failslab+0x5/0x20 [ 548.587310][ T3701] kmem_cache_alloc+0x36/0x290 [ 548.587318][ T3701] __alloc_skb+0x75/0x4d0 [ 548.587327][ T3701] ? mutex_lock+0x6c/0xc0 [ 548.587336][ T3701] alloc_uevent_skb+0x73/0x220 [ 548.587346][ T3701] kobject_uevent_env+0xaee/0x1000 [ 548.587358][ T3701] device_add+0xecf/0x1820 [ 548.587377][ T3701] device_create_vargs+0x1b8/0x210 [ 548.587387][ T3701] device_create+0x86/0xb0 [ 548.587395][ T3701] ? vsnprintf+0x1a07/0x1aa0 [ 548.587405][ T3701] bdi_register_va+0x89/0x5e0 [ 548.587414][ T3701] bdi_register+0x80/0xa0 [ 548.587425][ T3701] ? __device_add_disk+0x50a/0x1220 [ 548.587434][ T3701] bdi_register_owner+0x56/0xf0 [ 548.587444][ T3701] __device_add_disk+0x583/0x1220 [ 548.587454][ T3701] loop_add+0x554/0x710 [ 548.587464][ T3701] loop_control_ioctl+0x468/0x680 [ 548.587472][ T3701] ? xor_init+0x60/0x60 [ 548.587482][ T3701] do_vfs_ioctl+0x6fb/0x15b0 [ 548.587495][ T3701] __x64_sys_ioctl+0xd4/0x110 [ 548.587504][ T3701] do_syscall_64+0xcb/0x1e0 [ 548.587514][ T3701] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 548.587522][ T3701] RIP: 0033:0x7fe6f0f01059 [ 548.587531][ T3701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 548.587537][ T3701] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 548.587545][ T3701] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 548.587551][ T3701] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 548.587556][ T3701] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 548.587561][ T3701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 548.587566][ T3701] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 548.655935][ T3718] FAULT_INJECTION: forcing a failure. [ 548.655935][ T3718] name failslab, interval 1, probability 0, space 0, times 0 14:30:09 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:30:09 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 69) [ 548.831156][ T3718] CPU: 1 PID: 3718 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 548.831169][ T3718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 548.852716][ T3718] Call Trace: [ 548.852731][ T3718] dump_stack+0x18e/0x1de [ 548.852745][ T3718] should_fail+0x5d8/0x740 [ 548.852755][ T3718] ? skb_clone+0x1b2/0x360 [ 548.852765][ T3718] should_failslab+0x5/0x20 [ 548.852774][ T3718] kmem_cache_alloc+0x36/0x290 [ 548.852782][ T3718] ? string+0x280/0x2c0 [ 548.852790][ T3718] skb_clone+0x1b2/0x360 [ 548.852800][ T3718] netlink_broadcast_filtered+0x5e1/0x10b0 [ 548.852810][ T3718] ? skb_put+0x101/0x1e0 [ 548.852819][ T3718] netlink_broadcast+0x35/0x50 [ 548.852829][ T3718] kobject_uevent_env+0xb1f/0x1000 [ 548.852840][ T3718] device_add+0xecf/0x1820 [ 548.852851][ T3718] device_create_vargs+0x1b8/0x210 [ 548.852860][ T3718] device_create+0x86/0xb0 [ 548.852866][ T3718] ? vsnprintf+0x1a07/0x1aa0 [ 548.852877][ T3718] bdi_register_va+0x89/0x5e0 [ 548.852886][ T3718] bdi_register+0x80/0xa0 [ 548.852896][ T3718] ? __device_add_disk+0x50a/0x1220 [ 548.852904][ T3718] bdi_register_owner+0x56/0xf0 [ 548.852913][ T3718] __device_add_disk+0x583/0x1220 [ 548.852923][ T3718] loop_add+0x554/0x710 [ 548.852933][ T3718] loop_control_ioctl+0x468/0x680 [ 548.852941][ T3718] ? xor_init+0x60/0x60 [ 548.852951][ T3718] do_vfs_ioctl+0x6fb/0x15b0 [ 548.852964][ T3718] __x64_sys_ioctl+0xd4/0x110 [ 548.852973][ T3718] do_syscall_64+0xcb/0x1e0 [ 548.852984][ T3718] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 548.852992][ T3718] RIP: 0033:0x7fe6f0f01059 [ 548.853002][ T3718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 548.853007][ T3718] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 548.853016][ T3718] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 548.853020][ T3718] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 548.853026][ T3718] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 548.853030][ T3718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 548.853035][ T3718] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 548.934670][ T3726] FAULT_INJECTION: forcing a failure. [ 548.934670][ T3726] name failslab, interval 1, probability 0, space 0, times 0 [ 548.934684][ T3726] CPU: 0 PID: 3726 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 548.934690][ T3726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 548.934693][ T3726] Call Trace: [ 548.934706][ T3726] dump_stack+0x18e/0x1de [ 548.934720][ T3726] should_fail+0x5d8/0x740 [ 548.934731][ T3726] ? alloc_uevent_skb+0x73/0x220 [ 548.934741][ T3726] should_failslab+0x5/0x20 [ 548.934758][ T3726] __kmalloc_track_caller+0x5d/0x2e0 [ 548.934767][ T3726] ? kmem_cache_alloc+0x115/0x290 [ 548.934776][ T3726] ? alloc_uevent_skb+0x73/0x220 [ 548.934784][ T3726] __alloc_skb+0xaf/0x4d0 [ 548.934793][ T3726] ? mutex_lock+0x6c/0xc0 [ 548.934801][ T3726] alloc_uevent_skb+0x73/0x220 [ 548.934811][ T3726] kobject_uevent_env+0xaee/0x1000 [ 548.934823][ T3726] device_add+0xecf/0x1820 [ 548.934834][ T3726] device_create_vargs+0x1b8/0x210 [ 548.934851][ T3726] device_create+0x86/0xb0 [ 548.934859][ T3726] ? vsnprintf+0x1a07/0x1aa0 [ 548.934871][ T3726] bdi_register_va+0x89/0x5e0 [ 548.934881][ T3726] bdi_register+0x80/0xa0 [ 548.934892][ T3726] ? __device_add_disk+0x50a/0x1220 [ 548.934902][ T3726] bdi_register_owner+0x56/0xf0 [ 548.934911][ T3726] __device_add_disk+0x583/0x1220 [ 548.934923][ T3726] loop_add+0x554/0x710 [ 548.934933][ T3726] loop_control_ioctl+0x468/0x680 [ 548.934941][ T3726] ? xor_init+0x60/0x60 [ 548.934952][ T3726] do_vfs_ioctl+0x6fb/0x15b0 [ 548.934965][ T3726] __x64_sys_ioctl+0xd4/0x110 [ 548.934974][ T3726] do_syscall_64+0xcb/0x1e0 [ 548.934985][ T3726] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 548.934992][ T3726] RIP: 0033:0x7fe6f0f01059 [ 548.935001][ T3726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 548.935006][ T3726] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 548.935015][ T3726] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 548.935020][ T3726] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 548.935026][ T3726] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 548.935030][ T3726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 548.935036][ T3726] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 14:30:09 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x8, 0x1}, 0x7) 14:30:09 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 70) 14:30:09 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:30:09 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_PEER_REMOVE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={0x2c, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0x4}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ADDR={0x8}]}]}, 0x2c}}, 0x0) sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="1f000000d7c71a0a236f8a8e2900ec568dda3e0516a403000000000000eff100fccbc8c5e0d78ab5ee1f04ac9c2f343b6dd44b0c31ad", @ANYRES16=r1, @ANYBLOB="100029bd7000ffdbdf25090000005c0007800c0003000800000000000000080001000000000008000200000200000c000300f09a00dd06000000080001000300000008000100ffdd000008000100001000000c00030002000000000000000c0004009780000000000000e80004801300010062726f6164636173742d6c696e6b00000c00078008000200523c00000c000780080001000f0000000900010073797a30000000000900010073797a30000000002c00078008000400f7ffffff0800010006000000080001001e00000008000400e3070000080002002a0600003c0007800800040004000000080001000a0000000800010019000000080002000800000008000100010000000800030000020000080002000000ffff1400078008000400010400000800010005000000240007800800010011000000080003000100000008000300ff7f000008000300010100003c0002803400038008000200a2e90000080001008100000008000200010000000800020003000000080001008000000008000100fbffffff04000400580005805400028008000300060000000800040006000000080002000200000008000400bd000000080001001500000008000300f9ffffff080002007f6e5b2a080001000900000008000200010001000800020081000000980004802400078008000100140000000800030001040000080002000000000008000100110000004400078008000300080000000800040011be000008000200c20000000800040001f8ffff080001001d0000000800020000000000080003000600000008000200000400002c00078008000300018000000800010012000000080004000600000008000200000000000800010002000000bc0004805400078008000200000000000800040004000000080002004200000008000400040000000800030002000000080001001c00000008000300ff01000008000100040000000800020005000000080004000300000034000780080001000000000008000400060000000800030001010000080003001f000000080004000400000008000200090000000900010073797a31000000000900010073797a31000000000c00078008000300ffff00000c00078008000100ff010000"], 0x340}, 0x1, 0x0, 0x0, 0x40040}, 0x20019) (async) write$P9_RWSTAT(r0, 0x0, 0x0) 14:30:09 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, 0x0) (async) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000003c0)={0xffffffffffffffff}) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)=ANY=[@ANYBLOB="05000000", @ANYRES16=0x0, @ANYBLOB="10002dbd7000fedbdf25010000000c00030007000000000000001c00078008000100", @ANYRES32=r3, @ANYBLOB="08000100", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32=r1, @ANYBLOB='\x00'/12], 0x48}, 0x1, 0x0, 0x0, 0x4000040}, 0x40) (async) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) sendmsg$NBD_CMD_STATUS(r0, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x44, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x71edee4e52be3768}, @NBD_ATTR_BACKEND_IDENTIFIER={0xb, 0xa, '/),\'\\\\^'}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x2800000000000000}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x400c844}, 0x20004841) (async) ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, 0x0) (async) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x80, 0x0, 0x108, 0x70bd2b, 0x25dfdbfc, {}, [@NBD_ATTR_SOCKETS={0x3c, 0x7, 0x0, 0x1, [{0x8, 0x1, r1}, {0x8}, {0x8, 0x1, r2}, {0x8}, {0x8, 0x1, r5}, {0x8, 0x1, r6}, {0x8}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xd3}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x9}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x20000}]}, 0x80}, 0x1, 0x0, 0x0, 0x1}, 0x41) (async) r7 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r7, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:30:09 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x541c, &(0x7f0000000340)) (async) syz_clone3(&(0x7f0000000200)={0x114140200, &(0x7f0000000000)=0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080), {0x2b}, &(0x7f0000000100)=""/26, 0x1a, &(0x7f0000000140)=""/69, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x4}, 0x58) waitid$P_PIDFD(0x3, r1, 0x0, 0x1, &(0x7f0000000280)) 14:30:09 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:30:09 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x541c, &(0x7f0000000340)) (async) syz_clone3(&(0x7f0000000200)={0x114140200, &(0x7f0000000000)=0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080), {0x2b}, &(0x7f0000000100)=""/26, 0x1a, &(0x7f0000000140)=""/69, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x4}, 0x58) waitid$P_PIDFD(0x3, r1, 0x0, 0x1, &(0x7f0000000280)) 14:30:09 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$GIO_FONTX(r0, 0x4b6b, &(0x7f0000000040)={0x171, 0x18, &(0x7f00000000c0)}) write$P9_RWSTAT(r1, &(0x7f0000000080)={0x7, 0x7f, 0x1}, 0x7) 14:30:09 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0xffffff9b, 0x7f, 0x1}, 0x7) 14:30:09 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) (async) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$GIO_FONTX(r0, 0x4b6b, &(0x7f0000000040)={0x171, 0x18, &(0x7f00000000c0)}) (async) write$P9_RWSTAT(r1, &(0x7f0000000080)={0x7, 0x7f, 0x1}, 0x7) 14:30:09 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_PEER_REMOVE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={0x2c, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0x4}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ADDR={0x8}]}]}, 0x2c}}, 0x0) sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="1f000000d7c71a0a236f8a8e2900ec568dda3e0516a403000000000000eff100fccbc8c5e0d78ab5ee1f04ac9c2f343b6dd44b0c31ad", @ANYRES16=r1, @ANYBLOB="100029bd7000ffdbdf25090000005c0007800c0003000800000000000000080001000000000008000200000200000c000300f09a00dd06000000080001000300000008000100ffdd000008000100001000000c00030002000000000000000c0004009780000000000000e80004801300010062726f6164636173742d6c696e6b00000c00078008000200523c00000c000780080001000f0000000900010073797a30000000000900010073797a30000000002c00078008000400f7ffffff0800010006000000080001001e00000008000400e3070000080002002a0600003c0007800800040004000000080001000a0000000800010019000000080002000800000008000100010000000800030000020000080002000000ffff1400078008000400010400000800010005000000240007800800010011000000080003000100000008000300ff7f000008000300010100003c0002803400038008000200a2e90000080001008100000008000200010000000800020003000000080001008000000008000100fbffffff04000400580005805400028008000300060000000800040006000000080002000200000008000400bd000000080001001500000008000300f9ffffff080002007f6e5b2a080001000900000008000200010001000800020081000000980004802400078008000100140000000800030001040000080002000000000008000100110000004400078008000300080000000800040011be000008000200c20000000800040001f8ffff080001001d0000000800020000000000080003000600000008000200000400002c00078008000300018000000800010012000000080004000600000008000200000000000800010002000000bc0004805400078008000200000000000800040004000000080002004200000008000400040000000800030002000000080001001c00000008000300ff01000008000100040000000800020005000000080004000300000034000780080001000000000008000400060000000800030001010000080003001f000000080004000400000008000200090000000900010073797a31000000000900010073797a31000000000c00078008000300ffff00000c00078008000100ff010000"], 