7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:06 executing program 2 (fault-call:7 fault-nth:8): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 582.664365][T17067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 582.672343][T17067] R13: 00007ffc17d6516f R14: 00007f422dcbe9c0 R15: 000000000119c034 [ 582.774949][T17073] FAULT_INJECTION: forcing a failure. [ 582.774949][T17073] name failslab, interval 1, probability 0, space 0, times 0 [ 582.775466][T17074] 9pnet: Could not find request transport: fd0x0000000000000004 [ 582.787625][T17073] CPU: 1 PID: 17073 Comm: syz-executor.2 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 582.805451][T17073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 582.815496][T17073] Call Trace: [ 582.818782][T17073] dump_stack+0x1dd/0x24e [ 582.823149][T17073] ? devkmsg_release+0x11c/0x11c [ 582.828085][T17073] ? show_regs_print_info+0x12/0x12 [ 582.833287][T17073] ? __kasan_kmalloc+0x189/0x1c0 [ 582.838559][T17073] should_fail+0x6fb/0x860 [ 582.842959][T17073] ? setup_fault_attr+0x3d0/0x3d0 [ 582.847965][T17073] ? p9_client_create+0xc4/0xb90 [ 582.852899][T17073] should_failslab+0x5/0x20 [ 582.857388][T17073] kmem_cache_alloc_trace+0x39/0x290 [ 582.863029][T17073] p9_client_create+0xc4/0xb90 [ 582.867813][T17073] ? p9_parse_header+0x6b0/0x6b0 [ 582.872734][T17073] ? __kasan_kmalloc+0x189/0x1c0 [ 582.877653][T17073] ? v9fs_session_init+0xfa/0x1a00 [ 582.882765][T17073] ? __kmalloc_track_caller+0x20e/0x2c0 [ 582.888302][T17073] ? vfs_get_tree+0x85/0x260 [ 582.892881][T17073] ? kstrdup+0x4c/0x70 [ 582.896967][T17073] v9fs_session_init+0x208/0x1a00 [ 582.901985][T17073] ? v9fs_show_options+0x530/0x530 [ 582.907094][T17073] ? v9fs_mount+0x5c/0x790 [ 582.911499][T17073] ? kmem_cache_alloc_trace+0xc3/0x290 [ 582.916935][T17073] ? legacy_init_fs_context+0x4d/0xc0 [ 582.922280][T17073] v9fs_mount+0x7f/0x790 [ 582.926528][T17073] ? cap_capable+0x23f/0x280 [ 582.931091][T17073] legacy_get_tree+0xde/0x170 [ 582.935760][T17073] ? iterate_incfs_dir+0x370/0x370 [ 582.940851][T17073] vfs_get_tree+0x85/0x260 [ 582.945358][T17073] do_mount+0x18ab/0x2660 [ 582.949679][T17073] ? copy_mount_string+0x30/0x30 [ 582.954625][T17073] ? page_fault+0x2f/0x40 [ 582.959114][T17073] ? copy_mount_options+0x1e8/0x320 [ 582.964314][T17073] ? copy_mount_options+0x293/0x320 [ 582.969523][T17073] ksys_mount+0xc2/0xf0 [ 582.973653][T17073] __x64_sys_mount+0xb1/0xc0 [ 582.978231][T17073] do_syscall_64+0xcb/0x150 [ 582.982740][T17073] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 582.988704][T17073] RIP: 0033:0x45e219 [ 582.992570][T17073] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 583.012149][T17073] RSP: 002b:00007f4b79f3bc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 09:05:07 executing program 4: r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 583.020726][T17073] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 583.028698][T17073] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 583.036758][T17073] RBP: 00007f4b79f3bca0 R08: 0000000020000580 R09: 0000000000000000 [ 583.044718][T17073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008 [ 583.052685][T17073] R13: 00007ffc3488da1f R14: 00007f4b79f3c9c0 R15: 000000000119c034 09:05:07 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(0x0, 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:07 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:07 executing program 1 (fault-call:8 fault-nth:8): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 583.265908][T17092] FAULT_INJECTION: forcing a failure. [ 583.265908][T17092] name failslab, interval 1, probability 0, space 0, times 0 [ 583.278607][T17092] CPU: 1 PID: 17092 Comm: syz-executor.1 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 583.289970][T17092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 583.300132][T17092] Call Trace: [ 583.303427][T17092] dump_stack+0x1dd/0x24e [ 583.307753][T17092] ? devkmsg_release+0x11c/0x11c [ 583.312687][T17092] ? show_regs_print_info+0x12/0x12 [ 583.317880][T17092] ? __kasan_kmalloc+0x189/0x1c0 [ 583.322819][T17092] should_fail+0x6fb/0x860 [ 583.327234][T17092] ? setup_fault_attr+0x3d0/0x3d0 [ 583.332251][T17092] ? p9_client_create+0xc4/0xb90 [ 583.337200][T17092] should_failslab+0x5/0x20 [ 583.341787][T17092] kmem_cache_alloc_trace+0x39/0x290 [ 583.347089][T17092] p9_client_create+0xc4/0xb90 [ 583.351851][T17092] ? p9_parse_header+0x6b0/0x6b0 [ 583.356785][T17092] ? __kasan_kmalloc+0x189/0x1c0 [ 583.361720][T17092] ? v9fs_session_init+0xfa/0x1a00 [ 583.366825][T17092] ? __kmalloc_track_caller+0x20e/0x2c0 [ 583.372396][T17092] ? vfs_get_tree+0x85/0x260 [ 583.376981][T17092] ? kstrdup+0x4c/0x70 [ 583.381737][T17092] v9fs_session_init+0x208/0x1a00 [ 583.386779][T17092] ? v9fs_show_options+0x530/0x530 [ 583.392255][T17092] ? v9fs_mount+0x5c/0x790 [ 583.396687][T17092] ? kmem_cache_alloc_trace+0xc3/0x290 [ 583.402186][T17092] ? legacy_init_fs_context+0x4d/0xc0 [ 583.407654][T17092] v9fs_mount+0x7f/0x790 [ 583.412098][T17092] ? cap_capable+0x23f/0x280 [ 583.416690][T17092] legacy_get_tree+0xde/0x170 [ 583.421360][T17092] ? iterate_incfs_dir+0x370/0x370 [ 583.426462][T17092] vfs_get_tree+0x85/0x260 [ 583.430872][T17092] do_mount+0x18ab/0x2660 [ 583.435198][T17092] ? copy_mount_string+0x30/0x30 [ 583.440135][T17092] ? page_fault+0x2f/0x40 [ 583.444461][T17092] ? copy_mount_options+0x1e8/0x320 [ 583.449653][T17092] ? copy_mount_options+0x293/0x320 [ 583.454973][T17092] ksys_mount+0xc2/0xf0 [ 583.459143][T17092] __x64_sys_mount+0xb1/0xc0 [ 583.463734][T17092] do_syscall_64+0xcb/0x150 [ 583.468232][T17092] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 583.474121][T17092] RIP: 0033:0x45e219 [ 583.478013][T17092] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 583.497655][T17092] RSP: 002b:00007f422dcbdc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 583.506080][T17092] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 583.514059][T17092] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 583.522033][T17092] RBP: 00007f422dcbdca0 R08: 0000000020000580 R09: 0000000000000000 [ 583.530006][T17092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008 [ 583.537978][T17092] R13: 00007ffc17d6516f R14: 00007f422dcbe9c0 R15: 000000000119c034 09:05:07 executing program 2 (fault-call:7 fault-nth:9): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:07 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 583.741849][T17099] 9pnet: Could not find request transport: fd0x0000000000000004 [ 583.743358][T17100] FAULT_INJECTION: forcing a failure. [ 583.743358][T17100] name failslab, interval 1, probability 0, space 0, times 0 [ 583.762429][T17100] CPU: 0 PID: 17100 Comm: syz-executor.2 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 583.772607][T17100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 583.782671][T17100] Call Trace: [ 583.785969][T17100] dump_stack+0x1dd/0x24e [ 583.790300][T17100] ? devkmsg_release+0x11c/0x11c [ 583.795234][T17100] ? show_regs_print_info+0x12/0x12 [ 583.800460][T17100] should_fail+0x6fb/0x860 [ 583.804874][T17100] ? setup_fault_attr+0x3d0/0x3d0 [ 583.809906][T17100] ? p9_client_create+0x2fc/0xb90 [ 583.814932][T17100] should_failslab+0x5/0x20 [ 583.819438][T17100] __kmalloc_track_caller+0x5d/0x2c0 [ 583.824720][T17100] kstrdup+0x31/0x70 [ 583.828617][T17100] p9_client_create+0x2fc/0xb90 [ 583.833472][T17100] ? p9_parse_header+0x6b0/0x6b0 [ 583.838405][T17100] ? __kasan_kmalloc+0x189/0x1c0 [ 583.843344][T17100] ? __kmalloc_track_caller+0x20e/0x2c0 [ 583.848889][T17100] ? vfs_get_tree+0x85/0x260 [ 583.853480][T17100] v9fs_session_init+0x208/0x1a00 [ 583.858518][T17100] ? v9fs_show_options+0x530/0x530 [ 583.863775][T17100] ? v9fs_mount+0x5c/0x790 [ 583.868207][T17100] ? kmem_cache_alloc_trace+0xc3/0x290 [ 583.873695][T17100] ? legacy_init_fs_context+0x4d/0xc0 [ 583.879117][T17100] v9fs_mount+0x7f/0x790 [ 583.883366][T17100] ? cap_capable+0x23f/0x280 [ 583.888310][T17100] legacy_get_tree+0xde/0x170 [ 583.892990][T17100] ? iterate_incfs_dir+0x370/0x370 [ 583.898132][T17100] vfs_get_tree+0x85/0x260 [ 583.902677][T17100] do_mount+0x18ab/0x2660 [ 583.907130][T17100] ? copy_mount_string+0x30/0x30 [ 583.912067][T17100] ? page_fault+0x2f/0x40 [ 583.916398][T17100] ? copy_mount_options+0x1e8/0x320 [ 583.921593][T17100] ? copy_mount_options+0x293/0x320 [ 583.926814][T17100] ksys_mount+0xc2/0xf0 [ 583.931090][T17100] __x64_sys_mount+0xb1/0xc0 [ 583.935681][T17100] do_syscall_64+0xcb/0x150 [ 583.940192][T17100] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 583.946082][T17100] RIP: 0033:0x45e219 [ 583.949976][T17100] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 583.969581][T17100] RSP: 002b:00007f4b79f3bc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 583.977992][T17100] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 583.985977][T17100] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 583.993979][T17100] RBP: 00007f4b79f3bca0 R08: 0000000020000580 R09: 0000000000000000 [ 584.001953][T17100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000009 [ 584.009930][T17100] R13: 00007ffc3488da1f R14: 00007f4b79f3c9c0 R15: 000000000119c034 09:05:08 executing program 1 (fault-call:8 fault-nth:9): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:08 executing program 4: prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:08 executing program 5: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x151}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1f}}, 0x0, 0x1, 0xffffffffffffffff, 0x0) close(r0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89a0, &(0x7f0000000000)='&@[\x00') perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x203, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xe}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000200), 0x8) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, 0xffffffffffffffff) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x4000, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89a1, &(0x7f0000000680)='&@[\x00') r2 = gettid() r3 = perf_event_open(&(0x7f00000002c0)={0x5, 0x70, 0xff, 0x20, 0x6, 0xb5, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0, 0x3}, 0x200, 0x505aec46, 0x7ff, 0x2, 0xcc, 0x7fffffff, 0x7}, 0xffffffffffffffff, 0x2, r0, 0x3) perf_event_open(&(0x7f0000000040)={0x3, 0x70, 0x3f, 0x3, 0x35, 0x9, 0x0, 0x0, 0x14560, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0xfffff694, 0x0, @perf_config_ext={0x7f, 0xfffffffffffff801}, 0x45098, 0x0, 0x2, 0x9, 0x2, 0x4}, r2, 0xc, r3, 0x9) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10d, 0xb, &(0x7f0000000000), 0x4) bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x1, 0x4, 0x4, 0x7}, 0x40) [ 584.176172][T17106] FAULT_INJECTION: forcing a failure. [ 584.176172][T17106] name failslab, interval 1, probability 0, space 0, times 0 [ 584.188876][T17106] CPU: 0 PID: 17106 Comm: syz-executor.1 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 584.199025][T17106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 584.209100][T17106] Call Trace: [ 584.212390][T17106] dump_stack+0x1dd/0x24e [ 584.216724][T17106] ? devkmsg_release+0x11c/0x11c [ 584.221662][T17106] ? show_regs_print_info+0x12/0x12 [ 584.226884][T17106] should_fail+0x6fb/0x860 [ 584.231306][T17106] ? setup_fault_attr+0x3d0/0x3d0 [ 584.236338][T17106] ? p9_client_create+0x2fc/0xb90 [ 584.241950][T17106] should_failslab+0x5/0x20 [ 584.246489][T17106] __kmalloc_track_caller+0x5d/0x2c0 [ 584.251756][T17106] kstrdup+0x31/0x70 [ 584.255669][T17106] p9_client_create+0x2fc/0xb90 [ 584.260576][T17106] ? p9_parse_header+0x6b0/0x6b0 [ 584.265588][T17106] ? __kasan_kmalloc+0x189/0x1c0 [ 584.270535][T17106] ? __kmalloc_track_caller+0x20e/0x2c0 [ 584.276076][T17106] ? vfs_get_tree+0x85/0x260 [ 584.280655][T17106] v9fs_session_init+0x208/0x1a00 [ 584.285667][T17106] ? v9fs_show_options+0x530/0x530 [ 584.290755][T17106] ? v9fs_mount+0x5c/0x790 [ 584.295147][T17106] ? kmem_cache_alloc_trace+0xc3/0x290 [ 584.300584][T17106] ? legacy_init_fs_context+0x4d/0xc0 [ 584.305962][T17106] v9fs_mount+0x7f/0x790 [ 584.310183][T17106] ? cap_capable+0x23f/0x280 [ 584.314767][T17106] legacy_get_tree+0xde/0x170 [ 584.319440][T17106] ? iterate_incfs_dir+0x370/0x370 [ 584.324554][T17106] vfs_get_tree+0x85/0x260 [ 584.328949][T17106] do_mount+0x18ab/0x2660 [ 584.333266][T17106] ? copy_mount_string+0x30/0x30 [ 584.338217][T17106] ? copy_mount_options+0x1f8/0x320 [ 584.343408][T17106] ? copy_mount_options+0x230/0x320 [ 584.348596][T17106] ? __sanitizer_cov_trace_pc+0x45/0x50 [ 584.354140][T17106] ? copy_mount_options+0x293/0x320 [ 584.359366][T17106] ksys_mount+0xc2/0xf0 [ 584.363543][T17106] __x64_sys_mount+0xb1/0xc0 [ 584.368120][T17106] do_syscall_64+0xcb/0x150 [ 584.372613][T17106] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 584.378495][T17106] RIP: 0033:0x45e219 [ 584.382378][T17106] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 584.401982][T17106] RSP: 002b:00007f422dcbdc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 584.410397][T17106] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 584.418367][T17106] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 584.426517][T17106] RBP: 00007f422dcbdca0 R08: 0000000020000580 R09: 0000000000000000 [ 584.434563][T17106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000009 [ 584.442533][T17106] R13: 00007ffc17d6516f R14: 00007f422dcbe9c0 R15: 000000000119c034 09:05:08 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfd', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:08 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:08 executing program 2 (fault-call:7 fault-nth:10): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 584.592396][T17118] FAULT_INJECTION: forcing a failure. [ 584.592396][T17118] name failslab, interval 1, probability 0, space 0, times 0 [ 584.597363][T17119] 9pnet: Insufficient options for proto=fd [ 584.605090][T17118] CPU: 1 PID: 17118 Comm: syz-executor.2 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 584.621011][T17118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 584.631062][T17118] Call Trace: [ 584.634352][T17118] dump_stack+0x1dd/0x24e [ 584.638707][T17118] ? devkmsg_release+0x11c/0x11c [ 584.643643][T17118] ? show_regs_print_info+0x12/0x12 [ 584.648844][T17118] should_fail+0x6fb/0x860 [ 584.653281][T17118] ? setup_fault_attr+0x3d0/0x3d0 [ 584.658299][T17118] ? match_token+0x6a2/0x710 [ 584.662906][T17118] ? p9_client_create+0x506/0xb90 [ 584.667920][T17118] should_failslab+0x5/0x20 [ 584.672414][T17118] __kmalloc_track_caller+0x5d/0x2c0 [ 584.677695][T17118] ? kstrdup+0x4c/0x70 [ 584.681803][T17118] kmemdup_nul+0x27/0xa0 [ 584.686034][T17118] p9_client_create+0x506/0xb90 [ 584.690881][T17118] ? p9_parse_header+0x6b0/0x6b0 [ 584.695805][T17118] ? __kasan_kmalloc+0x189/0x1c0 [ 584.700728][T17118] ? __kmalloc_track_caller+0x20e/0x2c0 [ 584.706269][T17118] ? vfs_get_tree+0x85/0x260 [ 584.710845][T17118] v9fs_session_init+0x208/0x1a00 [ 584.715859][T17118] ? v9fs_show_options+0x530/0x530 [ 584.720956][T17118] ? v9fs_mount+0x5c/0x790 [ 584.725359][T17118] ? kmem_cache_alloc_trace+0xc3/0x290 [ 584.730801][T17118] ? legacy_init_fs_context+0x4d/0xc0 [ 584.736160][T17118] v9fs_mount+0x7f/0x790 [ 584.740403][T17118] ? cap_capable+0x23f/0x280 [ 584.744985][T17118] legacy_get_tree+0xde/0x170 [ 584.749652][T17118] ? iterate_incfs_dir+0x370/0x370 [ 584.754750][T17118] vfs_get_tree+0x85/0x260 [ 584.759160][T17118] do_mount+0x18ab/0x2660 [ 584.763480][T17118] ? copy_mount_string+0x30/0x30 [ 584.768402][T17118] ? page_fault+0x2f/0x40 [ 584.772756][T17118] ? copy_mount_options+0x1e8/0x320 [ 584.777960][T17118] ? copy_mount_options+0x293/0x320 [ 584.783144][T17118] ksys_mount+0xc2/0xf0 [ 584.787303][T17118] __x64_sys_mount+0xb1/0xc0 [ 584.791881][T17118] do_syscall_64+0xcb/0x150 [ 584.796367][T17118] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 584.802258][T17118] RIP: 0033:0x45e219 [ 584.806152][T17118] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 584.825753][T17118] RSP: 002b:00007f4b79f3bc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 584.834158][T17118] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 584.842119][T17118] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 584.850084][T17118] RBP: 00007f4b79f3bca0 R08: 0000000020000580 R09: 0000000000000000 [ 584.858049][T17118] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000a [ 584.866036][T17118] R13: 00007ffc3488da1f R14: 00007f4b79f3c9c0 R15: 000000000119c034 09:05:09 executing program 5: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket(0x23, 0x2, 0x5) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setreuid(0x0, r1) mount$overlay(0x0, &(0x7f0000000080)='./file0/file0\x00', &(0x7f00000000c0)='overlay\x00', 0x8, &(0x7f0000000100)={[{@index_off='index=off'}, {@nfs_export_off='nfs_export=off'}], [{@uid_eq={'uid', 0x3d, r1}}]}) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000280)={{{@in6=@mcast1, @in=@multicast2}}, {{@in6=@private0}, 0x0, @in=@empty}}, &(0x7f0000000140)=0xe8) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000001440)='./file0/file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="130000000400000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000001480)) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) write$cgroup_int(r2, &(0x7f0000000200), 0x12) setsockopt$packet_tx_ring(r2, 0x107, 0xd, &(0x7f0000000180)=@req3={0x80, 0x1, 0x4, 0xc019, 0xffffffff, 0x148, 0x9}, 0x1c) 09:05:09 executing program 1 (fault-call:8 fault-nth:10): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:09 executing program 4: prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 584.968488][T17126] EXT4-fs (loop5): failed to initialize system zone (-117) [ 584.975895][T17126] EXT4-fs (loop5): mount failed [ 584.984689][T17126] overlayfs: unrecognized mount option "uid=00000000000000000000" or missing value [ 585.022649][T17134] FAULT_INJECTION: forcing a failure. [ 585.022649][T17134] name failslab, interval 1, probability 0, space 0, times 0 [ 585.035374][T17134] CPU: 0 PID: 17134 Comm: syz-executor.1 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 585.045524][T17134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 585.055580][T17134] Call Trace: [ 585.058917][T17134] dump_stack+0x1dd/0x24e [ 585.063246][T17134] ? devkmsg_release+0x11c/0x11c [ 585.068214][T17134] ? show_regs_print_info+0x12/0x12 [ 585.073414][T17134] should_fail+0x6fb/0x860 [ 585.077826][T17134] ? setup_fault_attr+0x3d0/0x3d0 [ 585.082849][T17134] ? match_token+0x6a2/0x710 [ 585.087437][T17134] ? p9_client_create+0x506/0xb90 [ 585.092462][T17134] should_failslab+0x5/0x20 [ 585.096973][T17134] __kmalloc_track_caller+0x5d/0x2c0 [ 585.102264][T17134] ? kstrdup+0x4c/0x70 [ 585.106344][T17134] kmemdup_nul+0x27/0xa0 [ 585.110587][T17134] p9_client_create+0x506/0xb90 [ 585.115442][T17134] ? p9_parse_header+0x6b0/0x6b0 [ 585.120381][T17134] ? __kasan_kmalloc+0x189/0x1c0 [ 585.125328][T17134] ? __kmalloc_track_caller+0x20e/0x2c0 [ 585.130874][T17134] ? vfs_get_tree+0x85/0x260 [ 585.135474][T17134] v9fs_session_init+0x208/0x1a00 [ 585.140504][T17134] ? v9fs_show_options+0x530/0x530 [ 585.145617][T17134] ? v9fs_mount+0x5c/0x790 [ 585.150039][T17134] ? kmem_cache_alloc_trace+0xc3/0x290 [ 585.155503][T17134] ? legacy_init_fs_context+0x4d/0xc0 [ 585.160875][T17134] v9fs_mount+0x7f/0x790 [ 585.165123][T17134] ? cap_capable+0x23f/0x280 [ 585.169717][T17134] legacy_get_tree+0xde/0x170 [ 585.174829][T17134] ? iterate_incfs_dir+0x370/0x370 [ 585.179941][T17134] vfs_get_tree+0x85/0x260 [ 585.184407][T17134] do_mount+0x18ab/0x2660 [ 585.188745][T17134] ? copy_mount_string+0x30/0x30 [ 585.193677][T17134] ? page_fault+0x2f/0x40 [ 585.198005][T17134] ? copy_mount_options+0x1e8/0x320 [ 585.203216][T17134] ? copy_mount_options+0x293/0x320 [ 585.208412][T17134] ksys_mount+0xc2/0xf0 [ 585.212590][T17134] __x64_sys_mount+0xb1/0xc0 [ 585.217958][T17134] do_syscall_64+0xcb/0x150 [ 585.222458][T17134] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 585.228342][T17134] RIP: 0033:0x45e219 [ 585.232235][T17134] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 585.251863][T17134] RSP: 002b:00007f422dcbdc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 585.260278][T17134] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 585.268250][T17134] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 585.276225][T17134] RBP: 00007f422dcbdca0 R08: 0000000020000580 R09: 0000000000000000 [ 585.284202][T17134] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000a [ 585.292216][T17134] R13: 00007ffc17d6516f R14: 00007f422dcbe9c0 R15: 000000000119c034 09:05:09 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfd', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:09 executing program 2 (fault-call:7 fault-nth:11): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 585.342457][T17132] EXT4-fs: failed to create workqueue [ 585.356921][T17132] EXT4-fs (loop5): mount failed 09:05:09 executing program 5: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) r0 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x8001145642, 0x0) ftruncate(r1, 0x2008003) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x12, r1, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40086602, &(0x7f0000000040)=0x4000) sendfile(r2, r1, 0x0, 0x9a1) getdents64(r0, &(0x7f0000000540)=""/188, 0x724) [ 585.477975][T17150] 9pnet: Insufficient options for proto=fd [ 585.498125][T17152] FAULT_INJECTION: forcing a failure. [ 585.498125][T17152] name failslab, interval 1, probability 0, space 0, times 0 [ 585.510825][T17152] CPU: 0 PID: 17152 Comm: syz-executor.2 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 585.520982][T17152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 585.531043][T17152] Call Trace: [ 585.534345][T17152] dump_stack+0x1dd/0x24e [ 585.539115][T17152] ? devkmsg_release+0x11c/0x11c [ 585.544066][T17152] ? show_regs_print_info+0x12/0x12 [ 585.549268][T17152] ? stack_trace_save+0x120/0x1f0 [ 585.554297][T17152] ? stack_trace_snprint+0x150/0x150 [ 585.559580][T17152] should_fail+0x6fb/0x860 [ 585.563999][T17152] ? setup_fault_attr+0x3d0/0x3d0 [ 585.569035][T17152] ? slab_free_freelist_hook+0xd0/0x150 [ 585.574581][T17152] ? kfree+0x12c/0x660 [ 585.578647][T17152] ? p9_client_create+0x789/0xb90 [ 585.583692][T17152] ? v9fs_session_init+0x208/0x1a00 [ 585.589414][T17152] ? v9fs_mount+0x7f/0x790 [ 585.593836][T17152] ? vfs_get_tree+0x85/0x260 [ 585.598428][T17152] ? do_mount+0x18ab/0x2660 [ 585.602929][T17152] ? ksys_mount+0xc2/0xf0 [ 585.607259][T17152] ? parse_opts+0x1a1/0x6e0 [ 585.611803][T17152] should_failslab+0x5/0x20 [ 585.616354][T17152] __kmalloc_track_caller+0x5d/0x2c0 [ 585.621656][T17152] kstrdup+0x31/0x70 [ 585.625548][T17152] parse_opts+0x1a1/0x6e0 [ 585.629878][T17152] ? p9_fd_show_options+0x1a0/0x1a0 [ 585.635102][T17152] p9_fd_create+0x91/0x480 [ 585.639609][T17152] ? p9_client_create+0x789/0xb90 [ 585.644636][T17152] ? p9_fd_create_unix+0x470/0x470 [ 585.649748][T17152] ? __kmalloc_track_caller+0x20e/0x2c0 [ 585.655303][T17152] ? kmemdup_nul+0x42/0xa0 [ 585.659725][T17152] p9_client_create+0x81b/0xb90 [ 585.664580][T17152] ? p9_parse_header+0x6b0/0x6b0 [ 585.669524][T17152] ? __kasan_kmalloc+0x189/0x1c0 [ 585.674459][T17152] ? __kmalloc_track_caller+0x20e/0x2c0 [ 585.680004][T17152] ? vfs_get_tree+0x85/0x260 [ 585.684593][T17152] v9fs_session_init+0x208/0x1a00 [ 585.689620][T17152] ? v9fs_show_options+0x530/0x530 [ 585.694758][T17152] ? v9fs_mount+0x5c/0x790 [ 585.699211][T17152] ? kmem_cache_alloc_trace+0xc3/0x290 [ 585.704691][T17152] ? legacy_init_fs_context+0x4d/0xc0 [ 585.710185][T17152] v9fs_mount+0x7f/0x790 [ 585.714425][T17152] ? cap_capable+0x23f/0x280 [ 585.719018][T17152] legacy_get_tree+0xde/0x170 [ 585.723856][T17152] ? iterate_incfs_dir+0x370/0x370 [ 585.729261][T17152] vfs_get_tree+0x85/0x260 [ 585.733723][T17152] do_mount+0x18ab/0x2660 [ 585.738052][T17152] ? copy_mount_string+0x30/0x30 [ 585.742987][T17152] ? page_fault+0x2f/0x40 [ 585.747318][T17152] ? copy_mount_options+0x1e8/0x320 [ 585.752537][T17152] ? copy_mount_options+0x293/0x320 [ 585.757763][T17152] ksys_mount+0xc2/0xf0 [ 585.761927][T17152] __x64_sys_mount+0xb1/0xc0 [ 585.766526][T17152] do_syscall_64+0xcb/0x150 [ 585.771027][T17152] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 585.776916][T17152] RIP: 0033:0x45e219 [ 585.780811][T17152] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 585.800419][T17152] RSP: 002b:00007f4b79f3bc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 585.808837][T17152] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 585.816851][T17152] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 585.824828][T17152] RBP: 00007f4b79f3bca0 R08: 0000000020000580 R09: 0000000000000000 [ 585.832803][T17152] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000b [ 585.840781][T17152] R13: 00007ffc3488da1f R14: 00007f4b79f3c9c0 R15: 000000000119c034 [ 585.849495][T17152] 9pnet: Insufficient options for proto=fd 09:05:10 executing program 1 (fault-call:8 fault-nth:11): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:10 executing program 5: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x203, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000006c0)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x78) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f00000004c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x54, 0x54, 0x5, [@union={0x6, 0x1, 0x0, 0x5, 0x1, 0x20, [{0x0, 0x0, 0x80000001}]}, @fwd={0xa}, @func={0xf, 0x0, 0x0, 0xc, 0x5}, @restrict={0x2}, @const={0x0, 0x0, 0x0, 0xa, 0x5}, @typedef={0x9, 0x0, 0x0, 0x8, 0x1}]}, {0x0, [0x30, 0x0, 0x61]}}, &(0x7f00000013c0)=""/4096, 0x71, 0x1000, 0x1}, 0x20) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001540)={0xffffffffffffffff, 0xc0, &(0x7f0000001480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40f00, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0), 0x8, 0x10, 0x0, 0x0, r1}, 0x78) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x19, 0x0, 0x0, &(0x7f0000000180)='GPL\x00', 0x8d, 0xd6, &(0x7f00000001c0)=""/214, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x0, 0x1}, 0x8, 0x10, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x57d4}, 0x10, r1}, 0x78) bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000006c0)=ANY=[@ANYBLOB="b702000008000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000081404000001007d60b7030000000000006a0a00fe00000000850000001f000000b70000000000000095000000000000006623848adf1dab62931d861531fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d9ce8205b01ddaa54d8756568836077b8471b6b69819782748b376358c33c9753bfd989b1ca58949a54d5827df14feecea46a5c53e9c37251732f1061b973ef07bf7f53ce129a9ecd3b4dd15100f2b452f98526a0d8cacdaff79b4c5008652a7b4c0974486a8d203bddc62bb2d555a363adbc33b49e13fbd1757b2701acad0e2684120b99b8cff3f48c9411670c34faf7851b290feb3045aef0d6c169e33b870d1ff4a4d371b622f20c41d8418bc4159c14025422835e81c3573ae77dbae047913476244ffd5b5a981ff0000749289b44e97e7a73f148ae8206afe120c1437492ac52903971b323f60332eb7ab5104d18e4eb69122b42f2173184c1d0fb3287c99b645f6e80e14e5d7c917c6695ebe4d94a85551714768383f465992c8862f66fa2a4a8ae4b4c84d9bee16a171ec36baddad3ec959de7bca54feea9adda9c99781750cf37cfc79d27f06843440f975fcb687bbc51cb98984670f194fb6a9cd457005444fdd23287a36c2e7b5f4f08cce450f98dbe1d18aecf9db90ebf4efd5368425b1306e3d1cfd06963b1860049064703c47c184e9e7167874e765b1c3062e6c0000000000000000000000000000000000000000007f96b53b4e869c5b69dc0b3b33"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x0, 0xe, 0x0, &(0x7f0000000400)="3d6ee2e04b91ab10143d9bbe86dd", 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0xd, 0x3, &(0x7f0000000300)=@raw=[@btf_id={0x18, 0x8, 0x3, 0x0, 0x2}, @alu={0x7, 0x1, 0x0, 0x4, 0x9, 0x50, 0xfffffffffffffff0}], &(0x7f0000000380)='syzkaller\x00', 0x5, 0x0, 0x0, 0x40f00, 0x2, [], 0x0, 0x1e, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x1, 0x5}, 0x8, 0x10, &(0x7f0000000580)={0x8, 0x2, 0xb5, 0x81}, 0x10, r1}, 0x78) [ 586.057962][T17160] FAULT_INJECTION: forcing a failure. [ 586.057962][T17160] name failslab, interval 1, probability 0, space 0, times 0 [ 586.070694][T17160] CPU: 0 PID: 17160 Comm: syz-executor.1 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 586.080852][T17160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 586.090887][T17160] Call Trace: [ 586.094176][T17160] dump_stack+0x1dd/0x24e [ 586.098485][T17160] ? devkmsg_release+0x11c/0x11c [ 586.103419][T17160] ? show_regs_print_info+0x12/0x12 [ 586.108617][T17160] ? stack_trace_save+0x120/0x1f0 [ 586.113650][T17160] ? stack_trace_snprint+0x150/0x150 [ 586.118931][T17160] should_fail+0x6fb/0x860 [ 586.123343][T17160] ? setup_fault_attr+0x3d0/0x3d0 [ 586.128355][T17160] ? slab_free_freelist_hook+0xd0/0x150 [ 586.133894][T17160] ? kfree+0x12c/0x660 [ 586.138068][T17160] ? p9_client_create+0x789/0xb90 [ 586.143097][T17160] ? v9fs_session_init+0x208/0x1a00 [ 586.148298][T17160] ? v9fs_mount+0x7f/0x790 [ 586.152813][T17160] ? vfs_get_tree+0x85/0x260 [ 586.157404][T17160] ? do_mount+0x18ab/0x2660 [ 586.162013][T17160] ? ksys_mount+0xc2/0xf0 [ 586.166341][T17160] ? parse_opts+0x1a1/0x6e0 [ 586.171016][T17160] should_failslab+0x5/0x20 [ 586.175514][T17160] __kmalloc_track_caller+0x5d/0x2c0 [ 586.180798][T17160] kstrdup+0x31/0x70 [ 586.184691][T17160] parse_opts+0x1a1/0x6e0 [ 586.189017][T17160] ? p9_fd_show_options+0x1a0/0x1a0 [ 586.194341][T17160] p9_fd_create+0x91/0x480 [ 586.198769][T17160] ? p9_client_create+0x789/0xb90 [ 586.203807][T17160] ? p9_fd_create_unix+0x470/0x470 [ 586.208917][T17160] ? __kmalloc_track_caller+0x20e/0x2c0 [ 586.214457][T17160] ? kmemdup_nul+0x42/0xa0 [ 586.218866][T17160] p9_client_create+0x81b/0xb90 [ 586.223713][T17160] ? p9_parse_header+0x6b0/0x6b0 [ 586.228647][T17160] ? __kasan_kmalloc+0x189/0x1c0 [ 586.233581][T17160] ? __kmalloc_track_caller+0x20e/0x2c0 [ 586.239144][T17160] ? vfs_get_tree+0x85/0x260 [ 586.243824][T17160] v9fs_session_init+0x208/0x1a00 [ 586.248853][T17160] ? v9fs_show_options+0x530/0x530 [ 586.254075][T17160] ? v9fs_mount+0x5c/0x790 [ 586.258513][T17160] ? kmem_cache_alloc_trace+0xc3/0x290 [ 586.263992][T17160] ? legacy_init_fs_context+0x4d/0xc0 [ 586.269367][T17160] v9fs_mount+0x7f/0x790 [ 586.273607][T17160] ? cap_capable+0x23f/0x280 [ 586.278279][T17160] legacy_get_tree+0xde/0x170 [ 586.282948][T17160] ? iterate_incfs_dir+0x370/0x370 [ 586.289276][T17160] vfs_get_tree+0x85/0x260 [ 586.293693][T17160] do_mount+0x18ab/0x2660 [ 586.298055][T17160] ? copy_mount_string+0x30/0x30 [ 586.303000][T17160] ? page_fault+0x2f/0x40 [ 586.307326][T17160] ? copy_mount_options+0x1e8/0x320 [ 586.312514][T17160] ? copy_mount_options+0x293/0x320 [ 586.317706][T17160] ksys_mount+0xc2/0xf0 [ 586.321859][T17160] __x64_sys_mount+0xb1/0xc0 [ 586.326457][T17160] do_syscall_64+0xcb/0x150 [ 586.330954][T17160] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 586.336887][T17160] RIP: 0033:0x45e219 [ 586.340773][T17160] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 586.360379][T17160] RSP: 002b:00007f422dcbdc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 586.368785][T17160] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 586.376773][T17160] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 586.384917][T17160] RBP: 00007f422dcbdca0 R08: 0000000020000580 R09: 0000000000000000 [ 586.392882][T17160] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000b [ 586.400844][T17160] R13: 00007ffc17d6516f R14: 00007f422dcbe9c0 R15: 000000000119c034 09:05:10 executing program 4: prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:10 executing program 2 (fault-call:7 fault-nth:12): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 586.409024][T17160] 9pnet: Insufficient options for proto=fd [ 586.520165][T17168] FAULT_INJECTION: forcing a failure. [ 586.520165][T17168] name failslab, interval 1, probability 0, space 0, times 0 [ 586.532843][T17168] CPU: 1 PID: 17168 Comm: syz-executor.2 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 586.543021][T17168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 586.553082][T17168] Call Trace: [ 586.556384][T17168] dump_stack+0x1dd/0x24e [ 586.560711][T17168] ? devkmsg_release+0x11c/0x11c [ 586.565638][T17168] ? p9_client_create+0x81b/0xb90 [ 586.570653][T17168] ? show_regs_print_info+0x12/0x12 [ 586.575842][T17168] ? vfs_get_tree+0x85/0x260 [ 586.580425][T17168] ? ksys_mount+0xc2/0xf0 [ 586.584747][T17168] ? __x64_sys_mount+0xb1/0xc0 [ 586.589528][T17168] ? do_syscall_64+0xcb/0x150 [ 586.594199][T17168] should_fail+0x6fb/0x860 [ 586.598615][T17168] ? setup_fault_attr+0x3d0/0x3d0 [ 586.603748][T17168] ? simple_strtoul+0x107/0x1e0 [ 586.608604][T17168] ? simple_strtoull+0x1e0/0x1e0 [ 586.613540][T17168] ? match_int+0xd9/0x1e0 [ 586.617878][T17168] should_failslab+0x5/0x20 [ 586.622415][T17168] __kmalloc_track_caller+0x5d/0x2c0 [ 586.627700][T17168] kmemdup_nul+0x27/0xa0 [ 586.631943][T17168] match_int+0xd9/0x1e0 [ 586.636133][T17168] ? match_token+0x710/0x710 [ 586.640758][T17168] ? __kmalloc_track_caller+0x20e/0x2c0 [ 586.646336][T17168] ? kstrdup+0x4c/0x70 [ 586.650407][T17168] parse_opts+0x2a6/0x6e0 [ 586.654742][T17168] ? p9_fd_show_options+0x1a0/0x1a0 [ 586.659956][T17168] p9_fd_create+0x91/0x480 [ 586.664369][T17168] ? p9_client_create+0x789/0xb90 09:05:10 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfd', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:10 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:10 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) write$cgroup_int(r0, &(0x7f0000000200), 0x12) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40086602, &(0x7f0000000040)=0x4000) r2 = getpgid(0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x3, 0x70, 0x8, 0x2c, 0x4, 0x3f, 0x0, 0x7d, 0x1000, 0xe, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x7, 0xffffffff}, 0x4232, 0x2, 0x5, 0x1, 0x5d1f800, 0x0, 0x8}, r2, 0x1, 0xffffffffffffffff, 0xb) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) prlimit64(r3, 0x0, &(0x7f0000000280), 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 09:05:10 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) [ 586.669391][T17168] ? p9_fd_create_unix+0x470/0x470 [ 586.674502][T17168] ? __kmalloc_track_caller+0x20e/0x2c0 [ 586.680073][T17168] ? kmemdup_nul+0x42/0xa0 [ 586.684494][T17168] p9_client_create+0x81b/0xb90 [ 586.689352][T17168] ? p9_parse_header+0x6b0/0x6b0 [ 586.694315][T17168] ? __kasan_kmalloc+0x189/0x1c0 [ 586.699262][T17168] ? __kmalloc_track_caller+0x20e/0x2c0 [ 586.704841][T17168] ? vfs_get_tree+0x85/0x260 [ 586.709469][T17168] v9fs_session_init+0x208/0x1a00 [ 586.714500][T17168] ? v9fs_show_options+0x530/0x530 [ 586.719609][T17168] ? v9fs_mount+0x5c/0x790 [ 586.724109][T17168] ? kmem_cache_alloc_trace+0xc3/0x290 [ 586.729566][T17168] ? legacy_init_fs_context+0x4d/0xc0 [ 586.734955][T17168] v9fs_mount+0x7f/0x790 [ 586.739194][T17168] ? cap_capable+0x23f/0x280 [ 586.743779][T17168] legacy_get_tree+0xde/0x170 [ 586.748455][T17168] ? iterate_incfs_dir+0x370/0x370 [ 586.753561][T17168] vfs_get_tree+0x85/0x260 [ 586.757979][T17168] do_mount+0x18ab/0x2660 [ 586.762309][T17168] ? copy_mount_string+0x30/0x30 [ 586.767243][T17168] ? page_fault+0x2f/0x40 [ 586.771569][T17168] ? copy_mount_options+0x1e8/0x320 [ 586.776761][T17168] ? copy_mount_options+0x293/0x320 [ 586.781952][T17168] ksys_mount+0xc2/0xf0 [ 586.786113][T17168] __x64_sys_mount+0xb1/0xc0 [ 586.790708][T17168] do_syscall_64+0xcb/0x150 [ 586.795188][T17168] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 586.801595][T17168] RIP: 0033:0x45e219 09:05:10 executing program 1 (fault-call:8 fault-nth:12): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 586.805500][T17168] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 586.825128][T17168] RSP: 002b:00007f4b79f3bc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 586.829054][T17178] 9pnet: Insufficient options for proto=fd [ 586.833532][T17168] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 586.833537][T17168] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 586.833542][T17168] RBP: 00007f4b79f3bca0 R08: 0000000020000580 R09: 0000000000000000 [ 586.833546][T17168] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000c [ 586.833550][T17168] R13: 00007ffc3488da1f R14: 00007f4b79f3c9c0 R15: 000000000119c034 [ 586.833716][T17168] 9pnet: Insufficient options for proto=fd [ 586.951651][T17187] FAULT_INJECTION: forcing a failure. [ 586.951651][T17187] name failslab, interval 1, probability 0, space 0, times 0 [ 586.965034][T17187] CPU: 1 PID: 17187 Comm: syz-executor.1 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 586.975309][T17187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 586.988846][T17187] Call Trace: [ 586.992134][T17187] dump_stack+0x1dd/0x24e [ 586.996447][T17187] ? devkmsg_release+0x11c/0x11c [ 587.001365][T17187] ? p9_client_create+0x81b/0xb90 [ 587.006383][T17187] ? show_regs_print_info+0x12/0x12 [ 587.011574][T17187] ? vfs_get_tree+0x85/0x260 [ 587.016233][T17187] ? ksys_mount+0xc2/0xf0 [ 587.020572][T17187] ? __x64_sys_mount+0xb1/0xc0 [ 587.025310][T17187] ? do_syscall_64+0xcb/0x150 [ 587.029971][T17187] should_fail+0x6fb/0x860 [ 587.034391][T17187] ? setup_fault_attr+0x3d0/0x3d0 [ 587.039405][T17187] ? simple_strtoul+0x107/0x1e0 [ 587.045565][T17187] ? simple_strtoull+0x1e0/0x1e0 [ 587.050520][T17187] ? match_int+0xd9/0x1e0 [ 587.054847][T17187] should_failslab+0x5/0x20 [ 587.059375][T17187] __kmalloc_track_caller+0x5d/0x2c0 [ 587.064662][T17187] kmemdup_nul+0x27/0xa0 [ 587.068907][T17187] match_int+0xd9/0x1e0 [ 587.073085][T17187] ? match_token+0x710/0x710 [ 587.077973][T17187] ? __kmalloc_track_caller+0x20e/0x2c0 [ 587.084654][T17187] ? kstrdup+0x4c/0x70 [ 587.088808][T17187] parse_opts+0x2a6/0x6e0 [ 587.093604][T17187] ? p9_fd_show_options+0x1a0/0x1a0 [ 587.099677][T17187] p9_fd_create+0x91/0x480 [ 587.104101][T17187] ? p9_client_create+0x789/0xb90 [ 587.110367][T17187] ? p9_fd_create_unix+0x470/0x470 [ 587.115658][T17187] ? __kmalloc_track_caller+0x20e/0x2c0 [ 587.121206][T17187] ? kmemdup_nul+0x42/0xa0 [ 587.125622][T17187] p9_client_create+0x81b/0xb90 [ 587.130474][T17187] ? p9_parse_header+0x6b0/0x6b0 [ 587.135416][T17187] ? __kasan_kmalloc+0x189/0x1c0 [ 587.140352][T17187] ? __kmalloc_track_caller+0x20e/0x2c0 [ 587.145896][T17187] ? vfs_get_tree+0x85/0x260 [ 587.150484][T17187] v9fs_session_init+0x208/0x1a00 [ 587.155534][T17187] ? v9fs_show_options+0x530/0x530 [ 587.160651][T17187] ? v9fs_mount+0x5c/0x790 [ 587.165073][T17187] ? kmem_cache_alloc_trace+0xc3/0x290 [ 587.170540][T17187] ? legacy_init_fs_context+0x4d/0xc0 [ 587.175939][T17187] v9fs_mount+0x7f/0x790 [ 587.180205][T17187] ? cap_capable+0x23f/0x280 [ 587.185312][T17187] legacy_get_tree+0xde/0x170 [ 587.189980][T17187] ? iterate_incfs_dir+0x370/0x370 [ 587.195172][T17187] vfs_get_tree+0x85/0x260 [ 587.199586][T17187] do_mount+0x18ab/0x2660 [ 587.203994][T17187] ? copy_mount_string+0x30/0x30 [ 587.208928][T17187] ? page_fault+0x2f/0x40 [ 587.213251][T17187] ? copy_mount_options+0x1e8/0x320 [ 587.218459][T17187] ? copy_mount_options+0x293/0x320 [ 587.223649][T17187] ksys_mount+0xc2/0xf0 [ 587.227796][T17187] __x64_sys_mount+0xb1/0xc0 [ 587.232378][T17187] do_syscall_64+0xcb/0x150 [ 587.237170][T17187] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 587.243057][T17187] RIP: 0033:0x45e219 [ 587.246990][T17187] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 587.266792][T17187] RSP: 002b:00007f422dcbdc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 587.276417][T17187] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 587.284382][T17187] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 587.292352][T17187] RBP: 00007f422dcbdca0 R08: 0000000020000580 R09: 0000000000000000 [ 587.300318][T17187] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000c [ 587.308295][T17187] R13: 00007ffc17d6516f R14: 00007f422dcbe9c0 R15: 000000000119c034 [ 587.316424][T17187] 9pnet: Insufficient options for proto=fd 09:05:12 executing program 1 (fault-call:8 fault-nth:13): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:12 executing program 2 (fault-call:7 fault-nth:13): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:12 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:12 executing program 4: prlimit64(0x0, 0xe, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 588.266337][T17196] FAULT_INJECTION: forcing a failure. [ 588.266337][T17196] name failslab, interval 1, probability 0, space 0, times 0 [ 588.279236][T17196] CPU: 0 PID: 17196 Comm: syz-executor.1 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 588.289818][T17196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 588.299873][T17196] Call Trace: [ 588.303203][T17196] dump_stack+0x1dd/0x24e [ 588.307559][T17196] ? devkmsg_release+0x11c/0x11c [ 588.312497][T17196] ? show_regs_print_info+0x12/0x12 [ 588.317703][T17196] should_fail+0x6fb/0x860 [ 588.322123][T17196] ? setup_fault_attr+0x3d0/0x3d0 [ 588.327175][T17196] ? simple_strtoul+0x107/0x1e0 [ 588.332030][T17196] ? simple_strtoull+0x1e0/0x1e0 [ 588.336967][T17196] ? match_int+0xd9/0x1e0 [ 588.341311][T17196] should_failslab+0x5/0x20 [ 588.345811][T17196] __kmalloc_track_caller+0x5d/0x2c0 [ 588.351982][T17196] ? kmemdup_nul+0x42/0xa0 [ 588.356395][T17196] kmemdup_nul+0x27/0xa0 [ 588.360656][T17196] match_int+0xd9/0x1e0 [ 588.365712][T17196] ? match_token+0x710/0x710 [ 588.370295][T17196] ? __kmalloc_track_caller+0x20e/0x2c0 [ 588.375836][T17196] ? kstrdup+0x4c/0x70 [ 588.379905][T17196] parse_opts+0x2a6/0x6e0 [ 588.384607][T17196] ? p9_fd_show_options+0x1a0/0x1a0 [ 588.389917][T17196] p9_fd_create+0x91/0x480 [ 588.394338][T17196] ? p9_client_create+0x789/0xb90 [ 588.399358][T17196] ? p9_fd_create_unix+0x470/0x470 [ 588.404990][T17196] ? __kmalloc_track_caller+0x20e/0x2c0 [ 588.410580][T17196] ? kmemdup_nul+0x42/0xa0 [ 588.414999][T17196] p9_client_create+0x81b/0xb90 [ 588.419848][T17196] ? p9_parse_header+0x6b0/0x6b0 [ 588.424781][T17196] ? __kasan_kmalloc+0x189/0x1c0 [ 588.429737][T17196] ? __kmalloc_track_caller+0x20e/0x2c0 [ 588.435276][T17196] ? vfs_get_tree+0x85/0x260 [ 588.439888][T17196] v9fs_session_init+0x208/0x1a00 [ 588.444908][T17196] ? v9fs_show_options+0x530/0x530 [ 588.450016][T17196] ? v9fs_mount+0x5c/0x790 [ 588.454430][T17196] ? v9fs_mount+0x5c/0x790 [ 588.458866][T17196] ? kmem_cache_alloc_trace+0xc3/0x290 [ 588.464325][T17196] v9fs_mount+0x7f/0x790 [ 588.468596][T17196] ? cap_capable+0x23f/0x280 [ 588.473182][T17196] legacy_get_tree+0xde/0x170 [ 588.478208][T17196] ? iterate_incfs_dir+0x370/0x370 [ 588.483335][T17196] vfs_get_tree+0x85/0x260 [ 588.487746][T17196] do_mount+0x18ab/0x2660 [ 588.492092][T17196] ? copy_mount_string+0x30/0x30 [ 588.497113][T17196] ? page_fault+0x2f/0x40 [ 588.501439][T17196] ? copy_mount_options+0x1e8/0x320 [ 588.506631][T17196] ? copy_mount_options+0x293/0x320 [ 588.511823][T17196] ksys_mount+0xc2/0xf0 [ 588.515976][T17196] __x64_sys_mount+0xb1/0xc0 [ 588.520568][T17196] do_syscall_64+0xcb/0x150 [ 588.525067][T17196] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 588.530954][T17196] RIP: 0033:0x45e219 [ 588.534841][T17196] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 588.555395][T17196] RSP: 002b:00007f422dcbdc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 588.563809][T17196] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 588.571780][T17196] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 588.579754][T17196] RBP: 00007f422dcbdca0 R08: 0000000020000580 R09: 0000000000000000 [ 588.587988][T17196] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000d [ 588.595982][T17196] R13: 00007ffc17d6516f R14: 00007f422dcbe9c0 R15: 000000000119c034 [ 588.604074][T17196] 9pnet: Insufficient options for proto=fd [ 588.840845][T17205] FAULT_INJECTION: forcing a failure. [ 588.840845][T17205] name failslab, interval 1, probability 0, space 0, times 0 [ 588.854296][T17205] CPU: 1 PID: 17205 Comm: syz-executor.2 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 588.864708][T17205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 588.875118][T17205] Call Trace: [ 588.878403][T17205] dump_stack+0x1dd/0x24e [ 588.882720][T17205] ? devkmsg_release+0x11c/0x11c [ 588.887662][T17205] ? show_regs_print_info+0x12/0x12 [ 588.892853][T17205] should_fail+0x6fb/0x860 [ 588.897273][T17205] ? setup_fault_attr+0x3d0/0x3d0 [ 588.902289][T17205] ? simple_strtoul+0x107/0x1e0 [ 588.907134][T17205] ? simple_strtoull+0x1e0/0x1e0 [ 588.912071][T17205] ? match_int+0xd9/0x1e0 [ 588.916388][T17205] should_failslab+0x5/0x20 [ 588.920883][T17205] __kmalloc_track_caller+0x5d/0x2c0 [ 588.926174][T17205] ? kmemdup_nul+0x42/0xa0 [ 588.930573][T17205] kmemdup_nul+0x27/0xa0 [ 588.934805][T17205] match_int+0xd9/0x1e0 [ 588.939040][T17205] ? match_token+0x710/0x710 [ 588.943632][T17205] ? __kmalloc_track_caller+0x20e/0x2c0 [ 588.949185][T17205] ? kstrdup+0x4c/0x70 [ 588.953345][T17205] parse_opts+0x2a6/0x6e0 [ 588.957694][T17205] ? p9_fd_show_options+0x1a0/0x1a0 [ 588.962975][T17205] p9_fd_create+0x91/0x480 [ 588.967378][T17205] ? p9_client_create+0x789/0xb90 [ 588.972414][T17205] ? p9_fd_create_unix+0x470/0x470 [ 588.977863][T17205] ? __kmalloc_track_caller+0x20e/0x2c0 [ 588.983404][T17205] ? kmemdup_nul+0x42/0xa0 [ 588.987907][T17205] p9_client_create+0x81b/0xb90 [ 588.992753][T17205] ? p9_parse_header+0x6b0/0x6b0 [ 588.997683][T17205] ? __kasan_kmalloc+0x189/0x1c0 [ 589.002698][T17205] ? __kmalloc_track_caller+0x20e/0x2c0 [ 589.008245][T17205] ? vfs_get_tree+0x85/0x260 [ 589.012911][T17205] v9fs_session_init+0x208/0x1a00 [ 589.017948][T17205] ? v9fs_show_options+0x530/0x530 [ 589.023063][T17205] ? v9fs_mount+0x5c/0x790 [ 589.028117][T17205] ? kmem_cache_alloc_trace+0xc3/0x290 [ 589.034883][T17205] ? legacy_init_fs_context+0x4d/0xc0 [ 589.040347][T17205] v9fs_mount+0x7f/0x790 [ 589.044680][T17205] ? cap_capable+0x23f/0x280 [ 589.049288][T17205] legacy_get_tree+0xde/0x170 [ 589.053981][T17205] ? iterate_incfs_dir+0x370/0x370 [ 