0x340}, 0x1, 0x0, 0x0, 0x40040}, 0x20019) write$P9_RWSTAT(r0, 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$TIPC_NL_PEER_REMOVE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={0x2c, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0x4}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ADDR={0x8}]}]}, 0x2c}}, 0x0) (async) sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="1f000000d7c71a0a236f8a8e2900ec568dda3e0516a403000000000000eff100fccbc8c5e0d78ab5ee1f04ac9c2f343b6dd44b0c31ad", @ANYRES16=r1, @ANYBLOB="100029bd7000ffdbdf25090000005c0007800c0003000800000000000000080001000000000008000200000200000c000300f09a00dd06000000080001000300000008000100ffdd000008000100001000000c00030002000000000000000c0004009780000000000000e80004801300010062726f6164636173742d6c696e6b00000c00078008000200523c00000c000780080001000f0000000900010073797a30000000000900010073797a30000000002c00078008000400f7ffffff0800010006000000080001001e00000008000400e3070000080002002a0600003c0007800800040004000000080001000a0000000800010019000000080002000800000008000100010000000800030000020000080002000000ffff1400078008000400010400000800010005000000240007800800010011000000080003000100000008000300ff7f000008000300010100003c0002803400038008000200a2e90000080001008100000008000200010000000800020003000000080001008000000008000100fbffffff04000400580005805400028008000300060000000800040006000000080002000200000008000400bd000000080001001500000008000300f9ffffff080002007f6e5b2a080001000900000008000200010001000800020081000000980004802400078008000100140000000800030001040000080002000000000008000100110000004400078008000300080000000800040011be000008000200c20000000800040001f8ffff080001001d0000000800020000000000080003000600000008000200000400002c00078008000300018000000800010012000000080004000600000008000200000000000800010002000000bc0004805400078008000200000000000800040004000000080002004200000008000400040000000800030002000000080001001c00000008000300ff01000008000100040000000800020005000000080004000300000034000780080001000000000008000400060000000800030001010000080003001f000000080004000400000008000200090000000900010073797a31000000000900010073797a31000000000c00078008000300ffff00000c00078008000100ff010000"], 0x340}, 0x1, 0x0, 0x0, 0x40040}, 0x20019) (async) write$P9_RWSTAT(r0, 0x0, 0x0) (async) 14:30:09 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x8, 0x1}, 0x7) [ 549.462906][ T3730] FAULT_INJECTION: forcing a failure. [ 549.462906][ T3730] name failslab, interval 1, probability 0, space 0, times 0 [ 549.495865][ T3730] CPU: 1 PID: 3730 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 14:30:10 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 71) 14:30:10 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) (async) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$GIO_FONTX(r0, 0x4b6b, &(0x7f0000000040)={0x171, 0x18, &(0x7f00000000c0)}) (async) write$P9_RWSTAT(r1, &(0x7f0000000080)={0x7, 0x7f, 0x1}, 0x7) 14:30:10 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x8, 0x1}, 0x7) 14:30:10 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0xffffff9b, 0x7f, 0x1}, 0x7) 14:30:10 executing program 4: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_PEER_REMOVE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={0x2c, r0, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0x4}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ADDR={0x8}]}]}, 0x2c}}, 0x0) sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000040)={&(0x7f0000000100)={0x1e0, r0, 0x20, 0x70bd29, 0x25dfdbfb, {}, [@TIPC_NLA_NET={0x54, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xded}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xfffffffffffffffe}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x7}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x8d24}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x5}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xfffffbff}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}]}, @TIPC_NLA_SOCK={0x8, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_NET={0x48, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x19}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x2}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x3}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x2}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1f}]}, @TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x6}]}, @TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}]}, @TIPC_NLA_NODE={0x94, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3f, 0x4, {'gcm(aes)\x00', 0x17, "c420ac314bf66130031c94c183c87d3732815442d325df"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x9}, @TIPC_NLA_NODE_KEY={0x3f, 0x4, {'gcm(aes)\x00', 0x17, "ddfb0effaad8ad3ad6295b8f2e0be2e288fd369151a6b6"}}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_LINK={0x7c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7f}]}]}]}, 0x1e0}, 0x1, 0x0, 0x0, 0x48010}, 0x4041) r2 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r2, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$NBD_CMD_RECONFIGURE(r3, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x50, r4, 0x2, 0x70bd25, 0x25dfdbfd, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x3}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x5}, @NBD_ATTR_SOCKETS={0x14, 0x7, 0x0, 0x1, [{0x8}, {0x8}]}, @NBD_ATTR_BACKEND_IDENTIFIER={0xd, 0xa, 'gcm(aes)\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000000}, 0x4c000) [ 549.507417][ T3730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 549.507421][ T3730] Call Trace: [ 549.507437][ T3730] dump_stack+0x18e/0x1de [ 549.507451][ T3730] should_fail+0x5d8/0x740 [ 549.507462][ T3730] ? __d_alloc+0x2a/0x6a0 [ 549.507472][ T3730] should_failslab+0x5/0x20 [ 549.507482][ T3730] kmem_cache_alloc+0x36/0x290 [ 549.507491][ T3730] ? kobject_uevent_env+0x335/0x1000 [ 549.507499][ T3730] __d_alloc+0x2a/0x6a0 [ 549.507508][ T3730] ? kobject_uevent_env+0xbb2/0x1000 [ 549.507517][ T3730] d_alloc_parallel+0x7d/0x12b0 [ 549.507526][ T3730] ? avc_has_perm_noaudit+0x2fc/0x380 [ 549.507535][ T3730] ? avc_has_perm_noaudit+0x2b0/0x380 [ 549.507545][ T3730] ? __d_lookup+0x4b8/0x510 [ 549.507554][ T3730] __lookup_slow+0xef/0x3b0 14:30:10 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 72) [ 549.507563][ T3730] lookup_one_len+0x11d/0x210 [ 549.507573][ T3730] start_creating+0xec/0x270 [ 549.507583][ T3730] debugfs_create_dir+0x24/0x3f0 [ 549.507592][ T3730] bdi_register_va+0x232/0x5e0 [ 549.507601][ T3730] bdi_register+0x80/0xa0 [ 549.507610][ T3730] ? __device_add_disk+0x50a/0x1220 [ 549.507619][ T3730] bdi_register_owner+0x56/0xf0 [ 549.507628][ T3730] __device_add_disk+0x583/0x1220 [ 549.507640][ T3730] loop_add+0x554/0x710 [ 549.507650][ T3730] loop_control_ioctl+0x468/0x680 [ 549.507658][ T3730] ? xor_init+0x60/0x60 [ 549.507667][ T3730] do_vfs_ioctl+0x6fb/0x15b0 [ 549.507679][ T3730] __x64_sys_ioctl+0xd4/0x110 [ 549.507688][ T3730] do_syscall_64+0xcb/0x1e0 [ 549.507698][ T3730] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 549.507706][ T3730] RIP: 0033:0x7fe6f0f01059 [ 549.507714][ T3730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 549.507719][ T3730] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 549.507727][ T3730] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 549.507732][ T3730] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 549.507737][ T3730] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 549.507742][ T3730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 549.507747][ T3730] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 549.619047][ T3778] FAULT_INJECTION: forcing a failure. [ 549.619047][ T3778] name failslab, interval 1, probability 0, space 0, times 0 [ 549.619060][ T3778] CPU: 0 PID: 3778 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 549.619065][ T3778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 549.619069][ T3778] Call Trace: [ 549.619083][ T3778] dump_stack+0x18e/0x1de 14:30:10 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0xffffff9b, 0x7f, 0x1}, 0x7) 14:30:10 executing program 4: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_PEER_REMOVE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={0x2c, r0, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0x4}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ADDR={0x8}]}]}, 0x2c}}, 0x0) sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000040)={&(0x7f0000000100)={0x1e0, r0, 0x20, 0x70bd29, 0x25dfdbfb, {}, [@TIPC_NLA_NET={0x54, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xded}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xfffffffffffffffe}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x7}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x8d24}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x5}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xfffffbff}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}]}, @TIPC_NLA_SOCK={0x8, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_NET={0x48, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x19}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x2}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x3}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x2}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1f}]}, @TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x6}]}, @TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}]}, @TIPC_NLA_NODE={0x94, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3f, 0x4, {'gcm(aes)\x00', 0x17, "c420ac314bf66130031c94c183c87d3732815442d325df"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x9}, @TIPC_NLA_NODE_KEY={0x3f, 0x4, {'gcm(aes)\x00', 0x17, "ddfb0effaad8ad3ad6295b8f2e0be2e288fd369151a6b6"}}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_LINK={0x7c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7f}]}]}]}, 0x1e0}, 0x1, 0x0, 0x0, 0x48010}, 0x4041) r2 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r2, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r4 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$NBD_CMD_RECONFIGURE(r3, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x50, r4, 0x2, 0x70bd25, 0x25dfdbfd, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x3}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x5}, @NBD_ATTR_SOCKETS={0x14, 0x7, 0x0, 0x1, [{0x8}, {0x8}]}, @NBD_ATTR_BACKEND_IDENTIFIER={0xd, 0xa, 'gcm(aes)\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000000}, 0x4c000) [ 549.619096][ T3778] should_fail+0x5d8/0x740 [ 549.619107][ T3778] ? skb_clone+0x1b2/0x360 [ 549.619118][ T3778] should_failslab+0x5/0x20 [ 549.619128][ T3778] kmem_cache_alloc+0x36/0x290 [ 549.619134][ T3778] ? string+0x280/0x2c0 [ 549.619152][ T3778] skb_clone+0x1b2/0x360 [ 549.619163][ T3778] netlink_broadcast_filtered+0x5e1/0x10b0 [ 549.619173][ T3778] ? skb_put+0x101/0x1e0 [ 549.619182][ T3778] netlink_broadcast+0x35/0x50 [ 549.619193][ T3778] kobject_uevent_env+0xb1f/0x1000 [ 549.619205][ T3778] device_add+0xecf/0x1820 [ 549.619216][ T3778] device_create_vargs+0x1b8/0x210 [ 549.619224][ T3778] device_create+0x86/0xb0 [ 549.619231][ T3778] ? vsnprintf+0x1a07/0x1aa0 [ 549.619242][ T3778] bdi_register_va+0x89/0x5e0 [ 549.619251][ T3778] bdi_register+0x80/0xa0 [ 549.619261][ T3778] ? __device_add_disk+0x50a/0x1220 [ 549.619270][ T3778] bdi_register_owner+0x56/0xf0 [ 549.619280][ T3778] __device_add_disk+0x583/0x1220 [ 549.619291][ T3778] loop_add+0x554/0x710 [ 549.619301][ T3778] loop_control_ioctl+0x468/0x680 [ 549.619316][ T3778] ? xor_init+0x60/0x60 [ 549.619327][ T3778] do_vfs_ioctl+0x6fb/0x15b0 [ 549.619340][ T3778] __x64_sys_ioctl+0xd4/0x110 [ 549.619350][ T3778] do_syscall_64+0xcb/0x1e0 [ 549.619361][ T3778] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 549.619369][ T3778] RIP: 0033:0x7fe6f0f01059 [ 549.619378][ T3778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 549.619383][ T3778] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 549.619392][ T3778] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 549.619397][ T3778] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 549.619403][ T3778] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 549.619408][ T3778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 549.619413][ T3778] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 549.723438][ T3784] FAULT_INJECTION: forcing a failure. 14:30:10 executing program 1: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0xffffff9b, 0x7f, 0x1}, 0x7) 14:30:10 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f0000000000)) 14:30:10 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) ioctl$TIOCGWINSZ(r1, 0x5413, &(0x7f0000000000)) [ 549.723438][ T3784] name failslab, interval 1, probability 0, space 0, times 0 [ 550.020357][ T3784] CPU: 1 PID: 3784 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 550.031900][ T3784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 550.031909][ T3784] Call Trace: [ 550.045216][ T3784] dump_stack+0x18e/0x1de [ 550.049549][ T3784] should_fail+0x5d8/0x740 [ 550.049559][ T3784] ? new_inode_pseudo+0x79/0x220 [ 550.049578][ T3784] should_failslab+0x5/0x20 14:30:10 executing program 2: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x8, 0x1}, 0x7) 14:30:10 executing program 4: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_PEER_REMOVE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={0x2c, r0, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0x4}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ADDR={0x8}]}]}, 0x2c}}, 0x0) (async) sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000040)={&(0x7f0000000100)={0x1e0, r0, 0x20, 0x70bd29, 0x25dfdbfb, {}, [@TIPC_NLA_NET={0x54, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xded}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xfffffffffffffffe}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x7}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x8d24}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x5}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xfffffbff}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}]}, @TIPC_NLA_SOCK={0x8, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_NET={0x48, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x19}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x2}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x3}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x2}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1f}]}, @TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x6}]}, @TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}]}, @TIPC_NLA_NODE={0x94, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3f, 0x4, {'gcm(aes)\x00', 0x17, "c420ac314bf66130031c94c183c87d3732815442d325df"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x9}, @TIPC_NLA_NODE_KEY={0x3f, 0x4, {'gcm(aes)\x00', 0x17, "ddfb0effaad8ad3ad6295b8f2e0be2e288fd369151a6b6"}}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_LINK={0x7c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7f}]}]}]}, 0x1e0}, 0x1, 0x0, 0x0, 0x48010}, 0x4041) (async) r2 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r2, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$NBD_CMD_RECONFIGURE(r3, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x50, r4, 0x2, 0x70bd25, 0x25dfdbfd, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x3}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x5}, @NBD_ATTR_SOCKETS={0x14, 0x7, 0x0, 0x1, [{0x8}, {0x8}]}, @NBD_ATTR_BACKEND_IDENTIFIER={0xd, 0xa, 'gcm(aes)\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000000}, 0x4c000) 14:30:10 executing program 1: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0xffffff9b, 0x7f, 0x1}, 0x7) [ 550.063363][ T3784] kmem_cache_alloc+0x36/0x290 [ 550.068115][ T3784] new_inode_pseudo+0x79/0x220 [ 550.072870][ T3784] new_inode+0x25/0x1d0 [ 550.077023][ T3784] ? start_creating+0x183/0x270 14:30:10 executing program 1: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0xffffff9b, 0x7f, 0x1}, 0x7) 14:30:10 executing program 2: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x8, 0x1}, 0x7) 14:30:10 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0xffffff9b, 0x7f, 0x1}, 0x7) [ 550.077035][ T3784] debugfs_create_dir+0x68/0x3f0 [ 550.077046][ T3784] bdi_register_va+0x232/0x5e0 [ 550.077065][ T3784] bdi_register+0x80/0xa0 [ 550.077076][ T3784] ? __device_add_disk+0x50a/0x1220 [ 550.077085][ T3784] bdi_register_owner+0x56/0xf0 [ 550.077095][ T3784] __device_add_disk+0x583/0x1220 [ 550.077108][ T3784] loop_add+0x554/0x710 [ 550.077118][ T3784] loop_control_ioctl+0x468/0x680 [ 550.077127][ T3784] ? xor_init+0x60/0x60 [ 550.077137][ T3784] do_vfs_ioctl+0x6fb/0x15b0 [ 550.077151][ T3784] __x64_sys_ioctl+0xd4/0x110 [ 550.077161][ T3784] do_syscall_64+0xcb/0x1e0 [ 550.077173][ T3784] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 550.077181][ T3784] RIP: 0033:0x7fe6f0f01059 [ 550.077190][ T3784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 550.077195][ T3784] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 550.077204][ T3784] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 550.077209][ T3784] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 550.077213][ T3784] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 550.077218][ T3784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 550.077223][ T3784] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 550.208392][ T3784] debugfs: out of free dentries, can not create directory '7:0' 14:30:10 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 73) 14:30:10 executing program 2: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x8, 0x1}, 0x7) 14:30:10 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f0000000000)) 14:30:10 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) (async) ioctl$TIOCGWINSZ(r1, 0x5413, &(0x7f0000000000)) 14:30:10 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) ioctl$GIO_SCRNMAP(r1, 0x4b40, &(0x7f0000000100)=""/195) 14:30:10 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0xffffff9b, 0x7f, 0x1}, 0x7) 14:30:10 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x8, 0x1}, 0x7) 14:30:10 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) (async, rerun: 32) ioctl$GIO_SCRNMAP(r1, 0x4b40, &(0x7f0000000100)=""/195) (rerun: 32) 14:30:10 executing program 1: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0xffffff9b, 0x7f, 0x1}, 0x7) 14:30:10 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f0000000000)) 14:30:10 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) ioctl$TIOCGWINSZ(r1, 0x5413, &(0x7f0000000000)) 14:30:10 executing program 1: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0xffffff9b, 0x7f, 0x1}, 0x7) [ 550.434040][ T3837] FAULT_INJECTION: forcing a failure. [ 550.434040][ T3837] name failslab, interval 1, probability 0, space 0, times 0 [ 550.447241][ T3837] CPU: 0 PID: 3837 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 550.458768][ T3837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 550.468819][ T3837] Call Trace: [ 550.472108][ T3837] dump_stack+0x18e/0x1de [ 550.476429][ T3837] should_fail+0x5d8/0x740 [ 550.480849][ T3837] ? new_inode_pseudo+0x79/0x220 [ 550.485776][ T3837] should_failslab+0x5/0x20 [ 550.490268][ T3837] kmem_cache_alloc+0x36/0x290 [ 550.495023][ T3837] new_inode_pseudo+0x79/0x220 [ 550.499776][ T3837] new_inode+0x25/0x1d0 [ 550.503932][ T3837] ? start_creating+0x183/0x270 [ 550.508811][ T3837] debugfs_create_dir+0x68/0x3f0 [ 550.513740][ T3837] bdi_register_va+0x232/0x5e0 [ 550.518497][ T3837] bdi_register+0x80/0xa0 [ 550.522823][ T3837] ? __device_add_disk+0x50a/0x1220 [ 550.528012][ T3837] bdi_register_owner+0x56/0xf0 [ 550.532859][ T3837] __device_add_disk+0x583/0x1220 [ 550.537880][ T3837] loop_add+0x554/0x710 [ 550.542033][ T3837] loop_control_ioctl+0x468/0x680 [ 550.547043][ T3837] ? xor_init+0x60/0x60 [ 550.551192][ T3837] do_vfs_ioctl+0x6fb/0x15b0 [ 550.555786][ T3837] __x64_sys_ioctl+0xd4/0x110 [ 550.560450][ T3837] do_syscall_64+0xcb/0x1e0 [ 550.564944][ T3837] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 550.570820][ T3837] RIP: 0033:0x7fe6f0f01059 [ 550.575220][ T3837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 550.594812][ T3837] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 550.603212][ T3837] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 550.611165][ T3837] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 550.619122][ T3837] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 550.627082][ T3837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 14:30:11 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 74) 14:30:11 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x1635c0) ioctl$GIO_FONTX(r1, 0x4b6b, &(0x7f0000000400)={0x9f, 0xe}) write$P9_RWSTAT(r0, 0x0, 0x0) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r2, 0x0) ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000440)=0xc43) 14:30:11 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x8, 0x1}, 0x7) 14:30:11 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) ioctl$GIO_SCRNMAP(r1, 0x4b40, &(0x7f0000000100)=""/195) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async) syz_open_pts(r1, 0x0) (async) ioctl$GIO_SCRNMAP(r1, 0x4b40, &(0x7f0000000100)=""/195) (async) 14:30:11 executing program 1: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0xffffff9b, 0x7f, 0x1}, 0x7) 14:30:11 executing program 3: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_ADD_TX_TS(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x3c, r0, 0x8, 0x70bd2b, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_TSID={0x5, 0xd2, 0xb}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_TSID={0x5, 0xd2, 0xd}, @NL80211_ATTR_MAC={0xa}]}, 0x3c}, 0x1, 0x0, 0x0, 0x84}, 0x1000) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$hidraw(0xffffffffffffffff, &(0x7f0000000180)="a8fb7c9398a19cfd192e51a2cd5c8f8cbd4d43e815be9414b7f4a0fe58a004ce47acf42f5e132462d383435235b05d7ac8759c03bc8f423a4a5f19ed6c62753f49c333450f0f13f3ed03db8ae9b7f5c2074a6ae632ccbdfd7a33c1e1564bf99191f935e0dc72d9bb6c491e145d", 0x6d) syz_open_dev$tty20(0xc, 0x4, 0x1) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:30:11 executing program 3: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_ADD_TX_TS(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x3c, r0, 0x8, 0x70bd2b, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_TSID={0x5, 0xd2, 0xb}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_TSID={0x5, 0xd2, 0xd}, @NL80211_ATTR_MAC={0xa}]}, 0x3c}, 0x1, 0x0, 0x0, 0x84}, 0x1000) (async) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$hidraw(0xffffffffffffffff, &(0x7f0000000180)="a8fb7c9398a19cfd192e51a2cd5c8f8cbd4d43e815be9414b7f4a0fe58a004ce47acf42f5e132462d383435235b05d7ac8759c03bc8f423a4a5f19ed6c62753f49c333450f0f13f3ed03db8ae9b7f5c2074a6ae632ccbdfd7a33c1e1564bf99191f935e0dc72d9bb6c491e145d", 0x6d) (async) syz_open_dev$tty20(0xc, 0x4, 0x1) (async) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) [ 550.635035][ T3837] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 550.645129][ T3837] debugfs: out of free dentries, can not create directory '7:0' 14:30:11 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x1635c0) ioctl$GIO_FONTX(r1, 0x4b6b, &(0x7f0000000400)={0x9f, 0xe}) (async) write$P9_RWSTAT(r0, 0x0, 0x0) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r2, 0x0) (async) ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000440)=0xc43) 14:30:11 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x8, 0x1}, 0x7) 14:30:11 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x2) ioctl$PIO_FONTRESET(r1, 0x4b6d, 0x0) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r3, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="085bad698a5870a8d942e99b6b44514a11e5c21edf606c29e36c0e5187a216e3b88853ae25dedd2ac0d2793ade0cf5876f3f2a0beb69e2f72d0b36deb41e78a7fbcfd0bd88865d00fa54c33e905eddc780d8dc9cae8e0355c1ba6cfd05f5538e000b0ad0d791b5f44723d6717681fc5e31572308a55d44fe05bc378a26931825b6a71c80ea7054f140daabee5ada48801557e60ab7f442835733fb16a8465e918dab2cdcb8965e887c5dbe7064edfd55547c24da504b732bd61c1bfd2abf6441f696279afce09c16c88db527e5e399d3efc10d664503f954fdfe78f8a47fedf2aa38ccc4c496e372a2494aac40ba5751d79012083e9b8ca13b6dfcdce37e292d", @ANYRES16=0x0, @ANYBLOB="000427bd7000fcdbdf250000000000000008a0277b4ca05eb2bb6187cbef9e36c2b1a098f3e9145805a600"/55, @ANYRES32=0x0, @ANYBLOB="1c005b0063c555db62520eb4c2d2439376f04d49ec09c73a738aeac5cf005b00fbd88ccd2e45eef7b5abdf13f7dc51b85cc23aa07bc30c1500fb5fdf1a76ec3444ca524023fc1e68046b1b23ebda82a090fd0f64c21dad6bce39e28da5c75c06b1432f440066135a192253c1046b2eb5b58d4eedfa2eb36b9fb3bfe2f210ae386f44d3801e0be64ef7b9784240229c85cf6aaf20937bdc2e8c7bf5c326444c4b3828e5d764e98247a2d1540af6ebf7ef26e4527b68fdfd59a01b99a275b545e480a861c19725567487cd6aabb9ab01640088b8c281112c27bf12ad15fd3e8f99163f37f36eb099f21decc500060065000800000072005b007acfea7be4d9738703e35497b69e6a29ba2cb548f19e9bbf17c362da5332abd31a3270c53b18b9355e30ac7a9717bd97932748cd0ef6a5fa47bd9c2d10a2da8af99c95f2b7aa7cb9a875af949332286b2138d02aca1dc7f89b0e32df90773fce84968701b95b641257e3161c3ee10000e0005b00323a65e300f0886acd4a7be6ea319f15f4338affcd4936aeb59fca53708f830c27ceb177bf7a54232bd300a5a7d95506eb98143f5adb8a0842f0fcc706757983d058641c3345dd6e611df780ea0bd4de9946fc9b353f52922a0feb8ca5266930e14e528fb384bb0d5616bd3907cc1cdbe560befd51785783c1f0815baabeb35bb1ef831fc791411cc8f8b12e3f1314a5c5f56f7fca871c5cc7e70622d12a2d1c7661dea6cb465e55bcf293210bc8858294ab12cb373c1a0cf74bec033f76e46fc0422dc0bda47eefb986d12ada1f387bb21a5c8e7b9781de67005b00bd46581e11bddacb732e25e3bed9d47e77df5b60640d42e386f39157da1b77aaa9adff60aa518fc8cb518aa9d92e51fd363d70ce1fce58c4ff27c5fe297c66ad8f4c396ec5f9bbcba0c6b34fa9f9f95bc0cdab34f2ad96287fbf3f4fbeda27486a531500ad005b001559cb308e5e00c1232162afa0c1612d874089544b8c06510c01fb3bde95ae03626c5e75017c74869956e0d68d9b868b05f339da8004d3798516c5a7f6f6dc4189536ca20f341371d2ef9c262f3af9f8405d6d7c24581601e05cbb67b5aad67e37f803fd40cd2bc067ab3f2270c80e3b562d23f85ffc2cba0d482b93d98c23a7b4b1dd5aafc26ab4aff2f4b29d9cbb80eb18e31d5f06fbaeebd2806bcdebc100000006006500ffff000007deabdb42684d605f79f377e725f7f87dfb0dfb2f71334ff9c45bf0e026e36737c2e902582ce34fc1fe84797417c0535bdcdd148325d5f77942581cbaacc8fd88f027ad0000000000000000000000000000fc"], 