589.059284][T17205] vfs_get_tree+0x85/0x260 [ 589.064428][T17205] do_mount+0x18ab/0x2660 [ 589.069141][T17205] ? copy_mount_string+0x30/0x30 [ 589.074346][T17205] ? page_fault+0x2f/0x40 [ 589.078674][T17205] ? copy_mount_options+0x1e8/0x320 [ 589.084684][T17205] ? copy_mount_options+0x293/0x320 [ 589.089935][T17205] ksys_mount+0xc2/0xf0 [ 589.094109][T17205] __x64_sys_mount+0xb1/0xc0 [ 589.098790][T17205] do_syscall_64+0xcb/0x150 [ 589.103288][T17205] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 589.109189][T17205] RIP: 0033:0x45e219 [ 589.113071][T17205] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 589.133102][T17205] RSP: 002b:00007f4b79f3bc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 589.141878][T17205] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 589.149861][T17205] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 589.158280][T17205] RBP: 00007f4b79f3bca0 R08: 0000000020000580 R09: 0000000000000000 [ 589.166517][T17205] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000d [ 589.174739][T17205] R13: 00007ffc3488da1f R14: 00007f4b79f3c9c0 R15: 000000000119c034 [ 589.185403][T17206] 9pnet: Insufficient options for proto=fd 09:05:13 executing program 1 (fault-call:8 fault-nth:14): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 589.203368][T17205] 9pnet: Insufficient options for proto=fd [ 589.310662][T17210] FAULT_INJECTION: forcing a failure. [ 589.310662][T17210] name failslab, interval 1, probability 0, space 0, times 0 [ 589.323768][T17210] CPU: 0 PID: 17210 Comm: syz-executor.1 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 589.334351][T17210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 589.344849][T17210] Call Trace: [ 589.348124][T17210] dump_stack+0x1dd/0x24e [ 589.352450][T17210] ? devkmsg_release+0x11c/0x11c [ 589.357511][T17210] ? show_regs_print_info+0x12/0x12 [ 589.363252][T17210] ? parse_opts+0x53c/0x6e0 [ 589.367864][T17210] should_fail+0x6fb/0x860 [ 589.372274][T17210] ? setup_fault_attr+0x3d0/0x3d0 [ 589.377812][T17210] ? p9_fd_create+0x161/0x480 [ 589.382483][T17210] should_failslab+0x5/0x20 [ 589.387257][T17210] kmem_cache_alloc_trace+0x39/0x290 [ 589.392531][T17210] p9_fd_create+0x161/0x480 [ 589.397389][T17210] ? p9_client_create+0x789/0xb90 [ 589.402487][T17210] ? p9_fd_create_unix+0x470/0x470 [ 589.407603][T17210] p9_client_create+0x81b/0xb90 [ 589.412951][T17210] ? p9_parse_header+0x6b0/0x6b0 [ 589.419880][T17210] ? __kasan_kmalloc+0x189/0x1c0 [ 589.424822][T17210] ? __kmalloc_track_caller+0x20e/0x2c0 [ 589.430885][T17210] ? vfs_get_tree+0x85/0x260 [ 589.435490][T17210] v9fs_session_init+0x208/0x1a00 [ 589.441573][T17210] ? v9fs_show_options+0x530/0x530 [ 589.446962][T17210] ? v9fs_mount+0x5c/0x790 [ 589.451357][T17210] ? v9fs_mount+0x5c/0x790 [ 589.457266][T17210] ? kmem_cache_alloc_trace+0xc3/0x290 [ 589.462741][T17210] v9fs_mount+0x7f/0x790 [ 589.466971][T17210] ? cap_capable+0x23f/0x280 [ 589.471649][T17210] legacy_get_tree+0xde/0x170 [ 589.476312][T17210] ? iterate_incfs_dir+0x370/0x370 [ 589.481454][T17210] vfs_get_tree+0x85/0x260 [ 589.485868][T17210] do_mount+0x18ab/0x2660 [ 589.490191][T17210] ? copy_mount_string+0x30/0x30 [ 589.495736][T17210] ? page_fault+0x2f/0x40 [ 589.500069][T17210] ? copy_mount_options+0x1e8/0x320 [ 589.506558][T17210] ? copy_mount_options+0x293/0x320 [ 589.511768][T17210] ksys_mount+0xc2/0xf0 [ 589.515930][T17210] __x64_sys_mount+0xb1/0xc0 [ 589.520522][T17210] do_syscall_64+0xcb/0x150 [ 589.525201][T17210] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 589.531082][T17210] RIP: 0033:0x45e219 [ 589.534973][T17210] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 09:05:13 executing program 2 (fault-call:7 fault-nth:14): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:13 executing program 4: prlimit64(0x0, 0xe, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 589.555601][T17210] RSP: 002b:00007f422dcbdc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 589.565160][T17210] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 589.573128][T17210] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 589.581211][T17210] RBP: 00007f422dcbdca0 R08: 0000000020000580 R09: 0000000000000000 [ 589.589183][T17210] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000e 09:05:13 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 589.602502][T17210] R13: 00007ffc17d6516f R14: 00007f422dcbe9c0 R15: 000000000119c034 [ 589.700384][T17218] FAULT_INJECTION: forcing a failure. [ 589.700384][T17218] name failslab, interval 1, probability 0, space 0, times 0 [ 589.713487][T17218] CPU: 0 PID: 17218 Comm: syz-executor.2 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 589.715411][T17219] 9pnet: Insufficient options for proto=fd [ 589.723628][T17218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 589.723633][T17218] Call Trace: [ 589.723656][T17218] dump_stack+0x1dd/0x24e [ 589.723667][T17218] ? devkmsg_release+0x11c/0x11c [ 589.723677][T17218] ? show_regs_print_info+0x12/0x12 [ 589.723685][T17218] ? parse_opts+0x53c/0x6e0 [ 589.723695][T17218] should_fail+0x6fb/0x860 [ 589.723706][T17218] ? setup_fault_attr+0x3d0/0x3d0 [ 589.723716][T17218] ? p9_fd_create+0x161/0x480 [ 589.723725][T17218] should_failslab+0x5/0x20 [ 589.723744][T17218] kmem_cache_alloc_trace+0x39/0x290 [ 589.723755][T17218] p9_fd_create+0x161/0x480 [ 589.723764][T17218] ? p9_client_create+0x789/0xb90 [ 589.723774][T17218] ? p9_fd_create_unix+0x470/0x470 [ 589.723784][T17218] ? __kmalloc_track_caller+0x20e/0x2c0 [ 589.723794][T17218] ? kmemdup_nul+0x42/0xa0 [ 589.723803][T17218] p9_client_create+0x81b/0xb90 [ 589.723818][T17218] ? p9_parse_header+0x6b0/0x6b0 [ 589.820064][T17218] ? __kasan_kmalloc+0x189/0x1c0 [ 589.825023][T17218] ? __kmalloc_track_caller+0x20e/0x2c0 [ 589.830662][T17218] ? vfs_get_tree+0x85/0x260 [ 589.835231][T17218] v9fs_session_init+0x208/0x1a00 [ 589.840237][T17218] ? v9fs_show_options+0x530/0x530 [ 589.845337][T17218] ? v9fs_mount+0x5c/0x790 [ 589.850034][T17218] ? kmem_cache_alloc_trace+0xc3/0x290 [ 589.855534][T17218] ? legacy_init_fs_context+0x4d/0xc0 [ 589.860890][T17218] v9fs_mount+0x7f/0x790 [ 589.865172][T17218] ? cap_capable+0x23f/0x280 [ 589.869743][T17218] legacy_get_tree+0xde/0x170 [ 589.874437][T17218] ? iterate_incfs_dir+0x370/0x370 [ 589.879549][T17218] vfs_get_tree+0x85/0x260 [ 589.883966][T17218] do_mount+0x18ab/0x2660 [ 589.888288][T17218] ? copy_mount_string+0x30/0x30 [ 589.893215][T17218] ? page_fault+0x2f/0x40 [ 589.897534][T17218] ? copy_mount_options+0x1e8/0x320 [ 589.902733][T17218] ? copy_mount_options+0x293/0x320 [ 589.907944][T17218] ksys_mount+0xc2/0xf0 [ 589.912092][T17218] __x64_sys_mount+0xb1/0xc0 [ 589.916677][T17218] do_syscall_64+0xcb/0x150 [ 589.921176][T17218] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 589.927044][T17218] RIP: 0033:0x45e219 [ 589.930921][T17218] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 589.950515][T17218] RSP: 002b:00007f4b79f3bc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 589.958914][T17218] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 589.966892][T17218] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 589.974850][T17218] RBP: 00007f4b79f3bca0 R08: 0000000020000580 R09: 0000000000000000 [ 589.982803][T17218] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000e [ 589.990773][T17218] R13: 00007ffc3488da1f R14: 00007f4b79f3c9c0 R15: 000000000119c034 09:05:14 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x0) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:14 executing program 4: prlimit64(0x0, 0xe, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:14 executing program 1 (fault-call:8 fault-nth:15): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:14 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:14 executing program 2 (fault-call:7 fault-nth:15): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:14 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 590.568927][T17234] FAULT_INJECTION: forcing a failure. [ 590.568927][T17234] name failslab, interval 1, probability 0, space 0, times 0 [ 590.580591][T17235] 9pnet: Insufficient options for proto=fd [ 590.581771][T17234] CPU: 1 PID: 17234 Comm: syz-executor.2 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 590.598171][T17234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 590.608220][T17234] Call Trace: [ 590.611510][T17234] dump_stack+0x1dd/0x24e [ 590.615832][T17234] ? devkmsg_release+0x11c/0x11c [ 590.620758][T17234] ? arch_stack_walk+0xf8/0x140 [ 590.625601][T17234] ? show_regs_print_info+0x12/0x12 [ 590.631342][T17234] should_fail+0x6fb/0x860 [ 590.635762][T17234] ? setup_fault_attr+0x3d0/0x3d0 [ 590.640804][T17234] ? p9_client_prepare_req+0xb1/0x7e0 [ 590.646174][T17234] should_failslab+0x5/0x20 [ 590.650679][T17234] kmem_cache_alloc+0x36/0x270 [ 590.655626][T17234] p9_client_prepare_req+0xb1/0x7e0 [ 590.660822][T17234] ? p9_client_create+0x81b/0xb90 [ 590.665841][T17234] ? v9fs_session_init+0x208/0x1a00 [ 590.671036][T17234] ? v9fs_mount+0x7f/0x790 [ 590.676144][T17234] p9_client_rpc+0x12c/0xb80 [ 590.682847][T17234] ? _raw_spin_lock_irqsave+0xf8/0x210 [ 590.688309][T17234] ? p9_fid_create+0x260/0x260 [ 590.693853][T17234] ? __fget+0x37c/0x3c0 [ 590.698004][T17234] ? add_wait_queue+0x77/0x130 [ 590.702762][T17234] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 590.708568][T17234] p9_client_version+0x183/0x700 [ 590.713525][T17234] ? p9_conn_create+0x4a6/0x520 [ 590.721005][T17234] ? p9_fd_create+0x391/0x480 [ 590.725676][T17234] ? p9_client_create+0xb90/0xb90 [ 590.730721][T17234] ? p9_fd_create_unix+0x470/0x470 [ 590.735827][T17234] ? __kmalloc_track_caller+0x20e/0x2c0 [ 590.741365][T17234] ? kmemdup_nul+0x42/0xa0 [ 590.745778][T17234] p9_client_create+0x8e5/0xb90 [ 590.750625][T17234] ? p9_parse_header+0x6b0/0x6b0 [ 590.755655][T17234] ? __kasan_kmalloc+0x189/0x1c0 [ 590.760624][T17234] ? __kmalloc_track_caller+0x20e/0x2c0 [ 590.766174][T17234] ? vfs_get_tree+0x85/0x260 [ 590.770760][T17234] v9fs_session_init+0x208/0x1a00 [ 590.775778][T17234] ? v9fs_show_options+0x530/0x530 [ 590.780995][T17234] ? v9fs_mount+0x5c/0x790 [ 590.785409][T17234] ? kmem_cache_alloc_trace+0xc3/0x290 [ 590.790865][T17234] ? legacy_init_fs_context+0x4d/0xc0 [ 590.796232][T17234] v9fs_mount+0x7f/0x790 [ 590.800479][T17234] ? cap_capable+0x23f/0x280 [ 590.805073][T17234] legacy_get_tree+0xde/0x170 [ 590.809740][T17234] ? iterate_incfs_dir+0x370/0x370 [ 590.814845][T17234] vfs_get_tree+0x85/0x260 [ 590.819270][T17234] do_mount+0x18ab/0x2660 [ 590.823590][T17234] ? copy_mount_string+0x30/0x30 [ 590.828507][T17234] ? page_fault+0x2f/0x40 [ 590.832835][T17234] ? copy_mount_options+0x1e8/0x320 [ 590.838019][T17234] ? copy_mount_options+0x293/0x320 [ 590.843317][T17234] ksys_mount+0xc2/0xf0 [ 590.847591][T17234] __x64_sys_mount+0xb1/0xc0 [ 590.852232][T17234] do_syscall_64+0xcb/0x150 [ 590.856739][T17234] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 590.862612][T17234] RIP: 0033:0x45e219 [ 590.866924][T17234] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 590.888166][T17234] RSP: 002b:00007f4b79f3bc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 590.896572][T17234] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 590.904544][T17234] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 590.912933][T17234] RBP: 00007f4b79f3bca0 R08: 0000000020000580 R09: 0000000000000000 [ 590.920884][T17234] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000f [ 590.928851][T17234] R13: 00007ffc3488da1f R14: 00007f4b79f3c9c0 R15: 000000000119c034 [ 590.938584][T17236] FAULT_INJECTION: forcing a failure. [ 590.938584][T17236] name failslab, interval 1, probability 0, space 0, times 0 [ 590.951362][T17236] CPU: 0 PID: 17236 Comm: syz-executor.1 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 590.961516][T17236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 590.971659][T17236] Call Trace: [ 590.974952][T17236] dump_stack+0x1dd/0x24e [ 590.979282][T17236] ? devkmsg_release+0x11c/0x11c [ 590.984221][T17236] ? arch_stack_walk+0xf8/0x140 [ 590.989070][T17236] ? show_regs_print_info+0x12/0x12 [ 590.994265][T17236] should_fail+0x6fb/0x860 [ 590.998685][T17236] ? setup_fault_attr+0x3d0/0x3d0 [ 591.003711][T17236] ? p9_client_prepare_req+0xb1/0x7e0 [ 591.009083][T17236] should_failslab+0x5/0x20 [ 591.013587][T17236] kmem_cache_alloc+0x36/0x270 [ 591.018350][T17236] p9_client_prepare_req+0xb1/0x7e0 [ 591.023543][T17236] ? p9_client_create+0x81b/0xb90 [ 591.028568][T17236] ? v9fs_session_init+0x208/0x1a00 [ 591.033882][T17236] ? v9fs_mount+0x7f/0x790 [ 591.038304][T17236] p9_client_rpc+0x12c/0xb80 [ 591.042895][T17236] ? _raw_spin_lock_irqsave+0xf8/0x210 [ 591.050443][T17236] ? p9_fid_create+0x260/0x260 [ 591.055212][T17236] ? __fget+0x37c/0x3c0 [ 591.059361][T17236] ? add_wait_queue+0x77/0x130 [ 591.064148][T17236] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 591.069947][T17236] p9_client_version+0x183/0x700 [ 591.074988][T17236] ? p9_conn_create+0x4a6/0x520 [ 591.080203][T17236] ? p9_fd_create+0x391/0x480 [ 591.084858][T17236] ? p9_client_create+0xb90/0xb90 [ 591.089979][T17236] ? p9_fd_create_unix+0x470/0x470 [ 591.095070][T17236] ? __kmalloc_track_caller+0x20e/0x2c0 [ 591.100596][T17236] ? kmemdup_nul+0x42/0xa0 [ 591.104990][T17236] p9_client_create+0x8e5/0xb90 [ 591.109826][T17236] ? p9_parse_header+0x6b0/0x6b0 [ 591.114752][T17236] ? __kasan_kmalloc+0x189/0x1c0 [ 591.119670][T17236] ? __kmalloc_track_caller+0x20e/0x2c0 [ 591.125308][T17236] ? vfs_get_tree+0x85/0x260 [ 591.129894][T17236] v9fs_session_init+0x208/0x1a00 [ 591.134904][T17236] ? v9fs_show_options+0x530/0x530 [ 591.140007][T17236] ? v9fs_mount+0x5c/0x790 [ 591.144450][T17236] ? kmem_cache_alloc_trace+0xc3/0x290 [ 591.149901][T17236] ? legacy_init_fs_context+0x4d/0xc0 [ 591.155292][T17236] v9fs_mount+0x7f/0x790 [ 591.159517][T17236] ? cap_capable+0x23f/0x280 [ 591.164087][T17236] legacy_get_tree+0xde/0x170 [ 591.168743][T17236] ? iterate_incfs_dir+0x370/0x370 [ 591.173843][T17236] vfs_get_tree+0x85/0x260 [ 591.178237][T17236] do_mount+0x18ab/0x2660 [ 591.182544][T17236] ? copy_mount_string+0x30/0x30 [ 591.187456][T17236] ? page_fault+0x2f/0x40 [ 591.191765][T17236] ? copy_mount_options+0x1e8/0x320 [ 591.196965][T17236] ? copy_mount_options+0x293/0x320 [ 591.202144][T17236] ksys_mount+0xc2/0xf0 [ 591.206296][T17236] __x64_sys_mount+0xb1/0xc0 [ 591.210896][T17236] do_syscall_64+0xcb/0x150 [ 591.215380][T17236] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 591.221274][T17236] RIP: 0033:0x45e219 [ 591.225159][T17236] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 591.244905][T17236] RSP: 002b:00007f422dcbdc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 591.253299][T17236] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 591.261256][T17236] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 591.269209][T17236] RBP: 00007f422dcbdca0 R08: 0000000020000580 R09: 0000000000000000 [ 591.277161][T17236] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000f [ 591.285111][T17236] R13: 00007ffc17d6516f R14: 00007f422dcbe9c0 R15: 000000000119c034 09:05:15 executing program 2 (fault-call:7 fault-nth:16): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:15 executing program 0 (fault-call:8 fault-nth:0): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:15 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:15 executing program 1 (fault-call:8 fault-nth:16): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 591.436924][T17261] FAULT_INJECTION: forcing a failure. [ 591.436924][T17261] name failslab, interval 1, probability 0, space 0, times 0 [ 591.438340][T17262] FAULT_INJECTION: forcing a failure. [ 591.438340][T17262] name failslab, interval 1, probability 0, space 0, times 0 [ 591.449801][T17261] CPU: 1 PID: 17261 Comm: syz-executor.2 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 591.472516][T17261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 591.482569][T17261] Call Trace: [ 591.485858][T17261] dump_stack+0x1dd/0x24e [ 591.490197][T17261] ? devkmsg_release+0x11c/0x11c [ 591.495124][T17261] ? arch_stack_walk+0xf8/0x140 [ 591.500055][T17261] ? show_regs_print_info+0x12/0x12 [ 591.505446][T17261] should_fail+0x6fb/0x860 [ 591.509860][T17261] ? setup_fault_attr+0x3d0/0x3d0 [ 591.514877][T17261] ? p9_client_prepare_req+0xb1/0x7e0 [ 591.520607][T17261] should_failslab+0x5/0x20 [ 591.525112][T17261] kmem_cache_alloc+0x36/0x270 [ 591.529875][T17261] p9_client_prepare_req+0xb1/0x7e0 [ 591.535069][T17261] ? p9_client_create+0x81b/0xb90 [ 591.540105][T17261] ? v9fs_session_init+0x208/0x1a00 [ 591.545304][T17261] ? v9fs_mount+0x7f/0x790 [ 591.549715][T17261] p9_client_rpc+0x12c/0xb80 [ 591.554316][T17261] ? _raw_spin_lock_irqsave+0xf8/0x210 [ 591.559805][T17261] ? p9_fid_create+0x260/0x260 [ 591.564564][T17261] ? __fget+0x37c/0x3c0 [ 591.569088][T17261] ? add_wait_queue+0x77/0x130 [ 591.573850][T17261] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 591.580077][T17261] p9_client_version+0x183/0x700 [ 591.585018][T17261] ? p9_conn_create+0x4a6/0x520 [ 591.590044][T17261] ? p9_fd_create+0x391/0x480 [ 591.594722][T17261] ? p9_client_create+0xb90/0xb90 [ 591.599836][T17261] ? p9_fd_create_unix+0x470/0x470 [ 591.604947][T17261] ? __kmalloc_track_caller+0x20e/0x2c0 [ 591.610508][T17261] ? kmemdup_nul+0x42/0xa0 [ 591.615158][T17261] p9_client_create+0x8e5/0xb90 [ 591.620009][T17261] ? p9_parse_header+0x6b0/0x6b0 [ 591.624942][T17261] ? __kasan_kmalloc+0x189/0x1c0 [ 591.629900][T17261] ? __kmalloc_track_caller+0x20e/0x2c0 [ 591.635440][T17261] ? vfs_get_tree+0x85/0x260 [ 591.640178][T17261] v9fs_session_init+0x208/0x1a00 [ 591.645216][T17261] ? v9fs_show_options+0x530/0x530 [ 591.650331][T17261] ? v9fs_mount+0x5c/0x790 [ 591.654955][T17261] ? kmem_cache_alloc_trace+0xc3/0x290 [ 591.660436][T17261] ? legacy_init_fs_context+0x4d/0xc0 [ 591.665821][T17261] v9fs_mount+0x7f/0x790 [ 591.670209][T17261] ? cap_capable+0x23f/0x280 [ 591.674811][T17261] legacy_get_tree+0xde/0x170 [ 591.680412][T17261] ? iterate_incfs_dir+0x370/0x370 [ 591.685731][T17261] vfs_get_tree+0x85/0x260 [ 591.690166][T17261] do_mount+0x18ab/0x2660 [ 591.694512][T17261] ? copy_mount_string+0x30/0x30 [ 591.699477][T17261] ? page_fault+0x2f/0x40 [ 591.703817][T17261] ? copy_mount_options+0x1e8/0x320 [ 591.709377][T17261] ? copy_mount_options+0x293/0x320 [ 591.714683][T17261] ksys_mount+0xc2/0xf0 [ 591.718924][T17261] __x64_sys_mount+0xb1/0xc0 [ 591.723512][T17261] do_syscall_64+0xcb/0x150 [ 591.728283][T17261] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 591.734171][T17261] RIP: 0033:0x45e219 [ 591.738153][T17261] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 591.757778][T17261] RSP: 002b:00007f4b79f3bc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 591.766199][T17261] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 591.774166][T17261] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 591.782264][T17261] RBP: 00007f4b79f3bca0 R08: 0000000020000580 R09: 0000000000000000 [ 591.790235][T17261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000010 [ 591.798210][T17261] R13: 00007ffc3488da1f R14: 00007f4b79f3c9c0 R15: 000000000119c034 [ 591.806976][T17262] CPU: 0 PID: 17262 Comm: syz-executor.0 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 591.817214][T17262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 591.827293][T17262] Call Trace: [ 591.830596][T17262] dump_stack+0x1dd/0x24e [ 591.834955][T17262] ? devkmsg_release+0x11c/0x11c [ 591.840426][T17262] ? show_regs_print_info+0x12/0x12 [ 591.845628][T17262] ? check_preemption_disabled+0x9e/0x330 [ 591.851354][T17262] ? debug_smp_processor_id+0x20/0x20 [ 591.856964][T17262] should_fail+0x6fb/0x860 [ 591.861410][T17262] ? setup_fault_attr+0x3d0/0x3d0 [ 591.867048][T17262] ? __sb_end_write+0xb5/0x100 [ 591.871811][T17262] ? vfs_write+0x427/0x4f0 [ 591.876247][T17262] ? ksys_mount+0x30/0xf0 [ 591.880580][T17262] should_failslab+0x5/0x20 [ 591.885079][T17262] __kmalloc_track_caller+0x5d/0x2c0 [ 591.890361][T17262] ? strnlen_user+0x185/0x210 [ 591.895064][T17262] strndup_user+0x73/0x150 [ 591.899484][T17262] ksys_mount+0x30/0xf0 [ 591.903637][T17262] __x64_sys_mount+0xb1/0xc0 [ 591.908250][T17262] do_syscall_64+0xcb/0x150 [ 591.912749][T17262] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 591.919003][T17262] RIP: 0033:0x45e219 [ 591.922913][T17262] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 591.942532][T17262] RSP: 002b:00007f0b3fc46c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 591.950943][T17262] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 591.959108][T17262] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 591.967076][T17262] RBP: 00007f0b3fc46ca0 R08: 0000000020000580 R09: 0000000000000000 [ 591.975991][T17262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 591.984240][T17262] R13: 00007ffdd10d6f0f R14: 00007f0b3fc479c0 R15: 000000000119c034 [ 591.995606][T17263] FAULT_INJECTION: forcing a failure. [ 591.995606][T17263] name failslab, interval 1, probability 0, space 0, times 0 [ 592.012629][T17263] CPU: 1 PID: 17263 Comm: syz-executor.1 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 592.023008][T17263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 592.033204][T17263] Call Trace: [ 592.036517][T17263] dump_stack+0x1dd/0x24e [ 592.041676][T17263] ? devkmsg_release+0x11c/0x11c [ 592.046711][T17263] ? show_regs_print_info+0x12/0x12 [ 592.052298][T17263] should_fail+0x6fb/0x860 [ 592.056881][T17263] ? setup_fault_attr+0x3d0/0x3d0 [ 592.061935][T17263] ? p9_fcall_init+0x117/0x200 [ 592.066968][T17263] should_failslab+0x5/0x20 [ 592.071511][T17263] __kmalloc+0x5f/0x2d0 [ 592.075676][T17263] p9_fcall_init+0x117/0x200 [ 592.080290][T17263] p9_client_prepare_req+0x10d/0x7e0 [ 592.085569][T17263] ? p9_client_create+0x81b/0xb90 [ 592.090584][T17263] ? v9fs_session_init+0x208/0x1a00 [ 592.095795][T17263] ? v9fs_mount+0x7f/0x790 [ 592.100215][T17263] p9_client_rpc+0x12c/0xb80 [ 592.104815][T17263] ? _raw_spin_lock_irqsave+0xf8/0x210 [ 592.110432][T17263] ? p9_fid_create+0x260/0x260 [ 592.115200][T17263] ? __fget+0x37c/0x3c0 [ 592.119355][T17263] ? add_wait_queue+0x77/0x130 [ 592.124119][T17263] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 592.130014][T17263] p9_client_version+0x183/0x700 [ 592.134952][T17263] ? p9_conn_create+0x4a6/0x520 [ 592.139898][T17263] ? p9_fd_create+0x391/0x480 [ 592.144577][T17263] ? p9_client_create+0xb90/0xb90 [ 592.149601][T17263] ? p9_fd_create_unix+0x470/0x470 [ 592.154816][T17263] ? __kmalloc_track_caller+0x20e/0x2c0 [ 592.161680][T17263] ? kmemdup_nul+0x42/0xa0 [ 592.166114][T17263] p9_client_create+0x8e5/0xb90 [ 592.171017][T17263] ? p9_parse_header+0x6b0/0x6b0 [ 592.175994][T17263] ? __kasan_kmalloc+0x189/0x1c0 [ 592.180955][T17263] ? __kmalloc_track_caller+0x20e/0x2c0 [ 592.186623][T17263] ? vfs_get_tree+0x85/0x260 [ 592.192167][T17263] v9fs_session_init+0x208/0x1a00 [ 592.197202][T17263] ? v9fs_show_options+0x530/0x530 [ 592.202335][T17263] ? v9fs_mount+0x5c/0x790 [ 592.206773][T17263] ? kmem_cache_alloc_trace+0xc3/0x290 [ 592.212241][T17263] ? legacy_init_fs_context+0x4d/0xc0 [ 592.217620][T17263] v9fs_mount+0x7f/0x790 [ 592.221977][T17263] ? cap_capable+0x23f/0x280 [ 592.226573][T17263] legacy_get_tree+0xde/0x170 [ 592.231260][T17263] ? iterate_incfs_dir+0x370/0x370 [ 592.236588][T17263] vfs_get_tree+0x85/0x260 [ 592.241021][T17263] do_mount+0x18ab/0x2660 [ 592.245480][T17263] ? copy_mount_string+0x30/0x30 [ 592.250421][T17263] ? page_fault+0x2f/0x40 [ 592.254888][T17263] ? copy_mount_options+0x1e8/0x320 [ 592.260100][T17263] ? copy_mount_options+0x293/0x320 [ 592.265307][T17263] ksys_mount+0xc2/0xf0 [ 592.269470][T17263] __x64_sys_mount+0xb1/0xc0 [ 592.274071][T17263] do_syscall_64+0xcb/0x150 [ 592.278576][T17263] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 592.284480][T17263] RIP: 0033:0x45e219 [ 592.288374][T17263] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 592.307978][T17263] RSP: 002b:00007f422dcbdc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 592.316391][T17263] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 592.324366][T17263] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 592.332891][T17263] RBP: 00007f422dcbdca0 R08: 0000000020000580 R09: 0000000000000000 [ 592.341130][T17263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000010 [ 592.349188][T17263] R13: 00007ffc17d6516f R14: 00007f422dcbe9c0 R15: 000000000119c034 09:05:17 executing program 0 (fault-call:8 fault-nth:1): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:17 executing program 2 (fault-call:7 fault-nth:17): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 593.322630][T17273] FAULT_INJECTION: forcing a failure. [ 593.322630][T17273] name failslab, interval 1, probability 0, space 0, times 0 [ 593.323488][T17274] FAULT_INJECTION: forcing a failure. [ 593.323488][T17274] name failslab, interval 1, probability 0, space 0, times 0 [ 593.335383][T17273] CPU: 1 PID: 17273 Comm: syz-executor.0 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 593.358088][T17273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 593.368255][T17273] Call Trace: [ 593.371542][T17273] dump_stack+0x1dd/0x24e [ 593.375865][T17273] ? devkmsg_release+0x11c/0x11c [ 593.380847][T17273] ? show_regs_print_info+0x12/0x12 [ 593.386055][T17273] should_fail+0x6fb/0x860 [ 593.390461][T17273] ? setup_fault_attr+0x3d0/0x3d0 [ 593.395480][T17273] ? copy_mount_options+0x59/0x320 [ 593.401278][T17273] should_failslab+0x5/0x20 [ 593.405778][T17273] kmem_cache_alloc_trace+0x39/0x290 [ 593.411056][T17273] copy_mount_options+0x59/0x320 [ 593.415988][T17273] ? ksys_mount+0x86/0xf0 [ 593.420309][T17273] ksys_mount+0x97/0xf0 [ 593.424454][T17273] __x64_sys_mount+0xb1/0xc0 [ 593.429034][T17273] do_syscall_64+0xcb/0x150 [ 593.433527][T17273] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 593.439409][T17273] RIP: 0033:0x45e219 [ 593.443290][T17273] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 593.462910][T17273] RSP: 002b:00007f0b3fc46c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 593.471324][T17273] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 593.479295][T17273] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 593.487365][T17273] RBP: 00007f0b3fc46ca0 R08: 0000000020000580 R09: 0000000000000000 [ 593.495335][T17273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 593.503402][T17273] R13: 00007ffdd10d6f0f R14: 00007f0b3fc479c0 R15: 000000000119c034 [ 593.511579][T17274] CPU: 0 PID: 17274 Comm: syz-executor.2 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 593.521841][T17274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 593.531903][T17274] Call Trace: [ 593.535296][T17274] dump_stack+0x1dd/0x24e [ 593.539738][T17274] ? devkmsg_release+0x11c/0x11c [ 593.544658][T17274] ? show_regs_print_info+0x12/0x12 [ 593.549837][T17274] should_fail+0x6fb/0x860 [ 593.554243][T17274] ? setup_fault_attr+0x3d0/0x3d0 [ 593.559254][T17274] ? p9_fcall_init+0x117/0x200 [ 593.564034][T17274] should_failslab+0x5/0x20 [ 593.568519][T17274] __kmalloc+0x5f/0x2d0 [ 593.572665][T17274] ? p9_fcall_init+0x117/0x200 [ 593.577427][T17274] p9_fcall_init+0x117/0x200 [ 593.582304][T17274] p9_client_prepare_req+0x159/0x7e0 [ 593.587588][T17274] ? p9_client_create+0x81b/0xb90 [ 593.592596][T17274] ? v9fs_session_init+0x208/0x1a00 [ 593.597813][T17274] p9_client_rpc+0x12c/0xb80 [ 593.602391][T17274] ? _raw_spin_lock_irqsave+0xf8/0x210 [ 593.607887][T17274] ? p9_fid_create+0x260/0x260 [ 593.612640][T17274] ? __fget+0x37c/0x3c0 [ 593.616806][T17274] ? add_wait_queue+0x77/0x130 [ 593.621568][T17274] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 593.627354][T17274] p9_client_version+0x183/0x700 [ 593.632272][T17274] ? p9_conn_create+0x4a6/0x520 [ 593.637101][T17274] ? p9_fd_create+0x391/0x480 [ 593.641759][T17274] ? p9_client_create+0xb90/0xb90 [ 593.646761][T17274] ? p9_fd_create_unix+0x470/0x470 [ 593.651872][T17274] ? __kmalloc_track_caller+0x20e/0x2c0 [ 593.657454][T17274] ? kmemdup_nul+0x42/0xa0 [ 593.661872][T17274] p9_client_create+0x8e5/0xb90 [ 593.666720][T17274] ? p9_parse_header+0x6b0/0x6b0 [ 593.671641][T17274] ? __kasan_kmalloc+0x189/0x1c0 [ 593.676557][T17274] ? __kmalloc_track_caller+0x20e/0x2c0 [ 593.682080][T17274] ? vfs_get_tree+0x85/0x260 [ 593.686649][T17274] v9fs_session_init+0x208/0x1a00 [ 593.691665][T17274] ? v9fs_show_options+0x530/0x530 [ 593.696823][T17274] ? v9fs_mount+0x5c/0x790 [ 593.701279][T17274] ? v9fs_mount+0x5c/0x790 [ 593.705685][T17274] ? kmem_cache_alloc_trace+0xc3/0x290 [ 593.711122][T17274] v9fs_mount+0x7f/0x790 [ 593.715346][T17274] ? cap_capable+0x23f/0x280 [ 593.719920][T17274] legacy_get_tree+0xde/0x170 [ 593.724589][T17274] ? iterate_incfs_dir+0x370/0x370 [ 593.729699][T17274] vfs_get_tree+0x85/0x260 [ 593.734099][T17274] do_mount+0x18ab/0x2660 [ 593.738429][T17274] ? copy_mount_string+0x30/0x30 [ 593.743388][T17274] ? page_fault+0x2f/0x40 [ 593.747721][T17274] ? copy_mount_options+0x1e8/0x320 [ 593.752899][T17274] ? copy_mount_options+0x293/0x320 [ 593.758081][T17274] ksys_mount+0xc2/0xf0 [ 593.762244][T17274] __x64_sys_mount+0xb1/0xc0 [ 593.766834][T17274] do_syscall_64+0xcb/0x150 [ 593.771335][T17274] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 593.777215][T17274] RIP: 0033:0x45e219 [ 593.781127][T17274] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 593.800724][T17274] RSP: 002b:00007f4b79f3bc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 593.809613][T17274] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 593.817572][T17274] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 593.825524][T17274] RBP: 00007f4b79f3bca0 R08: 0000000020000580 R09: 0000000000000000 [ 593.833476][T17274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000011 [ 593.841585][T17274] R13: 00007ffc3488da1f R14: 00007f4b79f3c9c0 R15: 000000000119c034 09:05:19 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x0) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:19 executing program 1 (fault-call:8 fault-nth:17): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:19 executing program 0 (fault-call:8 fault-nth:2): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:19 executing program 2 (fault-call:7 fault-nth:18): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:19 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:19 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) [ 595.945768][T17285] FAULT_INJECTION: forcing a failure. [ 595.945768][T17285] name failslab, interval 1, probability 0, space 0, times 0 [ 595.947263][T17286] FAULT_INJECTION: forcing a failure. [ 595.947263][T17286] name failslab, interval 1, probability 0, space 0, times 0 [ 595.958777][T17285] CPU: 1 PID: 17285 Comm: syz-executor.2 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 595.958784][T17285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 595.958787][T17285] Call Trace: [ 595.958819][T17285] dump_stack+0x1dd/0x24e [ 595.999462][T17285] ? devkmsg_release+0x11c/0x11c [ 596.004413][T17285] ? stack_trace_save+0x120/0x1f0 [ 596.009435][T17285] ? show_regs_print_info+0x12/0x12 [ 596.014734][T17285] ? stack_trace_snprint+0x150/0x150 [ 596.020136][T17285] ? preempt_count_add+0x66/0x150 [ 596.025151][T17285] ? unwind_next_frame+0x1aa9/0x1f30 [ 596.030431][T17285] should_fail+0x6fb/0x860 [ 596.034853][T17285] ? setup_fault_attr+0x3d0/0x3d0 [ 596.040051][T17285] ? __kmalloc+0xe7/0x2d0 [ 596.044378][T17285] ? p9_fcall_init+0x117/0x200 [ 596.049144][T17285] ? p9_client_prepare_req+0x159/0x7e0 [ 596.052252][T17287] FAULT_INJECTION: forcing a failure. [ 596.052252][T17287] name failslab, interval 1, probability 0, space 0, times 0 [ 596.054731][T17285] ? p9_client_rpc+0x12c/0xb80 [ 596.072070][T17285] ? p9_client_version+0x183/0x700 [ 596.077173][T17285] ? v9fs_session_init+0x208/0x1a00 [ 596.082361][T17285] ? v9fs_mount+0x7f/0x790 [ 596.086778][T17285] ? legacy_get_tree+0xde/0x170 [ 596.091617][T17285] ? vfs_get_tree+0x85/0x260 [ 596.096203][T17285] ? do_mount+0x18ab/0x2660 [ 596.101136][T17285] ? radix_tree_node_alloc+0x194/0x3a0 [ 596.107117][T17285] should_failslab+0x5/0x20 [ 596.111612][T17285] kmem_cache_alloc+0x36/0x270 [ 596.116983][T17285] radix_tree_node_alloc+0x194/0x3a0 [ 596.122263][T17285] idr_get_free+0x2aa/0x880 [ 596.126847][T17285] idr_alloc+0x19f/0x300 [ 596.131102][T17285] ? debug_smp_processor_id+0x20/0x20 [ 596.136482][T17285] ? idr_alloc_u32+0x300/0x300 [ 596.141409][T17285] ? _raw_spin_lock_irq+0xa4/0x1b0 [ 596.146520][T17285] ? __radix_tree_preload+0x2c5/0x310 [ 596.151883][T17285] p9_client_prepare_req+0x396/0x7e0 [ 596.157285][T17285] ? p9_client_create+0x81b/0xb90 [ 596.162739][T17285] ? v9fs_session_init+0x208/0x1a00 [ 596.167983][T17285] p9_client_rpc+0x12c/0xb80 [ 596.172571][T17285] ? _raw_spin_lock_irqsave+0xf8/0x210 [ 596.178024][T17285] ? p9_fid_create+0x260/0x260 [ 596.182794][T17285] ? __fget+0x37c/0x3c0 [ 596.186958][T17285] ? add_wait_queue+0x77/0x130 [ 596.191721][T17285] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 596.197526][T17285] p9_client_version+0x183/0x700 [ 596.202464][T17285] ? p9_conn_create+0x4a6/0x520 [ 596.207313][T17285] ? p9_fd_create+0x391/0x480 [ 596.211990][T17285] ? p9_client_create+0xb90/0xb90 [ 596.217019][T17285] ? p9_fd_create_unix+0x470/0x470 [ 596.222422][T17285] ? __kmalloc_track_caller+0x20e/0x2c0 [ 596.227996][T17285] ? kmemdup_nul+0x42/0xa0 [ 596.232403][T17285] p9_client_create+0x8e5/0xb90 [ 596.237379][T17285] ? p9_parse_header+0x6b0/0x6b0 [ 596.243899][T17285] ? __kasan_kmalloc+0x189/0x1c0 [ 596.248844][T17285] ? __kmalloc_track_caller+0x20e/0x2c0 [ 596.254386][T17285] ? vfs_get_tree+0x85/0x260 [ 596.258970][T17285] v9fs_session_init+0x208/0x1a00 [ 596.263996][T17285] ? v9fs_show_options+0x530/0x530 [ 596.269285][T17285] ? v9fs_mount+0x5c/0x790 [ 596.273718][T17285] ? kmem_cache_alloc_trace+0xc3/0x290 [ 596.279176][T17285] ? legacy_init_fs_context+0x4d/0xc0 [ 596.284544][T17285] v9fs_mount+0x7f/0x790 [ 596.288779][T17285] ? cap_capable+0x23f/0x280 [ 596.293363][T17285] legacy_get_tree+0xde/0x170 [ 596.298639][T17285] ? iterate_incfs_dir+0x370/0x370 [ 596.304524][T17285] vfs_get_tree+0x85/0x260 [ 596.308937][T17285] do_mount+0x18ab/0x2660 [ 596.313364][T17285] ? copy_mount_string+0x30/0x30 [ 596.318289][T17285] ? page_fault+0x2f/0x40 [ 596.322627][T17285] ? copy_mount_options+0x1e8/0x320 [ 596.327817][T17285] ? copy_mount_options+0x293/0x320 [ 596.333114][T17285] ksys_mount+0xc2/0xf0 [ 596.337265][T17285] __x64_sys_mount+0xb1/0xc0 [ 596.341917][T17285] do_syscall_64+0xcb/0x150 [ 596.346429][T17285] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 596.352833][T17285] RIP: 0033:0x45e219 [ 596.356734][T17285] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 596.376494][T17285] RSP: 002b:00007f4b79f3bc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 596.384914][T17285] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 596.392903][T17285] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 596.400869][T17285] RBP: 00007f4b79f3bca0 R08: 0000000020000580 R09: 0000000000000000 [ 596.408852][T17285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000012 [ 596.416814][T17285] R13: 00007ffc3488da1f R14: 00007f4b79f3c9c0 R15: 000000000119c034 [ 596.424796][T17286] CPU: 0 PID: 17286 Comm: syz-executor.0 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 596.434953][T17286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 596.445006][T17286] Call Trace: [ 596.448311][T17286] dump_stack+0x1dd/0x24e [ 596.452652][T17286] ? devkmsg_release+0x11c/0x11c [ 596.457591][T17286] ? show_regs_print_info+0x12/0x12 [ 596.462803][T17286] should_fail+0x6fb/0x860 [ 596.467222][T17286] ? setup_fault_attr+0x3d0/0x3d0 [ 596.472251][T17286] ? getname_flags+0xb8/0x610 [ 596.477038][T17286] should_failslab+0x5/0x20 [ 596.481540][T17286] kmem_cache_alloc+0x36/0x270 [ 596.486325][T17286] getname_flags+0xb8/0x610 [ 596.490830][T17286] user_path_at_empty+0x28/0x50 [ 596.495677][T17286] do_mount+0x167/0x2660 [ 596.500078][T17286] ? copy_mount_string+0x30/0x30 [ 596.505012][T17286] ? page_fault+0x2f/0x40 [ 596.509337][T17286] ? copy_mount_options+0x1e8/0x320 [ 596.514635][T17286] ? copy_mount_options+0x293/0x320 [ 596.519836][T17286] ksys_mount+0xc2/0xf0 [ 596.523990][T17286] __x64_sys_mount+0xb1/0xc0 [ 596.528578][T17286] do_syscall_64+0xcb/0x150 [ 596.533080][T17286] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 596.539059][T17286] RIP: 0033:0x45e219 [ 596.542952][T17286] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 596.562560][T17286] RSP: 002b:00007f0b3fc46c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 596.570975][T17286] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 596.578951][T17286] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 596.586924][T17286] RBP: 00007f0b3fc46ca0 R08: 0000000020000580 R09: 0000000000000000 [ 596.594893][T17286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 596.602865][T17286] R13: 00007ffdd10d6f0f R14: 00007f0b3fc479c0 R15: 000000000119c034 [ 596.610894][T17287] CPU: 1 PID: 17287 Comm: syz-executor.1 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 596.621282][T17287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 596.631681][T17287] Call Trace: [ 596.635061][T17287] dump_stack+0x1dd/0x24e [ 596.639386][T17287] ? devkmsg_release+0x11c/0x11c [ 596.644328][T17287] ? show_regs_print_info+0x12/0x12 [ 596.649528][T17287] should_fail+0x6fb/0x860 [ 596.653945][T17287] ? setup_fault_attr+0x3d0/0x3d0 [ 596.658973][T17287] ? p9_fcall_init+0x117/0x200 [ 596.665301][T17287] should_failslab+0x5/0x20 [ 596.669839][T17287] __kmalloc+0x5f/0x2d0 [ 596.673998][T17287] ? p9_fcall_init+0x117/0x200 [ 596.678762][T17287] p9_fcall_init+0x117/0x200 [ 596.683351][T17287] p9_client_prepare_req+0x159/0x7e0 [ 596.688645][T17287] ? p9_client_create+0x81b/0xb90 [ 596.693663][T17287] ? v9fs_session_init+0x208/0x1a00 [ 596.698858][T17287] p9_client_rpc+0x12c/0xb80 [ 596.703451][T17287] ? _raw_spin_lock_irqsave+0xf8/0x210 [ 596.709065][T17287] ? p9_fid_create+0x260/0x260 [ 596.713831][T17287] ? __fget+0x37c/0x3c0 [ 596.717983][T17287] ? add_wait_queue+0x77/0x130 [ 596.722746][T17287] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 596.728550][T17287] p9_client_version+0x183/0x700 [ 596.733485][T17287] ? p9_conn_create+0x4a6/0x520 [ 596.738938][T17287] ? p9_fd_create+0x391/0x480 [ 596.743625][T17287] ? p9_client_create+0xb90/0xb90 [ 596.748666][T17287] ? p9_fd_create_unix+0x470/0x470 [ 596.753779][T17287] ? __kmalloc_track_caller+0x20e/0x2c0 [ 596.759326][T17287] ? kmemdup_nul+0x42/0xa0 [ 596.763768][T17287] p9_client_create+0x8e5/0xb90 [ 596.768718][T17287] ? p9_parse_header+0x6b0/0x6b0 [ 596.773740][T17287] ? __kasan_kmalloc+0x189/0x1c0 [ 596.778767][T17287] ? __kmalloc_track_caller+0x20e/0x2c0 [ 596.784318][T17287] ? vfs_get_tree+0x85/0x260 [ 596.788895][T17287] v9fs_session_init+0x208/0x1a00 [ 596.794071][T17287] ? v9fs_show_options+0x530/0x530 [ 596.799167][T17287] ? v9fs_mount+0x5c/0x790 [ 596.803562][T17287] ? kmem_cache_alloc_trace+0xc3/0x290 [ 596.808996][T17287] ? legacy_init_fs_context+0x4d/0xc0 [ 596.814347][T17287] v9fs_mount+0x7f/0x790 [ 596.818763][T17287] ? cap_capable+0x23f/0x280 [ 596.823342][T17287] legacy_get_tree+0xde/0x170 [ 596.828006][T17287] ? iterate_incfs_dir+0x370/0x370 [ 596.833096][T17287] vfs_get_tree+0x85/0x260 [ 596.837493][T17287] do_mount+0x18ab/0x2660 [ 596.841802][T17287] ? copy_mount_string+0x30/0x30 [ 596.846727][T17287] ? page_fault+0x2f/0x40 [ 596.851063][T17287] ? copy_mount_options+0x1e8/0x320 [ 596.856253][T17287] ? copy_mount_options+0x293/0x320 [ 596.861454][T17287] ksys_mount+0xc2/0xf0 [ 596.865685][T17287] __x64_sys_mount+0xb1/0xc0 [ 596.870273][T17287] do_syscall_64+0xcb/0x150 [ 596.874756][T17287] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 596.880624][T17287] RIP: 0033:0x45e219 [ 596.884491][T17287] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 596.904077][T17287] RSP: 002b:00007f422dcbdc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 596.912488][T17287] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 596.920439][T17287] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 596.928403][T17287] RBP: 00007f422dcbdca0 R08: 0000000020000580 R09: 0000000000000000 [ 596.936373][T17287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000011 09:05:21 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:21 executing program 0 (fault-call:8 fault-nth:3): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 596.944857][T17287] R13: 00007ffc17d6516f R14: 00007f422dcbe9c0 R15: 000000000119c034 09:05:21 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 597.038967][T17308] FAULT_INJECTION: forcing a failure. [ 597.038967][T17308] name failslab, interval 1, probability 0, space 0, times 0 [ 597.051713][T17308] CPU: 0 PID: 17308 Comm: syz-executor.0 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 597.061970][T17308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 597.072006][T17308] Call Trace: [ 597.075294][T17308] dump_stack+0x1dd/0x24e [ 597.079637][T17308] ? devkmsg_release+0x11c/0x11c [ 597.084560][T17308] ? show_regs_print_info+0x12/0x12 [ 597.089765][T17308] should_fail+0x6fb/0x860 [ 597.094229][T17308] ? setup_fault_attr+0x3d0/0x3d0 [ 597.099248][T17308] ? alloc_fs_context+0x61/0x650 [ 597.104189][T17308] should_failslab+0x5/0x20 [ 597.108704][T17308] kmem_cache_alloc_trace+0x39/0x290 [ 597.113989][T17308] alloc_fs_context+0x61/0x650 [ 597.118758][T17308] ? _raw_read_unlock+0x21/0x40 [ 597.123611][T17308] ? get_fs_type+0x410/0x490 [ 597.128219][T17308] do_mount+0x12d1/0x2660 [ 597.132570][T17308] ? copy_mount_string+0x30/0x30 [ 597.137506][T17308] ? page_fault+0x2f/0x40 [ 597.141843][T17308] ? copy_mount_options+0x1e8/0x320 [ 597.147303][T17308] ? copy_mount_options+0x293/0x320 [ 597.152536][T17308] ksys_mount+0xc2/0xf0 [ 597.156724][T17308] __x64_sys_mount+0xb1/0xc0 [ 597.161314][T17308] do_syscall_64+0xcb/0x150 [ 597.165826][T17308] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 597.171718][T17308] RIP: 0033:0x45e219 [ 597.175609][T17308] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 597.195210][T17308] RSP: 002b:00007f0b3fc46c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 597.203645][T17308] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 597.211617][T17308] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 597.219584][T17308] RBP: 00007f0b3fc46ca0 R08: 0000000020000580 R09: 0000000000000000 [ 597.227554][T17308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 597.235699][T17308] R13: 00007ffdd10d6f0f R14: 00007f0b3fc479c0 R15: 000000000119c034 09:05:22 executing program 0 (fault-call:8 fault-nth:4): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:22 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x2, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:22 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x2, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 598.464802][T17322] FAULT_INJECTION: forcing a failure. [ 598.464802][T17322] name failslab, interval 1, probability 0, space 0, times 0 [ 598.477479][T17322] CPU: 1 PID: 17322 Comm: syz-executor.0 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 598.487623][T17322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 598.497678][T17322] Call Trace: [ 598.500979][T17322] dump_stack+0x1dd/0x24e [ 598.505341][T17322] ? devkmsg_release+0x11c/0x11c [ 598.511085][T17322] ? show_regs_print_info+0x12/0x12 [ 598.516313][T17322] should_fail+0x6fb/0x860 [ 598.520820][T17322] ? setup_fault_attr+0x3d0/0x3d0 [ 598.525849][T17322] ? refcount_inc_not_zero_checked+0x1a6/0x280 [ 598.532008][T17322] ? legacy_init_fs_context+0x4d/0xc0 [ 598.537480][T17322] should_failslab+0x5/0x20 [ 598.541994][T17322] kmem_cache_alloc_trace+0x39/0x290 [ 598.547298][T17322] legacy_init_fs_context+0x4d/0xc0 [ 598.552515][T17322] alloc_fs_context+0x510/0x650 [ 598.558333][T17322] do_mount+0x12d1/0x2660 [ 598.562721][T17322] ? copy_mount_string+0x30/0x30 [ 598.567822][T17322] ? page_fault+0x2f/0x40 [ 598.572432][T17322] ? copy_mount_options+0x1e8/0x320 [ 598.577680][T17322] ? copy_mount_options+0x293/0x320 [ 598.582904][T17322] ksys_mount+0xc2/0xf0 [ 598.587346][T17322] __x64_sys_mount+0xb1/0xc0 [ 598.591966][T17322] do_syscall_64+0xcb/0x150 [ 598.596603][T17322] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 598.602496][T17322] RIP: 0033:0x45e219 [ 598.606385][T17322] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 598.627840][T17322] RSP: 002b:00007f0b3fc46c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 598.636263][T17322] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 598.644321][T17322] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 598.652639][T17322] RBP: 00007f0b3fc46ca0 R08: 0000000020000580 R09: 0000000000000000 [ 598.661043][T17322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 598.669115][T17322] R13: 00007ffdd10d6f0f R14: 00007f0b3fc479c0 R15: 000000000119c034 09:05:24 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x0) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:24 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:24 executing program 0 (fault-call:8 fault-nth:5): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:24 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x8, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:24 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x8, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:24 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 600.237384][T17344] FAULT_INJECTION: forcing a failure. [ 600.237384][T17344] name failslab, interval 1, probability 0, space 0, times 0 [ 600.250837][T17344] CPU: 1 PID: 17344 Comm: syz-executor.0 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 600.261951][T17344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 600.272114][T17344] Call Trace: [ 600.275404][T17344] dump_stack+0x1dd/0x24e [ 600.279744][T17344] ? devkmsg_release+0x11c/0x11c [ 600.284680][T17344] ? avc_has_perm_noaudit+0x30c/0x400 [ 600.290083][T17344] ? show_regs_print_info+0x12/0x12 [ 600.295298][T17344] ? avc_denied+0x1c0/0x1c0 [ 600.299803][T17344] should_fail+0x6fb/0x860 [ 600.304233][T17344] ? setup_fault_attr+0x3d0/0x3d0 [ 600.309287][T17344] ? cred_has_capability+0x1b1/0x410 [ 600.314567][T17344] ? cred_has_capability+0x2c3/0x410 [ 600.319860][T17344] ? v9fs_mount+0x5c/0x790 [ 600.324385][T17344] should_failslab+0x5/0x20 [ 600.328909][T17344] kmem_cache_alloc_trace+0x39/0x290 [ 600.334201][T17344] ? legacy_init_fs_context+0x4d/0xc0 [ 600.339603][T17344] v9fs_mount+0x5c/0x790 [ 600.346214][T17344] ? cap_capable+0x23f/0x280 [ 600.350820][T17344] legacy_get_tree+0xde/0x170 [ 600.356974][T17344] ? iterate_incfs_dir+0x370/0x370 [ 600.362792][T17344] vfs_get_tree+0x85/0x260 [ 600.367207][T17344] do_mount+0x18ab/0x2660 [ 600.371536][T17344] ? copy_mount_string+0x30/0x30 [ 600.376464][T17344] ? page_fault+0x2f/0x40 [ 600.380906][T17344] ? copy_mount_options+0x1e8/0x320 [ 600.386127][T17344] ? copy_mount_options+0x293/0x320 [ 600.391344][T17344] ksys_mount+0xc2/0xf0 [ 600.395500][T17344] __x64_sys_mount+0xb1/0xc0 [ 600.400288][T17344] do_syscall_64+0xcb/0x150 [ 600.406180][T17344] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 600.413299][T17344] RIP: 0033:0x45e219 [ 600.417213][T17344] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 600.437787][T17344] RSP: 002b:00007f0b3fc46c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 600.447057][T17344] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 600.455266][T17344] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 600.463712][T17344] RBP: 00007f0b3fc46ca0 R08: 0000000020000580 R09: 0000000000000000 [ 600.471845][T17344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 600.480345][T17344] R13: 00007ffdd10d6f0f R14: 00007f0b3fc479c0 R15: 000000000119c034 09:05:25 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:25 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xa, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:25 executing program 0 (fault-call:8 fault-nth:6): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:25 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0xa, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 601.162893][T17376] FAULT_INJECTION: forcing a failure. [ 601.162893][T17376] name failslab, interval 1, probability 0, space 0, times 0 [ 601.175592][T17376] CPU: 0 PID: 17376 Comm: syz-executor.0 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 601.187247][T17376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 601.197301][T17376] Call Trace: [ 601.200602][T17376] dump_stack+0x1dd/0x24e [ 601.204931][T17376] ? devkmsg_release+0x11c/0x11c [ 601.209872][T17376] ? show_regs_print_info+0x12/0x12 [ 601.215065][T17376] ? stack_trace_save+0x120/0x1f0 [ 601.220087][T17376] should_fail+0x6fb/0x860 [ 601.224538][T17376] ? setup_fault_attr+0x3d0/0x3d0 [ 601.229585][T17376] ? __kasan_kmalloc+0x189/0x1c0 [ 601.234521][T17376] ? v9fs_session_init+0xaf/0x1a00 [ 601.240370][T17376] should_failslab+0x5/0x20 [ 601.244913][T17376] __kmalloc_track_caller+0x5d/0x2c0 [ 601.250288][T17376] ? vfs_get_tree+0x85/0x260 [ 601.254886][T17376] ? do_mount+0x18ab/0x2660 [ 601.259592][T17376] ? ksys_mount+0xc2/0xf0 [ 601.264015][T17376] ? __x64_sys_mount+0xb1/0xc0 [ 601.268871][T17376] kstrdup+0x31/0x70 [ 601.272759][T17376] v9fs_session_init+0xaf/0x1a00 [ 601.277690][T17376] ? v9fs_show_options+0x530/0x530 [ 601.282800][T17376] ? v9fs_mount+0x5c/0x790 [ 601.287204][T17376] ? v9fs_mount+0x5c/0x790 [ 601.291613][T17376] ? kmem_cache_alloc_trace+0xc3/0x290 [ 601.297499][T17376] v9fs_mount+0x7f/0x790 [ 601.301734][T17376] ? cap_capable+0x23f/0x280 [ 601.306327][T17376] legacy_get_tree+0xde/0x170 [ 601.310993][T17376] ? iterate_incfs_dir+0x370/0x370 [ 601.316185][T17376] vfs_get_tree+0x85/0x260 [ 601.320601][T17376] do_mount+0x18ab/0x2660 [ 601.324946][T17376] ? copy_mount_string+0x30/0x30 [ 601.329900][T17376] ? page_fault+0x2f/0x40 [ 601.334421][T17376] ? copy_mount_options+0x1e8/0x320 [ 601.340476][T17376] ? copy_mount_options+0x293/0x320 [ 601.345692][T17376] ksys_mount+0xc2/0xf0 [ 601.349862][T17376] __x64_sys_mount+0xb1/0xc0 [ 601.354489][T17376] do_syscall_64+0xcb/0x150 [ 601.358997][T17376] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 601.364888][T17376] RIP: 0033:0x45e219 [ 601.368776][T17376] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 601.388748][T17376] RSP: 002b:00007f0b3fc46c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 601.397155][T17376] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 601.405482][T17376] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 09:05:25 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 601.413458][T17376] RBP: 00007f0b3fc46ca0 R08: 0000000020000580 R09: 0000000000000000 [ 601.421693][T17376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 601.429665][T17376] R13: 00007ffdd10d6f0f R14: 00007f0b3fc479c0 R15: 000000000119c034 09:05:25 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:26 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(0xffffffffffffffff, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:26 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x10, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:26 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x10, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:26 executing program 0 (fault-call:8 fault-nth:7): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 602.063621][T17400] FAULT_INJECTION: forcing a failure. [ 602.063621][T17400] name failslab, interval 1, probability 0, space 0, times 0 [ 602.077149][T17400] CPU: 0 PID: 17400 Comm: syz-executor.0 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 602.087303][T17400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 602.097393][T17400] Call Trace: [ 602.100780][T17400] dump_stack+0x1dd/0x24e [ 602.105136][T17400] ? devkmsg_release+0x11c/0x11c [ 602.110081][T17400] ? show_regs_print_info+0x12/0x12 [ 602.115280][T17400] should_fail+0x6fb/0x860 [ 602.119703][T17400] ? setup_fault_attr+0x3d0/0x3d0 [ 602.125256][T17400] ? __kasan_kmalloc+0x189/0x1c0 [ 602.130204][T17400] ? v9fs_session_init+0xfa/0x1a00 [ 602.135659][T17400] should_failslab+0x5/0x20 [ 602.140531][T17400] __kmalloc_track_caller+0x5d/0x2c0 [ 602.145821][T17400] ? vfs_get_tree+0x85/0x260 [ 602.151376][T17400] ? kstrdup+0x4c/0x70 [ 602.157191][T17400] kstrdup+0x31/0x70 [ 602.161646][T17400] v9fs_session_init+0xfa/0x1a00 [ 602.166687][T17400] ? v9fs_show_options+0x530/0x530 [ 602.171875][T17400] ? v9fs_mount+0x5c/0x790 [ 602.176294][T17400] ? kmem_cache_alloc_trace+0xc3/0x290 [ 602.183664][T17400] ? legacy_init_fs_context+0x4d/0xc0 [ 602.189385][T17400] v9fs_mount+0x7f/0x790 [ 602.194077][T17400] ? cap_capable+0x23f/0x280 [ 602.199171][T17400] legacy_get_tree+0xde/0x170 [ 602.203842][T17400] ? iterate_incfs_dir+0x370/0x370 [ 602.209021][T17400] vfs_get_tree+0x85/0x260 [ 602.213422][T17400] do_mount+0x18ab/0x2660 [ 602.217737][T17400] ? copy_mount_string+0x30/0x30 [ 602.222666][T17400] ? page_fault+0x2f/0x40 [ 602.226997][T17400] ? copy_mount_options+0x1e8/0x320 [ 602.232177][T17400] ? copy_mount_options+0x293/0x320 [ 602.237358][T17400] ksys_mount+0xc2/0xf0 [ 602.241585][T17400] __x64_sys_mount+0xb1/0xc0 [ 602.246157][T17400] do_syscall_64+0xcb/0x150 [ 602.250642][T17400] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 602.256521][T17400] RIP: 0033:0x45e219 [ 602.260408][T17400] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 602.280001][T17400] RSP: 002b:00007f0b3fc46c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 602.288399][T17400] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 602.296355][T17400] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 602.304402][T17400] RBP: 00007f0b3fc46ca0 R08: 0000000020000580 R09: 0000000000000000 09:05:26 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket(0x10, 0x3, 0x0) write(0xffffffffffffffff, &(0x7f0000000140)="240000001a005f0014f9f4070009090002008000000000000000000008001b003a", 0x21) write$binfmt_misc(r3, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r2, 0x0, r4, 0x0, 0x4ffe0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) fcntl$setpipe(r5, 0x407, 0x1) write$binfmt_aout(r5, &(0x7f0000000180)={{0x188, 0x0, 0x1f, 0x328, 0x4f, 0x7f800, 0x398, 0x1}, "fb5447a23b5622a585dd7af1984d0d1f0963a17c6f9610ccc67ddf4847fa2955b356708bfbaf51bc64256cbea20654f71d8df77b0cd49c29c921763cac5c7522", [[], [], []]}, 0x360) [ 602.312370][T17400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 602.321207][T17400] R13: 00007ffdd10d6f0f R14: 00007f0b3fc479c0 R15: 000000000119c034 [ 602.446152][T17409] netlink: 'syz-executor.5': attribute type 27 has an invalid length. 09:05:26 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:26 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x22, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:26 executing program 0 (fault-call:8 fault-nth:8): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:26 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x22, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 602.918177][T17430] FAULT_INJECTION: forcing a failure. [ 602.918177][T17430] name failslab, interval 1, probability 0, space 0, times 0 [ 602.930838][T17430] CPU: 0 PID: 17430 Comm: syz-executor.0 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 602.941004][T17430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 602.951067][T17430] Call Trace: [ 602.954359][T17430] dump_stack+0x1dd/0x24e [ 602.958732][T17430] ? devkmsg_release+0x11c/0x11c [ 602.963707][T17430] ? show_regs_print_info+0x12/0x12 [ 602.968898][T17430] ? __kasan_kmalloc+0x189/0x1c0 [ 602.974086][T17430] should_fail+0x6fb/0x860 [ 602.978679][T17430] ? setup_fault_attr+0x3d0/0x3d0 [ 602.983695][T17430] ? p9_client_create+0xc4/0xb90 [ 602.988718][T17430] should_failslab+0x5/0x20 [ 602.993929][T17430] kmem_cache_alloc_trace+0x39/0x290 [ 602.999350][T17430] p9_client_create+0xc4/0xb90 [ 603.004096][T17430] ? p9_parse_header+0x6b0/0x6b0 [ 603.009467][T17430] ? __kasan_kmalloc+0x189/0x1c0 [ 603.014414][T17430] ? v9fs_session_init+0xfa/0x1a00 [ 603.019505][T17430] ? __kmalloc_track_caller+0x20e/0x2c0 [ 603.025086][T17430] ? vfs_get_tree+0x85/0x260 [ 603.030215][T17430] ? kstrdup+0x4c/0x70 [ 603.034587][T17430] v9fs_session_init+0x208/0x1a00 [ 603.040355][T17430] ? v9fs_show_options+0x530/0x530 [ 603.045485][T17430] ? v9fs_mount+0x5c/0x790 [ 603.050045][T17430] ? kmem_cache_alloc_trace+0xc3/0x290 [ 603.055819][T17430] ? legacy_init_fs_context+0x4d/0xc0 [ 603.061188][T17430] v9fs_mount+0x7f/0x790 [ 603.065414][T17430] ? cap_capable+0x23f/0x280 [ 603.069986][T17430] legacy_get_tree+0xde/0x170 [ 603.074673][T17430] ? iterate_incfs_dir+0x370/0x370 [ 603.079794][T17430] vfs_get_tree+0x85/0x260 [ 603.084194][T17430] do_mount+0x18ab/0x2660 [ 603.088692][T17430] ? copy_mount_string+0x30/0x30 [ 603.093682][T17430] ? page_fault+0x2f/0x40 [ 603.097998][T17430] ? copy_mount_options+0x1e8/0x320 [ 603.103382][T17430] ? copy_mount_options+0x293/0x320 [ 603.108583][T17430] ksys_mount+0xc2/0xf0 [ 603.112722][T17430] __x64_sys_mount+0xb1/0xc0 [ 603.117392][T17430] do_syscall_64+0xcb/0x150 [ 603.122084][T17430] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 603.128352][T17430] RIP: 0033:0x45e219 [ 603.132504][T17430] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 603.155347][T17430] RSP: 002b:00007f0b3fc46c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 09:05:27 executing program 5: open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0) r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) ftruncate(r0, 0x8200) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) recvmmsg(0xffffffffffffffff, &(0x7f0000005280)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) madvise(&(0x7f0000003000/0x4000)=nil, 0x4000, 0x9) [ 603.164987][T17430] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 603.172997][T17430] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 603.181004][T17430] RBP: 00007f0b3fc46ca0 R08: 0000000020000580 R09: 0000000000000000 [ 603.189527][T17430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008 [ 603.198687][T17430] R13: 00007ffdd10d6f0f R14: 00007f0b3fc479c0 R15: 000000000119c034 09:05:27 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(0xffffffffffffffff, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:27 executing program 5: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000180)='sysfs\x00', 0x0, 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) chdir(&(0x7f0000000040)='./file0\x00') r0 = inotify_init() r1 = open(&(0x7f0000000100)='./file0\x00', 0x20402, 0x54) inotify_add_watch(r1, &(0x7f0000000140)='./file0\x00', 0x100005c4) inotify_add_watch(r0, &(0x7f0000000200)='./file0/bus\x00', 0x22000828) umount2(&(0x7f00000000c0)='./file0\x00', 0x0) 09:05:27 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r1 = perf_event_open(&(0x7f0000000280)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x203, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x6}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x32600) clone(0x3000000a0160101, 0x0, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10010, r2, 0xaf6fa000) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[@ANYRES16=r1], 0x1037) setuid(0xee01) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0xe, &(0x7f0000000c80)=ANY=[@ANYBLOB="b702000000400400bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000000000812d6405000000000025040000010000001704000009000a40b7040000000100006a0a00fe00000000850000001a000000b7000000000000009500000000000000a93e90832ff9d40a409f01f6147c8f6fd267bf410e76c540106f89ec68823ce3c4bcc4ce81e97719ea969f2a019a6137ad1efc966f1cfdd2f673efc20c07ec082bc6de68ab0a5ebf4ee60253516cc871311ab25868e17ae6525ae25fd8d9a014263697ca83c57fc2ead0d85a2bcc922a3aa71489fa0000c1a6ec9aa2e28000004bcff56cf5a84cefb43ea72351190a711fd2b83a3596d80729476ab7140606791e81960ea313ea74c2cde2dedd424a4596f98e3e70a6f1d8abce75f01dbb60bdf7316a4fed35f16ae8b3aa4c6dd4880c76e5837f39a161b050abc5a34588ea19114caebb799d1084e7113c77ae25a0121de52e5e8cceddf2cb4b9895c0738fda3ea38c09e75b1f39ae8af2c746fbb43e3530767d8ee296487c0e650ead9003d032008fee2e02ece680c0d3d19b2b62fc202240219f497e89548a2977f86137ecb5753dfc87f148ed2392ef113cbe241a98b4e8f3bf878f1dc0e115dd1c328f54369bc8dfd3a4ea21259ed518ae80606ef83d69b9d0d972b2231d05b2e31d61bf49ca69bdb0f57d5f16769d1605e8045c6880b425f8575f863a7e1b7174281ab87fba93555853df9dbd3da536d88168217230eabfaf7ff9b0146acffea06f3b0ba7b7357ba84c953523e92ee8cc4d8be00500000095e31139b76417432c305d59cb68bff089979504c71418bd62ec60cfae7d75ce2adc8d4b2eabae5937b47e07da3f62be170ac03c7ae91659fc79fc36c84dd1b2b8972c5c2544e3b50acd3b00000000000d62fae930c2308e2401bb761565ac4eda4ca118eb275d0000000000000000000000000000a52d598dbcfeb90dd310175435c843624027f7d55431a5756e4be9698bcd550c272c391cf24ea56d016e1f21b5999e1448f8784db6a9d4f36ec14cc67fcdd41c8ba146dc7d3fb07df9687b95efcd74ad8d0b15234dab4da83fa33391a2925b49f6040087cfaa9f83a6cdb0e031d9eb6cbff6eba616992f3ba67394a543c3210d8def880b2c07661cf7268ec32ac38db9d3062571ec8eb3290bb4a823674e89cf1716d4bc9fac0c47d854632a1d943a9dc58e6f4d0b687a055983a46fdd52f3c87506ae419c604f62b56ad1420eca5484ee0092563332124c612f4b79f2763a22ded1c69fc42465ed5ba385d6be8843ee4f48c9c913c00ffb64c7d815313aa7081505001fe82a4e044e76d8cd4c3ee7460ec713f1048c453393734b3b7e85dbf2fff1ef1ad15024f9439039dc0000000000008151d0ab35986dd000"/1024], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x0, 0xed, 0x80, &(0x7f0000000300)="7cd807cfcc0b6f09b205673d855f56a01e14cfa08c074339ce3826214b01769f933783a7bcbb7e615e0a2575fa4b526dc9a8460d79fd935152a6e8135d636ac87ccaeec0f52d8df81fb45dbd7bc9edaa04c704188e4233036f0e55175ce040ae76f65912d8c6f5e6b55a32881789222aca9c1b6f40eb04098457795cbed90c6f4db96d8d24860269c309f8be0198608feff4fe2e408b9f4dca823ca54e94017bc00665f41b987791fe28cb7a773f42e8dfecd20a018fd0260c1ab28401253b49b6ca8d8528148138c2eb6bcbfaf00750bc37f76c1092eb65eb8425d2f36783d257ab3d2f3633128d8c81f26a0d", &(0x7f0000000400)=""/128, 0x40, 0x0, 0x15, 0x80, &(0x7f0000000240)="8b44c970418a9f149c6c6f32ad1a824f341ee0b34c", &(0x7f0000000480)="cf1954b30a52304cf60cf3c23a52d99c4371f1b7c29cdfcdb8fb80febc55460bb66e5d23ac190bcd43beb468948b4dc2104a81639ca2182ecd9780616a83742b1d465d5605f95375fffda4b7a41fa000745200c8dfff9828dbcdf71db0d85d3b6d7266e675f0be082c96dfe58dabe37045246eccc7ff579d8fae8b227e0adaa2", 0x1, 0x9}, 0x48) vmsplice(r4, &(0x7f0000000040)=[{&(0x7f0000000580)="e2ceed9867c31b59685c1daf6fc111d0fd9e918ac534c1e931bf517dbe1bb2353398de53b74fca978ebac8d9c47d8938abadd66735710000000000000078185b38ddaa316f949146fcf0f3f57c3aa2b18f103aa3381b02", 0x57}], 0x1, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) r6 = dup3(r2, r5, 0x0) epoll_ctl$EPOLL_CTL_MOD(r6, 0x3, r2, &(0x7f0000000200)={0x20000000}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) 09:05:27 executing program 5: r0 = openat$tcp_mem(0xffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='fd/3\x00') preadv(r0, &(0x7f0000001340)=[{&(0x7f00000010c0)=""/63, 0x3f}, {&(0x7f0000001100)}, {&(0x7f0000001140)=""/217, 0xd9}, {&(0x7f0000001240)=""/228, 0xe4}], 0x4, 0x3, 0x6) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_TIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000000)) setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000001480)={@in={{0x2, 0x4e21, @broadcast}}, 0x0, 0x0, 0x3a, 0x0, "cf593393c6f678c52fce69181e5f1165d3f6cf3f077db701c20937e62ca8c2c90fe4a9bc102c40e2ddea0d446d2968b487921922a09d1da1860e27952ea42f6eb3a4e821539f6770fe84167ad7196497"}, 0xd8) preadv(r1, &(0x7f00000017c0), 0x333, 0x2, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000001100)='./file0\x00', 0x4000, 0x20) 09:05:27 executing program 5: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) removexattr(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)=@random={'system.', 'user.incfs.size\x00'}) stat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)) setxattr$incfs_size(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='user.incfs.size\x00', &(0x7f00000001c0)=0x1, 0x8, 0x2) write$binfmt_elf32(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="7f454c4600000000000000000000000000000000000000000000000038000000000000000000000000002000000020000000000000000000000000000000000000000000000000000000090000000000000000000000000005ef9d71f67f4baa55e1f76115c6ae650751056164d81a5f25fb49cc2977974cb3a0c8431d1f7359032606160886096b5bb387f44c163b01a24f872d4969a44ec6fa2d2f6e7ed426e609dcaa8219f5a6d62ca1722941673576d90c29eb202f0939f6217538ceb4dc88bcb9464bcff90fc95252f65a8c3284f27e4c19319451848c8054bc5d26d9061b3b18440bc4000000000000000021e764b1c595b3f859ffac9f2b10f0923f2101cdf482eb5da38b85d4450f3df23aceba699979dbab5a6b0bc56fae624a66fd7040491d91404eebfdf6ab3102cd"], 0x200002d8) fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000000000)='trusted.overlay.nlink\x00', 0x0, 0x0, 0x0) 09:05:27 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) 09:05:27 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0xa00, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:27 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xa00, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:27 executing program 0 (fault-call:8 fault-nth:9): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:27 executing program 5: perf_event_open(&(0x7f00000012c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000040)={&(0x7f0000000140)=@can_newroute={0x4c, 0x18, 0x300, 0x70bd26, 0x5, {0x1d, 0x1, 0x2}, [@CGW_MOD_SET={0x15, 0x4, {{{0x0, 0x0, 0x1}, 0x2, 0x1, 0x0, 0x0, "de9fa1f2842eb8d5"}, 0x1}}, @CGW_DST_IF={0x8}, @CGW_MOD_XOR={0x15, 0x3, {{{0x4}, 0x3, 0x2, 0x0, 0x0, "75f211877e97571a"}, 0x7}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x108c0}, 0x4000001) r1 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00', @ANYRES32=0x0, @ANYBLOB="03000000000000001800128008000100736974000c00028008000100", @ANYRES32=r2, @ANYBLOB], 0x38}}, 0x0) [ 603.802908][T17477] FAULT_INJECTION: forcing a failure. [ 603.802908][T17477] name failslab, interval 1, probability 0, space 0, times 0 [ 603.817555][T17477] CPU: 1 PID: 17477 Comm: syz-executor.0 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 603.827914][T17477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 603.838267][T17477] Call Trace: [ 603.841553][T17477] dump_stack+0x1dd/0x24e [ 603.845885][T17477] ? devkmsg_release+0x11c/0x11c [ 603.850828][T17477] ? show_regs_print_info+0x12/0x12 [ 603.856378][T17477] should_fail+0x6fb/0x860 [ 603.860824][T17477] ? setup_fault_attr+0x3d0/0x3d0 [ 603.865851][T17477] ? p9_client_create+0x2fc/0xb90 [ 603.871057][T17477] should_failslab+0x5/0x20 [ 603.875553][T17477] __kmalloc_track_caller+0x5d/0x2c0 [ 603.880837][T17477] kstrdup+0x31/0x70 [ 603.885076][T17477] p9_client_create+0x2fc/0xb90 [ 603.890185][T17477] ? p9_parse_header+0x6b0/0x6b0 [ 603.895127][T17477] ? __kasan_kmalloc+0x189/0x1c0 [ 603.900064][T17477] ? __kmalloc_track_caller+0x20e/0x2c0 [ 603.905590][T17477] ? vfs_get_tree+0x85/0x260 [ 603.910394][T17477] v9fs_session_init+0x208/0x1a00 [ 603.915421][T17477] ? v9fs_show_options+0x530/0x530 [ 603.920519][T17477] ? v9fs_mount+0x5c/0x790 [ 603.926230][T17477] ? kmem_cache_alloc_trace+0xc3/0x290 [ 603.934600][T17477] ? legacy_init_fs_context+0x4d/0xc0 [ 603.940519][T17477] v9fs_mount+0x7f/0x790 [ 603.945113][T17477] ? cap_capable+0x23f/0x280 [ 603.949909][T17477] legacy_get_tree+0xde/0x170 [ 603.954577][T17477] ? iterate_incfs_dir+0x370/0x370 [ 603.960976][T17477] vfs_get_tree+0x85/0x260 [ 603.966190][T17477] do_mount+0x18ab/0x2660 [ 603.972947][T17477] ? copy_mount_string+0x30/0x30 [ 603.979077][T17477] ? page_fault+0x2f/0x40 [ 603.983412][T17477] ? copy_mount_options+0x1e8/0x320 [ 603.989287][T17477] ? copy_mount_options+0x293/0x320 [ 603.995599][T17477] ksys_mount+0xc2/0xf0 [ 603.999961][T17477] __x64_sys_mount+0xb1/0xc0 [ 604.006461][T17477] do_syscall_64+0xcb/0x150 [ 604.011619][T17477] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 604.020303][T17477] RIP: 0033:0x45e219 [ 604.025080][T17477] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 604.048152][T17477] RSP: 002b:00007f0b3fc46c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 604.057845][T17477] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 604.068458][T17477] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 604.076412][T17477] RBP: 00007f0b3fc46ca0 R08: 0000000020000580 R09: 0000000000000000 [ 604.084363][T17477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000009 [ 604.092407][T17477] R13: 00007ffdd10d6f0f R14: 00007f0b3fc479c0 R15: 000000000119c034 09:05:28 executing program 5: r0 = syz_open_procfs(0x0, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x1300980, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = accept4$inet6(r0, &(0x7f0000000000), &(0x7f0000000040)=0x1c, 0x81000) ftruncate(r1, 0xd0) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0xe8, 0xe8, 0xe8, 0x0, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x5f5e0ff, 0x6000000}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan1\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x2e8) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) 09:05:28 executing program 5: recvmmsg(0xffffffffffffffff, &(0x7f00000051c0)=[{{0x0, 0x0, &(0x7f0000002400)=[{&(0x7f0000001300)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000007240)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f00000008c0)="d36109fb9766e9d38f4a0921c345f540047a0ce454b31ec80ffa0a16e13f3ca490c604e22c576fc23a97479af966220fb9cbef9ac58d76105c8fe1e23ffe20b1bc01efda833482f889c4f5afa21c35d49f3378bdf571644494cb71624e", 0x5d) recvmsg(r1, &(0x7f0000000840)={&(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x80, &(0x7f00000007c0)=[{&(0x7f0000000340)=""/139, 0x8b}, {&(0x7f00000000c0)=""/40, 0x28}, {&(0x7f0000000400)=""/246, 0xf6}, {&(0x7f0000000500)=""/204, 0xcc}, {&(0x7f0000000600)=""/223, 0xdf}, {&(0x7f0000000700)=""/169, 0xa9}, {&(0x7f00000001c0)=""/22, 0x16}], 0x7, &(0x7f0000000240)=""/44, 0x2c}, 0x142) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r4, 0x28, 0x6, &(0x7f0000000880)={0x0, 0xea60}, 0x10) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000180)={0x38, 0x1, 0x0, 0x0, 0x3}, 0x0) r5 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ftruncate(r5, 0x800) lseek(r5, 0x10000, 0x0) r6 = open(&(0x7f0000000140)='./bus\x00', 0x4c400, 0x0) sendfile(r5, r6, 0x0, 0x8400fffffffa) creat(&(0x7f0000000100)='./bus\x00', 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/igmp\x00') 09:05:28 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(0xffffffffffffffff, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:28 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) 09:05:28 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x1020, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:28 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x1020, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:28 executing program 0 (fault-call:8 fault-nth:10): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 604.668476][T17520] FAULT_INJECTION: forcing a failure. [ 604.668476][T17520] name failslab, interval 1, probability 0, space 0, times 0 [ 604.681317][T17520] CPU: 0 PID: 17520 Comm: syz-executor.0 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 604.692757][T17520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 604.703767][T17520] Call Trace: [ 604.707077][T17520] dump_stack+0x1dd/0x24e [ 604.711418][T17520] ? devkmsg_release+0x11c/0x11c [ 604.716409][T17520] ? show_regs_print_info+0x12/0x12 [ 604.722124][T17520] should_fail+0x6fb/0x860 [ 604.726981][T17520] ? setup_fault_attr+0x3d0/0x3d0 [ 604.732174][T17520] ? p9_client_create+0x2fc/0xb90 [ 604.737199][T17520] should_failslab+0x5/0x20 [ 604.741723][T17520] __kmalloc_track_caller+0x5d/0x2c0 [ 604.747019][T17520] kstrdup+0x31/0x70 [ 604.750931][T17520] p9_client_create+0x2fc/0xb90 [ 604.756472][T17520] ? p9_parse_header+0x6b0/0x6b0 [ 604.761403][T17520] ? __kasan_kmalloc+0x189/0x1c0 [ 604.766328][T17520] ? __kmalloc_track_caller+0x20e/0x2c0 [ 604.771866][T17520] ? vfs_get_tree+0x85/0x260 [ 604.776435][T17520] v9fs_session_init+0x208/0x1a00 [ 604.781444][T17520] ? v9fs_show_options+0x530/0x530 [ 604.786591][T17520] ? v9fs_mount+0x5c/0x790 [ 604.791285][T17520] ? kmem_cache_alloc_trace+0xc3/0x290 [ 604.796761][T17520] ? legacy_init_fs_context+0x4d/0xc0 [ 604.802232][T17520] v9fs_mount+0x7f/0x790 [ 604.806575][T17520] ? cap_capable+0x23f/0x280 [ 604.811173][T17520] legacy_get_tree+0xde/0x170 [ 604.816552][T17520] ? iterate_incfs_dir+0x370/0x370 [ 604.822288][T17520] vfs_get_tree+0x85/0x260 [ 604.826699][T17520] do_mount+0x18ab/0x2660 [ 604.831492][T17520] ? copy_mount_string+0x30/0x30 [ 604.836543][T17520] ? page_fault+0x2f/0x40 [ 604.840885][T17520] ? copy_mount_options+0x1e8/0x320 [ 604.846226][T17520] ? copy_mount_options+0x293/0x320 [ 604.851417][T17520] ksys_mount+0xc2/0xf0 [ 604.855770][T17520] __x64_sys_mount+0xb1/0xc0 [ 604.861543][T17520] do_syscall_64+0xcb/0x150 [ 604.868322][T17520] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 604.874835][T17520] RIP: 0033:0x45e219 [ 604.878719][T17520] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 604.902569][T17520] RSP: 002b:00007f0b3fc46c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 604.913498][T17520] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 604.923185][T17520] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 604.931407][T17520] RBP: 00007f0b3fc46ca0 R08: 0000000020000580 R09: 0000000000000000 [ 604.940814][T17520] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000a [ 604.949213][T17520] R13: 00007ffdd10d6f0f R14: 00007f0b3fc479c0 R15: 000000000119c034 09:05:29 executing program 5: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdcd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sigaltstack(&(0x7f0000455000/0x2000)=nil, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) getpeername$inet6(r0, &(0x7f00000001c0), &(0x7f00000002c0)=0x1c) r1 = syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000000)='./file0\x00', 0xffc0000b, 0x2, &(0x7f0000000180)=[{&(0x7f0000000040)="040800090000ff01e66174000410090a0200027400f8", 0x16}, {&(0x7f00000004c0)="dbed7d4cac17", 0x6, 0x1f}], 0x0, &(0x7f0000000540)=ANY=[]) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/consoles\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r2, 0x40106614, &(0x7f0000000440)) dup(r0) fstatfs(r1, &(0x7f0000000200)=""/117) unlinkat(r2, &(0x7f0000000280)='./file0\x00', 0x200) unlinkat(r1, &(0x7f0000001580)='./file0\x00', 0x200) setpriority(0x1, 0x0, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x400000, 0x60) 09:05:29 executing program 5: memfd_create(&(0x7f00000000c0)='\x00\x00\x00\x00\x00\x18\x00Fm\xcbzP*\x9cb\x10\xbb\xa0\xdb\x9ee\\\xf2N[\x18\x8e\xce\xab\x8a9\aU\xa3\xc0', 0x0) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0xffffffffffffffff, 0x1c) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, 0x0, 0x135}, 0x20) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000193c0)=""/102389, 0x18ff5}], 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$cont(0x7, r0, 0x0, 0x0) 09:05:29 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x0, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) [ 605.059925][T17525] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 605.118313][ T7] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 09:05:29 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8c}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002680)=[{{&(0x7f0000000ac0)=@ax25={{0x3, @rose}, [@netrom, @netrom, @bcast, @bcast, @null, @default, @remote, @bcast]}, 0x80, &(0x7f0000000980)=[{0x0}, {&(0x7f0000000c40)=""/90, 0x5a}, {&(0x7f0000000580)=""/125, 0x7d}], 0x3, &(0x7f0000000540)=""/46, 0x2e}}, {{&(0x7f0000000700)=@x25={0x9, @remote}, 0x80, 0x0, 0x0, &(0x7f0000000800)=""/109, 0x6d}}, {{0x0, 0x0, 0x0}}], 0x3, 0x22, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f00000007c0)="30eb2297b18c0a2ada6f46f8341ce63ccdab668e820dabde", 0x41395563) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x100000000000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0x4d}, 0x0, 0x4000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000100)={0x0, 0x0, 0x7d, 0xfffffffffffffffc}) syz_genetlink_get_family_id$nl80211(&(0x7f0000003240)='nl80211\x00') sendmsg$NL80211_CMD_REQ_SET_REG(r3, &(0x7f0000000440)={&(0x7f0000000300), 0xc, &(0x7f0000000380)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="90f0", @ANYBLOB="648058f015832c1c6d4d37585b916140b1d7a7d3341ff0fe", @ANYBLOB="36d829791ad4b221a34b5172d9b9d393e43c8f5dd3dd8510fb0cb3299783bf06c7849d371bf5a7f7faf6777da0f4e9e80a04dfbd9dde00000000faed0ab327215967a74233f5e5f73b094f94cf8121b56f219ab391e769b318f39434211c9107b08fe2c1776c89dc52843b637d7458e88363017aa0bf7b137086981558a6ba1dc49664e3c4cfb7e9dbc5591b6853050fdfa64e65d2030ce55aaeb52b56f6711de497c53dbd82764ec96c030540448d8007f496dfc10948ad18bbfca39e734dcab177d38e33fb796a1aedac72e6b0039b4e2701c1f18fd3cf552ede04c21c266f7dcc182feda6df4003371b04"]}, 0x1, 0x0, 0x0, 0x4}, 0x40050) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x0, 0x3, 0x100000000, 0x2000002, 0x0, 0x0, 0xe7}, 0x0) lseek(0xffffffffffffffff, 0x0, 0x0) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r4, &(0x7f0000000280)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000600)=0xda6, 0x4) writev(r4, &(0x7f0000000780)=[{&(0x7f0000000100)="dff548771d77ce8786aca76dda6fb054ab8ea73799d7293eda90ba41a2db81fab55b5415692300a8e64bca2f60e1717f85f06a6bbca90f392b04f34940db7ffccc33ed6ea82296de9683c9e360cd1c477304bd8f9bd74d44a4c7d1c7e625a86cd54b72c5745f475a772b84977a6b05381dbe6259bc510f0f70c3e9946a78c7b5a19e97447799d930f9623b", 0x8b}, {&(0x7f00000001c0)="96431fb1cb119741590ad657dc5e5ce3e5fe9f1f639e6a18bc7b6c1d0b424eb306f34cf2429c62c0fdefbae36740a7169721af852826d7f14b6cae8af86507ff78a1dda991aea5952f43e7e0146a3c035f0113d617240e8940c60cdf3400193bbe3a0c0b1eae5799db27b4ee9c13475210defa4dac9d784e0c89135b82b321f8e43d7a5db9ab1bfd319f472a94", 0x8d}, {&(0x7f0000001340)="f15c93cb35c215fe339d1e9060c5b23e77cb58a87329a00288504db389cc6e395885fa906ac30eeae99fa388c31b5717e641e1586a90961b5f99b26c939d944f6cb1cf6817b7e51402a8459f9db642e97d3c05db56250a665d3ff188eb47e5b036d508aa5a5796fb8806b6a41487e0bfc3df087c18269bd7d2f477104c5d5db497ceaf3e1b11a5d63a2b7035dc69fa701f3b46fe701880800a7d38dccd4b3e8014aa15c96968359533ce2c5ffdd5f0d3297018bd7c025150940cdead92eb1e6bc6ba45eecf067b32425b6000b2f376ef9172426ae7fa97e5a84ef4dc540bbf5dd458ffcb75724135bd32fa04db6d6a75aedda7ab6e8501fc94e209dc3b2525ae24c954255d3247ca9c1b9525ce68179a52a87333aa2b0a8c1baa6ba6160c6d2018e67bac5402d0d89c5f798b8d1a87b0dc3306f546c61724530d9f4b6f0ee68677c7b261de5afa02d708a8ec979791de8f4831cc354ba453bc253e2435207f25494a594d4e5be39902358d362cb318ad965b7e7480a5ca5b6fe74e101c400c77392ee4419ad788f494230487811046f21f0f9665dfbaa9e94ed305a02e3fa47039e67dde19f89c8f1741aad752cdfe458ddf54e8fc10ff79b5", 0x1b9}], 0x3) sendto$inet(r4, &(0x7f00000012c0)="1a268a927f1f6588b967481241ba78600453f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) 09:05:29 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x2000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:29 executing program 0 (fault-call:8 fault-nth:11): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:29 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x2000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:29 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) [ 605.540134][T17560] FAULT_INJECTION: forcing a failure. [ 605.540134][T17560] name failslab, interval 1, probability 0, space 0, times 0 [ 605.553803][T17560] CPU: 1 PID: 17560 Comm: syz-executor.0 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 605.564528][T17560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 605.575713][T17560] Call Trace: [ 605.579117][T17560] dump_stack+0x1dd/0x24e [ 605.583643][T17560] ? devkmsg_release+0x11c/0x11c [ 605.588580][T17560] ? show_regs_print_info+0x12/0x12 [ 605.596119][T17560] ? stack_trace_save+0x120/0x1f0 [ 605.601129][T17560] ? stack_trace_snprint+0x150/0x150 [ 605.606606][T17560] should_fail+0x6fb/0x860 [ 605.611054][T17560] ? setup_fault_attr+0x3d0/0x3d0 [ 605.616092][T17560] ? slab_free_freelist_hook+0xd0/0x150 [ 605.621621][T17560] ? kfree+0x12c/0x660 [ 605.625797][T17560] ? p9_client_create+0x789/0xb90 [ 605.631165][T17560] ? v9fs_session_init+0x208/0x1a00 [ 605.636347][T17560] ? v9fs_mount+0x7f/0x790 [ 605.640759][T17560] ? vfs_get_tree+0x85/0x260 [ 605.646039][T17560] ? do_mount+0x18ab/0x2660 [ 605.650531][T17560] ? ksys_mount+0xc2/0xf0 [ 605.654893][T17560] ? parse_opts+0x1a1/0x6e0 [ 605.659661][T17560] should_failslab+0x5/0x20 [ 605.664164][T17560] __kmalloc_track_caller+0x5d/0x2c0 [ 605.669449][T17560] kstrdup+0x31/0x70 [ 605.673323][T17560] parse_opts+0x1a1/0x6e0 [ 605.677729][T17560] ? p9_fd_show_options+0x1a0/0x1a0 [ 605.682924][T17560] p9_fd_create+0x91/0x480 [ 605.688020][T17560] ? p9_client_create+0x789/0xb90 [ 605.693024][T17560] ? p9_fd_create_unix+0x470/0x470 [ 605.698466][T17560] ? __kmalloc_track_caller+0x20e/0x2c0 [ 605.704006][T17560] ? kmemdup_nul+0x42/0xa0 [ 605.708946][T17560] p9_client_create+0x81b/0xb90 [ 605.713810][T17560] ? p9_parse_header+0x6b0/0x6b0 [ 605.718855][T17560] ? __kasan_kmalloc+0x189/0x1c0 [ 605.724060][T17560] ? __kmalloc_track_caller+0x20e/0x2c0 [ 605.729791][T17560] ? vfs_get_tree+0x85/0x260 [ 605.734404][T17560] v9fs_session_init+0x208/0x1a00 [ 605.739600][T17560] ? v9fs_show_options+0x530/0x530 [ 605.745516][T17560] ? v9fs_mount+0x5c/0x790 [ 605.749943][T17560] ? kmem_cache_alloc_trace+0xc3/0x290 [ 605.755932][T17560] ? legacy_init_fs_context+0x4d/0xc0 [ 605.761285][T17560] v9fs_mount+0x7f/0x790 [ 605.765519][T17560] ? cap_capable+0x23f/0x280 [ 605.771044][T17560] legacy_get_tree+0xde/0x170 [ 605.775706][T17560] ? iterate_incfs_dir+0x370/0x370 [ 605.780795][T17560] vfs_get_tree+0x85/0x260 [ 605.785459][T17560] do_mount+0x18ab/0x2660 [ 605.789767][T17560] ? copy_mount_string+0x30/0x30 [ 605.794699][T17560] ? page_fault+0x2f/0x40 [ 605.799010][T17560] ? copy_mount_options+0x1e8/0x320 [ 605.804559][T17560] ? copy_mount_options+0x293/0x320 [ 605.809944][T17560] ksys_mount+0xc2/0xf0 [ 605.814166][T17560] __x64_sys_mount+0xb1/0xc0 [ 605.818752][T17560] do_syscall_64+0xcb/0x150 [ 605.823232][T17560] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 605.829147][T17560] RIP: 0033:0x45e219 [ 605.833033][T17560] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 605.852922][T17560] RSP: 002b:00007f0b3fc46c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 605.861325][T17560] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 605.869292][T17560] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 605.877254][T17560] RBP: 00007f0b3fc46ca0 R08: 0000000020000580 R09: 0000000000000000 [ 605.885232][T17560] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000b [ 605.893184][T17560] R13: 00007ffdd10d6f0f R14: 00007f0b3fc479c0 R15: 000000000119c034 [ 605.901695][T17560] 9pnet: Insufficient options for proto=fd 09:05:30 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x0, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:30 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8c}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002680)=[{{&(0x7f0000000ac0)=@ax25={{0x3, @rose}, [@netrom, @netrom, @bcast, @bcast, @null, @default, @remote, @bcast]}, 0x80, &(0x7f0000000980)=[{0x0}, {&(0x7f0000000c40)=""/90, 0x5a}, {&(0x7f0000000580)=""/125, 0x7d}], 0x3, &(0x7f0000000540)=""/46, 0x2e}}, {{&(0x7f0000000700)=@x25={0x9, @remote}, 0x80, 0x0, 0x0, &(0x7f0000000800)=""/109, 0x6d}}, {{0x0, 0x0, 0x0}}], 0x3, 0x22, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f00000007c0)="30eb2297b18c0a2ada6f46f8341ce63ccdab668e820dabde", 0x41395563) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x100000000000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0x4d}, 0x0, 0x4000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000100)={0x0, 0x0, 0x7d, 0xfffffffffffffffc}) syz_genetlink_get_family_id$nl80211(&(0x7f0000003240)='nl80211\x00') sendmsg$NL80211_CMD_REQ_SET_REG(r3, &(0x7f0000000440)={&(0x7f0000000300), 0xc, &(0x7f0000000380)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="90f0", @ANYBLOB="648058f015832c1c6d4d37585b916140b1d7a7d3341ff0fe", @ANYBLOB="36d829791ad4b221a34b5172d9b9d393e43c8f5dd3dd8510fb0cb3299783bf06c7849d371bf5a7f7faf6777da0f4e9e80a04dfbd9dde00000000faed0ab327215967a74233f5e5f73b094f94cf8121b56f219ab391e769b318f39434211c9107b08fe2c1776c89dc52843b637d7458e88363017aa0bf7b137086981558a6ba1dc49664e3c4cfb7e9dbc5591b6853050fdfa64e65d2030ce55aaeb52b56f6711de497c53dbd82764ec96c030540448d8007f496dfc10948ad18bbfca39e734dcab177d38e33fb796a1aedac72e6b0039b4e2701c1f18fd3cf552ede04c21c266f7dcc182feda6df4003371b04"]}, 0x1, 0x0, 0x0, 0x4}, 0x40050) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x0, 0x3, 0x100000000, 0x2000002, 0x0, 0x0, 0xe7}, 0x0) lseek(0xffffffffffffffff, 0x0, 0x0) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r4, &(0x7f0000000280)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000600)=0xda6, 0x4) writev(r4, &(0x7f0000000780)=[{&(0x7f0000000100)="dff548771d77ce8786aca76dda6fb054ab8ea73799d7293eda90ba41a2db81fab55b5415692300a8e64bca2f60e1717f85f06a6bbca90f392b04f34940db7ffccc33ed6ea82296de9683c9e360cd1c477304bd8f9bd74d44a4c7d1c7e625a86cd54b72c5745f475a772b84977a6b05381dbe6259bc510f0f70c3e9946a78c7b5a19e97447799d930f9623b", 0x8b}, {&(0x7f00000001c0)="96431fb1cb119741590ad657dc5e5ce3e5fe9f1f639e6a18bc7b6c1d0b424eb306f34cf2429c62c0fdefbae36740a7169721af852826d7f14b6cae8af86507ff78a1dda991aea5952f43e7e0146a3c035f0113d617240e8940c60cdf3400193bbe3a0c0b1eae5799db27b4ee9c13475210defa4dac9d784e0c89135b82b321f8e43d7a5db9ab1bfd319f472a94", 0x8d}, {&(0x7f0000001340)="f15c93cb35c215fe339d1e9060c5b23e77cb58a87329a00288504db389cc6e395885fa906ac30eeae99fa388c31b5717e641e1586a90961b5f99b26c939d944f6cb1cf6817b7e51402a8459f9db642e97d3c05db56250a665d3ff188eb47e5b036d508aa5a5796fb8806b6a41487e0bfc3df087c18269bd7d2f477104c5d5db497ceaf3e1b11a5d63a2b7035dc69fa701f3b46fe701880800a7d38dccd4b3e8014aa15c96968359533ce2c5ffdd5f0d3297018bd7c025150940cdead92eb1e6bc6ba45eecf067b32425b6000b2f376ef9172426ae7fa97e5a84ef4dc540bbf5dd458ffcb75724135bd32fa04db6d6a75aedda7ab6e8501fc94e209dc3b2525ae24c954255d3247ca9c1b9525ce68179a52a87333aa2b0a8c1baa6ba6160c6d2018e67bac5402d0d89c5f798b8d1a87b0dc3306f546c61724530d9f4b6f0ee68677c7b261de5afa02d708a8ec979791de8f4831cc354ba453bc253e2435207f25494a594d4e5be39902358d362cb318ad965b7e7480a5ca5b6fe74e101c400c77392ee4419ad788f494230487811046f21f0f9665dfbaa9e94ed305a02e3fa47039e67dde19f89c8f1741aad752cdfe458ddf54e8fc10ff79b5", 0x1b9}], 0x3) sendto$inet(r4, &(0x7f00000012c0)="1a268a927f1f6588b967481241ba78600453f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) 09:05:30 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x2010, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:30 executing program 0 (fault-call:8 fault-nth:12): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:30 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:30 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x2010, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 606.410120][T17595] FAULT_INJECTION: forcing a failure. [ 606.410120][T17595] name failslab, interval 1, probability 0, space 0, times 0 [ 606.423153][T17595] CPU: 0 PID: 17595 Comm: syz-executor.0 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 606.433292][T17595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 606.443704][T17595] Call Trace: [ 606.447026][T17595] dump_stack+0x1dd/0x24e [ 606.451336][T17595] ? devkmsg_release+0x11c/0x11c [ 606.456276][T17595] ? p9_client_create+0x81b/0xb90 [ 606.461292][T17595] ? show_regs_print_info+0x12/0x12 [ 606.466470][T17595] ? vfs_get_tree+0x85/0x260 [ 606.471040][T17595] ? ksys_mount+0xc2/0xf0 [ 606.475357][T17595] ? __x64_sys_mount+0xb1/0xc0 [ 606.480119][T17595] ? do_syscall_64+0xcb/0x150 [ 606.484801][T17595] should_fail+0x6fb/0x860 [ 606.489553][T17595] ? setup_fault_attr+0x3d0/0x3d0 [ 606.494745][T17595] ? simple_strtoul+0x107/0x1e0 [ 606.499581][T17595] ? simple_strtoull+0x1e0/0x1e0 [ 606.504519][T17595] ? match_int+0xd9/0x1e0 [ 606.508866][T17595] should_failslab+0x5/0x20 [ 606.513368][T17595] __kmalloc_track_caller+0x5d/0x2c0 [ 606.518985][T17595] kmemdup_nul+0x27/0xa0 [ 606.523211][T17595] match_int+0xd9/0x1e0 [ 606.527382][T17595] ? match_token+0x710/0x710 [ 606.531982][T17595] ? __kmalloc_track_caller+0x20e/0x2c0 [ 606.538048][T17595] ? kstrdup+0x4c/0x70 [ 606.542192][T17595] parse_opts+0x2a6/0x6e0 [ 606.546518][T17595] ? p9_fd_show_options+0x1a0/0x1a0 [ 606.551816][T17595] p9_fd_create+0x91/0x480 [ 606.556227][T17595] ? p9_client_create+0x789/0xb90 [ 606.561245][T17595] ? p9_fd_create_unix+0x470/0x470 [ 606.566369][T17595] ? __kmalloc_track_caller+0x20e/0x2c0 [ 606.571908][T17595] ? kmemdup_nul+0x42/0xa0 [ 606.576321][T17595] p9_client_create+0x81b/0xb90 [ 606.581168][T17595] ? p9_parse_header+0x6b0/0x6b0 [ 606.586191][T17595] ? __kasan_kmalloc+0x189/0x1c0 [ 606.591317][T17595] ? __kmalloc_track_caller+0x20e/0x2c0 [ 606.597387][T17595] ? vfs_get_tree+0x85/0x260 [ 606.602006][T17595] v9fs_session_init+0x208/0x1a00 [ 606.607036][T17595] ? v9fs_show_options+0x530/0x530 [ 606.612145][T17595] ? v9fs_mount+0x5c/0x790 [ 606.616626][T17595] ? kmem_cache_alloc_trace+0xc3/0x290 [ 606.622083][T17595] ? legacy_init_fs_context+0x4d/0xc0 [ 606.627789][T17595] v9fs_mount+0x7f/0x790 [ 606.632233][T17595] ? cap_capable+0x23f/0x280 [ 606.637008][T17595] legacy_get_tree+0xde/0x170 [ 606.641773][T17595] ? iterate_incfs_dir+0x370/0x370 [ 606.647510][T17595] vfs_get_tree+0x85/0x260 [ 606.651917][T17595] do_mount+0x18ab/0x2660 [ 606.656247][T17595] ? copy_mount_string+0x30/0x30 [ 606.661166][T17595] ? page_fault+0x2f/0x40 [ 606.665911][T17595] ? copy_mount_options+0x1e8/0x320 [ 606.671090][T17595] ? copy_mount_options+0x293/0x320 [ 606.676278][T17595] ksys_mount+0xc2/0xf0 [ 606.680416][T17595] __x64_sys_mount+0xb1/0xc0 [ 606.685180][T17595] do_syscall_64+0xcb/0x150 [ 606.689903][T17595] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 606.695884][T17595] RIP: 0033:0x45e219 [ 606.699799][T17595] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 606.719396][T17595] RSP: 002b:00007f0b3fc46c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 606.727784][T17595] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 606.735731][T17595] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 606.743701][T17595] RBP: 00007f0b3fc46ca0 R08: 0000000020000580 R09: 0000000000000000 [ 606.752380][T17595] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000c [ 606.761046][T17595] R13: 00007ffdd10d6f0f R14: 00007f0b3fc479c0 R15: 000000000119c034 [ 606.769238][T17595] 9pnet: Insufficient options for proto=fd 09:05:31 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8c}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002680)=[{{&(0x7f0000000ac0)=@ax25={{0x3, @rose}, [@netrom, @netrom, @bcast, @bcast, @null, @default, @remote, @bcast]}, 0x80, &(0x7f0000000980)=[{0x0}, {&(0x7f0000000c40)=""/90, 0x5a}, {&(0x7f0000000580)=""/125, 0x7d}], 0x3, &(0x7f0000000540)=""/46, 0x2e}}, {{&(0x7f0000000700)=@x25={0x9, @remote}, 0x80, 0x0, 0x0, &(0x7f0000000800)=""/109, 0x6d}}, {{0x0, 0x0, 0x0}}], 0x3, 0x22, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f00000007c0)="30eb2297b18c0a2ada6f46f8341ce63ccdab668e820dabde", 0x41395563) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x100000000000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0x4d}, 0x0, 0x4000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000100)={0x0, 0x0, 0x7d, 0xfffffffffffffffc}) syz_genetlink_get_family_id$nl80211(&(0x7f0000003240)='nl80211\x00') sendmsg$NL80211_CMD_REQ_SET_REG(r3, &(0x7f0000000440)={&(0x7f0000000300), 