0x384}, 0x1, 0x0, 0x0, 0x40000}, 0x80) ioctl$TIOCGPTPEER(r3, 0x5441, 0x7) write$P9_RLINK(r2, 0x0, 0x0) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r5, 0x0, 0x0) write$P9_RSTAT(r5, 0xfffffffffffffffe, 0x0) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) write$P9_RFLUSH(0xffffffffffffffff, &(0x7f00000001c0)={0x7, 0x6d, 0x2}, 0x7) ioctl$KDGKBENT(r0, 0x4b46, &(0x7f0000000040)={0x6, 0x40, 0x1ff}) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r6, 0x0, 0x0) write$P9_RFLUSH(r6, &(0x7f0000000000)={0x7, 0x6d, 0x2}, 0x7) write$P9_RWSTAT(r5, &(0x7f00000000c0)={0x7, 0x7f, 0x8001}, 0x7) 14:30:11 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:30:11 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x8, 0x1}, 0x7) [ 550.747916][ T3854] FAULT_INJECTION: forcing a failure. [ 550.747916][ T3854] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 550.766993][ T3854] CPU: 1 PID: 3854 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 550.778623][ T3854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 550.788667][ T3854] Call Trace: [ 550.791976][ T3854] dump_stack+0x18e/0x1de [ 550.796300][ T3854] should_fail+0x5d8/0x740 [ 550.800713][ T3854] __alloc_pages_nodemask+0x12e/0x740 [ 550.806071][ T3854] __get_free_pages+0xa/0x30 [ 550.810646][ T3854] inode_doinit_with_dentry+0x8d4/0x1170 [ 550.816275][ T3854] security_d_instantiate+0xa5/0x100 [ 550.821553][ T3854] d_instantiate+0x51/0x90 [ 550.825957][ T3854] debugfs_create_dir+0x1bc/0x3f0 [ 550.830971][ T3854] bdi_register_va+0x232/0x5e0 [ 550.835720][ T3854] bdi_register+0x80/0xa0 [ 550.840037][ T3854] ? __device_add_disk+0x50a/0x1220 [ 550.845222][ T3854] bdi_register_owner+0x56/0xf0 [ 550.850057][ T3854] __device_add_disk+0x583/0x1220 [ 550.855069][ T3854] loop_add+0x554/0x710 [ 550.859211][ T3854] loop_control_ioctl+0x468/0x680 [ 550.864217][ T3854] ? xor_init+0x60/0x60 [ 550.868362][ T3854] do_vfs_ioctl+0x6fb/0x15b0 [ 550.872940][ T3854] __x64_sys_ioctl+0xd4/0x110 [ 550.877606][ T3854] do_syscall_64+0xcb/0x1e0 [ 550.882099][ T3854] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 550.887977][ T3854] RIP: 0033:0x7fe6f0f01059 [ 550.892387][ T3854] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 550.912064][ T3854] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 550.920461][ T3854] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 550.928416][ T3854] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 550.936372][ T3854] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 14:30:11 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 75) 14:30:11 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x2) ioctl$PIO_FONTRESET(r1, 0x4b6d, 0x0) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r3, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="085bad698a5870a8d942e99b6b44514a11e5c21edf606c29e36c0e5187a216e3b88853ae25dedd2ac0d2793ade0cf5876f3f2a0beb69e2f72d0b36deb41e78a7fbcfd0bd88865d00fa54c33e905eddc780d8dc9cae8e0355c1ba6cfd05f5538e000b0ad0d791b5f44723d6717681fc5e31572308a55d44fe05bc378a26931825b6a71c80ea7054f140daabee5ada48801557e60ab7f442835733fb16a8465e918dab2cdcb8965e887c5dbe7064edfd55547c24da504b732bd61c1bfd2abf6441f696279afce09c16c88db527e5e399d3efc10d664503f954fdfe78f8a47fedf2aa38ccc4c496e372a2494aac40ba5751d79012083e9b8ca13b6dfcdce37e292d", @ANYRES16=0x0, @ANYBLOB="000427bd7000fcdbdf250000000000000008a0277b4ca05eb2bb6187cbef9e36c2b1a098f3e9145805a600"/55, @ANYRES32=0x0, @ANYBLOB="1c005b0063c555db62520eb4c2d2439376f04d49ec09c73a738aeac5cf005b00fbd88ccd2e45eef7b5abdf13f7dc51b85cc23aa07bc30c1500fb5fdf1a76ec3444ca524023fc1e68046b1b23ebda82a090fd0f64c21dad6bce39e28da5c75c06b1432f440066135a192253c1046b2eb5b58d4eedfa2eb36b9fb3bfe2f210ae386f44d3801e0be64ef7b9784240229c85cf6aaf20937bdc2e8c7bf5c326444c4b3828e5d764e98247a2d1540af6ebf7ef26e4527b68fdfd59a01b99a275b545e480a861c19725567487cd6aabb9ab01640088b8c281112c27bf12ad15fd3e8f99163f37f36eb099f21decc500060065000800000072005b007acfea7be4d9738703e35497b69e6a29ba2cb548f19e9bbf17c362da5332abd31a3270c53b18b9355e30ac7a9717bd97932748cd0ef6a5fa47bd9c2d10a2da8af99c95f2b7aa7cb9a875af949332286b2138d02aca1dc7f89b0e32df90773fce84968701b95b641257e3161c3ee10000e0005b00323a65e300f0886acd4a7be6ea319f15f4338affcd4936aeb59fca53708f830c27ceb177bf7a54232bd300a5a7d95506eb98143f5adb8a0842f0fcc706757983d058641c3345dd6e611df780ea0bd4de9946fc9b353f52922a0feb8ca5266930e14e528fb384bb0d5616bd3907cc1cdbe560befd51785783c1f0815baabeb35bb1ef831fc791411cc8f8b12e3f1314a5c5f56f7fca871c5cc7e70622d12a2d1c7661dea6cb465e55bcf293210bc8858294ab12cb373c1a0cf74bec033f76e46fc0422dc0bda47eefb986d12ada1f387bb21a5c8e7b9781de67005b00bd46581e11bddacb732e25e3bed9d47e77df5b60640d42e386f39157da1b77aaa9adff60aa518fc8cb518aa9d92e51fd363d70ce1fce58c4ff27c5fe297c66ad8f4c396ec5f9bbcba0c6b34fa9f9f95bc0cdab34f2ad96287fbf3f4fbeda27486a531500ad005b001559cb308e5e00c1232162afa0c1612d874089544b8c06510c01fb3bde95ae03626c5e75017c74869956e0d68d9b868b05f339da8004d3798516c5a7f6f6dc4189536ca20f341371d2ef9c262f3af9f8405d6d7c24581601e05cbb67b5aad67e37f803fd40cd2bc067ab3f2270c80e3b562d23f85ffc2cba0d482b93d98c23a7b4b1dd5aafc26ab4aff2f4b29d9cbb80eb18e31d5f06fbaeebd2806bcdebc100000006006500ffff000007deabdb42684d605f79f377e725f7f87dfb0dfb2f71334ff9c45bf0e026e36737c2e902582ce34fc1fe84797417c0535bdcdd148325d5f77942581cbaacc8fd88f027ad0000000000000000000000000000fc"], 0x384}, 0x1, 0x0, 0x0, 0x40000}, 0x80) ioctl$TIOCGPTPEER(r3, 0x5441, 0x7) write$P9_RLINK(r2, 0x0, 0x0) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r5, 0x0, 0x0) write$P9_RSTAT(r5, 0xfffffffffffffffe, 0x0) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) write$P9_RFLUSH(0xffffffffffffffff, &(0x7f00000001c0)={0x7, 0x6d, 0x2}, 0x7) ioctl$KDGKBENT(r0, 0x4b46, &(0x7f0000000040)={0x6, 0x40, 0x1ff}) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r6, 0x0, 0x0) write$P9_RFLUSH(r6, &(0x7f0000000000)={0x7, 0x6d, 0x2}, 0x7) write$P9_RWSTAT(r5, &(0x7f00000000c0)={0x7, 0x7f, 0x8001}, 0x7) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) ioctl$TIOCGPTPEER(r0, 0x5441, 0x2) (async) ioctl$PIO_FONTRESET(r1, 0x4b6d, 0x0) (async) pipe2$9p(&(0x7f0000000400), 0x0) (async) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async) syz_open_pts(r3, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="085bad698a5870a8d942e99b6b44514a11e5c21edf606c29e36c0e5187a216e3b88853ae25dedd2ac0d2793ade0cf5876f3f2a0beb69e2f72d0b36deb41e78a7fbcfd0bd88865d00fa54c33e905eddc780d8dc9cae8e0355c1ba6cfd05f5538e000b0ad0d791b5f44723d6717681fc5e31572308a55d44fe05bc378a26931825b6a71c80ea7054f140daabee5ada48801557e60ab7f442835733fb16a8465e918dab2cdcb8965e887c5dbe7064edfd55547c24da504b732bd61c1bfd2abf6441f696279afce09c16c88db527e5e399d3efc10d664503f954fdfe78f8a47fedf2aa38ccc4c496e372a2494aac40ba5751d79012083e9b8ca13b6dfcdce37e292d", @ANYRES16=0x0, @ANYBLOB="000427bd7000fcdbdf250000000000000008a0277b4ca05eb2bb6187cbef9e36c2b1a098f3e9145805a600"/55, @ANYRES32=0x0, @ANYBLOB="1c005b0063c555db62520eb4c2d2439376f04d49ec09c73a738aeac5cf005b00fbd88ccd2e45eef7b5abdf13f7dc51b85cc23aa07bc30c1500fb5fdf1a76ec3444ca524023fc1e68046b1b23ebda82a090fd0f64c21dad6bce39e28da5c75c06b1432f440066135a192253c1046b2eb5b58d4eedfa2eb36b9fb3bfe2f210ae386f44d3801e0be64ef7b9784240229c85cf6aaf20937bdc2e8c7bf5c326444c4b3828e5d764e98247a2d1540af6ebf7ef26e4527b68fdfd59a01b99a275b545e480a861c19725567487cd6aabb9ab01640088b8c281112c27bf12ad15fd3e8f99163f37f36eb099f21decc500060065000800000072005b007acfea7be4d9738703e35497b69e6a29ba2cb548f19e9bbf17c362da5332abd31a3270c53b18b9355e30ac7a9717bd97932748cd0ef6a5fa47bd9c2d10a2da8af99c95f2b7aa7cb9a875af949332286b2138d02aca1dc7f89b0e32df90773fce84968701b95b641257e3161c3ee10000e0005b00323a65e300f0886acd4a7be6ea319f15f4338affcd4936aeb59fca53708f830c27ceb177bf7a54232bd300a5a7d95506eb98143f5adb8a0842f0fcc706757983d058641c3345dd6e611df780ea0bd4de9946fc9b353f52922a0feb8ca5266930e14e528fb384bb0d5616bd3907cc1cdbe560befd51785783c1f0815baabeb35bb1ef831fc791411cc8f8b12e3f1314a5c5f56f7fca871c5cc7e70622d12a2d1c7661dea6cb465e55bcf293210bc8858294ab12cb373c1a0cf74bec033f76e46fc0422dc0bda47eefb986d12ada1f387bb21a5c8e7b9781de67005b00bd46581e11bddacb732e25e3bed9d47e77df5b60640d42e386f39157da1b77aaa9adff60aa518fc8cb518aa9d92e51fd363d70ce1fce58c4ff27c5fe297c66ad8f4c396ec5f9bbcba0c6b34fa9f9f95bc0cdab34f2ad96287fbf3f4fbeda27486a531500ad005b001559cb308e5e00c1232162afa0c1612d874089544b8c06510c01fb3bde95ae03626c5e75017c74869956e0d68d9b868b05f339da8004d3798516c5a7f6f6dc4189536ca20f341371d2ef9c262f3af9f8405d6d7c24581601e05cbb67b5aad67e37f803fd40cd2bc067ab3f2270c80e3b562d23f85ffc2cba0d482b93d98c23a7b4b1dd5aafc26ab4aff2f4b29d9cbb80eb18e31d5f06fbaeebd2806bcdebc100000006006500ffff000007deabdb42684d605f79f377e725f7f87dfb0dfb2f71334ff9c45bf0e026e36737c2e902582ce34fc1fe84797417c0535bdcdd148325d5f77942581cbaacc8fd88f027ad0000000000000000000000000000fc"], 0x384}, 0x1, 0x0, 0x0, 0x40000}, 0x80) (async) ioctl$TIOCGPTPEER(r3, 0x5441, 0x7) (async) write$P9_RLINK(r2, 0x0, 0x0) (async) pipe2$9p(&(0x7f0000000400), 0x0) (async) write$P9_RLINK(r5, 0x0, 0x0) (async) write$P9_RSTAT(r5, 0xfffffffffffffffe, 0x0) (async) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) (async) write$P9_RFLUSH(0xffffffffffffffff, &(0x7f00000001c0)={0x7, 0x6d, 0x2}, 0x7) (async) ioctl$KDGKBENT(r0, 0x4b46, &(0x7f0000000040)={0x6, 0x40, 0x1ff}) (async) pipe2$9p(&(0x7f0000000400), 0x0) (async) write$P9_RLINK(r6, 0x0, 0x0) (async) write$P9_RFLUSH(r6, &(0x7f0000000000)={0x7, 0x6d, 0x2}, 0x7) (async) write$P9_RWSTAT(r5, &(0x7f00000000c0)={0x7, 0x7f, 0x8001}, 0x7) (async) 14:30:11 executing program 3: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_ADD_TX_TS(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x3c, r0, 0x8, 0x70bd2b, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_TSID={0x5, 0xd2, 0xb}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_TSID={0x5, 0xd2, 0xd}, @NL80211_ATTR_MAC={0xa}]}, 0x3c}, 0x1, 0x0, 0x0, 0x84}, 0x1000) (async) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$hidraw(0xffffffffffffffff, &(0x7f0000000180)="a8fb7c9398a19cfd192e51a2cd5c8f8cbd4d43e815be9414b7f4a0fe58a004ce47acf42f5e132462d383435235b05d7ac8759c03bc8f423a4a5f19ed6c62753f49c333450f0f13f3ed03db8ae9b7f5c2074a6ae632ccbdfd7a33c1e1564bf99191f935e0dc72d9bb6c491e145d", 0x6d) (async) syz_open_dev$tty20(0xc, 0x4, 0x1) (async) write$P9_RWSTAT(r1, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:30:11 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x1635c0) (async) ioctl$GIO_FONTX(r1, 0x4b6b, &(0x7f0000000400)={0x9f, 0xe}) write$P9_RWSTAT(r0, 0x0, 0x0) (async) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r2, 0x0) (async) ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000440)=0xc43) 14:30:11 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:30:11 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:30:11 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) [ 550.944332][ T3854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 550.952296][ T3854] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 14:30:11 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:30:11 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:30:11 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0xffffff9b}, 0x7) 14:30:11 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) ioctl$PIO_FONTRESET(r1, 0x4b6d, 0x0) write$P9_RWSTAT(r0, 0x0, 0x0) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000000)={0x14, 0x7, 0x1, {0xb, '/dev/ttyS3\x00'}}, 0x14) 14:30:11 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x2) ioctl$PIO_FONTRESET(r1, 0x4b6d, 0x0) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r3, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="085bad698a5870a8d942e99b6b44514a11e5c21edf606c29e36c0e5187a216e3b88853ae25dedd2ac0d2793ade0cf5876f3f2a0beb69e2f72d0b36deb41e78a7fbcfd0bd88865d00fa54c33e905eddc780d8dc9cae8e0355c1ba6cfd05f5538e000b0ad0d791b5f44723d6717681fc5e31572308a55d44fe05bc378a26931825b6a71c80ea7054f140daabee5ada48801557e60ab7f442835733fb16a8465e918dab2cdcb8965e887c5dbe7064edfd55547c24da504b732bd61c1bfd2abf6441f696279afce09c16c88db527e5e399d3efc10d664503f954fdfe78f8a47fedf2aa38ccc4c496e372a2494aac40ba5751d79012083e9b8ca13b6dfcdce37e292d", @ANYRES16=0x0, @ANYBLOB="000427bd7000fcdbdf250000000000000008a0277b4ca05eb2bb6187cbef9e36c2b1a098f3e9145805a600"/55, @ANYRES32=0x0, @ANYBLOB="1c005b0063c555db62520eb4c2d2439376f04d49ec09c73a738aeac5cf005b00fbd88ccd2e45eef7b5abdf13f7dc51b85cc23aa07bc30c1500fb5fdf1a76ec3444ca524023fc1e68046b1b23ebda82a090fd0f64c21dad6bce39e28da5c75c06b1432f440066135a192253c1046b2eb5b58d4eedfa2eb36b9fb3bfe2f210ae386f44d3801e0be64ef7b9784240229c85cf6aaf20937bdc2e8c7bf5c326444c4b3828e5d764e98247a2d1540af6ebf7ef26e4527b68fdfd59a01b99a275b545e480a861c19725567487cd6aabb9ab01640088b8c281112c27bf12ad15fd3e8f99163f37f36eb099f21decc500060065000800000072005b007acfea7be4d9738703e35497b69e6a29ba2cb548f19e9bbf17c362da5332abd31a3270c53b18b9355e30ac7a9717bd97932748cd0ef6a5fa47bd9c2d10a2da8af99c95f2b7aa7cb9a875af949332286b2138d02aca1dc7f89b0e32df90773fce84968701b95b641257e3161c3ee10000e0005b00323a65e300f0886acd4a7be6ea319f15f4338affcd4936aeb59fca53708f830c27ceb177bf7a54232bd300a5a7d95506eb98143f5adb8a0842f0fcc706757983d058641c3345dd6e611df780ea0bd4de9946fc9b353f52922a0feb8ca5266930e14e528fb384bb0d5616bd3907cc1cdbe560befd51785783c1f0815baabeb35bb1ef831fc791411cc8f8b12e3f1314a5c5f56f7fca871c5cc7e70622d12a2d1c7661dea6cb465e55bcf293210bc8858294ab12cb373c1a0cf74bec033f76e46fc0422dc0bda47eefb986d12ada1f387bb21a5c8e7b9781de67005b00bd46581e11bddacb732e25e3bed9d47e77df5b60640d42e386f39157da1b77aaa9adff60aa518fc8cb518aa9d92e51fd363d70ce1fce58c4ff27c5fe297c66ad8f4c396ec5f9bbcba0c6b34fa9f9f95bc0cdab34f2ad96287fbf3f4fbeda27486a531500ad005b001559cb308e5e00c1232162afa0c1612d874089544b8c06510c01fb3bde95ae03626c5e75017c74869956e0d68d9b868b05f339da8004d3798516c5a7f6f6dc4189536ca20f341371d2ef9c262f3af9f8405d6d7c24581601e05cbb67b5aad67e37f803fd40cd2bc067ab3f2270c80e3b562d23f85ffc2cba0d482b93d98c23a7b4b1dd5aafc26ab4aff2f4b29d9cbb80eb18e31d5f06fbaeebd2806bcdebc100000006006500ffff000007deabdb42684d605f79f377e725f7f87dfb0dfb2f71334ff9c45bf0e026e36737c2e902582ce34fc1fe84797417c0535bdcdd148325d5f77942581cbaacc8fd88f027ad0000000000000000000000000000fc"], 0x384}, 0x1, 0x0, 0x0, 0x40000}, 0x80) ioctl$TIOCGPTPEER(r3, 0x5441, 0x7) write$P9_RLINK(r2, 0x0, 0x0) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r5, 0x0, 0x0) write$P9_RSTAT(r5, 0xfffffffffffffffe, 0x0) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) write$P9_RFLUSH(0xffffffffffffffff, &(0x7f00000001c0)={0x7, 0x6d, 0x2}, 0x7) ioctl$KDGKBENT(r0, 0x4b46, &(0x7f0000000040)={0x6, 0x40, 0x1ff}) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r6, 0x0, 0x0) write$P9_RFLUSH(r6, &(0x7f0000000000)={0x7, 0x6d, 0x2}, 0x7) write$P9_RWSTAT(r5, &(0x7f00000000c0)={0x7, 0x7f, 0x8001}, 0x7) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) ioctl$TIOCGPTPEER(r0, 0x5441, 0x2) (async) ioctl$PIO_FONTRESET(r1, 0x4b6d, 0x0) (async) pipe2$9p(&(0x7f0000000400), 0x0) (async) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async) syz_open_pts(r3, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="085bad698a5870a8d942e99b6b44514a11e5c21edf606c29e36c0e5187a216e3b88853ae25dedd2ac0d2793ade0cf5876f3f2a0beb69e2f72d0b36deb41e78a7fbcfd0bd88865d00fa54c33e905eddc780d8dc9cae8e0355c1ba6cfd05f5538e000b0ad0d791b5f44723d6717681fc5e31572308a55d44fe05bc378a26931825b6a71c80ea7054f140daabee5ada48801557e60ab7f442835733fb16a8465e918dab2cdcb8965e887c5dbe7064edfd55547c24da504b732bd61c1bfd2abf6441f696279afce09c16c88db527e5e399d3efc10d664503f954fdfe78f8a47fedf2aa38ccc4c496e372a2494aac40ba5751d79012083e9b8ca13b6dfcdce37e292d", @ANYRES16=0x0, @ANYBLOB="000427bd7000fcdbdf250000000000000008a0277b4ca05eb2bb6187cbef9e36c2b1a098f3e9145805a600"/55, @ANYRES32=0x0, @ANYBLOB="1c005b0063c555db62520eb4c2d2439376f04d49ec09c73a738aeac5cf005b00fbd88ccd2e45eef7b5abdf13f7dc51b85cc23aa07bc30c1500fb5fdf1a76ec3444ca524023fc1e68046b1b23ebda82a090fd0f64c21dad6bce39e28da5c75c06b1432f440066135a192253c1046b2eb5b58d4eedfa2eb36b9fb3bfe2f210ae386f44d3801e0be64ef7b9784240229c85cf6aaf20937bdc2e8c7bf5c326444c4b3828e5d764e98247a2d1540af6ebf7ef26e4527b68fdfd59a01b99a275b545e480a861c19725567487cd6aabb9ab01640088b8c281112c27bf12ad15fd3e8f99163f37f36eb099f21decc500060065000800000072005b007acfea7be4d9738703e35497b69e6a29ba2cb548f19e9bbf17c362da5332abd31a3270c53b18b9355e30ac7a9717bd97932748cd0ef6a5fa47bd9c2d10a2da8af99c95f2b7aa7cb9a875af949332286b2138d02aca1dc7f89b0e32df90773fce84968701b95b641257e3161c3ee10000e0005b00323a65e300f0886acd4a7be6ea319f15f4338affcd4936aeb59fca53708f830c27ceb177bf7a54232bd300a5a7d95506eb98143f5adb8a0842f0fcc706757983d058641c3345dd6e611df780ea0bd4de9946fc9b353f52922a0feb8ca5266930e14e528fb384bb0d5616bd3907cc1cdbe560befd51785783c1f0815baabeb35bb1ef831fc791411cc8f8b12e3f1314a5c5f56f7fca871c5cc7e70622d12a2d1c7661dea6cb465e55bcf293210bc8858294ab12cb373c1a0cf74bec033f76e46fc0422dc0bda47eefb986d12ada1f387bb21a5c8e7b9781de67005b00bd46581e11bddacb732e25e3bed9d47e77df5b60640d42e386f39157da1b77aaa9adff60aa518fc8cb518aa9d92e51fd363d70ce1fce58c4ff27c5fe297c66ad8f4c396ec5f9bbcba0c6b34fa9f9f95bc0cdab34f2ad96287fbf3f4fbeda27486a531500ad005b001559cb308e5e00c1232162afa0c1612d874089544b8c06510c01fb3bde95ae03626c5e75017c74869956e0d68d9b868b05f339da8004d3798516c5a7f6f6dc4189536ca20f341371d2ef9c262f3af9f8405d6d7c24581601e05cbb67b5aad67e37f803fd40cd2bc067ab3f2270c80e3b562d23f85ffc2cba0d482b93d98c23a7b4b1dd5aafc26ab4aff2f4b29d9cbb80eb18e31d5f06fbaeebd2806bcdebc100000006006500ffff000007deabdb42684d605f79f377e725f7f87dfb0dfb2f71334ff9c45bf0e026e36737c2e902582ce34fc1fe84797417c0535bdcdd148325d5f77942581cbaacc8fd88f027ad0000000000000000000000000000fc"], 0x384}, 0x1, 0x0, 0x0, 0x40000}, 0x80) (async) ioctl$TIOCGPTPEER(r3, 0x5441, 0x7) (async) write$P9_RLINK(r2, 0x0, 0x0) (async) pipe2$9p(&(0x7f0000000400), 0x0) (async) write$P9_RLINK(r5, 0x0, 0x0) (async) write$P9_RSTAT(r5, 0xfffffffffffffffe, 0x0) (async) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) (async) write$P9_RFLUSH(0xffffffffffffffff, &(0x7f00000001c0)={0x7, 0x6d, 0x2}, 0x7) (async) ioctl$KDGKBENT(r0, 0x4b46, &(0x7f0000000040)={0x6, 0x40, 0x1ff}) (async) pipe2$9p(&(0x7f0000000400), 0x0) (async) write$P9_RLINK(r6, 0x0, 0x0) (async) write$P9_RFLUSH(r6, &(0x7f0000000000)={0x7, 0x6d, 0x2}, 0x7) (async) write$P9_RWSTAT(r5, &(0x7f00000000c0)={0x7, 0x7f, 0x8001}, 0x7) (async) [ 551.036655][ T3884] FAULT_INJECTION: forcing a failure. [ 551.036655][ T3884] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 551.074538][ T3884] CPU: 1 PID: 3884 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 551.086258][ T3884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 551.086268][ T3884] Call Trace: [ 551.099587][ T3884] dump_stack+0x18e/0x1de [ 551.103920][ T3884] should_fail+0x5d8/0x740 [ 551.108326][ T3884] __alloc_pages_nodemask+0x12e/0x740 [ 551.113686][ T3884] __get_free_pages+0xa/0x30 [ 551.118260][ T3884] inode_doinit_with_dentry+0x8d4/0x1170 [ 551.123887][ T3884] security_d_instantiate+0xa5/0x100 [ 551.129158][ T3884] d_instantiate+0x51/0x90 [ 551.133568][ T3884] debugfs_create_dir+0x1bc/0x3f0 [ 551.138578][ T3884] bdi_register_va+0x232/0x5e0 [ 551.143327][ T3884] bdi_register+0x80/0xa0 [ 551.147641][ T3884] ? __device_add_disk+0x50a/0x1220 [ 551.152825][ T3884] bdi_register_owner+0x56/0xf0 [ 551.157662][ T3884] __device_add_disk+0x583/0x1220 [ 551.162680][ T3884] loop_add+0x554/0x710 [ 551.166825][ T3884] loop_control_ioctl+0x468/0x680 [ 551.171835][ T3884] ? xor_init+0x60/0x60 [ 551.175976][ T3884] do_vfs_ioctl+0x6fb/0x15b0 [ 551.180559][ T3884] __x64_sys_ioctl+0xd4/0x110 [ 551.185225][ T3884] do_syscall_64+0xcb/0x1e0 [ 551.189715][ T3884] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 551.195591][ T3884] RIP: 0033:0x7fe6f0f01059 [ 551.199997][ T3884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 551.219677][ T3884] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 551.228075][ T3884] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 14:30:11 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 76) 14:30:11 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) 14:30:11 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) (async) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) ioctl$PIO_FONTRESET(r1, 0x4b6d, 0x0) (async) write$P9_RWSTAT(r0, 0x0, 0x0) (async) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000000)={0x14, 0x7, 0x1, {0xb, '/dev/ttyS3\x00'}}, 0x14) 14:30:11 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x8, 0x1}, 0x7) 14:30:11 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) syz_open_dev$tty1(0xc, 0x4, 0x1) (async) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) 14:30:11 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r2) write$P9_RLINK(r1, 0x0, 0x0) write$P9_RLCREATE(r1, &(0x7f0000000040)={0x18, 0xf, 0x1, {{0x0, 0x2, 0x7}, 0x1ff}}, 0x18) write$P9_RXATTRWALK(r1, &(0x7f0000000080)={0xf, 0x1f, 0x1, 0x8000}, 0xf) write$P9_RREMOVE(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x7b, 0x1}, 0x7) 14:30:11 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x8, 0x1}, 0x7) [ 551.236038][ T3884] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 551.244001][ T3884] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 551.252090][ T3884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 551.260052][ T3884] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 14:30:11 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:30:11 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x8}, 0x7) 14:30:11 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) (async) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) ioctl$PIO_FONTRESET(r1, 0x4b6d, 0x0) (async) write$P9_RWSTAT(r0, 0x0, 0x0) (async) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000000)={0x14, 0x7, 0x1, {0xb, '/dev/ttyS3\x00'}}, 0x14) 14:30:11 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) (async) r2 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r2) write$P9_RLINK(r1, 0x0, 0x0) (async) write$P9_RLCREATE(r1, &(0x7f0000000040)={0x18, 0xf, 0x1, {{0x0, 0x2, 0x7}, 0x1ff}}, 0x18) (async) write$P9_RXATTRWALK(r1, &(0x7f0000000080)={0xf, 0x1f, 0x1, 0x8000}, 0xf) (async) write$P9_RREMOVE(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x7b, 0x1}, 0x7) 14:30:11 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) write$P9_RFLUSH(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x6d, 0x2}, 0x7) [ 551.334106][ T3945] FAULT_INJECTION: forcing a failure. [ 551.334106][ T3945] name failslab, interval 1, probability 0, space 0, times 0 [ 551.376573][ T3945] CPU: 0 PID: 3945 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 551.388120][ T3945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 551.398162][ T3945] Call Trace: [ 551.401439][ T3945] dump_stack+0x18e/0x1de [ 551.405760][ T3945] should_fail+0x5d8/0x740 [ 551.410170][ T3945] ? new_inode_pseudo+0x79/0x220 [ 551.415125][ T3945] should_failslab+0x5/0x20 [ 551.419615][ T3945] kmem_cache_alloc+0x36/0x290 [ 551.424377][ T3945] new_inode_pseudo+0x79/0x220 [ 551.429126][ T3945] new_inode+0x25/0x1d0 [ 551.433268][ T3945] ? start_creating+0x183/0x270 [ 551.438104][ T3945] __debugfs_create_file+0xb5/0x460 [ 551.443295][ T3945] ? debugfs_create_dir+0x302/0x3f0 [ 551.448485][ T3945] bdi_register_va+0x274/0x5e0 [ 551.453234][ T3945] bdi_register+0x80/0xa0 [ 551.457550][ T3945] ? __device_add_disk+0x50a/0x1220 [ 551.462730][ T3945] bdi_register_owner+0x56/0xf0 [ 551.467564][ T3945] __device_add_disk+0x583/0x1220 [ 551.472572][ T3945] loop_add+0x554/0x710 [ 551.476798][ T3945] loop_control_ioctl+0x468/0x680 [ 551.481815][ T3945] ? xor_init+0x60/0x60 [ 551.485952][ T3945] do_vfs_ioctl+0x6fb/0x15b0 [ 551.490530][ T3945] __x64_sys_ioctl+0xd4/0x110 [ 551.495197][ T3945] do_syscall_64+0xcb/0x1e0 [ 551.499687][ T3945] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 551.505578][ T3945] RIP: 0033:0x7fe6f0f01059 [ 551.509976][ T3945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 551.529562][ T3945] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 551.537960][ T3945] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 551.545916][ T3945] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 551.553879][ T3945] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 551.561839][ T3945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 14:30:12 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 77) 14:30:12 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async, rerun: 32) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) (rerun: 32) r2 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r2) (async) write$P9_RLINK(r1, 0x0, 0x0) write$P9_RLCREATE(r1, &(0x7f0000000040)={0x18, 0xf, 0x1, {{0x0, 0x2, 0x7}, 0x1ff}}, 0x18) (async, rerun: 64) write$P9_RXATTRWALK(r1, &(0x7f0000000080)={0xf, 0x1f, 0x1, 0x8000}, 0xf) (async, rerun: 64) write$P9_RREMOVE(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x7b, 0x1}, 0x7) 14:30:12 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_pts(r1, 0x0) ioctl$TIOCGWINSZ(r1, 0x5413, &(0x7f0000000000)) 14:30:12 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x8, 0x1}, 0x7) 14:30:12 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r2, 0x0, 0x0) write$P9_RUNLINKAT(r2, &(0x7f0000000080)={0x7, 0x4d, 0x2}, 0x7) write$P9_RWRITE(r1, &(0x7f0000000040)={0xb, 0x77, 0x1, 0x4}, 0xb) 14:30:12 