0xc, &(0x7f0000000380)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="90f0", @ANYBLOB="648058f015832c1c6d4d37585b916140b1d7a7d3341ff0fe", @ANYBLOB="36d829791ad4b221a34b5172d9b9d393e43c8f5dd3dd8510fb0cb3299783bf06c7849d371bf5a7f7faf6777da0f4e9e80a04dfbd9dde00000000faed0ab327215967a74233f5e5f73b094f94cf8121b56f219ab391e769b318f39434211c9107b08fe2c1776c89dc52843b637d7458e88363017aa0bf7b137086981558a6ba1dc49664e3c4cfb7e9dbc5591b6853050fdfa64e65d2030ce55aaeb52b56f6711de497c53dbd82764ec96c030540448d8007f496dfc10948ad18bbfca39e734dcab177d38e33fb796a1aedac72e6b0039b4e2701c1f18fd3cf552ede04c21c266f7dcc182feda6df4003371b04"]}, 0x1, 0x0, 0x0, 0x4}, 0x40050) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x0, 0x3, 0x100000000, 0x2000002, 0x0, 0x0, 0xe7}, 0x0) lseek(0xffffffffffffffff, 0x0, 0x0) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r4, &(0x7f0000000280)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000600)=0xda6, 0x4) writev(r4, &(0x7f0000000780)=[{&(0x7f0000000100)="dff548771d77ce8786aca76dda6fb054ab8ea73799d7293eda90ba41a2db81fab55b5415692300a8e64bca2f60e1717f85f06a6bbca90f392b04f34940db7ffccc33ed6ea82296de9683c9e360cd1c477304bd8f9bd74d44a4c7d1c7e625a86cd54b72c5745f475a772b84977a6b05381dbe6259bc510f0f70c3e9946a78c7b5a19e97447799d930f9623b", 0x8b}, {&(0x7f00000001c0)="96431fb1cb119741590ad657dc5e5ce3e5fe9f1f639e6a18bc7b6c1d0b424eb306f34cf2429c62c0fdefbae36740a7169721af852826d7f14b6cae8af86507ff78a1dda991aea5952f43e7e0146a3c035f0113d617240e8940c60cdf3400193bbe3a0c0b1eae5799db27b4ee9c13475210defa4dac9d784e0c89135b82b321f8e43d7a5db9ab1bfd319f472a94", 0x8d}, {&(0x7f0000001340)="f15c93cb35c215fe339d1e9060c5b23e77cb58a87329a00288504db389cc6e395885fa906ac30eeae99fa388c31b5717e641e1586a90961b5f99b26c939d944f6cb1cf6817b7e51402a8459f9db642e97d3c05db56250a665d3ff188eb47e5b036d508aa5a5796fb8806b6a41487e0bfc3df087c18269bd7d2f477104c5d5db497ceaf3e1b11a5d63a2b7035dc69fa701f3b46fe701880800a7d38dccd4b3e8014aa15c96968359533ce2c5ffdd5f0d3297018bd7c025150940cdead92eb1e6bc6ba45eecf067b32425b6000b2f376ef9172426ae7fa97e5a84ef4dc540bbf5dd458ffcb75724135bd32fa04db6d6a75aedda7ab6e8501fc94e209dc3b2525ae24c954255d3247ca9c1b9525ce68179a52a87333aa2b0a8c1baa6ba6160c6d2018e67bac5402d0d89c5f798b8d1a87b0dc3306f546c61724530d9f4b6f0ee68677c7b261de5afa02d708a8ec979791de8f4831cc354ba453bc253e2435207f25494a594d4e5be39902358d362cb318ad965b7e7480a5ca5b6fe74e101c400c77392ee4419ad788f494230487811046f21f0f9665dfbaa9e94ed305a02e3fa47039e67dde19f89c8f1741aad752cdfe458ddf54e8fc10ff79b5", 0x1b9}], 0x3) sendto$inet(r4, &(0x7f00000012c0)="1a268a927f1f6588b967481241ba78600453f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) 09:05:31 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x0, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:31 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:31 executing program 0 (fault-call:8 fault-nth:13): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:31 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x2200, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:31 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x2200, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 607.314930][T17626] FAULT_INJECTION: forcing a failure. [ 607.314930][T17626] name failslab, interval 1, probability 0, space 0, times 0 [ 607.327765][T17626] CPU: 1 PID: 17626 Comm: syz-executor.0 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 607.338243][T17626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 607.348300][T17626] Call Trace: [ 607.351591][T17626] dump_stack+0x1dd/0x24e [ 607.355928][T17626] ? devkmsg_release+0x11c/0x11c [ 607.360916][T17626] ? show_regs_print_info+0x12/0x12 [ 607.367935][T17626] should_fail+0x6fb/0x860 [ 607.372544][T17626] ? setup_fault_attr+0x3d0/0x3d0 [ 607.377643][T17626] ? simple_strtoul+0x107/0x1e0 [ 607.382520][T17626] ? simple_strtoull+0x1e0/0x1e0 [ 607.387450][T17626] ? match_int+0xd9/0x1e0 [ 607.392041][T17626] should_failslab+0x5/0x20 [ 607.396584][T17626] __kmalloc_track_caller+0x5d/0x2c0 [ 607.402756][T17626] ? kmemdup_nul+0x42/0xa0 [ 607.407328][T17626] kmemdup_nul+0x27/0xa0 [ 607.411572][T17626] match_int+0xd9/0x1e0 [ 607.415728][T17626] ? match_token+0x710/0x710 [ 607.420622][T17626] ? __kmalloc_track_caller+0x20e/0x2c0 [ 607.427454][T17626] ? kstrdup+0x4c/0x70 [ 607.431518][T17626] parse_opts+0x2a6/0x6e0 [ 607.435948][T17626] ? p9_fd_show_options+0x1a0/0x1a0 [ 607.442358][T17626] p9_fd_create+0x91/0x480 [ 607.446904][T17626] ? p9_client_create+0x789/0xb90 [ 607.451955][T17626] ? p9_fd_create_unix+0x470/0x470 [ 607.459428][T17626] ? __kmalloc_track_caller+0x20e/0x2c0 [ 607.464959][T17626] ? kmemdup_nul+0x42/0xa0 [ 607.469459][T17626] p9_client_create+0x81b/0xb90 [ 607.474284][T17626] ? p9_parse_header+0x6b0/0x6b0 [ 607.479205][T17626] ? __kasan_kmalloc+0x189/0x1c0 [ 607.484402][T17626] ? __kmalloc_track_caller+0x20e/0x2c0 [ 607.490670][T17626] ? vfs_get_tree+0x85/0x260 [ 607.495255][T17626] v9fs_session_init+0x208/0x1a00 [ 607.500263][T17626] ? v9fs_show_options+0x530/0x530 [ 607.505365][T17626] ? v9fs_mount+0x5c/0x790 [ 607.510197][T17626] ? kmem_cache_alloc_trace+0xc3/0x290 [ 607.517055][T17626] ? legacy_init_fs_context+0x4d/0xc0 [ 607.522798][T17626] v9fs_mount+0x7f/0x790 [ 607.527053][T17626] ? cap_capable+0x23f/0x280 [ 607.531643][T17626] legacy_get_tree+0xde/0x170 [ 607.536757][T17626] ? iterate_incfs_dir+0x370/0x370 [ 607.541850][T17626] vfs_get_tree+0x85/0x260 [ 607.546260][T17626] do_mount+0x18ab/0x2660 [ 607.550620][T17626] ? copy_mount_string+0x30/0x30 [ 607.555571][T17626] ? page_fault+0x2f/0x40 [ 607.559894][T17626] ? copy_mount_options+0x1e8/0x320 [ 607.565075][T17626] ? copy_mount_options+0x293/0x320 [ 607.570259][T17626] ksys_mount+0xc2/0xf0 [ 607.574402][T17626] __x64_sys_mount+0xb1/0xc0 [ 607.579108][T17626] do_syscall_64+0xcb/0x150 [ 607.583619][T17626] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 607.590309][T17626] RIP: 0033:0x45e219 [ 607.595152][T17626] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 607.615449][T17626] RSP: 002b:00007f0b3fc46c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 607.624215][T17626] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 607.634125][T17626] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 607.645022][T17626] RBP: 00007f0b3fc46ca0 R08: 0000000020000580 R09: 0000000000000000 [ 607.653005][T17626] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000d [ 607.661200][T17626] R13: 00007ffdd10d6f0f R14: 00007f0b3fc479c0 R15: 000000000119c034 [ 607.669376][T17626] 9pnet: Insufficient options for proto=fd 09:05:31 executing program 5: syz_open_pts(0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000440)='TIPC\x00') sendmsg$TIPC_CMD_RESET_LINK_STATS(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x30, r1, 0x1, 0x0, 0x0, {{}, {}, {0x14, 0x14, 'broadcast-link\x00'}}}, 0x30}}, 0x0) 09:05:31 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f000099e000)={0x2, 0x4e20, @local}, 0x10) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0x80000001) sendto$inet(r0, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10) ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f0000000080)=0xffffffffffffffff) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x80}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) recvfrom(r0, &(0x7f0000000480)=""/110, 0xfffffe32, 0x734, 0x0, 0xffffffffffffff39) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40086602, &(0x7f0000000040)=0x4000) sendmmsg$inet(r1, &(0x7f0000000040), 0x0, 0x4005) 09:05:31 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(0x0, 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:32 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:32 executing program 0 (fault-call:8 fault-nth:14): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:32 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x4000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:32 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x4000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 608.229646][T17658] FAULT_INJECTION: forcing a failure. [ 608.229646][T17658] name failslab, interval 1, probability 0, space 0, times 0 [ 608.242880][T17658] CPU: 1 PID: 17658 Comm: syz-executor.0 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 608.253800][T17658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 608.265502][T17658] Call Trace: [ 608.268801][T17658] dump_stack+0x1dd/0x24e [ 608.273296][T17658] ? devkmsg_release+0x11c/0x11c [ 608.278830][T17658] ? show_regs_print_info+0x12/0x12 [ 608.284022][T17658] ? parse_opts+0x53c/0x6e0 [ 608.288523][T17658] should_fail+0x6fb/0x860 [ 608.292929][T17658] ? setup_fault_attr+0x3d0/0x3d0 [ 608.297948][T17658] ? p9_fd_create+0x161/0x480 [ 608.302698][T17658] should_failslab+0x5/0x20 [ 608.307202][T17658] kmem_cache_alloc_trace+0x39/0x290 [ 608.312488][T17658] p9_fd_create+0x161/0x480 [ 608.317021][T17658] ? p9_client_create+0x789/0xb90 [ 608.322289][T17658] ? p9_fd_create_unix+0x470/0x470 [ 608.327380][T17658] ? __kmalloc_track_caller+0x20e/0x2c0 [ 608.334818][T17658] ? kmemdup_nul+0x42/0xa0 [ 608.339345][T17658] p9_client_create+0x81b/0xb90 [ 608.344208][T17658] ? p9_parse_header+0x6b0/0x6b0 [ 608.349299][T17658] ? __kasan_kmalloc+0x189/0x1c0 [ 608.354345][T17658] ? __kmalloc_track_caller+0x20e/0x2c0 [ 608.359902][T17658] ? vfs_get_tree+0x85/0x260 [ 608.364753][T17658] v9fs_session_init+0x208/0x1a00 [ 608.370276][T17658] ? v9fs_show_options+0x530/0x530 [ 608.375472][T17658] ? v9fs_mount+0x5c/0x790 [ 608.380385][T17658] ? v9fs_mount+0x5c/0x790 [ 608.384982][T17658] ? kmem_cache_alloc_trace+0xc3/0x290 [ 608.391637][T17658] v9fs_mount+0x7f/0x790 [ 608.395875][T17658] ? cap_capable+0x23f/0x280 [ 608.400442][T17658] legacy_get_tree+0xde/0x170 [ 608.405404][T17658] ? iterate_incfs_dir+0x370/0x370 [ 608.411862][T17658] vfs_get_tree+0x85/0x260 [ 608.416369][T17658] do_mount+0x18ab/0x2660 [ 608.421475][T17658] ? copy_mount_string+0x30/0x30 [ 608.426686][T17658] ? page_fault+0x2f/0x40 [ 608.432089][T17658] ? copy_mount_options+0x1e8/0x320 [ 608.437931][T17658] ? copy_mount_options+0x293/0x320 [ 608.443199][T17658] ksys_mount+0xc2/0xf0 [ 608.447335][T17658] __x64_sys_mount+0xb1/0xc0 [ 608.452018][T17658] do_syscall_64+0xcb/0x150 [ 608.456507][T17658] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 608.462928][T17658] RIP: 0033:0x45e219 [ 608.466807][T17658] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 608.486678][T17658] RSP: 002b:00007f0b3fc46c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 608.495228][T17658] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 608.503190][T17658] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 608.511143][T17658] RBP: 00007f0b3fc46ca0 R08: 0000000020000580 R09: 0000000000000000 [ 608.519109][T17658] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000e [ 608.527081][T17658] R13: 00007ffdd10d6f0f R14: 00007f0b3fc479c0 R15: 000000000119c034 09:05:32 executing program 5: r0 = socket(0x10, 0x803, 0x0) write(r0, &(0x7f0000000040)="260000002200470100"/28, 0x1c) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000d9bffc), 0x4) sendto(r0, &(0x7f0000000000)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000200), 0x12) open_tree(r3, &(0x7f0000000140)='./file0\x00', 0x801) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = syz_open_dev$ptys(0xc, 0x3, 0x1) fsetxattr$trusted_overlay_origin(r5, &(0x7f0000000080)='trusted.overlay.origin\x00', &(0x7f0000000100)='y\x00', 0x2, 0x2) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) write$cgroup_int(r6, &(0x7f0000000200), 0x12) openat$incfs(r2, &(0x7f0000000180)='.pending_reads\x00', 0x24a483, 0x182) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) recvmsg(r0, &(0x7f0000002500)={0x0, 0x0, 0x0}, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0xfffffffffffffffd) recvmmsg(r0, &(0x7f0000000d00)=[{{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000440)=""/245, 0x2c7}, {&(0x7f0000000300)=""/170, 0xaa}, {&(0x7f0000000e00)=""/96, 0x60}, {&(0x7f0000000600)=""/204, 0x4}, {&(0x7f0000001040)=""/4096, 0x1011}], 0x5}}], 0x14, 0x0, 0x0) 09:05:32 executing program 5: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x9, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000001000000000000000000180000000001000000000000000000001800000000000000000000000000000085100000010000000500f8ff000000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x5, 0xe0, &(0x7f00000000c0)=""/224, 0x0, 0x8, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 09:05:32 executing program 5: r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000180)={r0, &(0x7f0000000040)="f046afdb3709d01cc05e155d78e0cd10de2fba5915563d"}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92304f242b416ae9eeefc0e9c60ebab1c176bfdbb4dde984510c82dc2b938189a7ca02f732e4c2eab72bf40c0682fd0a0c4ac106b29e220dc28dac72599456d4c4e6f3fe2d1dee18f638ac947b5e026a3287684ab8373bb4df9d72876ef3834293812e927c01c7da1322da44c7f2ed1084a12f56d1cb39df9858837458a4ca037604007600b6be484e4c9517af216bd8ed42f7dd5adb8e49f4a94608c9a20819e02cc22e6be45574d4ed88b37ab8d7674c644dca2f1b4d745fd95c41f9dfc1adafd1e5a3e7f2e898961cb43e438c4e41ae43ea118e14ffffff000000009bffffb1ac006c67767b03b95151aeb89e6d4a43c625aa228504e4afd8c1cc3eb215ba22f43115f4d39dc7beedb130d9f2be90133a4500000058b8c9370634060105baa664953514605fba3973aa021945b985a8a66e0200000057033815717b4fdbe55b37cb8d7f41aacfbd4089ea1bd22440f64909a09b5a759a703e71f358e11ac8e13db15d792e604a4f279b3bd6621bdf2c17bc0400000000000000ff8d01006200607a9a76e5d9656a7154c75773902a1bdf399df3925130312d095e9c1f973d091c198c1a11edb6b3cc425fe203d2f2655a76865c2c34e2470fcfb1248c0add5431a7fbcb0ef4f66a09af93a09fab1daae4b518d7a5d95a017864487367d6d5ee7bb0749cacf56cf27409c60fca2e0004000000000000a9cb6f4a78444986f9b1ab61f9dab530388eb1f43d4abbfc59d6d1b18fe380df4bf024f120bd715d82033f2fb7d8fc9e0d77b294e097e293db7f002c0024ab2fd8e5e7fb178f047ba32548b4d32972cba6f49051cec1bf6f16231bbb90a2d201a5a47811a2278a03bf7700b06fa191ebd3a0c2ef0058ffebd7cc4cf81f74a7cdac01d998c24f34a5ba9a4a2039d0416e3f81074192c48c63c7d8e94a27a06a4e3d9acee835fd63384f52b8eeb70571e5bbb3e6d2b5eba505000000968981811f832d064048c0e0bbe46984f1f0d0504255c22ee8674053d0e160e525536edf56a93d0a7e6f0889f4ee8964875fea6ff57ba6ae25c5e8ca4f78d5a01308243b08f1caa46be5244d64f8e875857f083144c642f71cdc8e5634c1360c056430f677ee7ed7ac1f9743786b2fb8e0fcfcc3d36c93230b7b059bc295aa0e38b1c3edc3492b96e73d2060acfd8145e4a5851bc4d6fdc5ad939d7795f3879baa88bd194d48e50c84892c97c809d116b059a718351620b846e31ce0b8ef953de70ea8b74a0f3c3dc11177b11cc2e62a95f1ecf607a8dc38e525f415a1bd46b38845ebca04061bacbf627f7975fe599678fee48f83b5989543729e3600000000bc86cd51704f309130f5347413776a7b7bea3c46c0c4c4b7c27c45057d95ac85a41cdcee8e6fa31fc02137ed1fb4b21c13b9a2c5e3f7c9ef9c45a35adbf0b9312be92986d63263b1aa5264cb4a82bc080de1f87808d0711dd76f2977ca7f2684bfa5c14a0cd6f1f561e34e4e8e51e81d4a355a7d00d917c16a2bb0cfb284fcfde9015769b9ee2c8ff10e934847604d930f62924d0562ce17f6dadf5053ed8f33092a41bb46e1878c5295fecc27f9ddd1f62da58c00020000000000009aa38a05e70591d5cdab1c268ef37183dfe3c1984c7c0a566cfc2ab6e6fbc99ec206a54fb49056a555414178ef00d8b8f3c59f01eb5d83415994efcc6ec4b3c275cd6b1b5ff82ef7d7abb1d218e7a1d0afa285706841aac9ccc89df41c39dd58dd70569dde45f8ad62edc65828fbb6e279f745d2872f0208635e465ca443a6a64c7803760880af23fb3f430a5d11fffc96dd1cb951642f1433f65b4e170a62a5f7a8d0f9d5cef0d17289c43d4aee2127f7a343899434594cc23e1c864164e130754b337e520f285dc670a31241bf657babf0615b8587fbfefe1499576885b43ac62fc7f97a85586168483427072a535f2cac81ec261c00f725de74e48d9a86f7d4a5d28d56ce6d571661dccad7ca6d961f525f799b4517141fc98af0673b8296f867eca1ec07be11bc497a6f7d2b752bcf77c2908b64630ed5a0c2261bc2d5de6ee174534b8dfc0432ab6bbcf296d36807544aa7c3d3301fe227b713a371414c98695e559f9cbf6b046184064a5f24a4cc6f41f21fc24a3ad7d20a89e00a9dc99a40f890869d35fba3ce6f29c661d322ba21c65badf55d1859ea7eabc5717a781f83292a3337d4dddc97f31390bb2addd4581f9e7ef3e2693b46a8fc85be061ce79aa2832c04dc04db8b6536123b24be2ef80eb06b2db900fb30596c1574bda31f81d61ccfd58080d2330b9c7b87b5d17d48c32daffead3414b91603e250eeedc7d65675bca9037426f643797be3e93da96b5643d3feed0b7c885d247c6b830d7cbf3152f27522f5142dcc84a9e48a07518f0142167abf5d6685d09945cbc778bcc3e7dcfac497bc1389a3bafc0d3b51b5a34ab9e5746ae5364ecb6ad9168040388c7640bfa2f886c259718543de7eebf4da8d1c3e76daace5217761d933d06bbe9609fcf5971aa1e77c3123910e72daaa7e4480ab4a8eabaf78a96012a4ada1a9cd217fb2a0da2d521454ea9e8fcd3b5badfd6fd1d13a71345b841d04a02bf441957cd660ba5b4f214eb837fa22be4904f4bf4e6b941103536aebb1fdc8dbcfc8e1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x48) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe80, 0xfffffffffffffff5, &(0x7f0000000980)="b0ff02c66b0d698cb89e2fe088ca1f74ffff10000000636777fbac14140ce000000d46647b7954c4c06b580febc28eb143d0f6c0bad62d67a04402ba4125c7044f63fdb0b6c8ee826b4dfe6042a2f057c66cad677d850ea9928bcfcb47e585e427746ed3b27c40060cbd030a6d675c9926af53cd3085b24f9b7a486775c4f284f8c5a572ca115bce90c0ee9d4e7a07f5f1518092cb1f156694036f6618a59196631e6303fd5307d1112601d3641c9492f7dc3503416836b14590c53b1fc1ac149b70cc1142d6bc57fc3a76839fa2f96878b520fedfb9f64d81584a2e85ab4f6ec718b02d78f2ebf04e6b3b94610a21616181629a03c3dc0bf05e0a71f887833b81db7a10bc53259cb80716f6804934a411d424c1db98d454be1adb2776fdbb92b299d3b80af6987a871b4549fdb4c8297ee31ad925c8b0fb1a9d2589b08ed52602cbc26b56df71201bc4ea8621c56f33d251c1d4589af2dcd78fbb4e34bde02cb3920a30cee9489ee72c3e19304c16c2110e1839712d484b80abe77786a7e2ba834874a4e16b93dd07297554a06c2ad2c906f8ebb1db8730df096709184728d48f0a806696bd0d4b12d0064b933d9675353dae77fe8419451f85da63be78b70ca2a84a77f572d9f289d4313e6f6039fe756ac13a5d08838315dff44cda433cc7bc6b77449f8c", 0x0, 0x2f, 0xe8030000, 0x0, 0xfffffffffffffe2a, &(0x7f0000000000), &(0x7f00000000c0)="c6769e45b7c61302926682c7f9e9bb5ba2b3cdf023e8da0392a4cd62e2370f25ae5ba0dab896bcf5b774cd28bebbde39f796ae27d04582bb7c03e9fe830ea22c9fd03f6d2779515fdad3f5d0de07b7b70996102fdb67b1e77a34a5b7136a212fa2c0ea502588309dc3e42c55a6f93e6ba5e1b492f9db48f0fdd2f9fb937b3e8a63dcf9dd855837433998ba579da27559"}, 0x28) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)) recvmsg(0xffffffffffffffff, &(0x7f0000011040)={&(0x7f0000010bc0)=@can={0x1d, 0x0}, 0x80, &(0x7f0000010f00)=[{&(0x7f0000010c40)=""/122, 0x7a}, {&(0x7f0000010cc0)=""/210, 0xd2}, {&(0x7f0000010dc0)=""/3, 0x3}, {&(0x7f0000010e00)=""/208, 0xd0}], 0x4, &(0x7f0000010f40)=""/236, 0xec}, 0x40002101) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) write$cgroup_int(r4, &(0x7f0000000200), 0x12) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1b, 0x9, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7ff}, [@exit, @jmp={0x5, 0x0, 0xc, 0xb, 0x2, 0x8, 0xffffffffffffffff}, @map_val={0x18, 0xb, 0x2, 0x0, r4, 0x0, 0x0, 0x0, 0x9}, @exit, @exit]}, &(0x7f00000001c0)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x41000, 0x18, [], r3, 0xa, 0xffffffffffffffff, 0x8, &(0x7f0000011080)={0x6, 0x2}, 0x8, 0x10, &(0x7f0000000280)={0x3, 0x3, 0x1, 0x2}, 0x10, 0xffffffffffffffff}, 0x78) 09:05:32 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(0x0, 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:32 executing program 5: syz_usb_connect$cdc_ecm(0x0, 0x98, &(0x7f0000000240)=ANY=[@ANYBLOB="12015002020000102505a1a4400001020301090286"], &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0}) syz_usb_connect$cdc_ecm(0x1, 0x6d, &(0x7f0000000000)={{0x12, 0x1, 0x250, 0x2, 0x0, 0x0, 0xff, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5b, 0x1, 0x1, 0x4, 0x90, 0x4, [{{0x9, 0x4, 0x0, 0x8, 0x3, 0x2, 0x6, 0x0, 0x0, {{0x6, 0x24, 0x6, 0x0, 0x0, "8f"}, {0x5, 0x24, 0x0, 0x1ff}, {0xd, 0x24, 0xf, 0x1, 0x8, 0x1, 0x1, 0xf5}, [@mbim_extended={0x8, 0x24, 0x1c, 0x6, 0x3}, @obex={0x5, 0x24, 0x15, 0x7ff}, @country_functional={0x6, 0x24, 0x7, 0x1b, 0x401}, @mbim={0xc, 0x24, 0x1b, 0x3, 0x3, 0x1, 0x77, 0x1, 0x9}]}, {[], {{0x9, 0x5, 0x82, 0x2, 0x600, 0x1, 0x99, 0xd8}}, {{0x9, 0x5, 0x3, 0x2, 0x270f64bbb882ccfe, 0x3, 0x3f, 0xb1}}}}}]}}]}}, &(0x7f00000004c0)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x110, 0x76, 0x89, 0x57, 0x8}, 0x20, &(0x7f00000000c0)={0x5, 0xf, 0x20, 0x2, [@ext_cap={0x7, 0x10, 0x2, 0x10, 0x0, 0x7, 0x7}, @ss_container_id={0x14, 0x10, 0x4, 0x7, "fc9a1cac1f836d250bf653c4bc8bd5b4"}]}, 0x8, [{0x1b, &(0x7f0000000100)=@string={0x1b, 0x3, "e5c355fdf953baaee21aaa3d76438c66d71fda2d4ac99cf2b7"}}, {0x4, &(0x7f0000000140)=@lang_id={0x4, 0x3, 0x445}}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x3831}}, {0xad, &(0x7f0000000540)=ANY=[@ANYBLOB="ad0351bf56c03977bf9d5d6c61856b43c69110bf0f37fd512d29ea2602570d3b05680000b6f8e9538402230d959c0ba4f483c8dba50d9e67c4e0d773913fabd38becbec9cfeaedce5bcf8f860a4bcde702f454f4de18689c52eb8a64e5dc34c56dd31d10de79bdd02985604da23b3fada662e46ad433cb3882234e9b681782bcfcfbad6d8f730f1fe8ffb41609924cc25200d01c455b7730888c7378fb370130043326fecc6cc5d58eff4d1e5e6cb7cbbaf4c480e85efdf2f5543f01fdf3d03b5a"]}, {0xf7, &(0x7f0000000340)=@string={0xf7, 0x3, "0dd1bf3b910baa0a961b8f8b026532642f153f7b263dcd0a6fddfad734ff53ea9d037c7fe111f9f595ba6a31b4ae363318db90075eaac6226712855596b48a6afe3b803e5ca32f2f49eeceb51a193b03264f5e711c9cdd488bbcbc4f10aaffde74fbe324113c6ca353c8c36fd56e857e1769472da855e179649e54762497490108c90368873835d9dc78043e3ea3ea5b6c24824247cddc6308de83f779c4994f722ec051c28235ca1d2abf9e57b5efc2e0cf72768d42e7f77e6c8c3dca740f652e1a5485a4b96955fb735b636dbb440a350dec0b2ed5eef953c553b9960f6983fba5ff6ceb64903321f4fb47f828aa4f20b0c6cdb2"}}, {0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0x427}}, {0x4, &(0x7f0000000440)=@lang_id={0x4, 0x3, 0xc0a}}, {0x4, &(0x7f0000000480)=@lang_id={0x4}}]}) 09:05:33 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x0, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:33 executing program 0 (fault-call:8 fault-nth:15): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:33 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0xedc0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:33 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xedc0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 609.131563][T11246] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 609.157214][T17702] FAULT_INJECTION: forcing a failure. [ 609.157214][T17702] name failslab, interval 1, probability 0, space 0, times 0 [ 609.170922][T17702] CPU: 0 PID: 17702 Comm: syz-executor.0 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 609.183598][T17702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 609.194689][T17702] Call Trace: [ 609.198363][T17702] dump_stack+0x1dd/0x24e [ 609.203149][T17702] ? devkmsg_release+0x11c/0x11c [ 609.208351][T17702] ? arch_stack_walk+0xf8/0x140 [ 609.213388][T17702] ? show_regs_print_info+0x12/0x12 [ 609.218785][T17702] should_fail+0x6fb/0x860 [ 609.223721][T17702] ? setup_fault_attr+0x3d0/0x3d0 [ 609.229219][T17702] ? p9_client_prepare_req+0xb1/0x7e0 [ 609.236840][T17702] should_failslab+0x5/0x20 [ 609.241897][T17702] kmem_cache_alloc+0x36/0x270 [ 609.247124][T17702] p9_client_prepare_req+0xb1/0x7e0 [ 609.253116][T17702] ? p9_client_create+0x81b/0xb90 [ 609.258522][T17702] ? v9fs_session_init+0x208/0x1a00 [ 609.263843][T17702] ? v9fs_mount+0x7f/0x790 [ 609.268296][T17702] p9_client_rpc+0x12c/0xb80 [ 609.273512][T17702] ? _raw_spin_lock_irqsave+0xf8/0x210 [ 609.280213][T17702] ? p9_fid_create+0x260/0x260 [ 609.285515][T17702] ? __fget+0x37c/0x3c0 [ 609.290833][T17702] ? add_wait_queue+0x77/0x130 [ 609.295701][T17702] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 609.301982][T17702] p9_client_version+0x183/0x700 [ 609.306924][T17702] ? p9_conn_create+0x4a6/0x520 [ 609.311794][T17702] ? p9_fd_create+0x391/0x480 [ 609.316546][T17702] ? p9_client_create+0xb90/0xb90 [ 609.321582][T17702] ? p9_fd_create_unix+0x470/0x470 [ 609.328790][T17702] ? __kmalloc_track_caller+0x20e/0x2c0 [ 609.334409][T17702] ? kmemdup_nul+0x42/0xa0 [ 609.339658][T17702] p9_client_create+0x8e5/0xb90 [ 609.344958][T17702] ? p9_parse_header+0x6b0/0x6b0 [ 609.349982][T17702] ? __kasan_kmalloc+0x189/0x1c0 [ 609.354948][T17702] ? __kmalloc_track_caller+0x20e/0x2c0 [ 609.360690][T17702] ? vfs_get_tree+0x85/0x260 [ 609.365300][T17702] v9fs_session_init+0x208/0x1a00 [ 609.371340][T17702] ? v9fs_show_options+0x530/0x530 [ 609.377679][T17702] ? v9fs_mount+0x5c/0x790 [ 609.382558][T17702] ? kmem_cache_alloc_trace+0xc3/0x290 [ 609.389110][T17702] ? legacy_init_fs_context+0x4d/0xc0 [ 609.394927][T17702] v9fs_mount+0x7f/0x790 [ 609.399273][T17702] ? cap_capable+0x23f/0x280 [ 609.403958][T17702] legacy_get_tree+0xde/0x170 [ 609.408908][T17702] ? iterate_incfs_dir+0x370/0x370 [ 609.414012][T17702] vfs_get_tree+0x85/0x260 [ 609.418426][T17702] do_mount+0x18ab/0x2660 [ 609.422790][T17702] ? copy_mount_string+0x30/0x30 [ 609.427996][T17702] ? page_fault+0x2f/0x40 [ 609.432346][T17702] ? copy_mount_options+0x1e8/0x320 [ 609.438567][T17702] ? copy_mount_options+0x293/0x320 [ 609.444465][T17702] ksys_mount+0xc2/0xf0 [ 609.448621][T17702] __x64_sys_mount+0xb1/0xc0 [ 609.453300][T17702] do_syscall_64+0xcb/0x150 [ 609.457802][T17702] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 609.464248][T17702] RIP: 0033:0x45e219 [ 609.469109][T17702] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 609.490824][T17702] RSP: 002b:00007f0b3fc46c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 609.499934][T17702] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 609.509118][T17702] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 609.517533][T17702] RBP: 00007f0b3fc46ca0 R08: 0000000020000580 R09: 0000000000000000 [ 609.526018][T17702] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000f [ 609.533986][T17702] R13: 00007ffdd10d6f0f R14: 00007f0b3fc479c0 R15: 000000000119c034 [ 609.591558][T11246] usb 6-1: Using ep0 maxpacket: 16 09:05:33 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(0x0, 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) [ 609.751627][T11246] usb 6-1: unable to get BOS descriptor or descriptor too short [ 609.832059][T11246] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 609.843005][T11246] usb 6-1: config 0 has no interfaces? 09:05:33 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x0, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:34 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x1000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:34 executing program 0 (fault-call:8 fault-nth:16): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:34 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0xfeffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 610.001767][T11246] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 610.030509][T11246] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 610.039077][T11246] usb 6-1: Product: syz [ 610.043498][T11246] usb 6-1: Manufacturer: syz [ 610.050136][T11246] usb 6-1: SerialNumber: syz [ 610.063206][T11246] usb 6-1: config 0 descriptor?? [ 610.141646][T17731] FAULT_INJECTION: forcing a failure. [ 610.141646][T17731] name failslab, interval 1, probability 0, space 0, times 0 [ 610.154512][T17731] CPU: 0 PID: 17731 Comm: syz-executor.0 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 610.164747][T17731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 610.175355][T17731] Call Trace: [ 610.179340][T17731] dump_stack+0x1dd/0x24e [ 610.184154][T17731] ? devkmsg_release+0x11c/0x11c [ 610.189269][T17731] ? show_regs_print_info+0x12/0x12 [ 610.194563][T17731] should_fail+0x6fb/0x860 [ 610.199684][T17731] ? setup_fault_attr+0x3d0/0x3d0 [ 610.205062][T17731] ? p9_fcall_init+0x117/0x200 [ 610.210024][T17731] should_failslab+0x5/0x20 [ 610.214698][T17731] __kmalloc+0x5f/0x2d0 [ 610.218878][T17731] p9_fcall_init+0x117/0x200 [ 610.223471][T17731] p9_client_prepare_req+0x10d/0x7e0 [ 610.229100][T17731] ? p9_client_create+0x81b/0xb90 [ 610.234103][T17731] ? v9fs_session_init+0x208/0x1a00 [ 610.240112][T17731] ? v9fs_mount+0x7f/0x790 [ 610.244514][T17731] p9_client_rpc+0x12c/0xb80 [ 610.249283][T17731] ? _raw_spin_lock_irqsave+0xf8/0x210 [ 610.254754][T17731] ? p9_fid_create+0x260/0x260 [ 610.259629][T17731] ? __fget+0x37c/0x3c0 [ 610.263773][T17731] ? add_wait_queue+0x77/0x130 [ 610.268555][T17731] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 610.274365][T17731] p9_client_version+0x183/0x700 [ 610.279485][T17731] ? p9_conn_create+0x4a6/0x520 [ 610.286825][T17731] ? p9_fd_create+0x391/0x480 [ 610.292578][T17731] ? p9_client_create+0xb90/0xb90 [ 610.298243][T17731] ? p9_fd_create_unix+0x470/0x470 [ 610.305291][T17731] ? __kmalloc_track_caller+0x20e/0x2c0 [ 610.310847][T17731] ? kmemdup_nul+0x42/0xa0 [ 610.316077][T17731] p9_client_create+0x8e5/0xb90 [ 610.321471][T17731] ? p9_parse_header+0x6b0/0x6b0 [ 610.326432][T17731] ? __kasan_kmalloc+0x189/0x1c0 [ 610.332151][T17731] ? __kmalloc_track_caller+0x20e/0x2c0 [ 610.333431][T17681] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 610.338191][T17731] ? vfs_get_tree+0x85/0x260 [ 610.351225][T17731] v9fs_session_init+0x208/0x1a00 [ 610.353274][T11246] usb 6-1: USB disconnect, device number 11 [ 610.356450][T17731] ? v9fs_show_options+0x530/0x530 [ 610.356462][T17731] ? v9fs_mount+0x5c/0x790 [ 610.356470][T17731] ? v9fs_mount+0x5c/0x790 [ 610.356480][T17731] ? kmem_cache_alloc_trace+0xc3/0x290 [ 610.356496][T17731] v9fs_mount+0x7f/0x790 [ 610.389915][T17731] ? cap_capable+0x23f/0x280 [ 610.394760][T17731] legacy_get_tree+0xde/0x170 [ 610.399446][T17731] ? iterate_incfs_dir+0x370/0x370 [ 610.405349][T17731] vfs_get_tree+0x85/0x260 [ 610.411059][T17731] do_mount+0x18ab/0x2660 [ 610.415387][T17731] ? copy_mount_string+0x30/0x30 [ 610.420324][T17731] ? page_fault+0x2f/0x40 [ 610.424668][T17731] ? copy_mount_options+0x1e8/0x320 [ 610.430315][T17731] ? copy_mount_options+0x293/0x320 [ 610.435675][T17731] ksys_mount+0xc2/0xf0 [ 610.439932][T17731] __x64_sys_mount+0xb1/0xc0 [ 610.444987][T17731] do_syscall_64+0xcb/0x150 [ 610.449981][T17731] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 610.457592][T17731] RIP: 0033:0x45e219 [ 610.461799][T17731] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 610.483609][T17731] RSP: 002b:00007f0b3fc46c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 610.493386][T17731] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 610.502325][T17731] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 610.513293][T17731] RBP: 00007f0b3fc46ca0 R08: 0000000020000580 R09: 0000000000000000 [ 610.523375][T17731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000010 [ 610.533641][T17731] R13: 00007ffdd10d6f0f R14: 00007f0b3fc479c0 R15: 000000000119c034 09:05:34 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x0, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:34 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x2000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 611.141517][T11246] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 611.381495][T11246] usb 6-1: Using ep0 maxpacket: 16 [ 611.541600][T11246] usb 6-1: unable to get BOS descriptor or descriptor too short [ 611.631612][T11246] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 611.644871][T11246] usb 6-1: config 0 has no interfaces? 09:05:35 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x100000, 0x0) quotactl(0x200, &(0x7f0000000300)='./file0\x00', 0xffffffffffffffff, &(0x7f00000003c0)="0340cac27356b635d5f489bc32804f8bb67eaad5b18df993729398f42ba42c77523d83de9b3394697869ca11c828c43d89644bde0f3773b3078a334e77caf72c172188b9c502e164a65ea4a243568f1a32e769d1ed5b7d626c4c486537357dc2c03a771f5e8bd84f1acb7080ffd347e2c35dfcc2eabe067d7d6d46d174c6eb47856bd51964737f441bfc5ca02154f1615374da598b61b61300761aeca4a8dfa823911175") mount(0x0, &(0x7f0000000080)='.', 0x0, 0x0, 0x0) r0 = socket(0x10, 0x80002, 0x0) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mount$9p_rdma(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x21c24, 0x0) mount(&(0x7f00000001c0)=@filename='./file0\x00', &(0x7f00000000c0)='.', 0x0, 0x33080, 0x0) mount(&(0x7f0000000240)=ANY=[@ANYBLOB="2f2e6d0380f236e9cdc74157b90a574749546b416d6741816204c3940edccbba0000000000000002232aec8bd6469dd8fc50ca8e328b43cadb0654b959c36bfdc6b9ea0ec9eef9c9822093377faf2ae11d470078cfdda729e4133dd928bb8d6399da1f43452fd549e0e0"], &(0x7f0000187ff8)='.', 0x0, 0x5010, 0x0) mount(&(0x7f0000000080), &(0x7f0000000140)='.', 0x0, 0x5110, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000180)='mountinfo\x00') open(&(0x7f00000002c0)='./file0\x00', 0x10000, 0xc) preadv(r2, &(0x7f0000000940)=[{&(0x7f0000000380)=""/57, 0x446}, {&(0x7f00000008c0)=""/106, 0x30}, {&(0x7f00000007c0)=""/242, 0xf2}, {&(0x7f0000001380)=""/239, 0xfc36}], 0xc7, 0x0, 0x0) 09:05:35 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x0, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:35 executing program 0 (fault-call:8 fault-nth:17): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:35 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x1000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:35 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x0, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:35 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x8000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 611.801620][T11246] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 611.811203][T11246] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 611.820553][T11246] usb 6-1: Product: syz [ 611.824761][T11246] usb 6-1: Manufacturer: syz [ 611.829880][T11246] usb 6-1: SerialNumber: syz [ 611.837468][T11246] usb 6-1: config 0 descriptor?? 09:05:35 executing program 5: perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x204, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0xd}, 0x0, 0xffffffff}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x0, &(0x7f0000000880), 0x0, &(0x7f0000000940)={[{@dots='dots'}]}) socket$unix(0x1, 0x0, 0x0) setresuid(0x0, 0x0, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000a00)={0x0, 0x0, 0x0}, 0x0) [ 611.881717][T11246] usb 6-1: can't set config #0, error -71 [ 611.898155][T11246] usb 6-1: USB disconnect, device number 12 [ 611.942725][T17772] FAT-fs (loop5): bogus number of reserved sectors [ 611.948904][T17774] FAULT_INJECTION: forcing a failure. [ 611.948904][T17774] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 611.952013][T17772] FAT-fs (loop5): Can't find a valid FAT filesystem [ 611.963666][T17774] CPU: 0 PID: 17774 Comm: syz-executor.0 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 611.980434][T17774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 611.990490][T17774] Call Trace: [ 611.993798][T17774] dump_stack+0x1dd/0x24e [ 611.998111][T17774] ? devkmsg_release+0x11c/0x11c [ 612.003738][T17774] ? arch_stack_walk+0xf8/0x140 [ 612.008616][T17774] ? show_regs_print_info+0x12/0x12 [ 612.015389][T17774] should_fail+0x6fb/0x860 [ 612.020301][T17774] ? setup_fault_attr+0x3d0/0x3d0 [ 612.026079][T17774] ? preempt_count_add+0x66/0x150 [ 612.031208][T17774] ? unwind_next_frame+0x1aa9/0x1f30 [ 612.037820][T17774] __alloc_pages_nodemask+0x1ee/0x7c0 [ 612.043399][T17774] ? __kasan_kmalloc+0x129/0x1c0 [ 612.048491][T17774] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 612.054920][T17774] ? p9_client_create+0x8e5/0xb90 [ 612.061094][T17774] ? ksys_mount+0xc2/0xf0 [ 612.065420][T17774] ? __x64_sys_mount+0xb1/0xc0 [ 612.070308][T17774] ? do_syscall_64+0xcb/0x150 [ 612.075093][T17774] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 612.081145][T17774] alloc_slab_page+0x3d/0x3f0 [ 612.086645][T17774] new_slab+0x97/0x450 [ 612.090846][T17774] ? check_preemption_disabled+0x15a/0x330 [ 612.096640][T17774] ___slab_alloc+0x2c0/0x450 [ 612.101411][T17774] ? p9_fcall_init+0x117/0x200 [ 612.106287][T17774] __kmalloc+0x2b3/0x2d0 [ 612.111483][T17774] ? p9_fcall_init+0x117/0x200 [ 612.116337][T17774] p9_fcall_init+0x117/0x200 [ 612.121717][T17774] p9_client_prepare_req+0x10d/0x7e0 [ 612.127546][T17774] ? p9_client_create+0x81b/0xb90 [ 612.132649][T17774] ? v9fs_session_init+0x208/0x1a00 [ 612.137930][T17774] ? v9fs_mount+0x7f/0x790 [ 612.142350][T17774] p9_client_rpc+0x12c/0xb80 [ 612.146936][T17774] ? _raw_spin_lock_irqsave+0xf8/0x210 [ 612.153637][T17774] ? p9_fid_create+0x260/0x260 [ 612.158623][T17774] ? __fget+0x37c/0x3c0 [ 612.162773][T17774] ? add_wait_queue+0x77/0x130 [ 612.167615][T17774] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 612.174089][T17774] p9_client_version+0x183/0x700 [ 612.179207][T17774] ? p9_conn_create+0x4a6/0x520 [ 612.185271][T17774] ? p9_fd_create+0x391/0x480 [ 612.190609][T17774] ? p9_client_create+0xb90/0xb90 [ 612.195979][T17774] ? p9_fd_create_unix+0x470/0x470 [ 612.201109][T17774] ? __kmalloc_track_caller+0x20e/0x2c0 [ 612.207213][T17774] ? kmemdup_nul+0x42/0xa0 [ 612.211622][T17774] p9_client_create+0x8e5/0xb90 [ 612.216581][T17774] ? p9_parse_header+0x6b0/0x6b0 [ 612.221522][T17774] ? __kasan_kmalloc+0x189/0x1c0 [ 612.226472][T17774] ? __kmalloc_track_caller+0x20e/0x2c0 [ 612.232216][T17774] ? vfs_get_tree+0x85/0x260 [ 612.236796][T17774] v9fs_session_init+0x208/0x1a00 [ 612.241967][T17774] ? v9fs_show_options+0x530/0x530 [ 612.247074][T17774] ? v9fs_mount+0x5c/0x790 [ 612.251514][T17774] ? kmem_cache_alloc_trace+0xc3/0x290 [ 612.259205][T17774] ? legacy_init_fs_context+0x4d/0xc0 [ 612.264564][T17774] v9fs_mount+0x7f/0x790 [ 612.268797][T17774] ? cap_capable+0x23f/0x280 [ 612.273433][T17774] legacy_get_tree+0xde/0x170 [ 612.278102][T17774] ? iterate_incfs_dir+0x370/0x370 [ 612.283243][T17774] vfs_get_tree+0x85/0x260 [ 612.287747][T17774] do_mount+0x18ab/0x2660 [ 612.292171][T17774] ? copy_mount_string+0x30/0x30 [ 612.297109][T17774] ? page_fault+0x2f/0x40 [ 612.301433][T17774] ? copy_mount_options+0x1e8/0x320 [ 612.306625][T17774] ? copy_mount_options+0x293/0x320 [ 612.311823][T17774] ksys_mount+0xc2/0xf0 [ 612.315994][T17774] __x64_sys_mount+0xb1/0xc0 [ 612.320588][T17774] do_syscall_64+0xcb/0x150 [ 612.325080][T17774] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 612.330957][T17774] RIP: 0033:0x45e219 [ 612.334831][T17774] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 612.355959][T17774] RSP: 002b:00007f0b3fc46c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 612.365416][T17774] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 612.376993][T17774] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 612.385366][T17774] RBP: 00007f0b3fc46ca0 R08: 0000000020000580 R09: 0000000000000000 09:05:36 executing program 5: r0 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r1 = creat(&(0x7f0000000080)='./bus\x00', 0x0) fallocate(r1, 0x0, 0x0, 0x1000f4) fdatasync(r0) write$cgroup_devices(r1, &(0x7f0000000000)={'c', ' *:* ', 'w\x00'}, 0x8) lseek(r0, 0x0, 0x4) [ 612.394622][T17774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000011 [ 612.402578][T17774] R13: 00007ffdd10d6f0f R14: 00007f0b3fc479c0 R15: 000000000119c034 09:05:36 executing program 5: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f00000001c0)='overlay\x00', 0x0, &(0x7f0000000280)={[{@xino_off='xino=off'}, {@workdir={'workdir', 0x3d, './bus/file0'}}, {@index_off='index=off'}, {@nfs_export_on='nfs_export=on'}, {@workdir={'workdir', 0x3d, './file1'}}, {@xino_on='xino=on'}, {@xino_on='xino=on'}], [{@euid_gt={'euid>', 0xee00}}, {@pcr={'pcr', 0x3d, 0x3f}}, {@measure='measure'}, {@mask={'mask', 0x3d, '^MAY_READ'}}, {@uid_lt={'uid<', 0xee01}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'overlay\x00'}}, {@func={'func', 0x3d, 'POLICY_CHECK'}}, {@measure='measure'}, {@dont_appraise='dont_appraise'}]}) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount$overlay(0x400002, &(0x7f0000000000)='./bus\x00', &(0x7f0000000180)='overlay\x00', 0x821, &(0x7f0000000480)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65312c6c400b016f7785726469723d2e2f6275732c776f72696469723d2e2f66696c65302c696e646578"]) umount2(&(0x7f0000000080)='./bus/file0\x00', 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) umount2(&(0x7f0000000140)='./bus\x00', 0x0) 09:05:36 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x72, 0x2, 0x0, 0x0, 0x8}, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000480)="b0a3cdef47f59ec515de0fcb5dfc761cf7120c4312b2054efdc0cf574f65329a05d03a24674b1d94d072b4bd702c576dc1d6e4fef97bdd899d359dadcfe32ba24fb1e152533e4df2c20324dda85d95c102000000d81d2b9bea7f9e468b3da19d62e9913b2f7cd488de25886811470818af91afd3bce1422670d6f2d054d8b16374e3617a22b1c70e7e3104b814e24e6e7b62256ae8faaae5f59f840c029418a34c", 0xffffff47) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x2, 0xbd}, 0x0) mkdir(&(0x7f0000000540)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) symlink(&(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00', &(0x7f00000003c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x5, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x0, 0x20, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) truncate(&(0x7f0000000100)='./file0\x00', 0x0) sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, 0x0, 0x20000010) unlink(&(0x7f0000000040)='./file0\x00') open(&(0x7f00000000c0)='./file0\x00', 0x3fd, 0x8) [ 612.578952][T17792] overlayfs: unrecognized mount option "euid>00000000000000060928" or missing value [ 612.614309][T17794] overlayfs: unrecognized mount option "euid>00000000000000060928" or missing value 09:05:36 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xa000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:36 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x0, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:36 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:36 executing program 0 (fault-call:8 fault-nth:18): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:36 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x2000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 612.960506][T17817] FAULT_INJECTION: forcing a failure. [ 612.960506][T17817] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 612.973854][T17817] CPU: 0 PID: 17817 Comm: syz-executor.0 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 612.984005][T17817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 612.994067][T17817] Call Trace: [ 612.997368][T17817] dump_stack+0x1dd/0x24e [ 613.002021][T17817] ? devkmsg_release+0x11c/0x11c [ 613.007574][T17817] ? show_regs_print_info+0x12/0x12 [ 613.012953][T17817] ? stack_trace_save+0x120/0x1f0 [ 613.018593][T17817] should_fail+0x6fb/0x860 [ 613.023025][T17817] ? setup_fault_attr+0x3d0/0x3d0 [ 613.028068][T17817] ? preempt_count_add+0x66/0x150 [ 613.033192][T17817] ? unwind_next_frame+0x1aa9/0x1f30 [ 613.039182][T17817] __alloc_pages_nodemask+0x1ee/0x7c0 [ 613.044564][T17817] ? p9_fcall_init+0x117/0x200 [ 613.049338][T17817] ? v9fs_session_init+0x208/0x1a00 [ 613.054562][T17817] ? v9fs_mount+0x7f/0x790 [ 613.059350][T17817] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 613.064906][T17817] ? __x64_sys_mount+0xb1/0xc0 [ 613.069772][T17817] alloc_slab_page+0x3d/0x3f0 [ 613.074472][T17817] new_slab+0x97/0x450 [ 613.078575][T17817] ? check_preemption_disabled+0x15a/0x330 [ 613.084603][T17817] ___slab_alloc+0x2c0/0x450 [ 613.089200][T17817] ? p9_fcall_init+0x117/0x200 [ 613.094143][T17817] __kmalloc+0x2b3/0x2d0 [ 613.098568][T17817] ? p9_fcall_init+0x117/0x200 [ 613.103341][T17817] p9_fcall_init+0x117/0x200 [ 613.108204][T17817] p9_client_prepare_req+0x159/0x7e0 [ 613.113508][T17817] ? p9_client_create+0x81b/0xb90 [ 613.118720][T17817] ? v9fs_session_init+0x208/0x1a00 [ 613.124827][T17817] p9_client_rpc+0x12c/0xb80 [ 613.129432][T17817] ? _raw_spin_lock_irqsave+0xf8/0x210 [ 613.135131][T17817] ? p9_fid_create+0x260/0x260 [ 613.139933][T17817] ? __fget+0x37c/0x3c0 [ 613.144177][T17817] ? add_wait_queue+0x77/0x130 [ 613.148935][T17817] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 613.154740][T17817] p9_client_version+0x183/0x700 [ 613.159691][T17817] ? p9_conn_create+0x4a6/0x520 [ 613.164531][T17817] ? p9_fd_create+0x391/0x480 [ 613.169321][T17817] ? p9_client_create+0xb90/0xb90 [ 613.174500][T17817] ? p9_fd_create_unix+0x470/0x470 [ 613.179610][T17817] ? __kmalloc_track_caller+0x20e/0x2c0 [ 613.185136][T17817] ? kmemdup_nul+0x42/0xa0 [ 613.189534][T17817] p9_client_create+0x8e5/0xb90 [ 613.194360][T17817] ? p9_parse_header+0x6b0/0x6b0 [ 613.199290][T17817] ? __kasan_kmalloc+0x189/0x1c0 [ 613.204490][T17817] ? __kmalloc_track_caller+0x20e/0x2c0 09:05:37 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000007, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x1f}, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setxattr$system_posix_acl(&(0x7f0000000580)='./file1\x00', &(0x7f00000005c0)='system.posix_acl_default\x00', &(0x7f0000000c40)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="02000000", @ANYRES32=0x0, @ANYBLOB="040000000000040008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="100000000000000020"], 0x5c, 0x0) mkdir(&(0x7f0000000080)='./file1/file0\x00', 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0xffffffff) setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='overlay\x00', 0x16080a, &(0x7f0000000340)=ANY=[@ANYBLOB="6c6f7765726469723d2e2f66696c65302c6d657461636f70793d6f66662c6d657461636f70793d6f6e2c78696e6f3d6175746f2c726f6f74636f6e746578743d73797374656d5f752c7375626a5f726f6c653d7b2a2c726f6f74636f6e5e95cfa3746578743d756e636f6e66696e65645f752c7365636c6162656c2c736d61636b66736861743d6367726f757032002c00"]) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) [ 613.210074][T17817] ? vfs_get_tree+0x85/0x260 [ 613.214652][T17817] v9fs_session_init+0x208/0x1a00 [ 613.219670][T17817] ? v9fs_show_options+0x530/0x530 [ 613.225296][T17817] ? v9fs_mount+0x5c/0x790 [ 613.229715][T17817] ? kmem_cache_alloc_trace+0xc3/0x290 [ 613.235210][T17817] ? legacy_init_fs_context+0x4d/0xc0 [ 613.240591][T17817] v9fs_mount+0x7f/0x790 [ 613.244948][T17817] ? cap_capable+0x23f/0x280 [ 613.249539][T17817] legacy_get_tree+0xde/0x170 [ 613.254213][T17817] ? iterate_incfs_dir+0x370/0x370 [ 613.259521][T17817] vfs_get_tree+0x85/0x260 [ 613.262779][T17824] overlayfs: conflicting lowerdir path [ 613.263937][T17817] do_mount+0x18ab/0x2660 [ 613.263950][T17817] ? copy_mount_string+0x30/0x30 [ 613.263958][T17817] ? page_fault+0x2f/0x40 [ 613.263974][T17817] ? copy_mount_options+0x1e8/0x320 [ 613.285493][T17824] overlayfs: workdir and upperdir must reside under the same mount [ 613.288158][T17817] ? copy_mount_options+0x293/0x320 [ 613.288168][T17817] ksys_mount+0xc2/0xf0 [ 613.288178][T17817] __x64_sys_mount+0xb1/0xc0 09:05:37 executing program 5: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x200) r2 = epoll_create1(0x0) r3 = epoll_create1(0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) write$cgroup_int(r4, &(0x7f0000000200), 0x12) epoll_wait(r4, &(0x7f0000000040)=[{}, {}], 0x2, 0xfffff800) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r5, 0x40086602, &(0x7f0000000040)=0x4000) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000080)={0x2004}) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000000)={0x60000011}) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) dup3(r6, r3, 0x0) dup(r3) [ 613.288188][T17817] do_syscall_64+0xcb/0x150 [ 613.288204][T17817] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 613.320561][T17817] RIP: 0033:0x45e219 [ 613.324445][T17817] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 613.345298][T17817] RSP: 002b:00007f0b3fc46c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 613.353702][T17817] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 613.361772][T17817] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 613.370172][T17817] RBP: 00007f0b3fc46ca0 R08: 0000000020000580 R09: 0000000000000000 [ 613.378221][T17817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000012 [ 613.386280][T17817] R13: 00007ffdd10d6f0f R14: 00007f0b3fc479c0 R15: 000000000119c034 09:05:37 executing program 5: r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100)='batadv\x00') r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0) sendmsg$BATADV_CMD_GET_NEIGHBORS(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x48, r0, 0x300, 0x70bd2c, 0x25dfdbfe, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xa8c}, @BATADV_ATTR_ISOLATION_MARK={0x8}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xfffffff9}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @link_local}]}, 0x48}, 0x1, 0x0, 0x0, 0xc800}, 0x801) syz_genetlink_get_family_id$mptcp(0x0) 09:05:37 executing program 5: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000000100)='./bus\x00', 0x141042, 0x0) write$FUSE_INIT(r1, &(0x7f0000000280)={0x50}, 0x50) ftruncate(r0, 0x8) fallocate(r1, 0x20, 0x0, 0xfffffeff000) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40086602, &(0x7f0000000040)=0x4000) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000540)=@bpf_lsm={0x1d, 0x7, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}, [@map_val={0x18, 0x4, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0x5}, @map={0x18, 0x4, 0x1, 0x0, r1}]}, &(0x7f0000000240)='GPL\x00', 0xfffffff7, 0x0, 0x0, 0x41100, 0x1b, [], 0x0, 0x1b, r1, 0x8, &(0x7f00000004c0)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000500)={0x3, 0x7, 0xeb, 0xfffffffa}, 0x10, 0xffffffffffffffff}, 0x78) getresgid(0x0, 0x0, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) write$cgroup_int(r3, &(0x7f0000000200), 0x12) syz_mount_image$fuse(&(0x7f0000000000)='fuse\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x188801, &(0x7f0000000300)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB="2c726f6f746d6f64653d303030303030303030c049b6d0da2830303030303030303031303030302c7573c82d017eba0da77d13857585dacb9397d9727bbccd0c3e55967448f22d748047c332cc2af2d3ecaea56e8daa0854bce21119461f7b66407178796b9bc41dce6c636f000fb1a46eeb107e50fd97d4426e66948cf303b8d8960d3c134871d7a3ee9e47a3b9f33b18fb94ee967459d56335d6af60e369d1c829b0510710d93baa8eb8c635aa8741ebb00b168ea4ed08da61b6681acf79472e599e7f50cbfa51d79dbf192d262974d4224023716c1c32e2e36c400d161ad965220b55a1be85a2e8dae914536cedcc2b54d3fb5a761b50", @ANYRESDEC=0xee00, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',allow_other,max_read=0x000000000000005d,pcr=00000000000000000012,euid<', @ANYRESDEC, @ANYBLOB=',obj_user=,\x00']) getsockopt$sock_cred(r1, 0x1, 0x11, 0x0, &(0x7f0000000ac0)) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0xffffffffffffffff, r0, 0x0, 0x3, &(0x7f0000000140)=':%\x00'}, 0x30) fallocate(r1, 0x0, 0x0, 0x10000101) 09:05:37 executing program 5: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0100000000003d20001751ea7900"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYRES64=r2, @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00\r'], 0x28}}, 0x20004001) sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000640)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x3, r4}}, 0x20}}, 0x0) 09:05:37 executing program 5: ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, &(0x7f0000000000)={0x0, 0x401, 0x1f}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x8000011}) write$P9_RWRITE(0xffffffffffffffff, &(0x7f0000000080)={0xb, 0x77, 0x2, 0x8}, 0xb) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x2a002, 0x100) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x7, 0x5, 0x2, 0x6, 0x100, 0xffffffffffffffff, 0x1ff, [], 0x0, r0, 0x5, 0x1, 0x1}, 0x40) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$NL80211_CMD_START_P2P_DEVICE(r2, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, 0x0, 0x20, 0x70bd2b, 0x25dfdbfc, {{}, {@void, @void}}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40040}, 0x1) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r0, &(0x7f0000000240)={0x40000000}) r3 = syz_open_dev$mouse(&(0x7f0000000280)='/dev/input/mouse#\x00', 0x6798, 0x300) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f00000002c0)={0x20000009}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f0000000300)={0xc000200c}) bpf$ITER_CREATE(0x21, &(0x7f0000000340)={r0}, 0x8) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)={0x4, 0x5, 0x8, 0x5, 0x800, r0, 0x4, [], 0x0, r0, 0x1, 0x0, 0x5}, 0x40) r5 = socket$inet_udplite(0x2, 0x2, 0x88) io_uring_register$IORING_REGISTER_FILES_UPDATE(r2, 0x6, &(0x7f0000000400)={0xae, 0x0, &(0x7f00000003c0)=[r4, r3, r5]}, 0x3) r6 = syz_open_dev$vcsu(&(0x7f0000000500)='/dev/vcsu#\x00', 0xf796, 0x100) mount$fuseblk(&(0x7f0000000440)='/dev/loop0\x00', &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='fuseblk\x00', 0x8, &(0x7f0000000540)={{'fd', 0x3d, r6}, 0x2c, {'rootmode'}, 0x2c, {'user_id', 0x3d, 0xee01}, 0x2c, {'group_id', 0x3d, 0xffffffffffffffff}, 0x2c, {[{@allow_other='allow_other'}, {@allow_other='allow_other'}, {@default_permissions='default_permissions'}, {@default_permissions='default_permissions'}, {@blksize={'blksize', 0x3d, 0x2540e364fb37649d}}, {@default_permissions='default_permissions'}, {@allow_other='allow_other'}], [{@uid_eq={'uid', 0x3d, 0xffffffffffffffff}}, {@dont_measure='dont_measure'}, {@appraise_type='appraise_type=imasig'}]}}) r7 = accept$packet(r3, &(0x7f0000000680)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000006c0)=0x14) setsockopt$packet_tx_ring(r7, 0x107, 0xd, &(0x7f0000000700)=@req={0x7, 0x8, 0x1f, 0x4}, 0x10) sendmsg$MPTCP_PM_CMD_GET_LIMITS(r2, &(0x7f0000000840)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x18, 0x0, 0x100, 0x70bd27, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_ADDR={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000880}, 0x4800) 09:05:37 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x10, 0xe, &(0x7f0000000180)=ANY=[@ANYBLOB="b702000000000042bfa30000000000003603000000feffff7a0af0ff1100000079a4f0ff00000000b706000000000081ad64020000000000260404000100ff0f1704000001130a00b7040000050000006a0af2fe00000000850000003f000000b700000000000000950000000000000063e165cd844a954b26c933db8e175e097efb3f55bb2007ee51050512b5b42128aa090a79507df79f2d8129cf487130d5f24bf901115e17392ac66ad029d1c08a2c6146101e04aeacea799a22a2fa798b5adc436b27d53337e5003e4be7f8000000000000dbc2777df150b70639e25b7496cb8dcdd77b85b94109a314fd085f028f2ed1a4535550614e09d6378198a60978670838337af2abd55a87ac0394b2f82ffab7d153d62058d0a413b2173619ccf55520f22c9cb6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0cca00a1efc54fa737c28b994a8512c816fdcceaede3faedc51d29a47ffeffffff00f4c7a53ac271d6d6f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804dc5fa77ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a7c2211fe4fd21a18986252a70f8f92eb6f0e8c7db3503680e5e5971ff4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f8d791fa99dac06b57479321a0574fb304bc2a168aa43328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20faf791ec85821d0c48fb657c29b302b0d2277b44af326f36f3e2c25a61ec45c3af97a8f17da954a9b34f79908755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d1665016ac59de637b30824d822133a7ac7fe13cab6692422a46e9ffe2d4a2d32f7528751313694bf5700b20ef0c248ddd3da3239acad4aff2066bb5d4045c9585638c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c5f1e24d9f679e4fbe948dfb4cc4a389c69608241730459f0123fd383d5612ff0230dc6eb55e9d46de56ef907b059b905c0289afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5826236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb778f54334354ec2697a03aff14a9aa4bd908a99494a65044dd539f5096412b926b2e095b84000243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c3630eeaebde922320178b00cc6ed7966130b547dbf8b497af0a77fbcf2cd1d0000000000000001c80000000000000000000000091bee53595a779d243a48cea769b10424d28804c026ab7f4a0281921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef40662d7836d252c566f5ee8f8a836804ed3a1079b0282a12043408cd600087dc0dd22b634350761b9867682e11d94fff91af19f2f8df175d60a2892e456f5f4042bd13da2022f23daec61854f640f703db027665006e74f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfac92e6de9200000000000000000000000000009ec7eee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009d9c209644bb1cb603cd60a9e241435fe82d5a96b09c68c73de2f04f15d0053875732f2258aea65559eb00e76e9d092a2a60ca770663da451080cc36000906d5a9fad98c308e89bd5ffb6151d79c1cee1cdfba05e3633becd937d7a15762e5f5a3a0bc33fdbe28a0800000000000000c92fe7f791e8f6029309508e5bf024ed8f8a005f2bbf96c89739f5d81e750d50515a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd43758624600e78f4458542b14f29611f95d4a2aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d3fcd116bce9c764c714c9402c21d181aae59efb28d4f91652f6820b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000000000000000000091e12aacf2ed9ee91cc82777c6a0da37e0219260f2944eb77cb7a20ab7ebcc2fbe2a986be27eacc454147267b05cba055cda2a57efefcb9a8761bc052bbb7f513b8c4167245753d31e7c1120a886bdf372ce255ca3c2aa8b0ebe42924db5d6d81e9b1514172e2f3fb1b46a1f7561b65c265b742d792d4f572d860718b5d9e94631657021612f6c974d10769e47575509bfe2d6ffa6cae835b0f492d32d12116c95e0b3b31713c20beae2dd340d7b67c3bed62b682a12363608d736289610fa8eb941d37a850c4f0d6f033f8438b57cedf532ee34e42b4041a682f54dc7b57200762d45724151014b733d497190f9ab3d5bab1f0635025ba9baa3a09b886e08c6bbd6e158f8e1c4ead2dc5bb4e2976a8383d8e415149455dc78439ae1b026ef03dfaa1f197a3b8ee7fcd1e39f5600a5c978584f97df1aed893821775c9b762f5acd2bf9a0eb18215ff90fe336bd75d3e8f704662d4084fa582afdd73d23546ae0abb118bdde3f4d1b661e7937b8631e7439bf23618d3f7ab482dde3249f42e660496098f30e38e152ead80d7291b54da4a3b08b8fd7ddaa830ec5933a0a674334b8d4269e425b9fa0255f3ba988cfd9ae6ed8154b633a0f108f3245d3a0212586e6c5762db4076d9ee42836d3000000000033baf08867c22a29335ab8976219d500961e2d0c1135a510d551ddd2c855a5642fd6539bac21f429e40740cd4c5ba3cb49da499c1a2c6bfb6b0e2e8d168bcb79f8054de46aeaf1d44c1f0958f24a93b88ac8d146afb94977527721e16dcfe4e014ee5a503cfe6ea2ed7fad0e83056941507016489f38643c128f5f37b453d811b185d51bbd08336abed54a0e2419b1a0e53214dd296d152cf82f42472bf1fd52a22efdd111977d3cf6f20e942df77792fda2c99beeef2ed821c64af516ac03585ec43071f5cc6030cf855b7e5d725aa8e9b7bf6d7b27a4e4e2fb2ed2501e5ce4435f8cbc0ad746c1b60d60f23d892939c96f750cd71824142404c26992c49c916b82bbc81c8d93c537c3a08cd58d0b4a64ddf9c55a7506c8cce89ff51c8ad5e63d1e2d1fd945635c130b4ad0dbcead5ec8cb3be6a0a82cef44e31148d94bd7edc9e94a4e295f1743754a5ee9f444a10838f8979c07c8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x1000802}, 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0)='batadv\x00') r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) r4 = socket(0x10, 0x803, 0x4) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x5) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000280)={0x24, r1, 0x711, 0x0, 0x0, {0x8}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r5}]}, 0x24}, 0x1, 0x0, 0x0, 0xc804}, 0x0) [ 613.568705][T17850] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.5'. [ 613.580939][T17851] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.5'. 09:05:37 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x10000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:37 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mkdir(&(0x7f00000003c0)='./bus\x00', 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) bind$unix(r3, &(0x7f0000000140)=@file={0x1, './bus/file0\x00'}, 0x6e) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount$overlay(0x400002, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='upperdir=./file1,lowerdir=./bus,workdir=./file0,nfs_export=on,index=on']) unlink(&(0x7f0000000200)='./bus/file0\x00') fchown(0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = getpgid(0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r5, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setreuid(0x0, r7) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000380)=[{&(0x7f0000000280)=@file={0x1, './bus/file0\x00'}, 0x6e, &(0x7f0000000b00)=[{&(0x7f0000000500)="35d98b4ccb4fd9fb58c7965ddc6d8354a1599b367fcada0f2830d44b096724916fa378ac1c37aac36931e06f2397d50db7597c005834e0c910d87218ce22a1561d6e52cee84ce69a809b06ecf0f83a3bf0d6c9f75e198fb81f5c2cfb9e16fcdf07af2df8fed716d45ffd1a9d7ea22c5f860a2070e6564f2f71c1ba78b656b2590df5338df8af00a6fae5513fc70835d13a9c7add4b3dffa57b336014627be5689ab778d8225aee4aab261bc9d10a2670df9161b1be0f25c7e57d928455dacbe681b942", 0xc3}, {&(0x7f0000000300)="5347b369dc490d49fd667889135f0198aad0bc48d36e9d3601424d375ec8e31f7f2f652dd4112a3540a762e546f8ef5c2b646abf153c54d7966a32151a61a7021faf8c135d1c9948210ac993daff0d96d88b8c97019f0d5507d4a971c3140afbc3d757ed347a259e3fbf3f624c402ec15e8ed5749a75b475f512", 0x7a}, {&(0x7f0000000600)="638c937d7113d6997933312b6f404a72720f12ae4d6c39653237b026b8be37aa64a91db6cd47a1bd2fbed893bde84d0eee1ca6eea04237e42981217bc21a18ffe506936c97c5f77bbd03ad96cc0aa621d1e77a92304112a142f1580c7fe580b7cebf29eaf18c735139851f0dce7d2f81e34cc637446937e5609358b3d4b149db1ddddc9fb3c73e9b34eb379b9efa03be9cff70c968b23bc1914aabb17711fed1a296a5743727acc96b81879b5459e462b5b81d2d292bf9d7d0dc4581cc821a7b26e492b862518709da50e7c8171187063cba01f2f66f4c9c5551dcc88ae7e9248ade42818a34056e9e0d41d171f327d8de4c70270f9061", 0xf7}, {&(0x7f0000000700)="df097ae33c7362a8453e3374a17c0e2fff954e93ceea1d88b5d25dc5e4b5ddce7ff46048cc963ec1e80d06140296419fba05c7125a6e292e832cdefd1becc797e26a036060f92a25c76958d222a608c1562e331b9619581ae75d7d70380f49dfa404b43b5d750a1dce1512cb47fe923a2b94fd55af7716e74fe20a4db86ff05081ff157dab2780ba629a964283d46403bfb739ded2bac1742c0c117582b6528a9e90a9942d90b64c0017c34e037a89997f7cec148bdc1ddf964af06b87c02be667ef350bd2bc850fa668d85046c2a9da02b6615de4cb3a3509599ee0e30c5fb41cce49d053ee8bb60e49a55f4c96aa9e4e424014fa4826228813", 0xfa}, {&(0x7f0000000080)="730cd40e841fa952", 0x8}, {&(0x7f0000000800)="cba08d3d64729e793a866c60293463bfd4aaa9f38addd1e6c569c863ae2f911fa7655f7022014f25f089bef423cba4d49a739a9e16a2a497a78faf38d66f7825f15b83cb32961265d6a2aa66ada127ec84553fcc6c985a7db76891ab12faa6eb9859705409b1427a0b1444feadcf841dcb1b814c307a364361e45235001321339e1c2aab0be82dc9e43fe8628c9a4427a902dccd27ad55857f81d252deb8c055e1c4d208f040b900216a9b50b6ff7731de3059d5ef466ce1a6fe626ccc5a9b46ca87d664bdc1454bf4356d648db5084c47ebd10f36a756018dd768aa3902a917d5bd21dc7c18f79750bac84c8ef0eefb7f77fbe021dde0554fc6533ee6", 0xfd}, {&(0x7f0000000900)="96c03aea9c73f5937062dd030c07a8d92bf5cb8615344fe4fb070986db5019f57737fb30fd642db8aedd7a4f6aeaea93129ed4ac0d78522bed7a70a719ada9e65625a89f0cb4afe5691982d711b4bbe94c01ebe4407690f16f5185e7da10496d2ab7cae0497bc75a1305fc609630825cbef61e5409e680c16f6b5c1195eb916d2bd23084e3721af04928f7ada42a42a55f7c1a4698d27f1033e8a0495cb6bf0b9101d4ff742f6facb4b39d686b36d3a8b25e340a17391f5e04d5a6f8c5c01c4646f1fca1d481819875a454", 0xcb}, {&(0x7f0000000a00)="41ea28d4d58fd3ad12c74a09b3198c0e706be6de2d55e39aab16b9c7b63b64fa76d624e632a392cfa29527fa4ef6dd453cef1343c5ff5baa775fd23bdbdf1b037c7515872cc2aac75a5c83a66eb0c091174f4103451249be0f529a5c64ed521685224e1517de3c5d194a87f8adce3ef5a0f8dcb7fe2142b716a06e2e8f6af03fd032f994f8b0131889bd6988c2d4c7cdb2878ad93e5057dff0cb77dbb1af1b3dcf1e17d3ab54be1a618dc3db69aa8f27502ac11d664156580c704b2e6080dc39c02be1c57046278709c180f861cd1c1c4f3400e3484cdcaa3755b2de4e4eea84a243", 0xe2}], 0x8, &(0x7f0000000c00)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, r4, r1]}}, @cred={{0x1c, 0x1, 0x2, {r5, r7}}}], 0xb8, 0x20000000}], 0x1, 0x10) 09:05:37 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:37 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, 0x0) io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:37 executing program 0 (fault-call:8 fault-nth:19): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:37 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x8000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:37 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="b801000010000d00001c00000000fe22d535c526d135673733c23e505003c5ce2616fbeaa26bb60d3f0898d49e01cd622d482fed227e14be86cfe6403d1421f59cda5447efd2026bab826e771dbea89067d09674597fc1a2359d1b2385f6682cb027d50506d8a780c8700bbba035ead226ad9afd0a6987edfb9cdd57ed2458ff6ef85fc3e31f8de7364d12a75cf99e0a083daddc5c9c5472162e06e7ec7a82ec3b68e169a1a036deb14ed97d8d3a53587b3d97636ebc774c49b38764b76e6c68100b17dcc0b38868cad5ab5c9b1915cd", @ANYRES32=0x0, @ANYBLOB="000000000000000008000f0000000000080004000000000008002e0000000000000021000000000008002500000000000400140008002e000000000008000f00000000005c01188040000180080001000000000005000600000000000800010000000000080001000000000014000500e8edb578885ed000c9a6f57e1febe86905000600000000002000018014000500b1c80f4e1f005af2d3519deb9f329a7a050006000000000020000180080001000000000000000100000000008d0001801400040010ea1ced60b08704f607d7dc90809f3a0000060000000000050006000000000008000100000000001400040047fe4ecee07d4d3c15728dec99a31d0b000004002fafef008049a9227e3114233ac21343000001000018000000000400ec4d9655e80b9784dc36fc8fa8161a42000005006847bcdfbc454cdde089568e61ebb14e8c000180d4fe02005c0000000e000200bd9d00001400040072731e76b116a44d0c695542a23032ea080001000000000014000400787a50e390b2ee724ce2cf5f40355041060002002700000014000500287adaf177f960e1775f5899f48ee52a0800010000000000140005005d1b4fe005bc18976f2f5596115dc13c0800010000000000"], 0x1b8}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000001840)={'batadv0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000001940)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001900)={&(0x7f0000001880)=@bridge_newvlan={0x6c, 0x70, 0x10, 0x70bd29, 0x25dfdbff, {0x7, 0x0, 0x0, r1}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x29, 0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xd}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xc}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xd}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x60}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xd}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x400c0}, 0x4000) [ 613.825466][T17881] netlink: 408 bytes leftover after parsing attributes in process `syz-executor.5'. [ 613.835876][T17881] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=112 sclass=netlink_route_socket pid=17881 comm=syz-executor.5 [ 613.850495][T17888] FAULT_INJECTION: forcing a failure. [ 613.850495][T17888] name failslab, interval 1, probability 0, space 0, times 0 [ 613.859685][T17881] netlink: 408 bytes leftover after parsing attributes in process `syz-executor.5'. 09:05:37 executing program 5: sendmsg$TIPC_NL_NODE_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00022dbd7000ffdbdf250d00000054000380080003000800000008000100030000000800020007000000086202000900000008000300030000000800030093610000080003000600000008000100bc0e0000080001000800000008000200ff03000054000380080003000700000008000300030000000800030080000000080002000100000008000200cc0b0000080003000000b80108000100080000000800020039000000080001003d060000080002005ed637022c000980e837161ead04cc7e0f6b2f4808000100c3000000080002007f00000008000100018000000800020004000000080001000300000094000280080001000500000008000200f3089c6e1c00038008000200000000000800010001000000080001007000000014000380080002001f00000008000200d90e000044000321a6010100ff00000008000100ffff000008000200ee09000008000100010000000800010025000000080001000004000008000100000000000800010000000000e86307900f03c90bd95ea4406de5d48165807a5017b6803fca3baf75c31020e054611c3b5b4b67decd7ac1ad2a81b16926fa889d937b626ef085252da681c1662994980f6ea63129c63dccf739c7493c8229"], 0x17c}, 0x1, 0x0, 0x0, 0x44084}, 0x9010) socketpair$unix(0x1, 0x80003, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f00000037c0)=@file={0x0, './file0\x00'}, 0x6e) r2 = accept4$unix(r0, &(0x7f0000000300), &(0x7f0000000380)=0x6e, 0x800) connect$unix(r2, &(0x7f00000003c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x80, 0x0) connect$unix(r1, &(0x7f0000000100)=@abs, 0x6e) connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e21}, 0x6e) r3 = dup2(r1, r0) bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000440)={0x0, r3}, 0x10) [ 613.863192][T17888] CPU: 0 PID: 17888 Comm: syz-executor.0 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 613.863197][T17888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 613.863201][T17888] Call Trace: [ 613.863219][T17888] dump_stack+0x1dd/0x24e [ 613.863231][T17888] ? devkmsg_release+0x11c/0x11c [ 613.863240][T17888] ? show_regs_print_info+0x12/0x12 [ 613.863259][T17888] should_fail+0x6fb/0x860 [ 613.915772][T17888] ? setup_fault_attr+0x3d0/0x3d0 [ 613.920832][T17888] ? do_mount+0x18ab/0x2660 [ 613.925339][T17888] ? radix_tree_node_alloc+0x194/0x3a0 [ 613.930803][T17888] should_failslab+0x5/0x20 [ 613.935661][T17888] kmem_cache_alloc+0x36/0x270 [ 613.940729][T17888] radix_tree_node_alloc+0x194/0x3a0 [ 613.946021][T17888] idr_get_free+0x2aa/0x880 [ 613.950535][T17888] idr_alloc+0x19f/0x300 [ 613.954783][T17888] ? debug_smp_processor_id+0x20/0x20 [ 613.960246][T17888] ? idr_alloc_u32+0x300/0x300 [ 613.965010][T17888] ? _raw_spin_lock_irq+0xa4/0x1b0 [ 613.970122][T17888] ? __radix_tree_preload+0x2c5/0x310 [ 613.975494][T17888] p9_client_prepare_req+0x396/0x7e0 [ 613.980790][T17888] ? p9_client_create+0x81b/0xb90 [ 613.985817][T17888] ? v9fs_session_init+0x208/0x1a00 [ 613.991026][T17888] p9_client_rpc+0x12c/0xb80 [ 613.995631][T17888] ? _raw_spin_lock_irqsave+0xf8/0x210 [ 614.001118][T17888] ? p9_fid_create+0x260/0x260 [ 614.005972][T17888] ? __fget+0x37c/0x3c0 [ 614.010133][T17888] ? add_wait_queue+0x77/0x130 [ 614.014931][T17888] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 614.020778][T17888] p9_client_version+0x183/0x700 [ 614.025725][T17888] ? p9_conn_create+0x4a6/0x520 [ 614.030600][T17888] ? p9_fd_create+0x391/0x480 [ 614.035541][T17888] ? p9_client_create+0xb90/0xb90 [ 614.040571][T17888] ? p9_fd_create_unix+0x470/0x470 [ 614.045710][T17888] ? __kmalloc_track_caller+0x20e/0x2c0 [ 614.051271][T17888] ? kmemdup_nul+0x42/0xa0 [ 614.055683][T17888] p9_client_create+0x8e5/0xb90 [ 614.060530][T17888] ? p9_parse_header+0x6b0/0x6b0 [ 614.065575][T17888] ? __kasan_kmalloc+0x189/0x1c0 [ 614.072022][T17888] ? __kmalloc_track_caller+0x20e/0x2c0 [ 614.077925][T17888] ? vfs_get_tree+0x85/0x260 [ 614.082509][T17888] v9fs_session_init+0x208/0x1a00 [ 614.087622][T17888] ? v9fs_show_options+0x530/0x530 [ 614.092725][T17888] ? v9fs_mount+0x5c/0x790 [ 614.097783][T17888] ? kmem_cache_alloc_trace+0xc3/0x290 [ 614.103326][T17888] ? legacy_init_fs_context+0x4d/0xc0 [ 614.108755][T17888] v9fs_mount+0x7f/0x790 [ 614.113071][T17888] ? cap_capable+0x23f/0x280 [ 614.117818][T17888] legacy_get_tree+0xde/0x170 09:05:38 executing program 5: sendmsg$TIPC_NL_NODE_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00022dbd7000ffdbdf250d00000054000380080003000800000008000100030000000800020007000000086202000900000008000300030000000800030093610000080003000600000008000100bc0e0000080001000800000008000200ff03000054000380080003000700000008000300030000000800030080000000080002000100000008000200cc0b0000080003000000b80108000100080000000800020039000000080001003d060000080002005ed637022c000980e837161ead04cc7e0f6b2f4808000100c3000000080002007f00000008000100018000000800020004000000080001000300000094000280080001000500000008000200f3089c6e1c00038008000200000000000800010001000000080001007000000014000380080002001f00000008000200d90e000044000321a6010100ff00000008000100ffff000008000200ee09000008000100010000000800010025000000080001000004000008000100000000000800010000000000e86307900f03c90bd95ea4406de5d48165807a5017b6803fca3baf75c31020e054611c3b5b4b67decd7ac1ad2a81b16926fa889d937b626ef085252da681c1662994980f6ea63129c63dccf739c7493c8229"], 0x17c}, 0x1, 0x0, 0x0, 0x44084}, 0x9010) socketpair$unix(0x1, 0x80003, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f00000037c0)=@file={0x0, './file0\x00'}, 0x6e) r2 = accept4$unix(r0, &(0x7f0000000300), &(0x7f0000000380)=0x6e, 0x800) connect$unix(r2, &(0x7f00000003c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x80, 0x0) connect$unix(r1, &(0x7f0000000100)=@abs, 0x6e) connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e21}, 0x6e) r3 = dup2(r1, r0) bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000440)={0x0, r3}, 0x10) [ 614.122503][T17888] ? iterate_incfs_dir+0x370/0x370 [ 614.127593][T17888] vfs_get_tree+0x85/0x260 [ 614.132000][T17888] do_mount+0x18ab/0x2660 [ 614.136342][T17888] ? copy_mount_string+0x30/0x30 [ 614.141433][T17888] ? page_fault+0x2f/0x40 [ 614.145771][T17888] ? copy_mount_options+0x1e8/0x320 [ 614.150984][T17888] ? copy_mount_options+0x293/0x320 [ 614.156220][T17888] ksys_mount+0xc2/0xf0 [ 614.160429][T17888] __x64_sys_mount+0xb1/0xc0 [ 614.165026][T17888] do_syscall_64+0xcb/0x150 [ 614.169549][T17888] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 614.175421][T17888] RIP: 0033:0x45e219 [ 614.179341][T17888] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 614.199302][T17888] RSP: 002b:00007f0b3fc46c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 614.207721][T17888] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 614.215682][T17888] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 09:05:38 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) ioctl$FS_IOC_GETVERSION(r0, 0x80087601, &(0x7f00000002c0)) r2 = syz_open_procfs(0x0, &(0x7f0000001b40)='net/dev_mcast\x00') r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS3\x00', 0x802, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)=0x4000) ioctl$int_out(0xffffffffffffffff, 0x5460, &(0x7f0000000380)) sendfile(r3, r2, 0x0, 0x20000000001000d8) ioctl$BTRFS_IOC_START_SYNC(r2, 0x80089418, &(0x7f0000000180)=0x0) ioctl$BTRFS_IOC_RM_DEV_V2(0xffffffffffffffff, 0x5000943a, &(0x7f0000000a00)={{r1}, r4, 0x14, @unused, @name="f468f6bc79c0bd47713e8ec88564f572175a3e70d9adece3970b355ddc3e0c9379da5ec37e4b6b1a6749a22fb2011dfc8a4cf278b9a3e6578e5a07784b1d0d63d38324280e97c45b9ac881f6c9e92440e45566d6c6aaf7a0a14ff45aa67db4607a05773a70eaa2e5ac2cb8904bb8a41afb9c96af32ddc2f4582e5eff0728e12b37d83b03472080938031cefddf4e312f1f1d6707c3dc6d188c38f5369eb2b18bdd8992d4560148d471a45da80003a4a80b90d03724208d98e3f11a910d3fec7bb14b20eb145d559b0a34a30688ae6e34d48d8ed10bcb7cf3cf1bd0c48755fe055250706b8a2ac2aa82c430c0d39f1030de563ac86e1f16820d67f089dc387c6f9c8f9264e15c78ff08bd102cdec95628785ac84c5945cabda88e08d19f52b1c67b75614f3ff957109063f3958520c29d4af118ac0ea56db3ee667c8fbb9dc2dd96edeee830dd68b75ec6bf909d5661a9c4175057616930c12356bffb2c566a4fd0b0264050c30d99db194bba5d8045046acbef8c64788a1e3c36a1f1ea6e5529b33f0df15c299fb950b11412aa776cd9a3ae44af11a1c1c167b8c56e33ecfdf86cf33584424266edcb6d6ffda79334466c019549625e31d35729ac4024c10d80f25cdbc95d0bc108607f3a3b3df3cd3dbd4241a8a6f4cae529303893a9c97640114599d9a38c25380097d5e2954f5ffdf7d9bc98b485caa036c29adcd8c825e54636872804fc678cdafacf2ecefcad3702b9d67f9b3486c8bca11fb0d94d70e176f8509e36967686bf3e98517f14d4d8d3be87ca5ecb343a94d8e709c7ae53c189a71813d2f5078f86abf23674f1cab072dd8c65578a01ea348190cb63ef315612bad3ca171fb0a2ffb11f446021c881a90e20ffed3ca7a4a4107728f96914bfdec98e6dd8cf93f168df6553f2086be076a6b7c69443802d13582a5f2fb7da3f5cc7d65346d6fd5b89e8af8f58572ce14dd2c9fb2f3ae2083dc0c8157b5cf3ae4ce43c05340443dd0010baf7f8c9dc081c890c0da620001937bf7f41631f1e0515f84588c826874b17f72d18e2dbf8955d784c5cb511a5b271f5cd739547da3c878aae1299fd5a3b44946a9ae07d713075176dac4992954a7ef48bdd6dbb775e8223a4ebddf0d090fc5fa7a75e4782456f04ca5c6ab28945a28f021fa77e1a2729442912f52175b7fec498baa9d7df3218c36f8732e97814f77634cf6ff160673f04426dc1d08a09a844ae6e95ba17a9b0da072d10e2dc58300882be9612e843f60a5e5ff9454d370898a5fc48bc075eb0f7759c1346838158e46e21f1b5e601ce648ee8a4fdfadff3d3e8c8b591619e56ad1e38bc779820b248e4dbe5c2a6fd92741319bf3cd3bd21887b2696c0605e793b71a07ebe238013a102a4664ef38f472a7b693645d951cb4bd129b8d0f8c1b35aa8572a8ae7ee03dd666105e0d3648993fd8f9f1bfe701fe0f27507ca8e473e1cd31071cad1b265f0d48f5cedfd648d50e0cbb80a9bf5cab82fc9d03bf934a1c3cb4bdfa7d6f9c135f35171d588938a08de6de98fea89dd7772986f077b1101e6dcde98c0c1ac7999a17183cebc2668a0ec74839976520ec6a503cb1c2863201583dea2489846abc7f588bb059b8da201793dc386699c96c85a02d36bebbb027ed5bc2b2e80e110f0a26dab9c7d9005c90a48921ad6092c4a1be312bb6558df5ac9e673a5e82f61839f4cb7e6e773592a7836576c1997d2d18d45fdad44500bb373005667e178ce98b1748faa803f2808a9497011b08b6079f5f4add12e6936fff10facb773eda9f5ab01e1930f55898aadee2e28e671d7b36cbeb832c22137528f2cc981233b30e8f66dd2fb79da2b7a220815b4a8d1c21fe7cc5938f61aed9a5e87ebb824d2b549f993e8ef400e2ce64c947166f3eef1ef4ed62c6a6ae50cd665937e8e415b7fabeb07df4944029baff976dbf3fc0540e43481eef5ff323ed64c350618e4f4469aa313bf427aaa86c50061ce72d995a6536f53d03e4a0b926c5ee3ef4dcc0b2b99e80180ee9215002b91cbdda1e57ea5a9ab4b448ace955475503d320a2ecd8061198ad47322a55c22c88bb7fdaf90740ff23406ce90984e6057891934c54aa055902358e5f13b5a6a136d46a39ee9107495f930970830379da4bc90f393086fce9ae6aa93d3fdcec4e7950da79666c191be619242326603a7c26a66c64898babc8e52815f2f54954a6b4f699d3f45c4ac0e8c2e335af3169c1ba1c73835bc73c4c34e1a4cc83e45680395cdc509f01e8673b263e0b0f469d53e771e5955f6cc575053b600cef3790a6504af7dfe613c7121f2d26e90821f6fbf6a40aca561f51473906fec598d821ea20540a20eaead7663734eb8761b6e5110df08a56c9bcb9aa4e12858d1d41370da4772dad6aa839d315808fc0094fbdc09298c9f4e5f17461a2e1a01b0373541ead4d7a85d3d942565e5a7fcd643bae0006ad450435a586998ae3aa25c3299c79d1b0f82d05c13fa57648f43a1f3ba30263e9bc684afd9b3e14095ae280efa41e536d666fdc0538bb1aca20fecb35798ab5a3af5d6f7ea61de754879b68b917bde1ad6805e1b6a47028cffc6af3b07094bc2b64a150dde76209e36ae7382fbbfe68cb377c3953569b9711f49b5fe3d3678b04c40b3b2e6c98854457336397f17c36d9f04ca2daa391509857821064608362e86d3b92f4932dff3ee4b48bcfd4178d41fe97e6880dde1cdc965064628e1a68ebe6574c3f7a6094b638fc7a302bbe58146fb935d8b1a70d14b933edeab780458d5b43655556ea511a14cfe9b43f452e51d88a48f434cc808241a33ee0e8277f1edbb9da3d73739252721a75c08bb41cfddaee6eaaec8bd69ec84adee9ff8ab8d69dc8efbf5fbfbd8522258a21f4bfc04e081452a5884ff26cb64447d834a7f174105347e226c158620c5b548d620246258ea864a07dd95e444d91204ebe904f74e9ccaff70fa6b5a72f1010aa51a76926555342681746f51353fdfaa1fa07b768047803263d04f6405f34683c325cb8557e3a77544a42b1a9777da39e142812a34e89c84e9398b9768b5cdb751b257a0cbc5197edb57be0e27483e5f5819e33f0c54a5f12d442bfc1991a44baf2b767353c855934a6b596d2c13833178413203da9cf25fb4db6e26d11a87b7e8107db4d6d41572c77661777f32cf1d0b035f9391c3ea9aa4b7dc37f47da8b50db088b793fc694a193bab87dd9e3d15ae189b4a754949b18452a9e5c1be59c05f793f1d6740861199265304d452b6547e287588a32ee05d7172b31a277c9c7abe6d1f56c09e42c8a48752bd82f6087029d78bf8b39b45dfb3a08bcf86a00caccc8805147a1ff8ddf9c75ffa9d13e5bc3bcc591258ea040ed963b505ff5e4dd9ec05d652dd7e07d3be157cf274f1a79e1b6f80067b2ddb92d6231974944e026bb4c05c58ab930306cbecc58b5d18f0d5c09d740deae1d2f8f4fcf5f5bd9acb391f3ea697b7cfe9da5ae7b64b45ce90e28228dcc3b4077a3b5dd2c09ee0624d03483cafd207a4c99c98cae5f49ff221cdc01e3f03878f035fa4a76a4fc3c8eecc5f83d77e7d0f2b6b788584a59dfbc3d097b43e461c07bf61f023860e16a54240d0949ae24608a6d4ccf423f579009c043963d214d29d96dc7f3f37f550d3eef948d10d931148bd23a9397bd7345a6baafd355e0c115d421a00ddad79de2953102b6ba668a69986f3a870097754348faba477156ef1081bedd9f4a0b11cf6b5040737d139939d155c93d889806a44dbd0246b1c185711fd2a40d39b9db7293a7dbf3fd2d8f00278e36f6b075e4da653ee54b9b7abf4759273013646377c5f2395f0372fda631f07546d634d2b349c44ebd99bb526de37024daaaa4bbb3f8c5254074dad33a75b7cbfe088ed5816ba9b2f45ca67e3bba429b3d524614ea96caa728017bf0bc8a10ddfb663b59198012746e543c2e4d2220159afa4819d37424773fc0e28920e729a0acc4a90b3229ad6bb820397747e39685ab03a1bf50f01b88415b617a8e9e80f5d53e1b6b7271ff1fafca7659f56fbe361db85716f55dd10795a85edf1087aa75c55ab648a181c3f0229c7b51bb2f04b0a465256ca35aef5ee25e3957dae771ab4142df97504d24a342d7dbf746873fa86ce47f2b0fc06be9a3e43c1dcb79adaa1b192911e93c09964544b38857436e12b83fa3b8efe59531f7759ce32cbec538c3b6030e44b621b5e62494a88c4672de1b722694d89827630f0b0ed92a5e60bc063279cbfade62b6ec48853296182ed52e2fafc82a6192550efa2231277bfabf49f9bafbf6699426a10f425a9ec9b9901dbac59732c643b47858bda7ab4bcfd5b4066efc76cc824c99bd8d1dc9a89adf8dd8ce87015709d1ff731d59f1948d50125952ebbe831cf78a354b99f38ec47b405bd317a7f16ec507dd426e3ae82665be75f2b0f6b19ada72d99cb09f9c8db987fdcba7b2f5a5d0f96c3a9fc2458c417ff6a47d0cbd1b32e52f7f8671a44549af34c224949f3cb93063b10d0bd2597a3c0491f270a68b0bbcf9d50d33af9b4db7f5f0c6f48e7d1c5cffbb4df1efa2a8a9c8c7290c28d04f7978dc7bf3be6da2c81dc124dda006623953383dd25dac3c1ba40a3d39165539b9c0dc945a4a2104c94fec554e8e864ebae9660442bd9665cbeea584928f9077a09a74d18880a33ac2be5d22c1f892f32a23fcf88c9f4ef066529d88e0f714f15e23ab2b8b2b609a8068b222f54bf1d2c17490c793817498e80cae4ff2bb09fe2e95f15914442fbab2587e4d72892a34f8f625f824046ccfe17bb4fc97ba65dd19440b8f806b0db16ff68fd6351b28caab5552cda7c94d3a8e20f8fdd150515df122e3728358db375521a5f57d18356c8e56aa0e1502aa2a77baa034a693aedc83b6cda66cba087722932b974041ae10b40bc8f594ee1550987e4e9258c87e9fa8c851766cf6a0570dcf357a83eb77c2adb2d0a7537559bee5a7a52171f253594a054a8eb5120609208adf0a0da4fff91df5dea80df7f44c2de251d5815814cb936e61cd57b0d05e957fa7856a37b197ed4d7d91805db966f0d5cca1d8e3ae8927becc894eff6d6a729ce76611086a23fc6d0cc589ebd776dd0a34bcf15802de1b46b726dfb26692b887d4c8b1851008f840d718d50ef379b47d5464a716afcb344b50c4c1dda47a7ab702e7c2db7eee25d6eba6cb5030c1c7cef306a2b767c27838732c7632a8cb034cb80a44db2250d11e8cd51700b8ed90b80d54788a0fbfa1d9f09d8ce97dea765ac248261558b6a9c615089e832fb6ed25441248db2c20ea50cc688212a79d5e6415f197fea977fbd36813cbf948104da24c32279f2e6ce21d39525ba8bf08f3a7dc39b0aebb93ccfb1246511e9c420dc27d4fb088a0bcf2e2f312479935ac421eb956540e6461cb4eac53bd0a597a276c98a3ae4a773b10b9b9615ffdf08174c1fa9a51ef45e7dc5ffcaed6eb3b890e7cca208c663213e4d8f1671fbae0a0c6b95f733b87a6bdc7815af9e4762822816e0c7758420cb0a36d225f997849c6280190166d4a19c9ef3133ed5410de1add083fe3eed7dccd01d10276d23beac12a79e1e852949a393718f006adeacb80d7b19caac55ed950e6d267a12946cb7b460ef58fdda2cef8b5c7d214a1e9a96f663b476a029be271fab555a5639c448fbd7cfb793d71a5d7864d2e6421df5d25c"}) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c09425, &(0x7f00000001c0)={"bbf3b00dcfdf037c8d7126aa02232e51", 0x0, r4, {0x6c, 0x3}, {0x3ff, 0x2}, 0x55042e35, [0x8, 0x4, 0x1ff, 0x4, 0x401, 0xfffffffffffffffd, 0x1, 0x7, 0x1000, 0x4, 0xe6cb, 0x20, 0x3, 0xe099, 0x5, 0xf6]}) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0xcd, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc)) futex(&(0x7f0000000100)=0x1, 0x800000000006, 0x0, &(0x7f0000000080)={0x77359400}, 0x0, 0x0) r5 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000000)={{}, {0x0, 0x1c9c380}}, 0x0) write(r2, &(0x7f0000000300)="0ed6f7747cacdbc3a6579d79cdf7fbbef13e098b94c555991c4fbe761f2ac558edc852aa871f688efa9023c2553c425174946ff726317dd4600196bdbfbe767a03f208c9e48432b7b1cb935346d6269d", 0x50) r6 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x10006, 0x80011, r6, 0x0) tkill(r5, 0x1000000000016) [ 614.223715][T17888] RBP: 00007f0b3fc46ca0 R08: 0000000020000580 R09: 0000000000000000 [ 614.231692][T17888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 614.239668][T17888] R13: 00007ffdd10d6f0f R14: 00007f0b3fc479c0 R15: 000000000119c034 09:05:38 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:38 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, 0x0) io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:38 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x20000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:38 executing program 0 (fault-call:8 fault-nth:20): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:38 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0xa000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 614.716358][T17925] FAULT_INJECTION: forcing a failure. [ 614.716358][T17925] name failslab, interval 1, probability 0, space 0, times 0 [ 614.728980][T17925] CPU: 0 PID: 17925 Comm: syz-executor.0 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 614.739309][T17925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 614.749352][T17925] Call Trace: [ 614.752641][T17925] dump_stack+0x1dd/0x24e [ 614.756967][T17925] ? devkmsg_release+0x11c/0x11c [ 614.761903][T17925] ? show_regs_print_info+0x12/0x12 [ 614.767361][T17925] should_fail+0x6fb/0x860 [ 614.771766][T17925] ? setup_fault_attr+0x3d0/0x3d0 [ 614.776794][T17925] ? do_mount+0x18ab/0x2660 [ 614.781299][T17925] ? radix_tree_node_alloc+0x194/0x3a0 [ 614.787105][T17925] should_failslab+0x5/0x20 [ 614.791650][T17925] kmem_cache_alloc+0x36/0x270 [ 614.796520][T17925] radix_tree_node_alloc+0x194/0x3a0 [ 614.801832][T17925] idr_get_free+0x2aa/0x880 [ 614.806385][T17925] idr_alloc+0x19f/0x300 [ 614.810636][T17925] ? debug_smp_processor_id+0x20/0x20 [ 614.816386][T17925] ? idr_alloc_u32+0x300/0x300 [ 614.821157][T17925] ? _raw_spin_lock_irq+0xa4/0x1b0 [ 614.826275][T17925] ? __radix_tree_preload+0x2c5/0x310 [ 614.831646][T17925] p9_client_prepare_req+0x396/0x7e0 [ 614.837285][T17925] ? p9_client_create+0x81b/0xb90 [ 614.842396][T17925] ? v9fs_session_init+0x208/0x1a00 [ 614.847825][T17925] p9_client_rpc+0x12c/0xb80 [ 614.852630][T17925] ? _raw_spin_lock_irqsave+0xf8/0x210 [ 614.858202][T17925] ? p9_fid_create+0x260/0x260 [ 614.863413][T17925] ? __fget+0x37c/0x3c0 [ 614.867601][T17925] ? add_wait_queue+0x77/0x130 [ 614.872993][T17925] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 614.878829][T17925] p9_client_version+0x183/0x700 [ 614.883771][T17925] ? p9_conn_create+0x4a6/0x520 [ 614.888830][T17925] ? p9_fd_create+0x391/0x480 [ 614.893518][T17925] ? p9_client_create+0xb90/0xb90 [ 614.898543][T17925] ? p9_fd_create_unix+0x470/0x470 [ 614.903666][T17925] ? __kmalloc_track_caller+0x20e/0x2c0 [ 614.910149][T17925] ? kmemdup_nul+0x42/0xa0 [ 614.914602][T17925] p9_client_create+0x8e5/0xb90 [ 614.919549][T17925] ? p9_parse_header+0x6b0/0x6b0 [ 614.924670][T17925] ? __kasan_kmalloc+0x189/0x1c0 [ 614.929720][T17925] ? __kmalloc_track_caller+0x20e/0x2c0 [ 614.937706][T17925] ? vfs_get_tree+0x85/0x260 [ 614.943810][T17925] v9fs_session_init+0x208/0x1a00 [ 614.949430][T17925] ? v9fs_show_options+0x530/0x530 [ 614.955094][T17925] ? v9fs_mount+0x5c/0x790 [ 614.960513][T17925] ? kmem_cache_alloc_trace+0xc3/0x290 [ 614.966537][T17925] ? legacy_init_fs_context+0x4d/0xc0 [ 614.972112][T17925] v9fs_mount+0x7f/0x790 [ 614.976456][T17925] ? cap_capable+0x23f/0x280 [ 614.982025][T17925] legacy_get_tree+0xde/0x170 [ 614.986934][T17925] ? iterate_incfs_dir+0x370/0x370 [ 614.992032][T17925] vfs_get_tree+0x85/0x260 [ 614.996437][T17925] do_mount+0x18ab/0x2660 [ 615.000753][T17925] ? copy_mount_string+0x30/0x30 [ 615.005683][T17925] ? page_fault+0x2f/0x40 [ 615.010306][T17925] ? copy_mount_options+0x1e8/0x320 [ 615.016394][T17925] ? copy_mount_options+0x293/0x320 [ 615.021964][T17925] ksys_mount+0xc2/0xf0 [ 615.026125][T17925] __x64_sys_mount+0xb1/0xc0 [ 615.031147][T17925] do_syscall_64+0xcb/0x150 [ 615.035644][T17925] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 615.041773][T17925] RIP: 0033:0x45e219 [ 615.045713][T17925] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 615.065568][T17925] RSP: 002b:00007f0b3fc46c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 615.074214][T17925] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 615.084176][T17925] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 615.092741][T17925] RBP: 00007f0b3fc46ca0 R08: 0000000020000580 R09: 0000000000000000 [ 615.100735][T17925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 615.108716][T17925] R13: 00007ffdd10d6f0f R14: 00007f0b3fc479c0 R15: 000000000119c034 09:05:39 executing program 0 (fault-call:8 fault-nth:21): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:39 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x10000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:39 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x20100000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:39 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x0, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:39 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, 0x0) io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) [ 615.586539][T17958] FAULT_INJECTION: forcing a failure. [ 615.586539][T17958] name failslab, interval 1, probability 0, space 0, times 0 [ 615.599548][T17958] CPU: 1 PID: 17958 Comm: syz-executor.0 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 615.610428][T17958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 615.620575][T17958] Call Trace: [ 615.623858][T17958] dump_stack+0x1dd/0x24e [ 615.628167][T17958] ? devkmsg_release+0x11c/0x11c [ 615.633088][T17958] ? show_regs_print_info+0x12/0x12 [ 615.638334][T17958] should_fail+0x6fb/0x860 [ 615.642930][T17958] ? setup_fault_attr+0x3d0/0x3d0 [ 615.648076][T17958] ? do_mount+0x18ab/0x2660 [ 615.652577][T17958] ? radix_tree_node_alloc+0x194/0x3a0 [ 615.662761][T17958] should_failslab+0x5/0x20 [ 615.667384][T17958] kmem_cache_alloc+0x36/0x270 [ 615.672162][T17958] radix_tree_node_alloc+0x194/0x3a0 [ 615.677559][T17958] idr_get_free+0x2aa/0x880 [ 615.682104][T17958] idr_alloc+0x19f/0x300 [ 615.686355][T17958] ? debug_smp_processor_id+0x20/0x20 [ 615.691739][T17958] ? idr_alloc_u32+0x300/0x300 [ 615.696507][T17958] ? _raw_spin_lock_irq+0xa4/0x1b0 [ 615.701671][T17958] ? __radix_tree_preload+0x2c5/0x310 [ 615.707050][T17958] p9_client_prepare_req+0x396/0x7e0 [ 615.712341][T17958] ? p9_client_create+0x81b/0xb90 [ 615.717365][T17958] ? v9fs_session_init+0x208/0x1a00 [ 615.722567][T17958] p9_client_rpc+0x12c/0xb80 [ 615.727169][T17958] ? _raw_spin_lock_irqsave+0xf8/0x210 [ 615.732629][T17958] ? p9_fid_create+0x260/0x260 [ 615.737398][T17958] ? __fget+0x37c/0x3c0 [ 615.741577][T17958] ? add_wait_queue+0x77/0x130 [ 615.746345][T17958] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 615.752155][T17958] p9_client_version+0x183/0x700 [ 615.757097][T17958] ? p9_conn_create+0x4a6/0x520 [ 615.761956][T17958] ? p9_fd_create+0x391/0x480 [ 615.766662][T17958] ? p9_client_create+0xb90/0xb90 [ 615.772597][T17958] ? p9_fd_create_unix+0x470/0x470 [ 615.777742][T17958] ? __kmalloc_track_caller+0x20e/0x2c0 [ 615.783292][T17958] ? kmemdup_nul+0x42/0xa0 [ 615.788171][T17958] p9_client_create+0x8e5/0xb90 [ 615.793047][T17958] ? p9_parse_header+0x6b0/0x6b0 [ 615.798075][T17958] ? __kasan_kmalloc+0x189/0x1c0 [ 615.803088][T17958] ? __kmalloc_track_caller+0x20e/0x2c0 [ 615.808767][T17958] ? vfs_get_tree+0x85/0x260 [ 615.813458][T17958] v9fs_session_init+0x208/0x1a00 [ 615.818773][T17958] ? v9fs_show_options+0x530/0x530 [ 615.824319][T17958] ? v9fs_mount+0x5c/0x790 [ 615.828736][T17958] ? kmem_cache_alloc_trace+0xc3/0x290 [ 615.834188][T17958] ? legacy_init_fs_context+0x4d/0xc0 [ 615.839632][T17958] v9fs_mount+0x7f/0x790 [ 615.844070][T17958] ? cap_capable+0x23f/0x280 [ 615.848655][T17958] legacy_get_tree+0xde/0x170 [ 615.854386][T17958] ? iterate_incfs_dir+0x370/0x370 [ 615.859486][T17958] vfs_get_tree+0x85/0x260 [ 615.863964][T17958] do_mount+0x18ab/0x2660 [ 615.868676][T17958] ? copy_mount_string+0x30/0x30 [ 615.874004][T17958] ? page_fault+0x2f/0x40 [ 615.878876][T17958] ? copy_mount_options+0x1e8/0x320 [ 615.884417][T17958] ? copy_mount_options+0x293/0x320 [ 615.890741][T17958] ksys_mount+0xc2/0xf0 [ 615.895274][T17958] __x64_sys_mount+0xb1/0xc0 [ 615.899848][T17958] do_syscall_64+0xcb/0x150 [ 615.904334][T17958] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 615.911121][T17958] RIP: 0033:0x45e219 [ 615.914993][T17958] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 615.934575][T17958] RSP: 002b:00007f0b3fc46c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 615.943076][T17958] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 615.951411][T17958] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 615.959371][T17958] RBP: 00007f0b3fc46ca0 R08: 0000000020000580 R09: 0000000000000000 [ 615.967335][T17958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 615.975333][T17958] R13: 00007ffdd10d6f0f R14: 00007f0b3fc479c0 R15: 000000000119c034 09:05:40 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x0, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:41 executing program 0 (fault-call:8 fault-nth:22): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:41 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x0, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:41 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x20000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:41 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x22000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:41 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) ioctl$FS_IOC_GETVERSION(r0, 0x80087601, &(0x7f00000002c0)) r2 = syz_open_procfs(0x0, &(0x7f0000001b40)='net/dev_mcast\x00') r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS3\x00', 0x802, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)=0x4000) ioctl$int_out(0xffffffffffffffff, 0x5460, &(0x7f0000000380)) sendfile(r3, r2, 0x0, 0x20000000001000d8) ioctl$BTRFS_IOC_START_SYNC(r2, 0x80089418, &(0x7f0000000180)=0x0) ioctl$BTRFS_IOC_RM_DEV_V2(0xffffffffffffffff, 0x5000943a, &(0x7f0000000a00)={{r1}, r4, 