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) write$P9_RFLUSH(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x6d, 0x2}, 0x7) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) write$P9_RWSTAT(r0, 0x0, 0x0) (async) write$P9_RFLUSH(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x6d, 0x2}, 0x7) (async) [ 551.569797][ T3945] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 551.582584][ T3945] debugfs: out of free dentries, can not create file 'stats' 14:30:12 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) (async, rerun: 64) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) (rerun: 64) write$P9_RLINK(r2, 0x0, 0x0) (async) write$P9_RUNLINKAT(r2, &(0x7f0000000080)={0x7, 0x4d, 0x2}, 0x7) write$P9_RWRITE(r1, &(0x7f0000000040)={0xb, 0x77, 0x1, 0x4}, 0xb) 14:30:12 executing program 1: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x8, 0x1}, 0x7) 14:30:12 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7ffff000, 0x7f, 0x1}, 0x7) 14:30:12 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) (async, rerun: 64) write$P9_RFLUSH(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x6d, 0x2}, 0x7) (rerun: 64) 14:30:12 executing program 1: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x8, 0x1}, 0x7) 14:30:12 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7ffff000, 0x7f, 0x1}, 0x7) 14:30:12 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_SET(r0, 0x0, 0x0) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_SET(r2, 0x0, 0x0) syz_genetlink_get_family_id$gtp(&(0x7f0000000180), r2) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_PEER_REMOVE(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x30, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0x8, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x4}]}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ADDR={0x8}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x24044004}, 0x0) sendmsg$TIPC_NL_NET_GET(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x30, r1, 0x100, 0x70bd2d, 0x25dfdbff, {}, [@TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x41e3}]}, @TIPC_NLA_NET={0x10, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xfffffffffffffe00}]}]}, 0x30}}, 0x4) r4 = syz_open_dev$tty1(0xc, 0x4, 0x3) socket$inet(0x2, 0x2, 0x4) write$P9_RWSTAT(r4, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) [ 551.679409][ T3977] FAULT_INJECTION: forcing a failure. [ 551.679409][ T3977] name failslab, interval 1, probability 0, space 0, times 0 [ 551.706451][ T3977] CPU: 1 PID: 3977 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 551.718020][ T3977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 14:30:12 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 78) 14:30:12 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f0000000000)="7d7e58aba8cbb552141a42c1ee21c9dfd2011b3cd7a8af0ac788e132d8e2849f9aeb5410ba5f789399c625452a2ff73340ecfb1cf523178339d51d5804cadcc3a430c116a1dd48bc994d39e5f61422142363709bb4db1e0b4b32ac29d4b8d6497636d61569c397c0580b0f0f57fe87f30a7ed84ade0d1fea77e5") 14:30:12 executing program 1: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x8, 0x1}, 0x7) [ 551.718030][ T3977] Call Trace: [ 551.731453][ T3977] dump_stack+0x18e/0x1de [ 551.735786][ T3977] should_fail+0x5d8/0x740 [ 551.735802][ T3977] ? new_inode_pseudo+0x79/0x220 [ 551.745141][ T3977] should_failslab+0x5/0x20 [ 551.745153][ T3977] kmem_cache_alloc+0x36/0x290 [ 551.745165][ T3977] new_inode_pseudo+0x79/0x220 [ 551.745174][ T3977] new_inode+0x25/0x1d0 14:30:12 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x8, 0x1}, 0x7) [ 551.745185][ T3977] ? start_creating+0x183/0x270 [ 551.745194][ T3977] __debugfs_create_file+0xb5/0x460 [ 551.745204][ T3977] ? debugfs_create_dir+0x302/0x3f0 [ 551.745213][ T3977] bdi_register_va+0x274/0x5e0 [ 551.745222][ T3977] bdi_register+0x80/0xa0 [ 551.745231][ T3977] ? __device_add_disk+0x50a/0x1220 [ 551.745240][ T3977] bdi_register_owner+0x56/0xf0 [ 551.745248][ T3977] __device_add_disk+0x583/0x1220 [ 551.745260][ T3977] loop_add+0x554/0x710 14:30:12 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 79) [ 551.745269][ T3977] loop_control_ioctl+0x468/0x680 [ 551.745276][ T3977] ? xor_init+0x60/0x60 [ 551.745285][ T3977] do_vfs_ioctl+0x6fb/0x15b0 [ 551.745297][ T3977] __x64_sys_ioctl+0xd4/0x110 [ 551.745306][ T3977] do_syscall_64+0xcb/0x1e0 [ 551.745317][ T3977] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 551.745326][ T3977] RIP: 0033:0x7fe6f0f01059 [ 551.745335][ T3977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 551.745340][ T3977] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 551.745350][ T3977] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 551.745355][ T3977] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 551.745360][ T3977] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 551.745365][ T3977] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 551.745370][ T3977] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 551.748646][ T3977] debugfs: out of free dentries, can not create file 'stats' [ 551.837420][ T4004] FAULT_INJECTION: forcing a failure. [ 551.837420][ T4004] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 551.837435][ T4004] CPU: 0 PID: 4004 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 551.837440][ T4004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 551.837443][ T4004] Call Trace: [ 551.837457][ T4004] dump_stack+0x18e/0x1de [ 551.837469][ T4004] should_fail+0x5d8/0x740 [ 551.837483][ T4004] __alloc_pages_nodemask+0x12e/0x740 [ 551.837495][ T4004] __get_free_pages+0xa/0x30 [ 551.837506][ T4004] inode_doinit_with_dentry+0x8d4/0x1170 [ 551.837518][ T4004] security_d_instantiate+0xa5/0x100 [ 551.837528][ T4004] d_instantiate+0x51/0x90 [ 551.837537][ T4004] __debugfs_create_file+0x256/0x460 [ 551.837548][ T4004] bdi_register_va+0x274/0x5e0 [ 551.837557][ T4004] bdi_register+0x80/0xa0 [ 551.837566][ T4004] ? __device_add_disk+0x50a/0x1220 [ 551.837576][ T4004] bdi_register_owner+0x56/0xf0 [ 551.837585][ T4004] __device_add_disk+0x583/0x1220 [ 551.837596][ T4004] loop_add+0x554/0x710 [ 551.837606][ T4004] loop_control_ioctl+0x468/0x680 [ 551.837614][ T4004] ? xor_init+0x60/0x60 [ 551.837624][ T4004] do_vfs_ioctl+0x6fb/0x15b0 [ 551.837638][ T4004] __x64_sys_ioctl+0xd4/0x110 [ 551.837647][ T4004] do_syscall_64+0xcb/0x1e0 [ 551.837658][ T4004] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 551.837666][ T4004] RIP: 0033:0x7fe6f0f01059 [ 551.837675][ T4004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 551.837679][ T4004] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 551.837688][ T4004] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 551.837694][ T4004] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 551.837699][ T4004] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 551.837703][ T4004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 551.837709][ T4004] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 551.960746][ T4013] FAULT_INJECTION: forcing a failure. [ 551.960746][ T4013] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 551.960760][ T4013] CPU: 0 PID: 4013 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 551.960765][ T4013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 551.960769][ T4013] Call Trace: [ 551.960782][ T4013] dump_stack+0x18e/0x1de [ 551.960794][ T4013] should_fail+0x5d8/0x740 [ 551.960806][ T4013] __alloc_pages_nodemask+0x12e/0x740 [ 551.960818][ T4013] __get_free_pages+0xa/0x30 [ 551.960827][ T4013] inode_doinit_with_dentry+0x8d4/0x1170 [ 551.960841][ T4013] security_d_instantiate+0xa5/0x100 [ 551.960851][ T4013] d_instantiate+0x51/0x90 [ 551.960860][ T4013] __debugfs_create_file+0x256/0x460 [ 551.960871][ T4013] bdi_register_va+0x274/0x5e0 [ 551.960881][ T4013] bdi_register+0x80/0xa0 [ 551.960890][ T4013] ? __device_add_disk+0x50a/0x1220 [ 551.960900][ T4013] bdi_register_owner+0x56/0xf0 [ 551.960909][ T4013] __device_add_disk+0x583/0x1220 [ 551.960920][ T4013] loop_add+0x554/0x710 [ 551.960930][ T4013] loop_control_ioctl+0x468/0x680 [ 551.960938][ T4013] ? xor_init+0x60/0x60 [ 551.960948][ T4013] do_vfs_ioctl+0x6fb/0x15b0 [ 551.960961][ T4013] __x64_sys_ioctl+0xd4/0x110 [ 551.960970][ T4013] do_syscall_64+0xcb/0x1e0 [ 551.960981][ T4013] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 551.960990][ T4013] RIP: 0033:0x7fe6f0f01059 [ 551.960999][ T4013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 551.961004][ T4013] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 14:30:12 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLINK(r2, 0x0, 0x0) (async) write$P9_RUNLINKAT(r2, &(0x7f0000000080)={0x7, 0x4d, 0x2}, 0x7) write$P9_RWRITE(r1, &(0x7f0000000040)={0xb, 0x77, 0x1, 0x4}, 0xb) 14:30:12 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) (fail_nth: 80) 14:30:12 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_SET(r0, 0x0, 0x0) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_SET(r2, 0x0, 0x0) syz_genetlink_get_family_id$gtp(&(0x7f0000000180), r2) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_PEER_REMOVE(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x30, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0x8, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x4}]}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ADDR={0x8}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x24044004}, 0x0) sendmsg$TIPC_NL_NET_GET(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x30, r1, 0x100, 0x70bd2d, 0x25dfdbff, {}, [@TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x41e3}]}, @TIPC_NLA_NET={0x10, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xfffffffffffffe00}]}]}, 0x30}}, 0x4) r4 = syz_open_dev$tty1(0xc, 0x4, 0x3) socket$inet(0x2, 0x2, 0x4) write$P9_RWSTAT(r4, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$TIPC_NL_BEARER_SET(r0, 0x0, 0x0) (async) syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$TIPC_NL_BEARER_SET(r2, 0x0, 0x0) (async) syz_genetlink_get_family_id$gtp(&(0x7f0000000180), r2) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$TIPC_NL_PEER_REMOVE(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x30, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0x8, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x4}]}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ADDR={0x8}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x24044004}, 0x0) (async) sendmsg$TIPC_NL_NET_GET(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x30, r1, 0x100, 0x70bd2d, 0x25dfdbff, {}, [@TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x41e3}]}, @TIPC_NLA_NET={0x10, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xfffffffffffffe00}]}]}, 0x30}}, 0x4) (async) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) socket$inet(0x2, 0x2, 0x4) (async) write$P9_RWSTAT(r4, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) 14:30:12 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f0000000000)="7d7e58aba8cbb552141a42c1ee21c9dfd2011b3cd7a8af0ac788e132d8e2849f9aeb5410ba5f789399c625452a2ff73340ecfb1cf523178339d51d5804cadcc3a430c116a1dd48bc994d39e5f61422142363709bb4db1e0b4b32ac29d4b8d6497636d61569c397c0580b0f0f57fe87f30a7ed84ade0d1fea77e5") 14:30:12 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x8, 0x1}, 0x7) [ 551.961013][ T4013] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 551.961018][ T4013] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 551.961023][ T4013] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 551.961028][ T4013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 551.961033][ T4013] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 14:30:12 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7ffff000, 0x7f, 0x1}, 0x7) 14:30:12 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, 0x0, 0x0) (async) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f0000000000)="7d7e58aba8cbb552141a42c1ee21c9dfd2011b3cd7a8af0ac788e132d8e2849f9aeb5410ba5f789399c625452a2ff73340ecfb1cf523178339d51d5804cadcc3a430c116a1dd48bc994d39e5f61422142363709bb4db1e0b4b32ac29d4b8d6497636d61569c397c0580b0f0f57fe87f30a7ed84ade0d1fea77e5") 14:30:12 executing program 1: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x8, 0x1}, 0x7) 14:30:12 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:30:12 executing program 1: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x8, 0x1}, 0x7) 14:30:12 executing program 2: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7ffff000, 0x7f, 0x1}, 0x7) 14:30:12 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x3) r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCGWINSZ(r0, 0x5413, &(0x7f0000000000)) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RWSTAT(r1, 0x0, 0xfffffffffffffe38) 14:30:12 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) syz_open_dev$tty1(0xc, 0x4, 0x4) (async) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) [ 552.453526][ T4024] FAULT_INJECTION: forcing a failure. [ 552.453526][ T4024] name failslab, interval 1, probability 0, space 0, times 0 [ 552.481123][ T4024] CPU: 1 PID: 4024 