0x14, @unused, @name="f468f6bc79c0bd47713e8ec88564f572175a3e70d9adece3970b355ddc3e0c9379da5ec37e4b6b1a6749a22fb2011dfc8a4cf278b9a3e6578e5a07784b1d0d63d38324280e97c45b9ac881f6c9e92440e45566d6c6aaf7a0a14ff45aa67db4607a05773a70eaa2e5ac2cb8904bb8a41afb9c96af32ddc2f4582e5eff0728e12b37d83b03472080938031cefddf4e312f1f1d6707c3dc6d188c38f5369eb2b18bdd8992d4560148d471a45da80003a4a80b90d03724208d98e3f11a910d3fec7bb14b20eb145d559b0a34a30688ae6e34d48d8ed10bcb7cf3cf1bd0c48755fe055250706b8a2ac2aa82c430c0d39f1030de563ac86e1f16820d67f089dc387c6f9c8f9264e15c78ff08bd102cdec95628785ac84c5945cabda88e08d19f52b1c67b75614f3ff957109063f3958520c29d4af118ac0ea56db3ee667c8fbb9dc2dd96edeee830dd68b75ec6bf909d5661a9c4175057616930c12356bffb2c566a4fd0b0264050c30d99db194bba5d8045046acbef8c64788a1e3c36a1f1ea6e5529b33f0df15c299fb950b11412aa776cd9a3ae44af11a1c1c167b8c56e33ecfdf86cf33584424266edcb6d6ffda79334466c019549625e31d35729ac4024c10d80f25cdbc95d0bc108607f3a3b3df3cd3dbd4241a8a6f4cae529303893a9c97640114599d9a38c25380097d5e2954f5ffdf7d9bc98b485caa036c29adcd8c825e54636872804fc678cdafacf2ecefcad3702b9d67f9b3486c8bca11fb0d94d70e176f8509e36967686bf3e98517f14d4d8d3be87ca5ecb343a94d8e709c7ae53c189a71813d2f5078f86abf23674f1cab072dd8c65578a01ea348190cb63ef315612bad3ca171fb0a2ffb11f446021c881a90e20ffed3ca7a4a4107728f96914bfdec98e6dd8cf93f168df6553f2086be076a6b7c69443802d13582a5f2fb7da3f5cc7d65346d6fd5b89e8af8f58572ce14dd2c9fb2f3ae2083dc0c8157b5cf3ae4ce43c05340443dd0010baf7f8c9dc081c890c0da620001937bf7f41631f1e0515f84588c826874b17f72d18e2dbf8955d784c5cb511a5b271f5cd739547da3c878aae1299fd5a3b44946a9ae07d713075176dac4992954a7ef48bdd6dbb775e8223a4ebddf0d090fc5fa7a75e4782456f04ca5c6ab28945a28f021fa77e1a2729442912f52175b7fec498baa9d7df3218c36f8732e97814f77634cf6ff160673f04426dc1d08a09a844ae6e95ba17a9b0da072d10e2dc58300882be9612e843f60a5e5ff9454d370898a5fc48bc075eb0f7759c1346838158e46e21f1b5e601ce648ee8a4fdfadff3d3e8c8b591619e56ad1e38bc779820b248e4dbe5c2a6fd92741319bf3cd3bd21887b2696c0605e793b71a07ebe238013a102a4664ef38f472a7b693645d951cb4bd129b8d0f8c1b35aa8572a8ae7ee03dd666105e0d3648993fd8f9f1bfe701fe0f27507ca8e473e1cd31071cad1b265f0d48f5cedfd648d50e0cbb80a9bf5cab82fc9d03bf934a1c3cb4bdfa7d6f9c135f35171d588938a08de6de98fea89dd7772986f077b1101e6dcde98c0c1ac7999a17183cebc2668a0ec74839976520ec6a503cb1c2863201583dea2489846abc7f588bb059b8da201793dc386699c96c85a02d36bebbb027ed5bc2b2e80e110f0a26dab9c7d9005c90a48921ad6092c4a1be312bb6558df5ac9e673a5e82f61839f4cb7e6e773592a7836576c1997d2d18d45fdad44500bb373005667e178ce98b1748faa803f2808a9497011b08b6079f5f4add12e6936fff10facb773eda9f5ab01e1930f55898aadee2e28e671d7b36cbeb832c22137528f2cc981233b30e8f66dd2fb79da2b7a220815b4a8d1c21fe7cc5938f61aed9a5e87ebb824d2b549f993e8ef400e2ce64c947166f3eef1ef4ed62c6a6ae50cd665937e8e415b7fabeb07df4944029baff976dbf3fc0540e43481eef5ff323ed64c350618e4f4469aa313bf427aaa86c50061ce72d995a6536f53d03e4a0b926c5ee3ef4dcc0b2b99e80180ee9215002b91cbdda1e57ea5a9ab4b448ace955475503d320a2ecd8061198ad47322a55c22c88bb7fdaf90740ff23406ce90984e6057891934c54aa055902358e5f13b5a6a136d46a39ee9107495f930970830379da4bc90f393086fce9ae6aa93d3fdcec4e7950da79666c191be619242326603a7c26a66c64898babc8e52815f2f54954a6b4f699d3f45c4ac0e8c2e335af3169c1ba1c73835bc73c4c34e1a4cc83e45680395cdc509f01e8673b263e0b0f469d53e771e5955f6cc575053b600cef3790a6504af7dfe613c7121f2d26e90821f6fbf6a40aca561f51473906fec598d821ea20540a20eaead7663734eb8761b6e5110df08a56c9bcb9aa4e12858d1d41370da4772dad6aa839d315808fc0094fbdc09298c9f4e5f17461a2e1a01b0373541ead4d7a85d3d942565e5a7fcd643bae0006ad450435a586998ae3aa25c3299c79d1b0f82d05c13fa57648f43a1f3ba30263e9bc684afd9b3e14095ae280efa41e536d666fdc0538bb1aca20fecb35798ab5a3af5d6f7ea61de754879b68b917bde1ad6805e1b6a47028cffc6af3b07094bc2b64a150dde76209e36ae7382fbbfe68cb377c3953569b9711f49b5fe3d3678b04c40b3b2e6c98854457336397f17c36d9f04ca2daa391509857821064608362e86d3b92f4932dff3ee4b48bcfd4178d41fe97e6880dde1cdc965064628e1a68ebe6574c3f7a6094b638fc7a302bbe58146fb935d8b1a70d14b933edeab780458d5b43655556ea511a14cfe9b43f452e51d88a48f434cc808241a33ee0e8277f1edbb9da3d73739252721a75c08bb41cfddaee6eaaec8bd69ec84adee9ff8ab8d69dc8efbf5fbfbd8522258a21f4bfc04e081452a5884ff26cb64447d834a7f174105347e226c158620c5b548d620246258ea864a07dd95e444d91204ebe904f74e9ccaff70fa6b5a72f1010aa51a76926555342681746f51353fdfaa1fa07b768047803263d04f6405f34683c325cb8557e3a77544a42b1a9777da39e142812a34e89c84e9398b9768b5cdb751b257a0cbc5197edb57be0e27483e5f5819e33f0c54a5f12d442bfc1991a44baf2b767353c855934a6b596d2c13833178413203da9cf25fb4db6e26d11a87b7e8107db4d6d41572c77661777f32cf1d0b035f9391c3ea9aa4b7dc37f47da8b50db088b793fc694a193bab87dd9e3d15ae189b4a754949b18452a9e5c1be59c05f793f1d6740861199265304d452b6547e287588a32ee05d7172b31a277c9c7abe6d1f56c09e42c8a48752bd82f6087029d78bf8b39b45dfb3a08bcf86a00caccc8805147a1ff8ddf9c75ffa9d13e5bc3bcc591258ea040ed963b505ff5e4dd9ec05d652dd7e07d3be157cf274f1a79e1b6f80067b2ddb92d6231974944e026bb4c05c58ab930306cbecc58b5d18f0d5c09d740deae1d2f8f4fcf5f5bd9acb391f3ea697b7cfe9da5ae7b64b45ce90e28228dcc3b4077a3b5dd2c09ee0624d03483cafd207a4c99c98cae5f49ff221cdc01e3f03878f035fa4a76a4fc3c8eecc5f83d77e7d0f2b6b788584a59dfbc3d097b43e461c07bf61f023860e16a54240d0949ae24608a6d4ccf423f579009c043963d214d29d96dc7f3f37f550d3eef948d10d931148bd23a9397bd7345a6baafd355e0c115d421a00ddad79de2953102b6ba668a69986f3a870097754348faba477156ef1081bedd9f4a0b11cf6b5040737d139939d155c93d889806a44dbd0246b1c185711fd2a40d39b9db7293a7dbf3fd2d8f00278e36f6b075e4da653ee54b9b7abf4759273013646377c5f2395f0372fda631f07546d634d2b349c44ebd99bb526de37024daaaa4bbb3f8c5254074dad33a75b7cbfe088ed5816ba9b2f45ca67e3bba429b3d524614ea96caa728017bf0bc8a10ddfb663b59198012746e543c2e4d2220159afa4819d37424773fc0e28920e729a0acc4a90b3229ad6bb820397747e39685ab03a1bf50f01b88415b617a8e9e80f5d53e1b6b7271ff1fafca7659f56fbe361db85716f55dd10795a85edf1087aa75c55ab648a181c3f0229c7b51bb2f04b0a465256ca35aef5ee25e3957dae771ab4142df97504d24a342d7dbf746873fa86ce47f2b0fc06be9a3e43c1dcb79adaa1b192911e93c09964544b38857436e12b83fa3b8efe59531f7759ce32cbec538c3b6030e44b621b5e62494a88c4672de1b722694d89827630f0b0ed92a5e60bc063279cbfade62b6ec48853296182ed52e2fafc82a6192550efa2231277bfabf49f9bafbf6699426a10f425a9ec9b9901dbac59732c643b47858bda7ab4bcfd5b4066efc76cc824c99bd8d1dc9a89adf8dd8ce87015709d1ff731d59f1948d50125952ebbe831cf78a354b99f38ec47b405bd317a7f16ec507dd426e3ae82665be75f2b0f6b19ada72d99cb09f9c8db987fdcba7b2f5a5d0f96c3a9fc2458c417ff6a47d0cbd1b32e52f7f8671a44549af34c224949f3cb93063b10d0bd2597a3c0491f270a68b0bbcf9d50d33af9b4db7f5f0c6f48e7d1c5cffbb4df1efa2a8a9c8c7290c28d04f7978dc7bf3be6da2c81dc124dda006623953383dd25dac3c1ba40a3d39165539b9c0dc945a4a2104c94fec554e8e864ebae9660442bd9665cbeea584928f9077a09a74d18880a33ac2be5d22c1f892f32a23fcf88c9f4ef066529d88e0f714f15e23ab2b8b2b609a8068b222f54bf1d2c17490c793817498e80cae4ff2bb09fe2e95f15914442fbab2587e4d72892a34f8f625f824046ccfe17bb4fc97ba65dd19440b8f806b0db16ff68fd6351b28caab5552cda7c94d3a8e20f8fdd150515df122e3728358db375521a5f57d18356c8e56aa0e1502aa2a77baa034a693aedc83b6cda66cba087722932b974041ae10b40bc8f594ee1550987e4e9258c87e9fa8c851766cf6a0570dcf357a83eb77c2adb2d0a7537559bee5a7a52171f253594a054a8eb5120609208adf0a0da4fff91df5dea80df7f44c2de251d5815814cb936e61cd57b0d05e957fa7856a37b197ed4d7d91805db966f0d5cca1d8e3ae8927becc894eff6d6a729ce76611086a23fc6d0cc589ebd776dd0a34bcf15802de1b46b726dfb26692b887d4c8b1851008f840d718d50ef379b47d5464a716afcb344b50c4c1dda47a7ab702e7c2db7eee25d6eba6cb5030c1c7cef306a2b767c27838732c7632a8cb034cb80a44db2250d11e8cd51700b8ed90b80d54788a0fbfa1d9f09d8ce97dea765ac248261558b6a9c615089e832fb6ed25441248db2c20ea50cc688212a79d5e6415f197fea977fbd36813cbf948104da24c32279f2e6ce21d39525ba8bf08f3a7dc39b0aebb93ccfb1246511e9c420dc27d4fb088a0bcf2e2f312479935ac421eb956540e6461cb4eac53bd0a597a276c98a3ae4a773b10b9b9615ffdf08174c1fa9a51ef45e7dc5ffcaed6eb3b890e7cca208c663213e4d8f1671fbae0a0c6b95f733b87a6bdc7815af9e4762822816e0c7758420cb0a36d225f997849c6280190166d4a19c9ef3133ed5410de1add083fe3eed7dccd01d10276d23beac12a79e1e852949a393718f006adeacb80d7b19caac55ed950e6d267a12946cb7b460ef58fdda2cef8b5c7d214a1e9a96f663b476a029be271fab555a5639c448fbd7cfb793d71a5d7864d2e6421df5d25c"}) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c09425, &(0x7f00000001c0)={"bbf3b00dcfdf037c8d7126aa02232e51", 0x0, r4, {0x6c, 0x3}, {0x3ff, 0x2}, 0x55042e35, [0x8, 0x4, 0x1ff, 0x4, 0x401, 0xfffffffffffffffd, 0x1, 0x7, 0x1000, 0x4, 0xe6cb, 0x20, 0x3, 0xe099, 0x5, 0xf6]}) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0xcd, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc)) futex(&(0x7f0000000100)=0x1, 0x800000000006, 0x0, &(0x7f0000000080)={0x77359400}, 0x0, 0x0) r5 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000000)={{}, {0x0, 0x1c9c380}}, 0x0) write(r2, &(0x7f0000000300)="0ed6f7747cacdbc3a6579d79cdf7fbbef13e098b94c555991c4fbe761f2ac558edc852aa871f688efa9023c2553c425174946ff726317dd4600196bdbfbe767a03f208c9e48432b7b1cb935346d6269d", 0x50) r6 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x10006, 0x80011, r6, 0x0) tkill(r5, 0x1000000000016) 09:05:41 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)) io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:41 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) 09:05:41 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) 09:05:41 executing program 5: munmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000) munlock(&(0x7f0000ffd000/0x2000)=nil, 0x2000) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800dab300000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) timer_create(0x0, &(0x7f0000000080)={0x0, 0x12}, &(0x7f0000000200)) clock_gettime(0x0, &(0x7f00000001c0)={0x0}) timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {r1}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x0, 0x0) readv(r3, &(0x7f0000000100)=[{&(0x7f00000000c0)=""/28, 0x4}], 0x1) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9) 09:05:41 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) 09:05:41 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:41 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:42 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:42 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:42 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:42 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x40000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:42 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x20100000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:42 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)) io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:42 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540), 0x0, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:42 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:42 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540), 0x0, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:42 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540), 0x0, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:42 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540), 0x0, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:42 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) 09:05:43 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x2, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:43 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(0x0, 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:43 executing program 5: r0 = open(&(0x7f0000000080)='./bus\x00', 0xa0840, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) r1 = creat(&(0x7f0000000000)='./bus\x00', 0x100) fcntl$setstatus(r1, 0x4, 0x6100) ftruncate(r1, 0x8200) write$cgroup_type(r1, &(0x7f0000000200)='threaded\x00', 0x175d900f) recvmmsg(0xffffffffffffffff, &(0x7f0000005280)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40086602, &(0x7f0000000040)=0x4000) fremovexattr(r2, &(0x7f0000000040)=@random={'system.', 'threaded\x00'}) madvise(&(0x7f0000003000/0x4000)=nil, 0x4000, 0x9) 09:05:43 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x8cffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:43 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x22000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:43 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)) io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:43 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x40719, 0x7fff}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events\x00', 0x7a05, 0x1700) openat$cgroup_ro(r0, 0x0, 0x0, 0x0) r2 = getpid() perf_event_open(&(0x7f0000000340)={0x1, 0x70, 0x1f, 0xa6, 0x2, 0x7, 0x0, 0x1fe, 0x2008c, 0x9, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, @perf_bp={0x0}, 0x40000, 0x0, 0x0, 0x7, 0x0, 0x0, 0x400}, r2, 0x0, 0xffffffffffffffff, 0x8) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.swap.current\x00', 0x26e1, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10d, 0xb, &(0x7f0000000000)=r3, 0x4) ioctl$PERF_EVENT_IOC_QUERY_BPF(r3, 0xc008240a, &(0x7f0000000400)=ANY=[]) perf_event_open(&(0x7f0000000380)={0x0, 0x70, 0x0, 0xfa, 0x7f, 0x0, 0x0, 0x7, 0x900, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x2, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000280), 0x7}, 0x4000, 0x6c34, 0x3f, 0x0, 0x2}, r2, 0xb, r3, 0xa) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000240)=0xffff) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0x8}, 0x0, 0x0, 0xfffffffd, 0x0, 0x9, 0x2}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40305829, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)=0x4000) close(0xffffffffffffffff) close(r0) close(r1) 09:05:43 executing program 5: ioctl$CHAR_RAW_BSZSET(0xffffffffffffffff, 0x40081271, &(0x7f00000000c0)=0x401) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000012c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x590, 0x7, 0xffffffff, 0x0, 0x0, 0x10000000, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$packet(0x11, 0x3, 0x300) socket$inet_tcp(0x2, 0x1, 0x0) pipe2(&(0x7f0000000000), 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0x0, 0x1}, 0x6) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) getsockopt$IP_VS_SO_GET_VERSION(r2, 0x0, 0x480, &(0x7f0000000040), &(0x7f0000000080)=0x40) r3 = fcntl$dupfd(r1, 0x0, r1) dup3(r3, r0, 0x0) 09:05:43 executing program 5: pipe(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000040)=[{&(0x7f0000000140)="18", 0xffffffffffffff6c}, {&(0x7f0000000000)="e5", 0xfffffe6d}], 0x2, 0x0) close(r1) r2 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x5}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001e001fff00cbd800000000001e00000000000010"], 0x24}}, 0x0) splice(r0, 0x0, r1, 0x0, 0x10000, 0x0) 09:05:43 executing program 5: perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x821, 0x0, 0x0, 0x0, 0x3, 0x800, 0x2}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0) getpid() getpid() r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x9, 0x103382) creat(0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x5, 0x5, 0x0, 0x0, 0x0, 0x0, 0x120, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x8100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = memfd_create(&(0x7f0000000240)='.^\xc5', 0x3) pwritev(r1, &(0x7f0000000540)=[{&(0x7f0000000000)="d4", 0x1}], 0x1, 0x81805, 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) r2 = syz_open_dev$vcsn(0x0, 0x0, 0x0) mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x13, r2, 0x427d9000) sendfile(r0, r0, 0x0, 0x24002da8) ioctl$LOOP_CLR_FD(r0, 0x4c01) openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/attr/keycreate\x00', 0x2, 0x0) ioctl$BTRFS_IOC_DEFRAG(0xffffffffffffffff, 0x50009402, 0x0) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, 0x0) setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x29, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)=0x4000) dup3(0xffffffffffffffff, r1, 0x0) 09:05:43 executing program 5: perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x821, 0x0, 0x0, 0x0, 0x3, 0x800, 0x2}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0) getpid() getpid() r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x9, 0x103382) creat(0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x5, 0x5, 0x0, 0x0, 0x0, 0x0, 0x120, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x8100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = memfd_create(&(0x7f0000000240)='.^\xc5', 0x3) pwritev(r1, &(0x7f0000000540)=[{&(0x7f0000000000)="d4", 0x1}], 0x1, 0x81805, 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) r2 = syz_open_dev$vcsn(0x0, 0x0, 0x0) mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x13, r2, 0x427d9000) sendfile(r0, r0, 0x0, 0x24002da8) ioctl$LOOP_CLR_FD(r0, 0x4c01) openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/attr/keycreate\x00', 0x2, 0x0) ioctl$BTRFS_IOC_DEFRAG(0xffffffffffffffff, 0x50009402, 0x0) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, 0x0) setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x29, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)=0x4000) dup3(0xffffffffffffffff, r1, 0x0) [ 619.399374][ T118] print_req_error: 13 callbacks suppressed [ 619.399388][ T118] blk_update_request: I/O error, dev loop9, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 0 09:05:43 executing program 5: perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x821, 0x0, 0x0, 0x0, 0x3, 0x800, 0x2}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0) getpid() getpid() r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x9, 0x103382) creat(0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x5, 0x5, 0x0, 0x0, 0x0, 0x0, 0x120, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x8100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = memfd_create(&(0x7f0000000240)='.^\xc5', 0x3) pwritev(r1, &(0x7f0000000540)=[{&(0x7f0000000000)="d4", 0x1}], 0x1, 0x81805, 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) r2 = syz_open_dev$vcsn(0x0, 0x0, 0x0) mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x13, r2, 0x427d9000) sendfile(r0, r0, 0x0, 0x24002da8) ioctl$LOOP_CLR_FD(r0, 0x4c01) openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/attr/keycreate\x00', 0x2, 0x0) ioctl$BTRFS_IOC_DEFRAG(0xffffffffffffffff, 0x50009402, 0x0) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, 0x0) setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x29, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)=0x4000) dup3(0xffffffffffffffff, r1, 0x0) 09:05:43 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x8, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:43 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) syz_usb_connect(0x4, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x4, [{0x0, 0x0}, {0xb, &(0x7f0000000100)=ANY=[]}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x41a}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x1801}}]}) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) r4 = socket$netlink(0x10, 0x3, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0) writev(r4, &(0x7f0000000100), 0x0) 09:05:43 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(0x0, 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:43 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xc0ed0000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:43 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x40000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:44 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x0, 0x0) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:44 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) syz_usb_connect(0x4, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x4, [{0x0, 0x0}, {0xb, &(0x7f0000000100)=ANY=[]}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x41a}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x1801}}]}) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) r4 = socket$netlink(0x10, 0x3, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0) writev(r4, &(0x7f0000000100), 0x0) 09:05:44 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(0x0, 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:44 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x8cffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:44 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xf6ffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:44 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0xa, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:45 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x0, 0x0) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:45 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) syz_usb_connect(0x4, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x4, [{0x0, 0x0}, {0xb, &(0x7f0000000100)=ANY=[]}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x41a}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x1801}}]}) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) r4 = socket$netlink(0x10, 0x3, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0) writev(r4, &(0x7f0000000100), 0x0) 09:05:45 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX]) 09:05:45 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0xc0ed0000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:45 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xffff0000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:45 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x10, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 621.606331][T18230] 9pnet: Insufficient options for proto=fd 09:05:45 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x0, 0x0) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:46 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) syz_usb_connect(0x4, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x4, [{0x0, 0x0}, {0xb, &(0x7f0000000100)=ANY=[]}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x41a}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x1801}}]}) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) r4 = socket$netlink(0x10, 0x3, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0) writev(r4, &(0x7f0000000100), 0x0) 09:05:46 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX]) 09:05:46 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0xf6ffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:46 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xffffff7f, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 622.454458][T18251] 9pnet: Insufficient options for proto=fd 09:05:46 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x22, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:46 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x0, &(0x7f0000000540)) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:46 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) syz_usb_connect(0x4, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x4, [{0x0, 0x0}, {0xb, &(0x7f0000000100)=ANY=[]}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x41a}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x1801}}]}) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) socket$netlink(0x10, 0x3, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0) 09:05:47 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX]) 09:05:47 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xffffff8c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:47 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0xa00, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 623.310038][T18278] 9pnet: Insufficient options for proto=fd 09:05:47 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0xfeffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:47 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x0, &(0x7f0000000540)) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:47 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) syz_usb_connect(0x4, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x4, [{0x0, 0x0}, {0xb, &(0x7f0000000100)=ANY=[]}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x41a}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x1801}}]}) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) socket$netlink(0x10, 0x3, 0x0) 09:05:48 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, 0x0, &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:48 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xfffffff6, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:48 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x1020, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:48 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0xffff0000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:48 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x0, &(0x7f0000000540)) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:48 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) syz_usb_connect(0x4, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x4, [{0x0, 0x0}, {0xb, &(0x7f0000000100)=ANY=[]}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x41a}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x1801}}]}) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:49 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, 0x0, &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:49 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x2000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:49 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xedc000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:49 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0xfffffe00, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:49 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x1, &(0x7f0000000540)=[0x0]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:49 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) syz_usb_connect(0x4, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x4, [{0x0, 0x0}, {0xb, &(0x7f0000000100)=ANY=[]}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x41a}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x1801}}]}) io_setup(0x81, &(0x7f0000000040)=0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:50 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0xffffff7f, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:50 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, 0x0, &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:50 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x100000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:50 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x2010, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:50 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) syz_usb_connect(0x4, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x4, [{0x0, 0x0}, {0xb, &(0x7f0000000100)=ANY=[]}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x41a}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x1801}}]}) io_setup(0x81, &(0x7f0000000040)=0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:50 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x1, &(0x7f0000000540)=[0x0]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:50 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x200000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:50 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0xffffff8c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:50 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x2200, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:50 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:51 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) syz_usb_connect(0x4, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x4, [{0x0, 0x0}, {0xb, &(0x7f0000000100)=ANY=[]}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x41a}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x1801}}]}) io_setup(0x81, &(0x7f0000000040)=0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:51 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x1, &(0x7f0000000540)=[0x0]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:51 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x800000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:51 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:51 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0xfffffff6, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:51 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x3f00, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:52 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) syz_usb_connect(0x4, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x4, [{0x0, 0x0}, {0xb, &(0x7f0000000100)=ANY=[]}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x41a}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x1801}}]}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(0x0, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:52 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:52 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) syz_usb_connect(0x4, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x4, [{0x0, 0x0}, {0xb, &(0x7f0000000100)=ANY=[]}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x41a}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x1801}}]}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(0x0, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:52 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x4000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:52 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:52 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0xfffffffe, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:52 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xa00000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:53 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) syz_usb_connect(0x4, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x4, [{0x0, 0x0}, {0xb, &(0x7f0000000100)=ANY=[]}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x41a}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x1801}}]}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(0x0, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:53 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:53 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xfffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:53 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0), 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, 0x0) 09:05:53 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0xedc000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:53 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0xedc0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:53 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:54 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r2, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:54 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r2, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:54 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:54 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r2, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:54 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x1000000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:54 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0), 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, 0x0) 09:05:54 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0xfeffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:54 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x1000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:54 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:54 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:55 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:55 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) ftruncate(r0, 0x200005) sendfile(r1, 0xffffffffffffffff, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r2, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:55 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:55 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) ftruncate(r0, 0x200005) sendfile(r1, 0xffffffffffffffff, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r2, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:55 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x2000000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:55 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) ftruncate(r0, 0x200005) sendfile(r1, 0xffffffffffffffff, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r2, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:55 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x1000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:55 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0), 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, 0x0) 09:05:55 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0xfeffff00000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:55 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:55 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:55 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:55 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) close(0xffffffffffffffff) r1 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(0xffffffffffffffff, r1, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r2, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:55 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) close(0xffffffffffffffff) r1 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(0xffffffffffffffff, r1, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r2, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:56 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) close(0xffffffffffffffff) r1 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(0xffffffffffffffff, r1, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r2, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:56 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:56 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(0xffffffffffffffff, 0x200005) sendfile(r0, r1, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r2, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x200a19}]) 09:05:56 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x2010000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:56 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x2000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:56 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x100000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:56 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=']) [ 632.531942][T18618] 9pnet: Insufficient options for proto=fd 09:05:56 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(0xffffffffffffffff, 0x200005) sendfile(r0, r1, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r2, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x200a19}]) 09:05:56 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(0xffffffffffffffff, 0x200005) sendfile(r0, r1, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r2, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x200a19}]) 09:05:57 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:57 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:57 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:57 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x2200000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:57 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x200000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:57 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=']) 09:05:57 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x8000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:57 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 633.490342][T18659] 9pnet: Insufficient options for proto=fd 09:05:57 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:57 executing program 5: r0 = creat(0x0, 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:58 executing program 5: r0 = creat(0x0, 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:58 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, 0x0}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:58 executing program 5: r0 = creat(0x0, 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:58 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x0, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:58 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x800000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:58 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x4000000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:58 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0xa000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:58 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=']) 09:05:58 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x0, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 634.441731][T18702] 9pnet: Insufficient options for proto=fd 09:05:58 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x0, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:58 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(0xffffffffffffffff) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:58 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(0xffffffffffffffff) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:58 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(0xffffffffffffffff) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:59 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, 0x0}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:05:59 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(0x0, 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:59 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(0x0, 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:59 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0xa00000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:59 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x10000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:59 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX]) 09:05:59 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x8cffffff00000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:05:59 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(0x0, 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 635.370390][T18744] 9pnet: Insufficient options for proto=fd 09:05:59 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:59 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:59 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:59 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(0xffffffffffffffff, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:05:59 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, 0x0}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:00 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(0xffffffffffffffff, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:00 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x20000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:00 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0xfffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:00 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX]) 09:06:00 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xf6ffffff00000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:00 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(0xffffffffffffffff, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 636.343980][T18792] 9pnet: Insufficient options for proto=fd 09:06:00 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x0) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:00 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x0) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:00 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x0) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:00 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(0xffffffffffffffff, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:00 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(0x0, 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:01 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(0xffffffffffffffff, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:01 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xffff000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:01 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x20100000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:01 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x1000000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:01 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX]) 09:06:01 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(0xffffffffffffffff, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 637.295033][T18829] 9pnet: Insufficient options for proto=fd 09:06:01 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, 0xffffffffffffffff, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r2, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:01 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, 0xffffffffffffffff, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r2, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:01 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, 0xffffffffffffffff, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r2, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:01 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x0) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:01 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(0x0, 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:01 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x0) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:02 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x0) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:02 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xffffff7f00000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:02 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x2000000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:02 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x22000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:02 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYRESHEX=r3]) 09:06:02 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x0, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 638.214143][T18874] 9pnet: Insufficient options for proto=fd 09:06:02 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x0, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:02 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x0, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:02 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(0x0, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:02 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(0x0, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:02 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(0x0, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:02 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(0x0, 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:02 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:03 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xffffffffffffff0f, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:03 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYRESHEX=r3]) 09:06:03 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x3f000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:03 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x2010000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:03 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 639.146665][T18927] 9pnet: Insufficient options for proto=fd 09:06:03 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:03 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:03 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:03 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(0x0, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:04 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x2200000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:04 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x40000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:04 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x2, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:04 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYRESHEX=r3]) 09:06:04 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(0x0, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 640.044709][T18964] 9pnet: Insufficient options for proto=fd 09:06:04 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(0x0, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:04 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0x0, 0x0) 09:06:04 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:04 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0x0, 0x0) 09:06:04 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x8cffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:04 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x4000000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:04 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB, @ANYRESHEX=r3]) 09:06:04 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0x0, 0x0) 09:06:04 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 640.966981][T19009] 9pnet: Insufficient options for proto=fd 09:06:05 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0x0, &(0x7f0000000540)) 09:06:05 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0x0, &(0x7f0000000540)) 09:06:05 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0x0, &(0x7f0000000540)) 09:06:05 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:05 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[0x0]) 09:06:05 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0xc0ed0000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:05 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB, @ANYRESHEX=r3]) 09:06:05 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xa, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:05 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x8cffffff00000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 641.877609][T19055] 9pnet: Insufficient options for proto=fd 09:06:06 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[0x0]) 09:06:06 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[0x0]) 09:06:06 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:06 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, 0xffffffffffffffff, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:06 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:06 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0xf6ffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:06 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:06 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB, @ANYRESHEX=r3]) 09:06:06 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:06 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0xf6ffffff00000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 642.805815][T19103] 9pnet: Insufficient options for proto=fd 09:06:07 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x200a19}]) 09:06:07 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x200a19}]) 09:06:07 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x200a19}]) 09:06:07 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, 0xffffffffffffffff, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:07 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, 0x0}]) 09:06:07 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0xfeffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:07 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x22, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:07 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfd', @ANYRESHEX=r3]) 09:06:07 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0xfeffffff00000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 643.717606][T19145] 9pnet: Insufficient options for proto=fd 09:06:07 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, 0x0}]) 09:06:08 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, 0x0}]) 09:06:08 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, 0x0}]) 09:06:08 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, 0xffffffffffffffff, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:08 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:08 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0xffff0000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:08 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xa00, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:08 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfd', @ANYRESHEX=r3]) 09:06:08 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0xffff000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 644.640639][T19183] 9pnet: Insufficient options for proto=fd 09:06:08 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:08 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0x0, 0x0) 09:06:09 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:09 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x0) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:09 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:09 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0xffffff7f00000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:09 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x1020, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:09 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0xfffffe00, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:09 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfd', @ANYRESHEX=r3]) 09:06:09 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 645.605233][T19228] 9pnet: Insufficient options for proto=fd 09:06:09 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:10 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(0xffffffffffffffff, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:10 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x0) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:10 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x0, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:10 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0xffffffffffffff0f, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:10 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0xffffff7f, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:10 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno', @ANYRESHEX=r3]) 09:06:10 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:10 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x2000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 646.510365][T19269] 9pnet: Insufficient options for proto=fd 09:06:11 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x0) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:11 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x2, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:11 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno', @ANYRESHEX=r3]) 09:06:11 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x2010, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:11 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0xffffff8c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:11 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 647.413649][T19298] 9pnet: Insufficient options for proto=fd 09:06:11 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:11 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:12 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(0xffffffffffffffff, r4, 0x0, 0x8080ffffff7e) 09:06:12 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno', @ANYRESHEX=r3]) 09:06:12 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0xfffffff6, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:12 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x2200, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:12 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 648.428706][T19333] 9pnet: Insufficient options for proto=fd 09:06:12 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:13 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(0xffffffffffffffff, r4, 0x0, 0x8080ffffff7e) 09:06:13 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) 09:06:13 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x4000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:13 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0xfffffffe, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:13 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xa, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 649.453998][T19366] 9pnet: Insufficient options for proto=fd 09:06:13 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno', @ANYRESHEX=r3]) [ 649.862798][T19374] 9pnet: Insufficient options for proto=fd 09:06:14 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(0xffffffffffffffff, r4, 0x0, 0x8080ffffff7e) 09:06:14 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:14 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0xedc000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:14 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) 09:06:14 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xedc0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 650.399593][T19398] 9pnet: Insufficient options for proto=fd 09:06:14 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x4000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:15 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, 0xffffffffffffffff, 0x0, 0x8080ffffff7e) 09:06:15 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x1000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:15 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) 09:06:15 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x1000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:15 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x22, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 651.372557][T19428] 9pnet: Insufficient options for proto=fd 09:06:15 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r2, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:15 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r2, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:15 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) syz_usb_connect(0x4, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x4, [{0x0, 0x0}, {0xb, &(0x7f0000000100)=ANY=[]}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x41a}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x1801}}]}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(0x0, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:15 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, 0xffffffffffffffff, 0x0, 0x8080ffffff7e) 09:06:16 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) 09:06:16 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0xfeffff00000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:16 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x2000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:16 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xa00, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 652.300234][T19467] 9pnet: Insufficient options for proto=fd 09:06:16 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) syz_usb_connect(0x4, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x4, [{0x0, 0x0}, {0xb, &(0x7f0000000100)=ANY=[]}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x41a}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x1801}}]}) io_setup(0x81, &(0x7f0000000040)=0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:16 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, 0xffffffffffffffff, 0x0, 0x8080ffffff7e) 09:06:17 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x1020, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:17 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) 09:06:17 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x100000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:17 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x8000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:17 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) syz_usb_connect(0x4, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x4, [{0x0, 0x0}, {0xb, &(0x7f0000000100)=ANY=[]}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x41a}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x1801}}]}) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 653.263904][T19500] 9pnet: Insufficient options for proto=fd 09:06:17 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x0) 09:06:18 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x2000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:18 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xa000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:18 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) syz_usb_connect(0x4, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x4, [{0x0, 0x0}, {0xb, &(0x7f0000000100)=ANY=[]}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x41a}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x1801}}]}) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) socket$netlink(0x10, 0x3, 0x0) 09:06:18 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x200000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:18 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) [ 654.235162][T19538] 9pnet: Insufficient options for proto=fd 09:06:18 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x0) 09:06:19 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x2010, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:19 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x10000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:19 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x0) 09:06:19 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x800000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:19 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:19 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x0) 09:06:20 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x2200, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:20 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:20 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0xa00000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:20 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x20000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:20 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1015, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) syz_usb_connect(0x4, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x4, [{0x0, 0x0}, {0xb, &(0x7f0000000100)=ANY=[]}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x41a}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x1801}}]}) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) socket$netlink(0x10, 0x3, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0) 09:06:20 executing program 3 (fault-call:19 fault-nth:0): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) [ 656.925993][T19612] FAULT_INJECTION: forcing a failure. [ 656.925993][T19612] name failslab, interval 1, probability 0, space 0, times 0 [ 656.940293][T19612] CPU: 0 PID: 19612 Comm: syz-executor.3 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 656.952181][T19612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 656.963653][T19612] Call Trace: [ 656.967285][T19612] dump_stack+0x1dd/0x24e 09:06:21 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 656.971931][T19612] ? devkmsg_release+0x11c/0x11c [ 656.978106][T19612] ? show_regs_print_info+0x12/0x12 [ 656.983421][T19612] ? is_mmconf_reserved+0x420/0x420 [ 656.988620][T19612] ? stack_trace_save+0x1f0/0x1f0 [ 656.993669][T19612] should_fail+0x6fb/0x860 [ 656.998096][T19612] ? setup_fault_attr+0x3d0/0x3d0 [ 657.003378][T19612] ? refcount_inc_not_zero_checked+0x1a6/0x280 [ 657.009967][T19612] ? alloc_pipe_info+0x9f/0x3a0 [ 657.014824][T19612] should_failslab+0x5/0x20 [ 657.020362][T19612] kmem_cache_alloc_trace+0x39/0x290 [ 657.025651][T19612] alloc_pipe_info+0x9f/0x3a0 [ 657.030320][T19612] splice_direct_to_actor+0x94e/0xb00 [ 657.035830][T19612] ? debug_smp_processor_id+0x20/0x20 [ 657.043725][T19612] ? debug_smp_processor_id+0x20/0x20 [ 657.050247][T19612] ? avc_policy_seqno+0x17/0x70 [ 657.055660][T19612] ? do_splice_direct+0x3e0/0x3e0 [ 657.061194][T19612] ? pipe_to_sendpage+0x300/0x300 [ 657.070416][T19612] ? security_file_permission+0x128/0x300 [ 657.083541][T19612] do_splice_direct+0x288/0x3e0 [ 657.096971][T19612] ? splice_direct_to_actor+0xb00/0xb00 [ 657.106152][T19612] ? avc_policy_seqno+0x17/0x70 [ 657.114033][T19612] do_sendfile+0x8e4/0x1130 [ 657.119811][T19612] ? compat_writev+0x3d0/0x3d0 [ 657.129252][T19612] ? preempt_schedule_irq+0xeb/0x140 [ 657.137418][T19612] ? preempt_schedule_notrace+0x190/0x190 [ 657.143761][T19612] ? check_preemption_disabled+0x15a/0x330 [ 657.150887][T19612] __x64_sys_sendfile64+0x1ce/0x230 [ 657.156678][T19612] ? retint_kernel+0x1b/0x1b [ 657.161977][T19612] ? __ia32_sys_sendfile+0x250/0x250 [ 657.167325][T19612] ? do_syscall_64+0x80/0x150 [ 657.172115][T19612] do_syscall_64+0xcb/0x150 [ 657.182562][T19612] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 657.188638][T19612] RIP: 0033:0x45e219 [ 657.192637][T19612] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 657.212414][T19612] RSP: 002b:00007fd9fd4e9c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 657.220849][T19612] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 000000000045e219 [ 657.228817][T19612] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000006 [ 657.237052][T19612] RBP: 00007fd9fd4e9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 657.245715][T19612] R10: 00008080ffffff7e R11: 0000000000000246 R12: 0000000000000000 [ 657.258456][T19612] R13: 00007ffffa47b4ef R14: 00007fd9fd4ea9c0 R15: 000000000119c22c 09:06:21 executing program 5 (fault-call:8 fault-nth:0): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:21 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0xfffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:21 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x4000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:21 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x20100000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 657.446800][T19636] FAULT_INJECTION: forcing a failure. [ 657.446800][T19636] name failslab, interval 1, probability 0, space 0, times 0 [ 657.462132][T19636] CPU: 1 PID: 19636 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 657.473216][T19636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 657.483786][T19636] Call Trace: [ 657.487070][T19636] dump_stack+0x1dd/0x24e [ 657.491384][T19636] ? devkmsg_release+0x11c/0x11c [ 657.496409][T19636] ? show_regs_print_info+0x12/0x12 [ 657.503609][T19636] should_fail+0x6fb/0x860 [ 657.508034][T19636] ? setup_fault_attr+0x3d0/0x3d0 [ 657.513850][T19636] ? io_submit_one+0x15c/0x2340 [ 657.519480][T19636] should_failslab+0x5/0x20 [ 657.537364][T19636] kmem_cache_alloc+0x36/0x270 [ 657.544769][T19636] io_submit_one+0x15c/0x2340 [ 657.549783][T19636] ? do_user_addr_fault+0x6dd/0xb10 [ 657.555420][T19636] ? page_fault+0x2f/0x40 [ 657.559744][T19636] ? lookup_ioctx+0x460/0x460 [ 657.564493][T19636] ? __se_sys_io_submit+0xa4/0x3c0 [ 657.569593][T19636] ? lookup_ioctx+0x273/0x460 [ 657.574461][T19636] ? __sb_end_write+0xb5/0x100 [ 657.581036][T19636] __se_sys_io_submit+0x179/0x3c0 [ 657.599429][T19636] ? __x64_sys_io_submit+0x80/0x80 [ 657.604632][T19636] ? __ia32_sys_read+0x80/0x80 [ 657.609490][T19636] do_syscall_64+0xcb/0x150 [ 657.617591][T19636] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 657.623504][T19636] RIP: 0033:0x45e219 [ 657.627421][T19636] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 657.647164][T19636] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 657.655651][T19636] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 [ 657.664247][T19636] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 [ 657.672771][T19636] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 [ 657.680745][T19636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 657.689268][T19636] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 09:06:21 executing program 3 (fault-call:19 fault-nth:1): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:21 executing program 5 (fault-call:8 fault-nth:1): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 657.873613][T19642] FAULT_INJECTION: forcing a failure. [ 657.873613][T19642] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 657.890917][T19642] CPU: 0 PID: 19642 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 657.901354][T19642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 657.911490][T19642] Call Trace: [ 657.914868][T19642] dump_stack+0x1dd/0x24e [ 657.919742][T19642] ? devkmsg_release+0x11c/0x11c [ 657.925853][T19642] ? show_regs_print_info+0x12/0x12 [ 657.932630][T19642] ? mark_page_accessed+0x283/0x5d0 [ 657.940107][T19642] should_fail+0x6fb/0x860 [ 657.944864][T19642] ? setup_fault_attr+0x3d0/0x3d0 [ 657.950578][T19642] ? __rcu_read_lock+0x50/0x50 [ 657.956297][T19642] ? xas_load+0x46f/0x4c0 [ 657.961713][T19642] __alloc_pages_nodemask+0x1ee/0x7c0 [ 657.969131][T19642] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 657.976034][T19642] ? __ext4_handle_dirty_metadata+0x2d8/0x910 [ 657.982118][T19642] ? __ext4_journal_get_create_access+0x2e0/0x2e0 [ 657.988631][T19642] ? __ext4_get_inode_loc+0x4ad/0x1080 [ 657.994130][T19642] pagecache_get_page+0x522/0x8a0 [ 658.001085][T19642] ? ext4_mark_iloc_dirty+0x248f/0x3430 [ 658.010063][T19642] grab_cache_page_write_begin+0x50/0x90 [ 658.016053][T19642] ext4_da_write_begin+0x9e1/0xfc0 [ 658.021505][T19642] ? ext4_chunk_trans_blocks+0x280/0x280 [ 658.027586][T19642] ? ext4_set_page_dirty+0x190/0x190 [ 658.029309][T19646] FAULT_INJECTION: forcing a failure. [ 658.029309][T19646] name failslab, interval 1, probability 0, space 0, times 0 [ 658.032980][T19642] ? ext4_reserve_inode_write+0x19c/0x220 [ 658.032997][T19642] ? ext4_mark_inode_dirty+0x5e3/0x780 [ 658.033006][T19642] ? ext4_evict_inode+0x1aa0/0x1aa0 [ 658.033016][T19642] ? _raw_spin_unlock_irq+0x4a/0x60 [ 658.033029][T19642] ? rwsem_down_write_slowpath+0x123e/0x1320 [ 658.033037][T19642] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 658.033044][T19642] ? uuid_parse+0x3e0/0x3e0 [ 658.033054][T19642] ? inode_io_list_move_locked+0x2bb/0x300 [ 658.033065][T19642] generic_perform_write+0x2f7/0x590 [ 658.033081][T19642] ? grab_cache_page_write_begin+0x90/0x90 [ 658.033089][T19642] ? file_remove_privs+0x610/0x610 [ 658.033098][T19642] ? down_write+0x147/0x150 [ 658.033115][T19642] __generic_file_write_iter+0x232/0x460 [ 658.122765][T19642] ext4_file_write_iter+0x46f/0x1070 [ 658.128058][T19642] ? __kasan_kmalloc+0x189/0x1c0 [ 658.133042][T19642] ? ext4_file_read_iter+0x140/0x140 [ 658.138680][T19642] ? avc_policy_seqno+0x17/0x70 [ 658.144481][T19642] ? selinux_file_permission+0x2d0/0x520 [ 658.150125][T19642] aio_write+0x472/0x610 [ 658.155699][T19642] ? aio_read+0x4f0/0x4f0 [ 658.160135][T19642] ? fget_many+0x20/0x20 [ 658.164379][T19642] ? io_submit_one+0x15c/0x2340 [ 658.169254][T19642] io_submit_one+0xa41/0x2340 [ 658.173963][T19642] ? do_user_addr_fault+0x6dd/0xb10 [ 658.179180][T19642] ? lookup_ioctx+0x460/0x460 [ 658.183955][T19642] ? __se_sys_io_submit+0xa4/0x3c0 [ 658.189086][T19642] ? lookup_ioctx+0x273/0x460 [ 658.193775][T19642] ? __sb_end_write+0xb5/0x100 [ 658.198904][T19642] __se_sys_io_submit+0x179/0x3c0 [ 658.203955][T19642] ? __x64_sys_io_submit+0x80/0x80 [ 658.209803][T19642] ? __ia32_sys_read+0x80/0x80 [ 658.218150][T19642] do_syscall_64+0xcb/0x150 [ 658.223395][T19642] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 658.231327][T19642] RIP: 0033:0x45e219 [ 658.236894][T19642] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 658.257729][T19642] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 658.266251][T19642] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 [ 658.275316][T19642] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 [ 658.283308][T19642] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 [ 658.291461][T19642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 658.299518][T19642] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 [ 658.307499][T19646] CPU: 1 PID: 19646 Comm: syz-executor.3 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 658.318282][T19646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 658.328561][T19646] Call Trace: [ 658.332297][T19646] dump_stack+0x1dd/0x24e [ 658.337893][T19646] ? devkmsg_release+0x11c/0x11c [ 658.343284][T19646] ? show_regs_print_info+0x12/0x12 [ 658.348967][T19646] should_fail+0x6fb/0x860 [ 658.353595][T19646] ? setup_fault_attr+0x3d0/0x3d0 [ 658.358807][T19646] ? kcalloc+0x32/0x60 [ 658.362893][T19646] should_failslab+0x5/0x20 [ 658.367396][T19646] __kmalloc+0x5f/0x2d0 09:06:22 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x1000000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:22 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x22000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 658.371559][T19646] ? kmem_cache_alloc_trace+0xc3/0x290 [ 658.377378][T19646] kcalloc+0x32/0x60 [ 658.381610][T19646] alloc_pipe_info+0x1b7/0x3a0 [ 658.386494][T19646] splice_direct_to_actor+0x94e/0xb00 [ 658.392119][T19646] ? refcount_sub_and_test_checked+0x1bb/0x290 [ 658.398648][T19646] ? avc_policy_seqno+0x17/0x70 [ 658.404417][T19646] ? do_splice_direct+0x3e0/0x3e0 [ 658.410229][T19646] ? pipe_to_sendpage+0x300/0x300 [ 658.415721][T19646] ? security_file_permission+0x128/0x300 [ 658.421716][T19646] do_splice_direct+0x288/0x3e0 [ 658.427445][T19646] ? splice_direct_to_actor+0xb00/0xb00 [ 658.432993][T19646] ? avc_policy_seqno+0x17/0x70 [ 658.437844][T19646] do_sendfile+0x8e4/0x1130 [ 658.442357][T19646] ? compat_writev+0x3d0/0x3d0 [ 658.447123][T19646] ? vfs_write+0x427/0x4f0 [ 658.451540][T19646] ? check_preemption_disabled+0x15a/0x330 [ 658.457337][T19646] __x64_sys_sendfile64+0x1ce/0x230 [ 658.462539][T19646] ? __ia32_sys_sendfile+0x250/0x250 [ 658.467809][T19646] do_syscall_64+0xcb/0x150 [ 658.472324][T19646] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 658.478213][T19646] RIP: 0033:0x45e219 [ 658.482103][T19646] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 658.501967][T19646] RSP: 002b:00007fd9fd4e9c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 658.510374][T19646] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 000000000045e219 [ 658.520978][T19646] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000006 [ 658.533184][T19646] RBP: 00007fd9fd4e9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 658.551072][T19646] R10: 00008080ffffff7e R11: 0000000000000246 R12: 0000000000000001 [ 658.561490][T19646] R13: 00007ffffa47b4ef R14: 00007fd9fd4ea9c0 R15: 000000000119c22c 09:06:22 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB, @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:22 executing program 5 (fault-call:8 fault-nth:2): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:22 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xedc0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:22 executing program 3 (fault-call:19 fault-nth:2): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) [ 658.810892][T19675] FAULT_INJECTION: forcing a failure. [ 658.810892][T19675] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 658.828132][T19675] CPU: 1 PID: 19675 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 658.842474][T19675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 658.856187][T19675] Call Trace: [ 658.860153][T19675] dump_stack+0x1dd/0x24e [ 658.864800][T19675] ? devkmsg_release+0x11c/0x11c [ 658.869837][T19675] ? show_regs_print_info+0x12/0x12 [ 658.875139][T19675] ? ext4_da_get_block_prep+0xef5/0x1340 [ 658.881000][T19675] ? check_preemption_disabled+0x15a/0x330 [ 658.886920][T19675] should_fail+0x6fb/0x860 [ 658.891340][T19675] ? setup_fault_attr+0x3d0/0x3d0 [ 658.896646][T19675] ? _raw_spin_lock+0xa3/0x1b0 [ 658.901642][T19675] ? __rcu_read_lock+0x50/0x50 [ 658.906405][T19675] ? xas_load+0x46f/0x4c0 [ 658.910722][T19675] __alloc_pages_nodemask+0x1ee/0x7c0 [ 658.916095][T19675] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 658.921721][T19675] pagecache_get_page+0x522/0x8a0 [ 658.926973][T19675] ? __up_read+0x6f/0x1b0 [ 658.931392][T19675] grab_cache_page_write_begin+0x50/0x90 [ 658.937748][T19675] ext4_da_write_begin+0x9e1/0xfc0 [ 658.942948][T19675] ? ext4_set_page_dirty+0x190/0x190 [ 658.949050][T19675] ? page_fault+0x2f/0x40 [ 658.953362][T19675] ? iov_iter_fault_in_readable+0x1a2/0x630 [ 658.959330][T19675] ? iov_iter_fault_in_readable+0x1c0/0x630 [ 658.965226][T19675] ? iov_iter_fault_in_readable+0x1c8/0x630 [ 658.971270][T19675] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 658.977342][T19675] ? uuid_parse+0x3e0/0x3e0 [ 658.982270][T19675] ? balance_dirty_pages_ratelimited+0x363/0x520 [ 658.988661][T19675] generic_perform_write+0x2f7/0x590 [ 658.993944][T19675] ? grab_cache_page_write_begin+0x90/0x90 [ 659.000382][T19675] ? file_remove_privs+0x610/0x610 [ 659.006494][T19675] ? down_write+0x147/0x150 [ 659.011081][T19675] __generic_file_write_iter+0x232/0x460 [ 659.016709][T19675] ext4_file_write_iter+0x46f/0x1070 [ 659.023410][T19675] ? __kasan_kmalloc+0x189/0x1c0 [ 659.029231][T19675] ? ext4_file_read_iter+0x140/0x140 [ 659.035905][T19675] ? avc_policy_seqno+0x17/0x70 [ 659.047995][T19675] ? selinux_file_permission+0x2d0/0x520 [ 659.057205][T19675] aio_write+0x472/0x610 [ 659.062504][T19675] ? aio_read+0x4f0/0x4f0 [ 659.067779][T19675] ? fget_many+0x20/0x20 [ 659.072036][T19675] ? io_submit_one+0x15c/0x2340 [ 659.077329][T19675] io_submit_one+0xa41/0x2340 [ 659.083097][T19675] ? do_user_addr_fault+0x6dd/0xb10 [ 659.088585][T19675] ? lookup_ioctx+0x460/0x460 [ 659.093455][T19675] ? __se_sys_io_submit+0xa4/0x3c0 [ 659.099773][T19675] ? lookup_ioctx+0x273/0x460 [ 659.104641][T19675] ? __sb_end_write+0xb5/0x100 [ 659.109814][T19675] __se_sys_io_submit+0x179/0x3c0 [ 659.114867][T19675] ? __x64_sys_io_submit+0x80/0x80 [ 659.121124][T19675] ? __ia32_sys_read+0x80/0x80 [ 659.125879][T19675] do_syscall_64+0xcb/0x150 [ 659.130410][T19675] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 659.136341][T19675] RIP: 0033:0x45e219 [ 659.140246][T19675] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 09:06:23 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x40000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 659.160528][T19675] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 659.169061][T19675] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 [ 659.178492][T19675] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 [ 659.186553][T19675] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 [ 659.195354][T19675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 659.204011][T19675] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 09:06:23 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x2000000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 659.371248][T19691] FAULT_INJECTION: forcing a failure. [ 659.371248][T19691] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 659.385794][T19691] CPU: 0 PID: 19691 Comm: syz-executor.3 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 659.395965][T19691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 659.407439][T19691] Call Trace: [ 659.410736][T19691] dump_stack+0x1dd/0x24e [ 659.415153][T19691] ? devkmsg_release+0x11c/0x11c [ 659.420169][T19691] ? show_regs_print_info+0x12/0x12 [ 659.428249][T19691] should_fail+0x6fb/0x860 [ 659.435020][T19691] ? setup_fault_attr+0x3d0/0x3d0 [ 659.440509][T19691] ? debug_smp_processor_id+0x20/0x20 [ 659.447075][T19691] ? check_preemption_disabled+0x9e/0x330 [ 659.460485][T19691] __alloc_pages_nodemask+0x1ee/0x7c0 [ 659.480008][T19691] ? __xas_prev+0x3b6/0x470 [ 659.484495][T19691] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 659.510647][T19691] ? xa_load+0x323/0x340 [ 659.515625][T19691] __do_page_cache_readahead+0x244/0x510 [ 659.521429][T19691] ? read_cache_pages_invalidate_page+0x1b0/0x1b0 [ 659.528980][T19691] generic_file_read_iter+0x5ce/0x20a0 [ 659.534676][T19691] ? find_get_pages_range_tag+0xaf0/0xaf0 [ 659.540419][T19691] ? retint_kernel+0x1b/0x1b [ 659.545340][T19691] generic_file_splice_read+0x475/0x770 [ 659.550906][T19691] ? splice_shrink_spd+0xb0/0xb0 [ 659.556662][T19691] ? security_file_permission+0x1e9/0x300 [ 659.562554][T19691] ? splice_shrink_spd+0xb0/0xb0 [ 659.567642][T19691] splice_direct_to_actor+0x3cf/0xb00 [ 659.573008][T19691] ? do_splice_direct+0x3e0/0x3e0 [ 659.578051][T19691] ? pipe_to_sendpage+0x300/0x300 [ 659.583071][T19691] ? security_file_permission+0x128/0x300 [ 659.588786][T19691] do_splice_direct+0x288/0x3e0 [ 659.593636][T19691] ? splice_direct_to_actor+0xb00/0xb00 [ 659.599195][T19691] ? avc_policy_seqno+0x17/0x70 [ 659.604039][T19691] do_sendfile+0x8e4/0x1130 [ 659.608527][T19691] ? compat_writev+0x3d0/0x3d0 [ 659.613289][T19691] ? debug_smp_processor_id+0x20/0x20 [ 659.618650][T19691] __x64_sys_sendfile64+0x1ce/0x230 [ 659.623994][T19691] ? __ia32_sys_sendfile+0x250/0x250 [ 659.629284][T19691] do_syscall_64+0xcb/0x150 [ 659.633794][T19691] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 659.639728][T19691] RIP: 0033:0x45e219 [ 659.644051][T19691] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 659.665578][T19691] RSP: 002b:00007fd9fd4e9c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 09:06:23 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xfeffff, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:23 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB, @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 659.674386][T19691] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 000000000045e219 [ 659.683534][T19691] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000006 [ 659.691843][T19691] RBP: 00007fd9fd4e9ca0 R08: 0000000000000000 R09: 0000000000000000 [ 659.700511][T19691] R10: 00008080ffffff7e R11: 0000000000000246 R12: 0000000000000002 [ 659.708851][T19691] R13: 00007ffffa47b4ef R14: 00007fd9fd4ea9c0 R15: 000000000119c22c 09:06:23 executing program 5 (fault-call:8 fault-nth:3): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:23 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) [ 659.838165][T19707] FAULT_INJECTION: forcing a failure. [ 659.838165][T19707] name failslab, interval 1, probability 0, space 0, times 0 [ 659.853867][T19707] CPU: 1 PID: 19707 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 659.864319][T19707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 659.878246][T19707] Call Trace: [ 659.881780][T19707] dump_stack+0x1dd/0x24e [ 659.889483][T19707] ? devkmsg_release+0x11c/0x11c [ 659.894545][T19707] ? show_regs_print_info+0x12/0x12 [ 659.900026][T19707] ? stack_trace_save+0x120/0x1f0 [ 659.905047][T19707] should_fail+0x6fb/0x860 [ 659.929597][T19707] ? setup_fault_attr+0x3d0/0x3d0 [ 659.934637][T19707] ? check_preemption_disabled+0x9e/0x330 [ 659.940638][T19707] ? check_preemption_disabled+0x15a/0x330 [ 659.946566][T19707] ? debug_smp_processor_id+0x20/0x20 [ 659.954649][T19707] ? xas_create+0x4f9/0x1360 [ 659.959493][T19707] should_failslab+0x5/0x20 [ 659.964348][T19707] kmem_cache_alloc+0x36/0x270 [ 659.969185][T19707] ? alloc_page_buffers+0x109/0x3f0 [ 659.974370][T19707] xas_create+0x4f9/0x1360 [ 659.978856][T19707] xas_store+0x93/0x13b0 [ 659.983304][T19707] ? _raw_spin_lock_irq+0xa4/0x1b0 [ 659.988735][T19707] ? _raw_spin_lock_irqsave+0x210/0x210 [ 659.994267][T19707] ? xas_load+0x46f/0x4c0 [ 659.998936][T19707] __add_to_page_cache_locked+0x3e0/0x8e0 [ 660.004659][T19707] ? replace_page_cache_page+0x560/0x560 [ 660.010670][T19707] ? workingset_activation+0x150/0x150 [ 660.016126][T19707] ? __alloc_pages_nodemask+0x374/0x7c0 [ 660.021762][T19707] add_to_page_cache_lru+0x11d/0x280 [ 660.027251][T19707] ? add_to_page_cache_locked+0x40/0x40 [ 660.032889][T19707] pagecache_get_page+0x5ea/0x8a0 [ 660.038018][T19707] ? __up_read+0x6f/0x1b0 [ 660.042705][T19707] grab_cache_page_write_begin+0x50/0x90 [ 660.048345][T19707] ext4_da_write_begin+0x9e1/0xfc0 [ 660.053780][T19707] ? ext4_set_page_dirty+0x190/0x190 [ 660.059474][T19707] ? page_fault+0x2f/0x40 [ 660.063970][T19707] ? iov_iter_fault_in_readable+0x1a2/0x630 [ 660.070288][T19707] ? iov_iter_fault_in_readable+0x1c0/0x630 [ 660.076691][T19707] ? iov_iter_fault_in_readable+0x1c8/0x630 [ 660.082729][T19707] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 660.088797][T19707] ? uuid_parse+0x3e0/0x3e0 [ 660.094360][T19707] ? balance_dirty_pages_ratelimited+0x363/0x520 [ 660.101968][T19707] generic_perform_write+0x2f7/0x590 [ 660.108577][T19707] ? grab_cache_page_write_begin+0x90/0x90 [ 660.114898][T19707] ? file_remove_privs+0x610/0x610 [ 660.120203][T19707] ? down_write+0x147/0x150 [ 660.124728][T19707] __generic_file_write_iter+0x232/0x460 [ 660.130369][T19707] ext4_file_write_iter+0x46f/0x1070 [ 660.138310][T19707] ? __kasan_kmalloc+0x189/0x1c0 [ 660.143336][T19707] ? ext4_file_read_iter+0x140/0x140 [ 660.148608][T19707] ? avc_policy_seqno+0x17/0x70 [ 660.153635][T19707] ? selinux_file_permission+0x2d0/0x520 [ 660.159247][T19707] aio_write+0x472/0x610 [ 660.164016][T19707] ? aio_read+0x4f0/0x4f0 [ 660.168414][T19707] ? fget_many+0x20/0x20 [ 660.173110][T19707] ? io_submit_one+0x15c/0x2340 [ 660.178228][T19707] io_submit_one+0xa41/0x2340 [ 660.183064][T19707] ? do_user_addr_fault+0x6dd/0xb10 [ 660.188339][T19707] ? lookup_ioctx+0x460/0x460 [ 660.192998][T19707] ? __se_sys_io_submit+0xa4/0x3c0 [ 660.198279][T19707] ? lookup_ioctx+0x273/0x460 [ 660.202955][T19707] ? __sb_end_write+0xb5/0x100 [ 660.207712][T19707] __se_sys_io_submit+0x179/0x3c0 [ 660.213795][T19707] ? __x64_sys_io_submit+0x80/0x80 [ 660.218911][T19707] ? __ia32_sys_read+0x80/0x80 [ 660.223795][T19707] do_syscall_64+0xcb/0x150 [ 660.228299][T19707] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 660.234190][T19707] RIP: 0033:0x45e219 [ 660.238168][T19707] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 660.257769][T19707] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 660.266172][T19707] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 [ 660.274236][T19707] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 09:06:24 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x8cffffff, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 660.284367][T19707] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 [ 660.293049][T19707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 660.302471][T19707] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 09:06:24 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x2010000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:24 executing program 5 (fault-call:8 fault-nth:4): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:24 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB, @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:24 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x1000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 660.722026][T19733] FAULT_INJECTION: forcing a failure. [ 660.722026][T19733] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 660.735433][T19733] CPU: 1 PID: 19733 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 660.746420][T19733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 660.756844][T19733] Call Trace: [ 660.761189][T19733] dump_stack+0x1dd/0x24e [ 660.766237][T19733] ? devkmsg_release+0x11c/0x11c [ 660.772156][T19733] ? show_regs_print_info+0x12/0x12 [ 660.778430][T19733] ? ext4_da_get_block_prep+0xef5/0x1340 [ 660.784906][T19733] ? check_preemption_disabled+0x15a/0x330 [ 660.790717][T19733] should_fail+0x6fb/0x860 [ 660.795141][T19733] ? setup_fault_attr+0x3d0/0x3d0 [ 660.800347][T19733] ? _raw_spin_lock+0xa3/0x1b0 [ 660.805188][T19733] ? __rcu_read_lock+0x50/0x50 [ 660.810129][T19733] ? xas_load+0x468/0x4c0 [ 660.814470][T19733] __alloc_pages_nodemask+0x1ee/0x7c0 [ 660.819837][T19733] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 660.825373][T19733] pagecache_get_page+0x522/0x8a0 [ 660.830400][T19733] ? __up_read+0x6f/0x1b0 [ 660.834822][T19733] grab_cache_page_write_begin+0x50/0x90 [ 660.840728][T19733] ext4_da_write_begin+0x9e1/0xfc0 [ 660.845855][T19733] ? ext4_set_page_dirty+0x190/0x190 [ 660.851129][T19733] ? page_fault+0x2f/0x40 [ 660.855446][T19733] ? iov_iter_fault_in_readable+0x1a2/0x630 [ 660.862259][T19733] ? iov_iter_fault_in_readable+0x1c0/0x630 [ 660.868147][T19733] ? iov_iter_fault_in_readable+0x1c8/0x630 [ 660.874028][T19733] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 660.879975][T19733] ? uuid_parse+0x3e0/0x3e0 [ 660.885463][T19733] ? balance_dirty_pages_ratelimited+0x363/0x520 [ 660.894493][T19733] generic_perform_write+0x2f7/0x590 [ 660.904413][T19733] ? grab_cache_page_write_begin+0x90/0x90 [ 660.916844][T19733] ? file_remove_privs+0x610/0x610 [ 660.925919][T19733] ? down_write+0x147/0x150 [ 660.933396][T19733] __generic_file_write_iter+0x232/0x460 [ 660.943964][T19733] ext4_file_write_iter+0x46f/0x1070 [ 660.949726][T19733] ? __kasan_kmalloc+0x189/0x1c0 [ 660.955141][T19733] ? ext4_file_read_iter+0x140/0x140 [ 660.960527][T19733] ? avc_policy_seqno+0x17/0x70 [ 660.966511][T19733] ? selinux_file_permission+0x2d0/0x520 [ 660.973060][T19733] aio_write+0x472/0x610 [ 660.977312][T19733] ? aio_read+0x4f0/0x4f0 [ 660.982491][T19733] ? fget_many+0x20/0x20 [ 660.987494][T19733] ? io_submit_one+0x15c/0x2340 [ 660.992389][T19733] io_submit_one+0xa41/0x2340 [ 660.997497][T19733] ? do_user_addr_fault+0x6dd/0xb10 [ 661.002683][T19733] ? lookup_ioctx+0x460/0x460 [ 661.007706][T19733] ? __se_sys_io_submit+0xa4/0x3c0 [ 661.012822][T19733] ? lookup_ioctx+0x273/0x460 [ 661.017622][T19733] ? __sb_end_write+0xb5/0x100 [ 661.022386][T19733] __se_sys_io_submit+0x179/0x3c0 [ 661.027662][T19733] ? __x64_sys_io_submit+0x80/0x80 [ 661.033386][T19733] ? __ia32_sys_read+0x80/0x80 [ 661.039734][T19733] do_syscall_64+0xcb/0x150 [ 661.045751][T19733] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 661.053249][T19733] RIP: 0033:0x45e219 [ 661.061596][T19733] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 661.089768][T19733] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 661.098887][T19733] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 [ 661.113614][T19733] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 09:06:25 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x7ffff000) [ 661.124022][T19733] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 [ 661.133691][T19733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 661.161384][T19733] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 09:06:25 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xc0ed0000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:25 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x2200000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:25 executing program 5 (fault-call:8 fault-nth:5): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 661.359969][T19752] FAULT_INJECTION: forcing a failure. [ 661.359969][T19752] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 661.395577][T19752] CPU: 1 PID: 19752 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 661.405761][T19752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 661.415923][T19752] Call Trace: [ 661.419236][T19752] dump_stack+0x1dd/0x24e [ 661.427274][T19752] ? devkmsg_release+0x11c/0x11c [ 661.432798][T19752] ? show_regs_print_info+0x12/0x12 [ 661.438150][T19752] ? ext4_da_get_block_prep+0xef5/0x1340 [ 661.443783][T19752] ? check_preemption_disabled+0x15a/0x330 [ 661.449675][T19752] should_fail+0x6fb/0x860 [ 661.454202][T19752] ? setup_fault_attr+0x3d0/0x3d0 [ 661.460404][T19752] ? _raw_spin_lock+0xa3/0x1b0 [ 661.465562][T19752] ? __rcu_read_lock+0x50/0x50 [ 661.470679][T19752] ? xas_load+0x468/0x4c0 [ 661.475095][T19752] __alloc_pages_nodemask+0x1ee/0x7c0 [ 661.480486][T19752] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 661.486598][T19752] pagecache_get_page+0x522/0x8a0 [ 661.491631][T19752] ? __up_read+0x6f/0x1b0 [ 661.496161][T19752] grab_cache_page_write_begin+0x50/0x90 [ 661.503340][T19752] ext4_da_write_begin+0x9e1/0xfc0 09:06:25 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x2000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 661.508888][T19752] ? ext4_set_page_dirty+0x190/0x190 [ 661.514173][T19752] ? page_fault+0x2f/0x40 [ 661.519364][T19752] ? iov_iter_fault_in_readable+0x1a2/0x630 [ 661.525647][T19752] ? iov_iter_fault_in_readable+0x1c0/0x630 [ 661.531922][T19752] ? iov_iter_fault_in_readable+0x1c8/0x630 [ 661.537818][T19752] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 661.543726][T19752] ? uuid_parse+0x3e0/0x3e0 [ 661.548230][T19752] ? balance_dirty_pages_ratelimited+0x363/0x520 [ 661.554715][T19752] generic_perform_write+0x2f7/0x590 [ 661.559994][T19752] ? grab_cache_page_write_begin+0x90/0x90 [ 661.565886][T19752] ? file_remove_privs+0x610/0x610 [ 661.570987][T19752] ? down_write_trylock+0xd8/0x150 [ 661.576098][T19752] __generic_file_write_iter+0x232/0x460 [ 661.581891][T19752] ext4_file_write_iter+0x46f/0x1070 [ 661.587187][T19752] ? ext4_file_read_iter+0x140/0x140 [ 661.592468][T19752] ? avc_policy_seqno+0x17/0x70 [ 661.597405][T19752] ? selinux_file_permission+0x2d0/0x520 [ 661.603124][T19752] aio_write+0x472/0x610 [ 661.607458][T19752] ? aio_read+0x4f0/0x4f0 [ 661.611837][T19752] ? fget_many+0x20/0x20 [ 661.616320][T19752] ? io_submit_one+0x15c/0x2340 [ 661.621152][T19752] io_submit_one+0xa41/0x2340 [ 661.625825][T19752] ? do_user_addr_fault+0x6dd/0xb10 [ 661.631011][T19752] ? lookup_ioctx+0x460/0x460 [ 661.635667][T19752] ? __se_sys_io_submit+0xa4/0x3c0 [ 661.640945][T19752] ? lookup_ioctx+0x273/0x460 [ 661.645706][T19752] ? __sb_end_write+0xb5/0x100 [ 661.650514][T19752] __se_sys_io_submit+0x179/0x3c0 [ 661.655728][T19752] ? __x64_sys_io_submit+0x80/0x80 [ 661.661063][T19752] ? __ia32_sys_read+0x80/0x80 [ 661.665891][T19752] do_syscall_64+0xcb/0x150 [ 661.670745][T19752] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 661.676619][T19752] RIP: 0033:0x45e219 [ 661.680490][T19752] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 661.700163][T19752] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 661.708563][T19752] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 [ 661.716531][T19752] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 [ 661.724500][T19752] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 [ 661.732464][T19752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 661.740435][T19752] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 09:06:25 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 661.970275][T19764] 9pnet: Could not find request transport: fd0x0000000000000004 09:06:26 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xf6ffffff, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:26 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x3f00000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:26 executing program 5 (fault-call:8 fault-nth:6): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:26 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x2, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x400000, 0xec) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) [ 662.170193][T19781] FAULT_INJECTION: forcing a failure. [ 