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 552.492681][ T4024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 552.492693][ T4024] Call Trace: [ 552.506017][ T4024] dump_stack+0x18e/0x1de [ 552.510348][ T4024] should_fail+0x5d8/0x740 [ 552.510363][ T4024] ? kobject_set_name_vargs+0x5d/0x110 [ 552.520187][ T4024] should_failslab+0x5/0x20 [ 552.520203][ T4024] __kmalloc_track_caller+0x5d/0x2e0 [ 552.529947][ T4024] kstrdup_const+0x51/0x90 [ 552.534355][ T4024] kobject_set_name_vargs+0x5d/0x110 [ 552.539631][ T4024] dev_set_name+0x80/0xa0 [ 552.543951][ T4024] ? kobj_map+0x61e/0x650 [ 552.548267][ T4024] __device_add_disk+0x678/0x1220 [ 552.553277][ T4024] loop_add+0x554/0x710 [ 552.557420][ T4024] loop_control_ioctl+0x468/0x680 [ 552.562430][ T4024] ? xor_init+0x60/0x60 [ 552.566571][ T4024] do_vfs_ioctl+0x6fb/0x15b0 [ 552.571152][ T4024] __x64_sys_ioctl+0xd4/0x110 [ 552.575813][ T4024] do_syscall_64+0xcb/0x1e0 [ 552.580305][ T4024] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 552.586185][ T4024] RIP: 0033:0x7fe6f0f01059 [ 552.590671][ T4024] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 552.610264][ T4024] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 552.618665][ T4024] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 552.626638][ T4024] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 552.634595][ T4024] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 552.642827][ T4024] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 552.650790][ T4024] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 552.663516][ T4024] kobject_add_internal failed for queue (error: -2 parent: (null)) [ 552.671572][ T4024] ------------[ cut here ]------------ [ 552.677030][ T4024] WARNING: CPU: 1 PID: 4024 at fs/sysfs/file.c:328 sysfs_create_files+0x1ef/0x380 [ 552.686197][ T4024] Modules linked in: [ 552.690087][ T4024] CPU: 1 PID: 4024 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 552.701602][ T4024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 552.711654][ T4024] RIP: 0010:sysfs_create_files+0x1ef/0x380 [ 552.717450][ T4024] Code: 85 ed 0f 84 a4 00 00 00 e8 9e 8e ae ff 89 eb 48 8b 6c 24 10 4c 8b 7c 24 28 e9 ad fe ff ff e8 88 8e ae ff eb 05 e8 81 8e ae ff <0f> 0b 41 bc ea ff ff ff eb 8d 3c 03 0f 8f a1 fe ff ff 48 8d 7c 24 [ 552.737048][ T4024] RSP: 0018:ffff8881e7bb7c68 EFLAGS: 00010246 [ 552.743099][ T4024] RAX: ffffffff81b217df RBX: 0000000000000000 RCX: 0000000000040000 [ 552.751052][ T4024] RDX: ffffc90000144000 RSI: 000000000003ffff RDI: 0000000000040000 [ 552.759007][ T4024] RBP: ffff8881e40140a0 R08: ffffffff821b11bc R09: ffffed103cf76f8b [ 552.766964][ T4024] R10: ffffed103cf76f8b R11: 0000000000000000 R12: dffffc0000000000 [ 552.774925][ T4024] R13: ffffffff84e29a00 R14: dffffc0000000000 R15: ffff8881e4014070 [ 552.782989][ T4024] FS: 00007fe6f0077700(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 552.791907][ T4024] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 552.798475][ T4024] CR2: 00007f7eb0db3d38 CR3: 00000001e6c90000 CR4: 00000000003406e0 [ 552.806436][ T4024] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 552.814398][ T4024] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 552.822352][ T4024] Call Trace: [ 552.825633][ T4024] __device_add_disk+0xced/0x1220 [ 552.830650][ T4024] loop_add+0x554/0x710 [ 552.834803][ T4024] loop_control_ioctl+0x468/0x680 [ 552.839831][ T4024] ? xor_init+0x60/0x60 [ 552.843975][ T4024] do_vfs_ioctl+0x6fb/0x15b0 [ 552.848567][ T4024] __x64_sys_ioctl+0xd4/0x110 [ 552.853231][ T4024] do_syscall_64+0xcb/0x1e0 [ 552.857729][ T4024] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 552.863611][ T4024] RIP: 0033:0x7fe6f0f01059 [ 552.868020][ T4024] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 552.887611][ T4024] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 552.896110][ T4024] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 552.904071][ T4024] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 552.912032][ T4024] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 552.919987][ T4024] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 552.927944][ T4024] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 552.935929][ T4024] ---[ end trace 362e18c8762015fb ]--- [ 552.948297][ T4024] ------------[ cut here ]------------ [ 552.953844][ T4024] kernfs: can not remove 'events', no directory [ 552.960176][ T4024] WARNING: CPU: 1 PID: 4024 at fs/kernfs/dir.c:1504 kernfs_remove_by_name_ns+0x61/0x90 [ 552.969797][ T4024] Modules linked in: [ 552.973684][ T4024] CPU: 1 PID: 4024 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 552.985209][ T4024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 552.995254][ T4024] RIP: 0010:kernfs_remove_by_name_ns+0x61/0x90 [ 553.001406][ T4024] Code: 48 89 c3 e8 41 ea ae ff 48 89 df e8 b9 f0 ff ff 31 db eb 29 e8 30 ea ae ff 48 c7 c7 80 c6 cb 84 4c 89 fe 31 c0 e8 4f 8e 88 ff <0f> 0b bb fe ff ff ff eb 16 e8 11 ea ae ff bb fe ff ff ff 48 c7 c7 [ 553.020993][ T4024] RSP: 0018:ffff8881e7bb7c48 EFLAGS: 00010246 [ 553.027041][ T4024] RAX: 59316f11e2069600 RBX: 0000000000000000 RCX: 0000000000040000 [ 553.035082][ T4024] RDX: ffffc90000144000 RSI: 000000000003ffff RDI: 0000000000040000 [ 553.043040][ T4024] RBP: ffffffff84e29a00 R08: ffffffff814b15ec R09: ffffed103ede52b2 [ 553.050997][ T4024] R10: ffffed103ede52b2 R11: 0000000000000000 R12: 00000000ffffffea [ 553.058950][ T4024] R13: 0000000000000000 R14: 0000000000000000 R15: ffffffff84e29ac0 [ 553.066908][ T4024] FS: 00007fe6f0077700(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 553.075830][ T4024] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 553.082399][ T4024] CR2: 00007f7eb0db3d38 CR3: 00000001e6c90000 CR4: 00000000003406e0 [ 553.090363][ T4024] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 553.098494][ T4024] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 553.106623][ T4024] Call Trace: [ 553.109906][ T4024] sysfs_create_files+0x321/0x380 [ 553.114921][ T4024] __device_add_disk+0xced/0x1220 [ 553.119935][ T4024] loop_add+0x554/0x710 [ 553.124086][ T4024] loop_control_ioctl+0x468/0x680 [ 553.129095][ T4024] ? xor_init+0x60/0x60 [ 553.133235][ T4024] do_vfs_ioctl+0x6fb/0x15b0 [ 553.137822][ T4024] __x64_sys_ioctl+0xd4/0x110 [ 553.142485][ T4024] do_syscall_64+0xcb/0x1e0 [ 553.146973][ T4024] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 553.152868][ T4024] RIP: 0033:0x7fe6f0f01059 [ 553.157267][ T4024] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 553.176861][ T4024] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 553.185261][ T4024] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 553.193218][ T4024] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 14:30:13 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 14:30:13 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_SET(r0, 0x0, 0x0) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_SET(r2, 0x0, 0x0) syz_genetlink_get_family_id$gtp(&(0x7f0000000180), r2) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_PEER_REMOVE(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x30, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0x8, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x4}]}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ADDR={0x8}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x24044004}, 0x0) sendmsg$TIPC_NL_NET_GET(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x30, r1, 0x100, 0x70bd2d, 0x25dfdbff, {}, [@TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x41e3}]}, @TIPC_NLA_NET={0x10, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xfffffffffffffe00}]}]}, 0x30}}, 0x4) r4 = syz_open_dev$tty1(0xc, 0x4, 0x3) socket$inet(0x2, 0x2, 0x4) write$P9_RWSTAT(r4, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$TIPC_NL_BEARER_SET(r0, 0x0, 0x0) (async) syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$TIPC_NL_BEARER_SET(r2, 0x0, 0x0) (async) syz_genetlink_get_family_id$gtp(&(0x7f0000000180), r2) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$TIPC_NL_PEER_REMOVE(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x30, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0x8, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x4}]}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ADDR={0x8}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x24044004}, 0x0) (async) sendmsg$TIPC_NL_NET_GET(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x30, r1, 0x100, 0x70bd2d, 0x25dfdbff, {}, [@TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x41e3}]}, @TIPC_NLA_NET={0x10, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xfffffffffffffe00}]}]}, 0x30}}, 0x4) (async) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) socket$inet(0x2, 0x2, 0x4) (async) write$P9_RWSTAT(r4, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) 14:30:13 executing program 2: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7ffff000, 0x7f, 0x1}, 0x7) 14:30:13 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) 14:30:13 executing program 1: syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x8, 0x1}, 0x7) 14:30:13 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x3) r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCGWINSZ(r0, 0x5413, &(0x7f0000000000)) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RWSTAT(r1, 0x0, 0xfffffffffffffe38) syz_open_dev$tty1(0xc, 0x4, 0x3) (async) syz_open_dev$ttys(0xc, 0x2, 0x0) (async) ioctl$TIOCGWINSZ(r0, 0x5413, &(0x7f0000000000)) (async) pipe2$9p(&(0x7f0000000040), 0x800) (async) write$P9_RWSTAT(r1, 0x0, 0xfffffffffffffe38) (async) 14:30:13 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) arch_prctl$ARCH_GET_CPUID(0x1011) [ 553.201174][ T4024] RBP: 00007fe6f00771d0 R08: 0000000000000000 R09: 0000000000000000 [ 553.209128][ T4024] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 553.217086][ T4024] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 553.225046][ T4024] ---[ end trace 362e18c8762015fc ]--- [ 553.234138][ T4024] loop0: failed to create sysfs files for events 14:30:13 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) (async) arch_prctl$ARCH_GET_CPUID(0x1011) 14:30:13 executing program 2: write$P9_RWSTAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7ffff000, 0x7f, 0x1}, 0x7) 14:30:13 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$P9_RWSTAT(r0, &(0x7f00000000c0)={0x7, 0x7f, 0x1}, 0x7) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RREADLINK(r1, &(0x7f0000000040)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10) 14:30:13 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x3) (async) r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCGWINSZ(r0, 0x5413, &(0x7f0000000000)) (async) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RWSTAT(r1, 0x0, 0xfffffffffffffe38) 14:30:13 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$P9_RWSTAT(r0, 0x0, 0x0) [ 553.306684][ T4088] ------------[ cut here ]------------ [ 553.351848][ T4088] kernfs: can not remove 'events', no directory [ 553.358397][ T4088] WARNING: CPU: 0 PID: 4088 at fs/kernfs/dir.c:1504 kernfs_remove_by_name_ns+0x61/0x90 [ 553.368020][ T4088] Modules linked in: [ 553.371920][ T4088] CPU: 0 PID: 4088 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 553.383443][ T4088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 553.393498][ T4088] RIP: 0010:kernfs_remove_by_name_ns+0x61/0x90 [ 553.399636][ T4088] Code: 48 89 c3 e8 41 ea ae ff 48 89 df e8 b9 f0 ff ff 31 db eb 29 e8 30 ea ae ff 48 c7 c7 80 c6 cb 84 4c 89 fe 31 c0 e8 4f 8e 88 ff <0f> 0b bb fe ff ff ff eb 16 e8 11 ea ae ff bb fe ff ff ff 48 c7 c7 [ 553.419231][ T4088] RSP: 0018:ffff8881e28dfcf8 EFLAGS: 00010246 [ 553.425288][ T4088] RAX: 666def6a5e918d00 RBX: 0000000000000000 RCX: ffff8881ccd83f00 [ 553.433243][ T4088] RDX: 0000000000000003 RSI: 000000000001a1b1 RDI: 0000000000000000 [ 553.441203][ T4088] RBP: ffffffff85e46c20 R08: ffffffff814b15ec R09: 000000000000686d [ 553.449157][ T4088] R10: ffffc90000144000 R11: 0000000000000000 R12: 0000000000000000 [ 553.457113][ T4088] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffffff84e29ac0 [ 553.465078][ T4088] FS: 00007fe6f0077700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 553.473991][ T4088] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 553.480566][ T4088] CR2: 00007fe6f0056718 CR3: 00000001d0bcb000 CR4: 00000000003406f0 [ 553.488526][ T4088] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 553.496494][ T4088] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 553.504454][ T4088] Call Trace: [ 553.507751][ T4088] sysfs_remove_files+0x99/0xf0 [ 553.512587][ T4088] del_gendisk+0x259/0xb70 [ 553.516986][ T4088] ? radix_tree_delete_item+0x22a/0x320 [ 553.522527][ T4088] loop_control_ioctl+0x563/0x680 [ 553.527550][ T4088] ? xor_init+0x60/0x60 [ 553.531689][ T4088] do_vfs_ioctl+0x6fb/0x15b0 [ 553.536280][ T4088] __x64_sys_ioctl+0xd4/0x110 [ 553.540950][ T4088] do_syscall_64+0xcb/0x1e0 [ 553.545449][ T4088] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 553.551325][ T4088] RIP: 0033:0x7fe6f0f01059 [ 553.555815][ T4088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 553.575401][ T4088] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 553.583799][ T4088] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 553.591766][ T4088] RDX: 0000000000000000 RSI: 0000000000004c81 RDI: 0000000000000003 [ 553.599787][ T4088] RBP: 00007fe6f0f5b08d R08: 0000000000000000 R09: 0000000000000000 [ 553.607775][ T4088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 553.615736][ T4088] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 553.623698][ T4088] ---[ end trace 362e18c8762015fd ]--- [ 553.643791][ T4088] ------------[ cut here ]------------ [ 553.649258][ T4088] kernfs: can not remove 'events_async', no directory [ 553.656319][ T4088] WARNING: CPU: 0 PID: 4088 at fs/kernfs/dir.c:1504 kernfs_remove_by_name_ns+0x61/0x90 [ 553.666017][ T4088] Modules linked in: [ 553.669901][ T4088] CPU: 0 PID: 4088 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 553.681413][ T4088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 553.691469][ T4088] RIP: 0010:kernfs_remove_by_name_ns+0x61/0x90 [ 553.697613][ T4088] Code: 48 89 c3 e8 41 ea ae ff 48 89 df e8 b9 f0 ff ff 31 db eb 29 e8 30 ea ae ff 48 c7 c7 80 c6 cb 84 4c 89 fe 31 c0 e8 4f 8e 88 ff <0f> 0b bb fe ff ff ff eb 16 e8 11 ea ae ff bb fe ff ff ff 48 c7 c7 [ 553.717203][ T4088] RSP: 0018:ffff8881e28dfcf8 EFLAGS: 00010246 [ 553.723273][ T4088] RAX: 666def6a5e918d00 RBX: 0000000000000000 RCX: ffff8881ccd83f00 [ 553.731314][ T4088] RDX: 0000000000000003 RSI: 0000000080000000 RDI: 0000000000000000 [ 553.739276][ T4088] RBP: ffffffff85e46c20 R08: ffffffff814b15ec R09: 000000000000ffff [ 553.747240][ T4088] R10: ffffc90000144000 R11: 0000000000000000 R12: 0000000000000000 [ 553.755198][ T4088] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffffff84e29c00 [ 553.763156][ T4088] FS: 00007fe6f0077700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 553.772070][ T4088] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 553.778639][ T4088] CR2: 00007fe6f0056718 CR3: 00000001d0bcb000 CR4: 00000000003406f0 [ 553.786603][ T4088] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 553.794563][ T4088] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 553.802519][ T4088] Call Trace: [ 553.805814][ T4088] sysfs_remove_files+0x99/0xf0 [ 553.810653][ T4088] del_gendisk+0x259/0xb70 [ 553.815060][ T4088] ? radix_tree_delete_item+0x22a/0x320 [ 553.820597][ T4088] loop_control_ioctl+0x563/0x680 [ 553.825613][ T4088] ? xor_init+0x60/0x60 [ 553.829758][ T4088] do_vfs_ioctl+0x6fb/0x15b0 [ 553.834341][ T4088] __x64_sys_ioctl+0xd4/0x110 [ 553.839010][ T4088] do_syscall_64+0xcb/0x1e0 [ 553.843503][ T4088] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 553.849381][ T4088] RIP: 0033:0x7fe6f0f01059 [ 553.853778][ T4088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 553.873364][ T4088] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 553.881850][ T4088] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 553.889894][ T4088] RDX: 0000000000000000 RSI: 0000000000004c81 RDI: 0000000000000003 [ 553.897855][ T4088] RBP: 00007fe6f0f5b08d R08: 0000000000000000 R09: 0000000000000000 [ 553.905815][ T4088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 553.913778][ T4088] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 553.921739][ T4088] ---[ end trace 362e18c8762015fe ]--- [ 553.927335][ T4088] ------------[ cut here ]------------ [ 553.932810][ T4088] kernfs: can not remove 'events_poll_msecs', no directory [ 553.940064][ T4088] WARNING: CPU: 0 PID: 4088 at fs/kernfs/dir.c:1504 kernfs_remove_by_name_ns+0x61/0x90 [ 553.949669][ T4088] Modules linked in: [ 553.953556][ T4088] CPU: 0 PID: 4088 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 553.965069][ T4088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 553.975121][ T4088] RIP: 0010:kernfs_remove_by_name_ns+0x61/0x90 [ 553.981260][ T4088] Code: 48 89 c3 e8 41 ea ae ff 48 89 df e8 b9 f0 ff ff 31 db eb 29 e8 30 ea ae ff 48 c7 c7 80 c6 cb 84 4c 89 fe 31 c0 e8 4f 8e 88 ff <0f> 0b bb fe ff ff ff eb 16 e8 11 ea ae ff bb fe ff ff ff 48 c7 c7 [ 554.000850][ T4088] RSP: 0018:ffff8881e28dfcf8 EFLAGS: 00010246 [ 554.006906][ T4088] RAX: 666def6a5e918d00 RBX: 0000000000000000 RCX: ffff8881ccd83f00 [ 554.014861][ T4088] RDX: 0000000000000003 RSI: 0000000080000000 RDI: 0000000000000000 [ 554.022822][ T4088] RBP: ffffffff85e46c20 R08: ffffffff814b15ec R09: 000000000000ffff [ 554.030789][ T4088] R10: ffffc90000144000 R11: 0000000000000000 R12: 0000000000000000 [ 554.038746][ T4088] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffffff84e29c40 [ 554.046702][ T4088] FS: 00007fe6f0077700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 554.055617][ T4088] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 554.062211][ T4088] CR2: 00007fe6f0056718 CR3: 00000001d0bcb000 CR4: 00000000003406f0 [ 554.070175][ T4088] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 554.078138][ T4088] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 554.086092][ T4088] Call Trace: [ 554.089374][ T4088] sysfs_remove_files+0x99/0xf0 [ 554.094216][ T4088] del_gendisk+0x259/0xb70 [ 554.098713][ T4088] ? radix_tree_delete_item+0x22a/0x320 [ 554.104248][ T4088] loop_control_ioctl+0x563/0x680 [ 554.109258][ T4088] ? xor_init+0x60/0x60 [ 554.113409][ T4088] do_vfs_ioctl+0x6fb/0x15b0 [ 554.117994][ T4088] __x64_sys_ioctl+0xd4/0x110 [ 554.122659][ T4088] do_syscall_64+0xcb/0x1e0 [ 554.127161][ T4088] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 554.133053][ T4088] RIP: 0033:0x7fe6f0f01059 [ 554.137463][ T4088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 554.157053][ T4088] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 554.165452][ T4088] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 554.173409][ T4088] RDX: 0000000000000000 RSI: 0000000000004c81 RDI: 0000000000000003 [ 554.181371][ T4088] RBP: 00007fe6f0f5b08d R08: 0000000000000000 R09: 0000000000000000 [ 554.189329][ T4088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 554.197288][ T4088] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 554.205253][ T4088] ---[ end trace 362e18c8762015ff ]--- [ 554.210931][ T4088] ------------[ cut here ]------------ [ 554.216375][ T4088] kernfs: can not remove 'bdi', no directory [ 554.222444][ T4088] WARNING: CPU: 0 PID: 4088 at fs/kernfs/dir.c:1504 kernfs_remove_by_name_ns+0x61/0x90 [ 554.232047][ T4088] Modules linked in: [ 554.235933][ T4088] CPU: 0 PID: 4088 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 554.247452][ T4088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 554.257507][ T4088] RIP: 0010:kernfs_remove_by_name_ns+0x61/0x90 [ 554.263642][ T4088] Code: 48 89 c3 e8 41 ea ae ff 48 89 df e8 b9 f0 ff ff 31 db eb 29 e8 30 ea ae ff 48 c7 c7 80 c6 cb 84 4c 89 fe 31 c0 e8 4f 8e 88 ff <0f> 0b bb fe ff ff ff eb 16 e8 11 ea ae ff bb fe ff ff ff 48 c7 c7 [ 554.283226][ T4088] RSP: 0018:ffff8881e28dfd38 EFLAGS: 00010246 [ 554.289275][ T4088] RAX: 666def6a5e918d00 RBX: 0000000000000000 RCX: ffff8881ccd83f00 [ 554.297233][ T4088] RDX: 0000000000000003 RSI: 0000000080000000 RDI: 0000000000000000 [ 554.305191][ T4088] RBP: 0000000000000000 R08: ffffffff814b15ec R09: 000000000000ffff [ 554.313147][ T4088] R10: ffffc90000144000 R11: 0000000000000000 R12: 1ffff1103c802800 [ 554.321104][ T4088] R13: ffff8881e40144e8 R14: 0000000000000000 R15: ffffffff84e294e0 [ 554.329060][ T4088] FS: 00007fe6f0077700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 554.337971][ T4088] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 554.344536][ T4088] CR2: 00007fe6f0056718 CR3: 00000001d0bcb000 CR4: 00000000003406f0 [ 554.352493][ T4088] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 554.360453][ T4088] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 554.368404][ T4088] Call Trace: [ 554.371687][ T4088] del_gendisk+0x543/0xb70 [ 554.376092][ T4088] loop_control_ioctl+0x563/0x680 [ 554.381106][ T4088] ? xor_init+0x60/0x60 [ 554.385250][ T4088] do_vfs_ioctl+0x6fb/0x15b0 [ 554.389831][ T4088] __x64_sys_ioctl+0xd4/0x110 [ 554.394496][ T4088] do_syscall_64+0xcb/0x1e0 [ 554.398991][ T4088] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 554.404879][ T4088] RIP: 0033:0x7fe6f0f01059 [ 554.409284][ T4088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 554.429050][ T4088] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 554.437450][ T4088] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 554.445500][ T4088] RDX: 0000000000000000 RSI: 0000000000004c81 RDI: 0000000000000003 [ 554.453476][ T4088] RBP: 00007fe6f0f5b08d R08: 0000000000000000 R09: 0000000000000000 [ 554.461432][ T4088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 554.469399][ T4088] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 554.477360][ T4088] ---[ end trace 362e18c876201600 ]--- [ 554.484633][ T4088] kasan: CONFIG_KASAN_INLINE enabled [ 554.489914][ T4088] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 554.498204][ T4088] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 554.505306][ T4088] CPU: 0 PID: 4088 Comm: syz-executor.0 Tainted: G W 5.4.161-syzkaller-00054-g287dec2d1089 #0 [ 554.516828][ T4088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 554.526883][ T4088] RIP: 0010:strlen+0x27/0x60 [ 554.531457][ T4088] Code: 0f 1f 00 41 57 41 56 53 49 89 fe 49 bf 00 00 00 00 00 fc ff df 48 89 f8 66 66 2e 0f 1f 84 00 00 00 00 00 48 89 c3 48 c1 e8 03 <42> 0f b6 04 38 84 c0 75 0b 48 8d 43 01 80 3b 00 75 e7 eb 13 89 d9 [ 554.551044][ T4088] RSP: 0018:ffff8881e28dfcd0 EFLAGS: 00010246 [ 554.557093][ T4088] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000200001 [ 554.565061][ T4088] RDX: 0000000000200000 RSI: 0000000000000000 RDI: 0000000000000000 [ 554.573025][ T4088] RBP: 0000000000000000 R08: ffffffff81b18f1b R09: 000000000000ffff [ 554.580990][ T4088] R10: ffffc90000144000 R11: 0000000000000000 R12: ffff8881f18e4190 [ 554.589039][ T4088] R13: 0000000000000000 R14: 0000000000000000 R15: dffffc0000000000 [ 554.597000][ T4088] FS: 00007fe6f0077700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 554.606088][ T4088] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 554.612663][ T4088] CR2: 00007fe6f0056718 CR3: 00000001d0bcb000 CR4: 00000000003406f0 [ 554.620622][ T4088] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 554.628581][ T4088] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 554.636540][ T4088] Call Trace: [ 554.639820][ T4088] kernfs_find_ns+0x83/0x430 [ 554.644481][ T4088] ? mutex_lock+0x6c/0xc0 [ 554.648805][ T4088] kernfs_remove_by_name_ns+0x32/0x90 [ 554.654167][ T4088] del_gendisk+0x93d/0xb70 [ 554.658572][ T4088] loop_control_ioctl+0x563/0x680 [ 554.663580][ T4088] ? xor_init+0x60/0x60 [ 554.667724][ T4088] do_vfs_ioctl+0x6fb/0x15b0 [ 554.672301][ T4088] __x64_sys_ioctl+0xd4/0x110 [ 554.676961][ T4088] do_syscall_64+0xcb/0x1e0 [ 554.681452][ T4088] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 554.687334][ T4088] RIP: 0033:0x7fe6f0f01059 [ 554.691736][ T4088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 554.711324][ T4088] RSP: 002b:00007fe6f0077168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 554.719721][ T4088] RAX: ffffffffffffffda RBX: 00007fe6f1013f60 RCX: 00007fe6f0f01059 [ 554.727684][ T4088] RDX: 0000000000000000 RSI: 0000000000004c81 RDI: 0000000000000003 [ 554.735656][ T4088] RBP: 00007fe6f0f5b08d R08: 0000000000000000 R09: 0000000000000000 [ 554.743606][ T4088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 554.751565][ T4088] R13: 00007ffff4cae1af R14: 00007fe6f0077300 R15: 0000000000022000 [ 554.759520][ T4088] Modules linked in: [ 554.765278][ T4088] ---[ end trace 362e18c876201601 ]--- [ 554.770782][ T4088] RIP: 0010:strlen+0x27/0x60 [ 554.775370][ T4088] Code: 0f 1f 00 41 57 41 56 53 49 89 fe 49 bf 00 00 00 00 00 fc ff df 48 89 f8 66 66 2e 0f 1f 84 00 00 00 00 00 48 89 c3 48 c1 e8 03 <42> 0f b6 04 38 84 c0 75 0b 48 8d 43 01 80 3b 00 75 e7 eb 13 89 d9 [ 554.795467][ T4088] RSP: 0018:ffff8881e28dfcd0 EFLAGS: 00010246 [ 554.801664][ T4088] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000200001 [ 554.809626][ T4088] RDX: 0000000000200000 RSI: 0000000000000000 RDI: 0000000000000000 [ 554.818456][ T4088] RBP: 0000000000000000 R08: ffffffff81b18f1b R09: 000000000000ffff [ 554.827253][ T4088] R10: ffffc90000144000 R11: 0000000000000000 R12: ffff8881f18e4190 [ 554.840335][ T4088] R13: 0000000000000000 R14: 0000000000000000 R15: dffffc0000000000 [ 554.848300][ T4088] FS: 00007fe6f0077700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 554.882072][ T4088] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 554.888670][ T4088] CR2: 00007fe6f0056718 CR3: 00000001d0bcb000 CR4: 00000000003406f0 [ 554.907874][ T4088] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 554.915927][ T4088] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 554.923932][ T4088] Kernel panic - not syncing: Fatal exception [ 554.930174][ T4088] Kernel Offset: disabled [ 554.934480][ T4088] Rebooting in 86400 seconds..