662.170193][T19781] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 662.184084][T19781] CPU: 0 PID: 19781 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 662.194702][T19781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 662.205323][T19781] Call Trace: [ 662.208626][T19781] dump_stack+0x1dd/0x24e [ 662.213136][T19781] ? devkmsg_release+0x11c/0x11c [ 662.218176][T19781] ? show_regs_print_info+0x12/0x12 [ 662.223387][T19781] ? ext4_da_get_block_prep+0xef5/0x1340 [ 662.229024][T19781] ? check_preemption_disabled+0x15a/0x330 [ 662.234901][T19781] should_fail+0x6fb/0x860 [ 662.239296][T19781] ? setup_fault_attr+0x3d0/0x3d0 [ 662.245352][T19781] ? _raw_spin_lock+0xa3/0x1b0 [ 662.251940][T19781] ? __rcu_read_lock+0x50/0x50 [ 662.258071][T19781] ? xas_load+0x468/0x4c0 [ 662.262717][T19781] __alloc_pages_nodemask+0x1ee/0x7c0 [ 662.268379][T19781] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 662.274127][T19781] pagecache_get_page+0x522/0x8a0 [ 662.279333][T19781] ? __up_read+0x6f/0x1b0 [ 662.283714][T19781] grab_cache_page_write_begin+0x50/0x90 [ 662.289467][T19781] ext4_da_write_begin+0x9e1/0xfc0 [ 662.294597][T19781] ? ext4_set_page_dirty+0x190/0x190 [ 662.299907][T19781] ? page_fault+0x2f/0x40 [ 662.304349][T19781] ? iov_iter_fault_in_readable+0x1a2/0x630 [ 662.310254][T19781] ? iov_iter_fault_in_readable+0x1c0/0x630 [ 662.316153][T19781] ? iov_iter_fault_in_readable+0x1c8/0x630 [ 662.322312][T19781] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 662.328484][T19781] ? uuid_parse+0x3e0/0x3e0 [ 662.333280][T19781] ? balance_dirty_pages_ratelimited+0x363/0x520 [ 662.339616][T19781] generic_perform_write+0x2f7/0x590 [ 662.344936][T19781] ? grab_cache_page_write_begin+0x90/0x90 [ 662.350751][T19781] ? file_remove_privs+0x610/0x610 [ 662.356574][T19781] ? down_write+0x147/0x150 [ 662.361087][T19781] __generic_file_write_iter+0x232/0x460 [ 662.366762][T19781] ext4_file_write_iter+0x46f/0x1070 [ 662.372143][T19781] ? __kasan_kmalloc+0x189/0x1c0 [ 662.377088][T19781] ? ext4_file_read_iter+0x140/0x140 [ 662.382410][T19781] ? avc_policy_seqno+0x17/0x70 [ 662.387528][T19781] ? selinux_file_permission+0x2d0/0x520 [ 662.393425][T19781] aio_write+0x472/0x610 [ 662.397688][T19781] ? aio_read+0x4f0/0x4f0 [ 662.402125][T19781] ? fget_many+0x20/0x20 [ 662.406395][T19781] ? io_submit_one+0x15c/0x2340 [ 662.411365][T19781] io_submit_one+0xa41/0x2340 [ 662.416090][T19781] ? do_user_addr_fault+0x6dd/0xb10 [ 662.421291][T19781] ? lookup_ioctx+0x460/0x460 [ 662.425972][T19781] ? __se_sys_io_submit+0xa4/0x3c0 [ 662.431071][T19781] ? lookup_ioctx+0x273/0x460 [ 662.435760][T19781] ? __sb_end_write+0xb5/0x100 [ 662.440509][T19781] __se_sys_io_submit+0x179/0x3c0 [ 662.445532][T19781] ? __x64_sys_io_submit+0x80/0x80 [ 662.450635][T19781] ? __ia32_sys_read+0x80/0x80 [ 662.455455][T19781] do_syscall_64+0xcb/0x150 [ 662.459968][T19781] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 662.465955][T19781] RIP: 0033:0x45e219 [ 662.469918][T19781] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 662.490577][T19781] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 662.499010][T19781] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 [ 662.508719][T19781] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 [ 662.517859][T19781] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 [ 662.526552][T19781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 662.535314][T19781] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 09:06:26 executing program 5 (fault-call:8 fault-nth:7): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 662.717340][T19788] FAULT_INJECTION: forcing a failure. [ 662.717340][T19788] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 662.732303][T19788] CPU: 1 PID: 19788 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 662.742440][T19788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 662.752971][T19788] Call Trace: [ 662.756372][T19788] dump_stack+0x1dd/0x24e [ 662.760739][T19788] ? devkmsg_release+0x11c/0x11c [ 662.765676][T19788] ? show_regs_print_info+0x12/0x12 [ 662.770862][T19788] ? ext4_da_get_block_prep+0xef5/0x1340 [ 662.776482][T19788] ? check_preemption_disabled+0x15a/0x330 [ 662.783141][T19788] should_fail+0x6fb/0x860 [ 662.788066][T19788] ? setup_fault_attr+0x3d0/0x3d0 [ 662.793198][T19788] ? _raw_spin_lock+0xa3/0x1b0 [ 662.797968][T19788] ? __rcu_read_lock+0x50/0x50 [ 662.802734][T19788] ? xas_load+0x468/0x4c0 [ 662.807065][T19788] __alloc_pages_nodemask+0x1ee/0x7c0 [ 662.813282][T19788] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 662.819353][T19788] pagecache_get_page+0x522/0x8a0 [ 662.825004][T19788] ? __up_read+0x6f/0x1b0 [ 662.829408][T19788] grab_cache_page_write_begin+0x50/0x90 [ 662.835297][T19788] ext4_da_write_begin+0x9e1/0xfc0 [ 662.840845][T19788] ? ext4_set_page_dirty+0x190/0x190 [ 662.846261][T19788] ? page_fault+0x2f/0x40 [ 662.850588][T19788] ? iov_iter_fault_in_readable+0x1a2/0x630 [ 662.856999][T19788] ? iov_iter_fault_in_readable+0x1c0/0x630 [ 662.862905][T19788] ? iov_iter_fault_in_readable+0x1c8/0x630 [ 662.869319][T19788] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 662.875220][T19788] ? uuid_parse+0x3e0/0x3e0 [ 662.879715][T19788] ? balance_dirty_pages_ratelimited+0x363/0x520 [ 662.886036][T19788] generic_perform_write+0x2f7/0x590 [ 662.892727][T19788] ? grab_cache_page_write_begin+0x90/0x90 [ 662.898531][T19788] ? file_remove_privs+0x610/0x610 [ 662.903645][T19788] ? down_write+0x147/0x150 [ 662.908165][T19788] __generic_file_write_iter+0x232/0x460 [ 662.913893][T19788] ext4_file_write_iter+0x46f/0x1070 [ 662.919218][T19788] ? __kasan_kmalloc+0x189/0x1c0 [ 662.924151][T19788] ? ext4_file_read_iter+0x140/0x140 [ 662.929453][T19788] ? avc_policy_seqno+0x17/0x70 [ 662.934337][T19788] ? selinux_file_permission+0x2d0/0x520 [ 662.939984][T19788] aio_write+0x472/0x610 [ 662.944485][T19788] ? aio_read+0x4f0/0x4f0 [ 662.948808][T19788] ? fget_many+0x20/0x20 [ 662.953129][T19788] ? io_submit_one+0x15c/0x2340 [ 662.958175][T19788] io_submit_one+0xa41/0x2340 [ 662.962838][T19788] ? do_user_addr_fault+0x6dd/0xb10 [ 662.968058][T19788] ? lookup_ioctx+0x460/0x460 [ 662.972728][T19788] ? __se_sys_io_submit+0xa4/0x3c0 [ 662.978053][T19788] ? lookup_ioctx+0x273/0x460 [ 662.982736][T19788] ? __sb_end_write+0xb5/0x100 [ 662.987501][T19788] __se_sys_io_submit+0x179/0x3c0 [ 662.992506][T19788] ? __x64_sys_io_submit+0x80/0x80 [ 662.997606][T19788] ? __ia32_sys_read+0x80/0x80 [ 663.002391][T19788] do_syscall_64+0xcb/0x150 [ 663.006920][T19788] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 663.012813][T19788] RIP: 0033:0x45e219 [ 663.016709][T19788] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 663.037092][T19788] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 663.046929][T19788] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 [ 663.054898][T19788] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 09:06:27 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x8000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:27 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xffff0000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:27 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x4000000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:27 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 663.062952][T19788] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 [ 663.070916][T19788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 663.078877][T19788] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 09:06:27 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f00000002c0)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x23}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500)}, {&(0x7f0000000500)="0917e40ecea6222645b2677fa04afd8aa90959071a18bfb267fbf408ef90330a0000b7a081352c6ec5d5d3d3d6f21ee811d83c8c7270dc74bde18f506d563e9b93", 0x41}, {&(0x7f0000000340)="93963271c77a3c3c68d83ac7350c391d2031fd39b21e073e968c504c70fb70dce7937191ed495e11506bb3f8f0ceb6628b7aebc88deec1c24ac975844c2d2c493cb36e034648966331f7d885fd13f4119b6abfc366089da83e5a73d17fd4d1c4f47b6aa04733a2e200c1ce5c75532e0679df188cee4a4987d46ccab127dd2c55b9497fe6d54886a3efd6cd5659c22b4bf67dd3ba5ec180c1c48184ebdcd5acde83e4a4dd6379629ebc83e0d5635dcf81f1264cec1fb270d4177f2d6d8aa7cd820a5ca0ae757839", 0xc7}], 0x3, 0xb) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0xd8442, 0x93) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(0xffffffffffffffff, 0x9, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x9) io_setup(0x1ff, &(0x7f00000004c0)) io_submit(0x0, 0x2, &(0x7f0000000240)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6}, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x8, 0x2, 0xffffffffffffffff, &(0x7f0000000100)="b65bcd8281e96ae8543bfbd9", 0xc, 0xffff, 0x0, 0x1}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:27 executing program 5 (fault-call:8 fault-nth:8): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 663.184872][T19807] 9pnet: Could not find request transport: fd0x0000000000000004 [ 663.269939][T19817] FAULT_INJECTION: forcing a failure. [ 663.269939][T19817] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 663.283678][T19817] CPU: 1 PID: 19817 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 663.294539][T19817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 663.304580][T19817] Call Trace: [ 663.307864][T19817] dump_stack+0x1dd/0x24e [ 663.312301][T19817] ? devkmsg_release+0x11c/0x11c [ 663.317237][T19817] ? show_regs_print_info+0x12/0x12 [ 663.322427][T19817] ? ext4_da_get_block_prep+0xef5/0x1340 [ 663.328382][T19817] ? check_preemption_disabled+0x15a/0x330 [ 663.334178][T19817] should_fail+0x6fb/0x860 [ 663.338611][T19817] ? setup_fault_attr+0x3d0/0x3d0 [ 663.343875][T19817] ? _raw_spin_lock+0xa3/0x1b0 [ 663.348685][T19817] ? __rcu_read_lock+0x50/0x50 [ 663.353462][T19817] ? xas_load+0x468/0x4c0 [ 663.357775][T19817] __alloc_pages_nodemask+0x1ee/0x7c0 [ 663.363160][T19817] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 663.368725][T19817] pagecache_get_page+0x522/0x8a0 [ 663.373754][T19817] ? __up_read+0x6f/0x1b0 [ 663.378088][T19817] grab_cache_page_write_begin+0x50/0x90 [ 663.383749][T19817] ext4_da_write_begin+0x9e1/0xfc0 [ 663.389045][T19817] ? ext4_set_page_dirty+0x190/0x190 [ 663.394323][T19817] ? page_fault+0x2f/0x40 [ 663.398723][T19817] ? iov_iter_fault_in_readable+0x1a2/0x630 [ 663.404623][T19817] ? iov_iter_fault_in_readable+0x1c0/0x630 [ 663.410651][T19817] ? iov_iter_fault_in_readable+0x1c8/0x630 [ 663.416537][T19817] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 663.422547][T19817] ? uuid_parse+0x3e0/0x3e0 [ 663.427297][T19817] ? balance_dirty_pages_ratelimited+0x363/0x520 [ 663.433619][T19817] generic_perform_write+0x2f7/0x590 [ 663.438925][T19817] ? grab_cache_page_write_begin+0x90/0x90 [ 663.444825][T19817] ? file_remove_privs+0x610/0x610 [ 663.449971][T19817] ? down_write+0x147/0x150 [ 663.454566][T19817] __generic_file_write_iter+0x232/0x460 [ 663.460296][T19817] ext4_file_write_iter+0x46f/0x1070 [ 663.465669][T19817] ? __kasan_kmalloc+0x189/0x1c0 [ 663.475895][T19817] ? ext4_file_read_iter+0x140/0x140 [ 663.481255][T19817] ? avc_policy_seqno+0x17/0x70 [ 663.486133][T19817] ? selinux_file_permission+0x2d0/0x520 [ 663.492125][T19817] aio_write+0x472/0x610 [ 663.497221][T19817] ? aio_read+0x4f0/0x4f0 [ 663.501548][T19817] ? fget_many+0x20/0x20 [ 663.506152][T19817] ? io_submit_one+0x15c/0x2340 [ 663.511343][T19817] io_submit_one+0xa41/0x2340 [ 663.516537][T19817] ? do_user_addr_fault+0x6dd/0xb10 [ 663.522532][T19817] ? lookup_ioctx+0x460/0x460 [ 663.529047][T19817] ? __se_sys_io_submit+0xa4/0x3c0 [ 663.534848][T19817] ? lookup_ioctx+0x273/0x460 [ 663.540672][T19817] ? __sb_end_write+0xb5/0x100 [ 663.545431][T19817] __se_sys_io_submit+0x179/0x3c0 [ 663.550735][T19817] ? __x64_sys_io_submit+0x80/0x80 [ 663.557834][T19817] ? __ia32_sys_read+0x80/0x80 [ 663.562730][T19817] do_syscall_64+0xcb/0x150 [ 663.567418][T19817] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 663.573824][T19817] RIP: 0033:0x45e219 [ 663.577693][T19817] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 663.598883][T19817] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 663.607276][T19817] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 [ 663.617558][T19817] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 [ 663.625894][T19817] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 [ 663.635307][T19817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008 [ 663.643287][T19817] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 09:06:27 executing program 5 (fault-call:8 fault-nth:9): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 663.818716][T19822] FAULT_INJECTION: forcing a failure. [ 663.818716][T19822] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 663.833530][T19822] CPU: 0 PID: 19822 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 663.849534][T19822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 663.867828][T19822] Call Trace: [ 663.871129][T19822] dump_stack+0x1dd/0x24e [ 663.875448][T19822] ? devkmsg_release+0x11c/0x11c [ 663.880372][T19822] ? show_regs_print_info+0x12/0x12 [ 663.885551][T19822] ? ext4_da_get_block_prep+0xef5/0x1340 [ 663.891379][T19822] ? check_preemption_disabled+0x15a/0x330 [ 663.897168][T19822] should_fail+0x6fb/0x860 [ 663.901826][T19822] ? setup_fault_attr+0x3d0/0x3d0 [ 663.906846][T19822] ? _raw_spin_lock+0xa3/0x1b0 [ 663.911628][T19822] ? __rcu_read_lock+0x50/0x50 09:06:28 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 663.916382][T19822] ? xas_load+0x468/0x4c0 [ 663.921234][T19822] __alloc_pages_nodemask+0x1ee/0x7c0 [ 663.926771][T19822] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 663.933042][T19822] pagecache_get_page+0x522/0x8a0 [ 663.939922][T19822] ? __up_read+0x6f/0x1b0 [ 663.944326][T19822] grab_cache_page_write_begin+0x50/0x90 [ 663.954084][T19822] ext4_da_write_begin+0x9e1/0xfc0 [ 663.960010][T19822] ? ext4_set_page_dirty+0x190/0x190 [ 663.973649][T19822] ? page_fault+0x2f/0x40 [ 663.982105][T19822] ? iov_iter_fault_in_readable+0x1a2/0x630 [ 663.988523][T19822] ? iov_iter_fault_in_readable+0x1c0/0x630 [ 663.994690][T19822] ? iov_iter_fault_in_readable+0x1c8/0x630 [ 664.000607][T19822] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 664.006515][T19822] ? uuid_parse+0x3e0/0x3e0 [ 664.011351][T19822] ? balance_dirty_pages_ratelimited+0x363/0x520 [ 664.018388][T19822] generic_perform_write+0x2f7/0x590 [ 664.023859][T19822] ? grab_cache_page_write_begin+0x90/0x90 [ 664.029668][T19822] ? file_remove_privs+0x610/0x610 [ 664.035358][T19822] ? down_write+0x147/0x150 [ 664.040181][T19822] __generic_file_write_iter+0x232/0x460 [ 664.045894][T19822] ext4_file_write_iter+0x46f/0x1070 [ 664.052125][T19822] ? __kasan_kmalloc+0x189/0x1c0 [ 664.057622][T19822] ? ext4_file_read_iter+0x140/0x140 [ 664.062981][T19822] ? avc_policy_seqno+0x17/0x70 [ 664.067828][T19822] ? selinux_file_permission+0x2d0/0x520 [ 664.073510][T19822] aio_write+0x472/0x610 [ 664.078096][T19822] ? aio_read+0x4f0/0x4f0 [ 664.082431][T19822] ? fget_many+0x20/0x20 [ 664.086930][T19822] ? io_submit_one+0x15c/0x2340 [ 664.091772][T19822] io_submit_one+0xa41/0x2340 [ 664.096432][T19822] ? do_user_addr_fault+0x6dd/0xb10 [ 664.101611][T19822] ? lookup_ioctx+0x460/0x460 [ 664.106294][T19822] ? __se_sys_io_submit+0xa4/0x3c0 [ 664.111435][T19822] ? lookup_ioctx+0x273/0x460 [ 664.116934][T19822] ? __sb_end_write+0xb5/0x100 [ 664.121712][T19822] __se_sys_io_submit+0x179/0x3c0 [ 664.126758][T19822] ? __x64_sys_io_submit+0x80/0x80 [ 664.132034][T19822] ? __ia32_sys_read+0x80/0x80 [ 664.137523][T19822] do_syscall_64+0xcb/0x150 [ 664.142018][T19822] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 664.147901][T19822] RIP: 0033:0x45e219 [ 664.151800][T19822] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 09:06:28 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xffffff7f, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:28 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x8cffffff00000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 664.172634][T19822] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 664.181024][T19822] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 [ 664.188984][T19822] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 [ 664.197070][T19822] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 [ 664.205568][T19822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000009 [ 664.213530][T19822] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 09:06:28 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xa000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:28 executing program 3: prlimit64(0x0, 0x4, &(0x7f0000000280)={0x2, 0xfffffffffffffff9}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x49a}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)) io_submit(0x0, 0x2, &(0x7f0000000300)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x2, 0x2, r5, &(0x7f00000000c0)="eafe178ee1361bf0f8d60905361589fe18b97ec86373342c82fc0061c3439667f5088262ecb8b32576eeb438e46afe03033480fef81725f507186016c20fdf49b4fff6de421750db1b8e6e72f40bc101141f4ef1044c7bc9c5a8ecf1fe547d1fcd9c53ed4f", 0x65, 0x5, 0x0, 0x7b73a553346abc86}, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x1, 0xffffffffffffffff, &(0x7f0000000200), 0x0, 0x6, 0x0, 0x0, r4}]) r6 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:28 executing program 5 (fault-call:8 fault-nth:10): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 664.302920][T19842] 9pnet: Could not find request transport: fd0x0000000000000004 [ 664.391989][T19850] FAULT_INJECTION: forcing a failure. [ 664.391989][T19850] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 664.407101][T19850] CPU: 1 PID: 19850 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 664.420984][T19850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 664.431125][T19850] Call Trace: [ 664.434614][T19850] dump_stack+0x1dd/0x24e [ 664.439128][T19850] ? devkmsg_release+0x11c/0x11c [ 664.444073][T19850] ? show_regs_print_info+0x12/0x12 [ 664.449446][T19850] ? ext4_da_get_block_prep+0xef5/0x1340 [ 664.455697][T19850] ? check_preemption_disabled+0x15a/0x330 [ 664.462419][T19850] should_fail+0x6fb/0x860 [ 664.467297][T19850] ? setup_fault_attr+0x3d0/0x3d0 [ 664.473818][T19850] ? _raw_spin_lock+0xa3/0x1b0 [ 664.478587][T19850] ? __rcu_read_lock+0x50/0x50 [ 664.483704][T19850] ? xas_load+0x468/0x4c0 [ 664.488639][T19850] __alloc_pages_nodemask+0x1ee/0x7c0 [ 664.494015][T19850] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 664.499573][T19850] pagecache_get_page+0x522/0x8a0 [ 664.504685][T19850] ? __up_read+0x6f/0x1b0 [ 664.509049][T19850] grab_cache_page_write_begin+0x50/0x90 [ 664.514721][T19850] ext4_da_write_begin+0x9e1/0xfc0 [ 664.519852][T19850] ? ext4_set_page_dirty+0x190/0x190 [ 664.525184][T19850] ? page_fault+0x2f/0x40 [ 664.530502][T19850] ? iov_iter_fault_in_readable+0x1a2/0x630 [ 664.536412][T19850] ? iov_iter_fault_in_readable+0x1c0/0x630 [ 664.542317][T19850] ? iov_iter_fault_in_readable+0x1c8/0x630 [ 664.549273][T19850] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 664.555446][T19850] ? uuid_parse+0x3e0/0x3e0 [ 664.559965][T19850] ? balance_dirty_pages_ratelimited+0x363/0x520 [ 664.566380][T19850] generic_perform_write+0x2f7/0x590 [ 664.573549][T19850] ? grab_cache_page_write_begin+0x90/0x90 [ 664.579882][T19850] ? file_remove_privs+0x610/0x610 [ 664.584980][T19850] ? down_write+0x147/0x150 [ 664.590760][T19850] __generic_file_write_iter+0x232/0x460 [ 664.599471][T19850] ext4_file_write_iter+0x46f/0x1070 [ 664.608712][T19850] ? __kasan_kmalloc+0x189/0x1c0 [ 664.615472][T19850] ? ext4_file_read_iter+0x140/0x140 [ 664.623833][T19850] ? avc_policy_seqno+0x17/0x70 [ 664.628873][T19850] ? selinux_file_permission+0x2d0/0x520 [ 664.635411][T19850] aio_write+0x472/0x610 [ 664.639998][T19850] ? aio_read+0x4f0/0x4f0 [ 664.644311][T19850] ? fget_many+0x20/0x20 [ 664.648556][T19850] ? io_submit_one+0x15c/0x2340 [ 664.654959][T19850] io_submit_one+0xa41/0x2340 [ 664.659640][T19850] ? do_user_addr_fault+0x6dd/0xb10 [ 664.664922][T19850] ? lookup_ioctx+0x460/0x460 [ 664.669638][T19850] ? __se_sys_io_submit+0xa4/0x3c0 [ 664.674795][T19850] ? lookup_ioctx+0x273/0x460 [ 664.679507][T19850] ? __sb_end_write+0xb5/0x100 [ 664.684260][T19850] __se_sys_io_submit+0x179/0x3c0 [ 664.689473][T19850] ? __x64_sys_io_submit+0x80/0x80 [ 664.694678][T19850] ? __ia32_sys_read+0x80/0x80 [ 664.699885][T19850] do_syscall_64+0xcb/0x150 [ 664.705894][T19850] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 664.711778][T19850] RIP: 0033:0x45e219 [ 664.715651][T19850] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 664.735330][T19850] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 664.743721][T19850] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 [ 664.751677][T19850] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 [ 664.760343][T19850] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 [ 664.768701][T19850] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000a [ 664.776670][T19850] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 09:06:28 executing program 5 (fault-call:8 fault-nth:11): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 664.988828][T19855] FAULT_INJECTION: forcing a failure. [ 664.988828][T19855] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 665.002435][T19855] CPU: 0 PID: 19855 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 665.012578][T19855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 665.022724][T19855] Call Trace: [ 665.026020][T19855] dump_stack+0x1dd/0x24e [ 665.030459][T19855] ? devkmsg_release+0x11c/0x11c [ 665.035415][T19855] ? show_regs_print_info+0x12/0x12 [ 665.040596][T19855] ? ext4_da_get_block_prep+0xef5/0x1340 [ 665.046214][T19855] ? check_preemption_disabled+0x15a/0x330 [ 665.052230][T19855] should_fail+0x6fb/0x860 [ 665.056667][T19855] ? setup_fault_attr+0x3d0/0x3d0 [ 665.061693][T19855] ? _raw_spin_lock+0xa3/0x1b0 [ 665.066473][T19855] ? __rcu_read_lock+0x50/0x50 [ 665.071662][T19855] ? xas_load+0x468/0x4c0 [ 665.076000][T19855] __alloc_pages_nodemask+0x1ee/0x7c0 [ 665.081417][T19855] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 665.086986][T19855] pagecache_get_page+0x522/0x8a0 [ 665.091996][T19855] ? __up_read+0x6f/0x1b0 [ 665.096730][T19855] grab_cache_page_write_begin+0x50/0x90 [ 665.102397][T19855] ext4_da_write_begin+0x9e1/0xfc0 [ 665.108633][T19855] ? ext4_set_page_dirty+0x190/0x190 [ 665.114083][T19855] ? page_fault+0x2f/0x40 [ 665.118646][T19855] ? iov_iter_fault_in_readable+0x1a2/0x630 [ 665.124608][T19855] ? iov_iter_fault_in_readable+0x1c0/0x630 [ 665.130587][T19855] ? iov_iter_fault_in_readable+0x1c8/0x630 09:06:29 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xffffff8c, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 665.136487][T19855] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 665.142396][T19855] ? uuid_parse+0x3e0/0x3e0 [ 665.146911][T19855] ? balance_dirty_pages_ratelimited+0x363/0x520 [ 665.153254][T19855] generic_perform_write+0x2f7/0x590 [ 665.158546][T19855] ? grab_cache_page_write_begin+0x90/0x90 [ 665.164839][T19855] ? file_remove_privs+0x610/0x610 [ 665.170091][T19855] ? down_write+0x147/0x150 [ 665.174699][T19855] __generic_file_write_iter+0x232/0x460 [ 665.180329][T19855] ext4_file_write_iter+0x46f/0x1070 [ 665.186085][T19855] ? __kasan_kmalloc+0x189/0x1c0 [ 665.191041][T19855] ? ext4_file_read_iter+0x140/0x140 [ 665.196359][T19855] ? avc_policy_seqno+0x17/0x70 [ 665.201201][T19855] ? selinux_file_permission+0x2d0/0x520 [ 665.207872][T19855] aio_write+0x472/0x610 [ 665.212117][T19855] ? aio_read+0x4f0/0x4f0 [ 665.216439][T19855] ? fget_many+0x20/0x20 [ 665.220680][T19855] ? io_submit_one+0x15c/0x2340 [ 665.225512][T19855] io_submit_one+0xa41/0x2340 [ 665.230191][T19855] ? do_user_addr_fault+0x6dd/0xb10 [ 665.235390][T19855] ? lookup_ioctx+0x460/0x460 [ 665.240065][T19855] ? __se_sys_io_submit+0xa4/0x3c0 [ 665.245194][T19855] ? lookup_ioctx+0x273/0x460 [ 665.249848][T19855] ? __sb_end_write+0xb5/0x100 [ 665.254589][T19855] __se_sys_io_submit+0x179/0x3c0 [ 665.260740][T19855] ? __x64_sys_io_submit+0x80/0x80 [ 665.265833][T19855] ? __ia32_sys_read+0x80/0x80 [ 665.270578][T19855] do_syscall_64+0xcb/0x150 [ 665.275084][T19855] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 665.281038][T19855] RIP: 0033:0x45e219 [ 665.284946][T19855] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 665.305059][T19855] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 665.313547][T19855] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 [ 665.321522][T19855] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 [ 665.329494][T19855] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 09:06:29 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x10000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:29 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfd', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 665.337448][T19855] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000b [ 665.345422][T19855] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 09:06:29 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0xf6ffffff00000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:29 executing program 5 (fault-call:8 fault-nth:12): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:29 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) ioctl$IOC_PR_PREEMPT(r2, 0x401870cb, &(0x7f0000000100)={0x401, 0xfffffffffffffffa, 0x80000000, 0x90}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f00000002c0)="23e50149e5c6f388f784e4e2ebeb652a4981e2cbc250723da26fb7709c0fcf8c3611467591503675a6e91df564fe2d6746f69d4a3787946c8f876d0283cbd7137821541dbe7df8d7110d7b040d64b3b28dfc09cb6a4d786ab902ef37c8a5e01b1bdaff5ee592aa73f4e3d379a0d6e8bb4424c0008cddacef933a7b70f30ad6dbe25d3a4f9193cbe0108ccc2780a07d234689b6ee41188f967c13a4f2748f709a64d74651e5d064435be26ad51d9b3bc697292b4f0ac57a89b8be424a3afa65fdf6df2a3e78b7f808d0d50b731594ad8bfe646463dc15991e3f7b4540003a0ca44df7c21c1500"/240, 0xf0}], 0x1, 0xc) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) write(0xffffffffffffffff, &(0x7f00000003c0)="9986730c99f1d3af464aaf0d6e4770da882753f5c0e235bd4ec545940b5b7820987b3f7634f2e973a1e025a0fc794dd3dfc211efc3b9bf57a1da9bfe643f4d99fd79290b324f018c3c7eb13727d8253f1ca1cdf070b019b429fe7f5107c2a3977f8f8b0bf3770c1206cc0456f4861dd6d4e1434d54713b63ae", 0x79) r4 = open(&(0x7f0000000040)='./bus\x00', 0x40002, 0x138) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) lseek(r5, 0x7fff, 0x3) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r4, r4, 0x0, 0x8080ffffff7e) [ 665.448803][T19874] 9pnet: Insufficient options for proto=fd [ 665.529813][T19882] FAULT_INJECTION: forcing a failure. [ 665.529813][T19882] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 665.543173][T19882] CPU: 0 PID: 19882 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 665.553438][T19882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 665.563515][T19882] Call Trace: [ 665.566819][T19882] dump_stack+0x1dd/0x24e [ 665.571149][T19882] ? devkmsg_release+0x11c/0x11c [ 665.576135][T19882] ? show_regs_print_info+0x12/0x12 [ 665.581313][T19882] ? ext4_da_get_block_prep+0xef5/0x1340 [ 665.587048][T19882] ? check_preemption_disabled+0x15a/0x330 [ 665.592845][T19882] should_fail+0x6fb/0x860 [ 665.597264][T19882] ? setup_fault_attr+0x3d0/0x3d0 [ 665.602301][T19882] ? _raw_spin_lock+0xa3/0x1b0 [ 665.607057][T19882] ? __rcu_read_lock+0x50/0x50 [ 665.611815][T19882] ? xas_load+0x468/0x4c0 [ 665.616175][T19882] __alloc_pages_nodemask+0x1ee/0x7c0 [ 665.621684][T19882] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 665.627230][T19882] pagecache_get_page+0x522/0x8a0 [ 665.632241][T19882] ? __up_read+0x6f/0x1b0 [ 665.636701][T19882] grab_cache_page_write_begin+0x50/0x90 [ 665.642339][T19882] ext4_da_write_begin+0x9e1/0xfc0 [ 665.647449][T19882] ? ext4_set_page_dirty+0x190/0x190 [ 665.652733][T19882] ? page_fault+0x2f/0x40 [ 665.657127][T19882] ? iov_iter_fault_in_readable+0x1a2/0x630 [ 665.663048][T19882] ? iov_iter_fault_in_readable+0x1c0/0x630 [ 665.668939][T19882] ? iov_iter_fault_in_readable+0x1c8/0x630 [ 665.674834][T19882] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 665.680734][T19882] ? uuid_parse+0x3e0/0x3e0 [ 665.685235][T19882] ? balance_dirty_pages_ratelimited+0x363/0x520 [ 665.691548][T19882] generic_perform_write+0x2f7/0x590 [ 665.696832][T19882] ? grab_cache_page_write_begin+0x90/0x90 [ 665.702649][T19882] ? file_remove_privs+0x610/0x610 [ 665.707745][T19882] ? down_write+0x147/0x150 [ 665.712240][T19882] __generic_file_write_iter+0x232/0x460 [ 665.717883][T19882] ext4_file_write_iter+0x46f/0x1070 [ 665.723179][T19882] ? __kasan_kmalloc+0x189/0x1c0 [ 665.728104][T19882] ? ext4_file_read_iter+0x140/0x140 [ 665.733417][T19882] ? avc_policy_seqno+0x17/0x70 [ 665.738423][T19882] ? selinux_file_permission+0x2d0/0x520 [ 665.744060][T19882] aio_write+0x472/0x610 [ 665.748310][T19882] ? aio_read+0x4f0/0x4f0 [ 665.752621][T19882] ? fget_many+0x20/0x20 [ 665.756861][T19882] ? io_submit_one+0x15c/0x2340 [ 665.761709][T19882] io_submit_one+0xa41/0x2340 [ 665.766413][T19882] ? do_user_addr_fault+0x6dd/0xb10 [ 665.771615][T19882] ? lookup_ioctx+0x460/0x460 [ 665.776321][T19882] ? __se_sys_io_submit+0xa4/0x3c0 [ 665.781417][T19882] ? lookup_ioctx+0x273/0x460 [ 665.786129][T19882] ? __sb_end_write+0xb5/0x100 [ 665.790995][T19882] __se_sys_io_submit+0x179/0x3c0 [ 665.796004][T19882] ? __x64_sys_io_submit+0x80/0x80 [ 665.801140][T19882] ? __ia32_sys_read+0x80/0x80 [ 665.805890][T19882] do_syscall_64+0xcb/0x150 [ 665.810385][T19882] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 665.816262][T19882] RIP: 0033:0x45e219 [ 665.820165][T19882] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 665.839929][T19882] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 665.848358][T19882] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 [ 665.856314][T19882] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 [ 665.864276][T19882] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 [ 665.872247][T19882] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000c [ 665.880203][T19882] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 09:06:30 executing program 5 (fault-call:8 fault-nth:13): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 666.048857][T19887] FAULT_INJECTION: forcing a failure. [ 666.048857][T19887] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 666.062284][T19887] CPU: 0 PID: 19887 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 666.072699][T19887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 666.082749][T19887] Call Trace: [ 666.086025][T19887] dump_stack+0x1dd/0x24e [ 666.090341][T19887] ? devkmsg_release+0x11c/0x11c [ 666.095257][T19887] ? show_regs_print_info+0x12/0x12 [ 666.100440][T19887] ? ext4_da_get_block_prep+0xef5/0x1340 [ 666.106066][T19887] ? check_preemption_disabled+0x15a/0x330 [ 666.111856][T19887] should_fail+0x6fb/0x860 [ 666.116300][T19887] ? setup_fault_attr+0x3d0/0x3d0 [ 666.121315][T19887] ? _raw_spin_lock+0xa3/0x1b0 [ 666.126076][T19887] ? __rcu_read_lock+0x50/0x50 [ 666.130826][T19887] ? xas_load+0x468/0x4c0 [ 666.135176][T19887] __alloc_pages_nodemask+0x1ee/0x7c0 [ 666.140965][T19887] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 666.146503][T19887] pagecache_get_page+0x522/0x8a0 [ 666.151506][T19887] ? __up_read+0x6f/0x1b0 [ 666.155845][T19887] grab_cache_page_write_begin+0x50/0x90 [ 666.161467][T19887] ext4_da_write_begin+0x9e1/0xfc0 [ 666.166579][T19887] ? ext4_set_page_dirty+0x190/0x190 [ 666.171862][T19887] ? page_fault+0x2f/0x40 [ 666.176173][T19887] ? iov_iter_fault_in_readable+0x1a2/0x630 [ 666.182056][T19887] ? iov_iter_fault_in_readable+0x1c0/0x630 [ 666.187940][T19887] ? iov_iter_fault_in_readable+0x1c8/0x630 [ 666.193828][T19887] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 666.199710][T19887] ? uuid_parse+0x3e0/0x3e0 [ 666.204228][T19887] ? balance_dirty_pages_ratelimited+0x363/0x520 [ 666.210552][T19887] generic_perform_write+0x2f7/0x590 [ 666.215828][T19887] ? grab_cache_page_write_begin+0x90/0x90 [ 666.221628][T19887] ? file_remove_privs+0x610/0x610 [ 666.226780][T19887] ? down_write+0x147/0x150 [ 666.231359][T19887] __generic_file_write_iter+0x232/0x460 [ 666.236992][T19887] ext4_file_write_iter+0x46f/0x1070 [ 666.242285][T19887] ? __kasan_kmalloc+0x189/0x1c0 [ 666.247204][T19887] ? ext4_file_read_iter+0x140/0x140 [ 666.252476][T19887] ? avc_policy_seqno+0x17/0x70 [ 666.257372][T19887] ? selinux_file_permission+0x2d0/0x520 [ 666.263037][T19887] aio_write+0x472/0x610 [ 666.267256][T19887] ? aio_read+0x4f0/0x4f0 [ 666.271651][T19887] ? fget_many+0x20/0x20 [ 666.275885][T19887] ? io_submit_one+0x15c/0x2340 [ 666.280728][T19887] io_submit_one+0xa41/0x2340 [ 666.285409][T19887] ? do_user_addr_fault+0x6dd/0xb10 [ 666.290591][T19887] ? lookup_ioctx+0x460/0x460 [ 666.295246][T19887] ? __se_sys_io_submit+0xa4/0x3c0 [ 666.300332][T19887] ? lookup_ioctx+0x273/0x460 [ 666.304987][T19887] ? __sb_end_write+0xb5/0x100 [ 666.309728][T19887] __se_sys_io_submit+0x179/0x3c0 [ 666.314731][T19887] ? __x64_sys_io_submit+0x80/0x80 [ 666.319840][T19887] ? __ia32_sys_read+0x80/0x80 [ 666.324634][T19887] do_syscall_64+0xcb/0x150 [ 666.329210][T19887] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 666.335128][T19887] RIP: 0033:0x45e219 [ 666.339044][T19887] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 666.359539][T19887] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 666.368804][T19887] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 [ 666.376789][T19887] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 [ 666.384740][T19887] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 [ 666.392706][T19887] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000d 09:06:30 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfd', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:30 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xfffffff6, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:30 executing program 3: prlimit64(0x0, 0xa, &(0x7f0000000280)={0x8, 0xfffffffffffffffd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000000, 0x0) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1000000000000) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000500)=[{&(0x7f0000000540)="b0d3544dabe9fa285cc1a63a89c8ab44332af4354fc195fa52c07b191c0411fc99bd91033a52b10cb2e08b5778ac9405870274ffd6aa613c9744aafcf7e9e49bbc5068372d5f052583d38b324320c4efe36ed689b99fff0c8e7b602a055e090d981aa7a9116afa0f5d21bc532349430a8a8b17d87f2e621d494dc5daaa01009116b87e85f70b17ee1ca284665dfc0eec17b80f873b91c077198ce0bc6cb17f8efcd4eaf7250c5755c894cdad6faaefcd4be545ee8f80ff178fc40b"}, {&(0x7f00000003c0)="a28c1ee29233d2673bc31ba00e31f2834b5acf7efebeb6fa9e3fe9bb9cc1998e83863926158f176bc6eca687e0421cfebf9671916a993ad2b17722fe70f9807ca0ad121fc9642ae16b52745eebf26194ed3a448ba9e9565742485e7fcea6d4c6ad6bb8d5c0de5eaf9949f714549b95553d073d23b68a825a880d006c5e4ab56dc66cb9ffb5bcc9d35e171a9fb5bec0056339afb2"}, {&(0x7f0000000600)="30272d602e448b3c4b0f27530d87c6688637b3eeabf68efa6f60d5b6a3f8d495a3849f4972357cb3518730520757a6d44f6371c375bbd9b33a019556fff707a647adc8464f82bdcf874391a96aec3aedbcb34ae674eee38704644cc0f3f6aa1dce9d260d9cb47447d32ce199fd39f620", 0x61}], 0x1, 0x1) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x41, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x44) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x1, &(0x7f0000000180)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x3, 0x1d, 0xffffffffffffffff, &(0x7f00000002c0)="26f00c10d696c4a6fee5f6f00d9f864a2ad220e3462a39ff27c3498c141bc3ddaebc54a7df49c14feb2e0301b625ab045f73263a25b70795acf7d10191c1449a9b3894dd6189a1a1acf4bb6fa98ff9e1a64ba3683ad57a43ec1b65a34ead1eefb0c961b7a651982f26789348711822170bb625f30efb27442085f425021d2f99fd1b434ccc8af6ceb81f8b33774de8cc00c25d007d3b55755ef00dd103b8edc82b2c6383124cc9fac00ac7a0a3be1d8a756a4a550e7d1992fa56f165404e43d7a19c26", 0xc3, 0x85, 0x0, 0x2}]) open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:30 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x20000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 666.400671][T19887] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 09:06:30 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0xfeffffff00000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:30 executing program 5 (fault-call:8 fault-nth:14): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 666.479787][T19905] 9pnet: Insufficient options for proto=fd [ 666.599666][T19913] FAULT_INJECTION: forcing a failure. [ 666.599666][T19913] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 666.613063][T19913] CPU: 1 PID: 19913 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 666.623201][T19913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 666.633254][T19913] Call Trace: [ 666.636546][T19913] dump_stack+0x1dd/0x24e [ 666.640865][T19913] ? devkmsg_release+0x11c/0x11c [ 666.645779][T19913] ? show_regs_print_info+0x12/0x12 [ 666.650957][T19913] ? ext4_da_get_block_prep+0xef5/0x1340 [ 666.656615][T19913] ? check_preemption_disabled+0x15a/0x330 [ 666.662593][T19913] should_fail+0x6fb/0x860 [ 666.667001][T19913] ? setup_fault_attr+0x3d0/0x3d0 [ 666.672007][T19913] ? _raw_spin_lock+0xa3/0x1b0 [ 666.676763][T19913] ? __rcu_read_lock+0x50/0x50 [ 666.681514][T19913] ? xas_load+0x468/0x4c0 [ 666.685844][T19913] __alloc_pages_nodemask+0x1ee/0x7c0 [ 666.691263][T19913] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 666.696825][T19913] pagecache_get_page+0x522/0x8a0 [ 666.701826][T19913] ? __up_read+0x6f/0x1b0 [ 666.706129][T19913] grab_cache_page_write_begin+0x50/0x90 [ 666.711752][T19913] ext4_da_write_begin+0x9e1/0xfc0 [ 666.716874][T19913] ? ext4_set_page_dirty+0x190/0x190 [ 666.722164][T19913] ? page_fault+0x2f/0x40 [ 666.726490][T19913] ? iov_iter_fault_in_readable+0x1a2/0x630 [ 666.732380][T19913] ? iov_iter_fault_in_readable+0x1c0/0x630 [ 666.738268][T19913] ? iov_iter_fault_in_readable+0x1c8/0x630 [ 666.744147][T19913] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 666.750024][T19913] ? uuid_parse+0x3e0/0x3e0 [ 666.754505][T19913] ? balance_dirty_pages_ratelimited+0x363/0x520 [ 666.760812][T19913] generic_perform_write+0x2f7/0x590 [ 666.766093][T19913] ? grab_cache_page_write_begin+0x90/0x90 [ 666.771910][T19913] ? file_remove_privs+0x610/0x610 [ 666.777002][T19913] ? down_write+0x147/0x150 [ 666.781498][T19913] __generic_file_write_iter+0x232/0x460 [ 666.787115][T19913] ext4_file_write_iter+0x46f/0x1070 [ 666.792386][T19913] ? __kasan_kmalloc+0x189/0x1c0 [ 666.797305][T19913] ? ext4_file_read_iter+0x140/0x140 [ 666.802585][T19913] ? avc_policy_seqno+0x17/0x70 [ 666.807433][T19913] ? selinux_file_permission+0x2d0/0x520 [ 666.813064][T19913] aio_write+0x472/0x610 [ 666.817302][T19913] ? aio_read+0x4f0/0x4f0 [ 666.821619][T19913] ? fget_many+0x20/0x20 [ 666.825856][T19913] ? io_submit_one+0x15c/0x2340 [ 666.830693][T19913] io_submit_one+0xa41/0x2340 [ 666.835378][T19913] ? do_user_addr_fault+0x6dd/0xb10 [ 666.840556][T19913] ? lookup_ioctx+0x460/0x460 [ 666.845226][T19913] ? __se_sys_io_submit+0xa4/0x3c0 [ 666.850325][T19913] ? lookup_ioctx+0x273/0x460 [ 666.855003][T19913] ? __sb_end_write+0xb5/0x100 [ 666.859750][T19913] __se_sys_io_submit+0x179/0x3c0 [ 666.864857][T19913] ? __x64_sys_io_submit+0x80/0x80 [ 666.869951][T19913] ? __ia32_sys_read+0x80/0x80 [ 666.874695][T19913] do_syscall_64+0xcb/0x150 [ 666.879210][T19913] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 666.885096][T19913] RIP: 0033:0x45e219 [ 666.889231][T19913] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 666.908816][T19913] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 666.917207][T19913] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 [ 666.925155][T19913] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 [ 666.933104][T19913] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 [ 666.941053][T19913] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000e [ 666.949001][T19913] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 09:06:31 executing program 5 (fault-call:8 fault-nth:15): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 667.118276][T19917] FAULT_INJECTION: forcing a failure. [ 667.118276][T19917] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 667.131679][T19917] CPU: 1 PID: 19917 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 667.141817][T19917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 667.152033][T19917] Call Trace: [ 667.155309][T19917] dump_stack+0x1dd/0x24e [ 667.159636][T19917] ? devkmsg_release+0x11c/0x11c [ 667.164580][T19917] ? show_regs_print_info+0x12/0x12 [ 667.169793][T19917] ? ext4_da_get_block_prep+0xef5/0x1340 [ 667.175407][T19917] ? check_preemption_disabled+0x15a/0x330 [ 667.181545][T19917] should_fail+0x6fb/0x860 [ 667.185944][T19917] ? setup_fault_attr+0x3d0/0x3d0 [ 667.190947][T19917] ? _raw_spin_lock+0xa3/0x1b0 [ 667.195750][T19917] ? __rcu_read_lock+0x50/0x50 [ 667.200549][T19917] ? xas_load+0x468/0x4c0 [ 667.204866][T19917] __alloc_pages_nodemask+0x1ee/0x7c0 [ 667.210222][T19917] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 667.215748][T19917] pagecache_get_page+0x522/0x8a0 [ 667.220770][T19917] ? __up_read+0x6f/0x1b0 [ 667.225079][T19917] grab_cache_page_write_begin+0x50/0x90 [ 667.230736][T19917] ext4_da_write_begin+0x9e1/0xfc0 [ 667.235963][T19917] ? ext4_set_page_dirty+0x190/0x190 [ 667.241247][T19917] ? page_fault+0x2f/0x40 [ 667.245671][T19917] ? iov_iter_fault_in_readable+0x1a2/0x630 [ 667.251580][T19917] ? iov_iter_fault_in_readable+0x1c0/0x630 [ 667.257470][T19917] ? iov_iter_fault_in_readable+0x1c8/0x630 [ 667.263356][T19917] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 667.269247][T19917] ? uuid_parse+0x3e0/0x3e0 [ 667.273744][T19917] ? balance_dirty_pages_ratelimited+0x363/0x520 [ 667.280059][T19917] generic_perform_write+0x2f7/0x590 [ 667.285329][T19917] ? grab_cache_page_write_begin+0x90/0x90 [ 667.291119][T19917] ? file_remove_privs+0x610/0x610 [ 667.296220][T19917] ? down_write+0x147/0x150 [ 667.300740][T19917] __generic_file_write_iter+0x232/0x460 [ 667.306351][T19917] ext4_file_write_iter+0x46f/0x1070 [ 667.311632][T19917] ? __kasan_kmalloc+0x189/0x1c0 09:06:31 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0xffff000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 667.316567][T19917] ? ext4_file_read_iter+0x140/0x140 [ 667.321846][T19917] ? avc_policy_seqno+0x17/0x70 [ 667.326675][T19917] ? selinux_file_permission+0x2d0/0x520 [ 667.332287][T19917] aio_write+0x472/0x610 [ 667.336533][T19917] ? aio_read+0x4f0/0x4f0 [ 667.340857][T19917] ? fget_many+0x20/0x20 [ 667.345317][T19917] ? io_submit_one+0x15c/0x2340 [ 667.350183][T19917] io_submit_one+0xa41/0x2340 [ 667.354854][T19917] ? do_user_addr_fault+0x6dd/0xb10 [ 667.360421][T19917] ? lookup_ioctx+0x460/0x460 [ 667.365095][T19917] ? __se_sys_io_submit+0xa4/0x3c0 [ 667.370216][T19917] ? lookup_ioctx+0x273/0x460 [ 667.374925][T19917] ? __sb_end_write+0xb5/0x100 [ 667.379669][T19917] __se_sys_io_submit+0x179/0x3c0 [ 667.384686][T19917] ? __x64_sys_io_submit+0x80/0x80 [ 667.389861][T19917] ? __ia32_sys_read+0x80/0x80 [ 667.394649][T19917] do_syscall_64+0xcb/0x150 [ 667.399160][T19917] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 667.405042][T19917] RIP: 0033:0x45e219 [ 667.408916][T19917] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 667.428503][T19917] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 667.436896][T19917] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 [ 667.444958][T19917] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 [ 667.452915][T19917] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 [ 667.461019][T19917] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000f 09:06:31 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfd', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:31 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xedc000000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 667.469077][T19917] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 09:06:31 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x20100000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:31 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f0000000100)='./bus\x00', 0xc) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:31 executing program 5 (fault-call:8 fault-nth:16): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 667.557869][T19933] 9pnet: Insufficient options for proto=fd [ 667.684582][T19943] FAULT_INJECTION: forcing a failure. [ 667.684582][T19943] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 667.698162][T19943] CPU: 1 PID: 19943 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 667.708327][T19943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 667.718361][T19943] Call Trace: [ 667.721632][T19943] dump_stack+0x1dd/0x24e [ 667.725955][T19943] ? devkmsg_release+0x11c/0x11c [ 667.730870][T19943] ? show_regs_print_info+0x12/0x12 [ 667.736059][T19943] ? ext4_da_get_block_prep+0xef5/0x1340 [ 667.741696][T19943] ? check_preemption_disabled+0x15a/0x330 [ 667.747627][T19943] should_fail+0x6fb/0x860 [ 667.752024][T19943] ? setup_fault_attr+0x3d0/0x3d0 [ 667.757029][T19943] ? _raw_spin_lock+0xa3/0x1b0 [ 667.761777][T19943] ? __rcu_read_lock+0x50/0x50 [ 667.766532][T19943] ? xas_load+0x468/0x4c0 [ 667.770844][T19943] __alloc_pages_nodemask+0x1ee/0x7c0 [ 667.776202][T19943] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 667.781770][T19943] pagecache_get_page+0x522/0x8a0 [ 667.786776][T19943] ? __up_read+0x6f/0x1b0 [ 667.791089][T19943] grab_cache_page_write_begin+0x50/0x90 [ 667.796709][T19943] ext4_da_write_begin+0x9e1/0xfc0 [ 667.801816][T19943] ? ext4_set_page_dirty+0x190/0x190 [ 667.807094][T19943] ? page_fault+0x2f/0x40 [ 667.811408][T19943] ? iov_iter_fault_in_readable+0x1a2/0x630 [ 667.817331][T19943] ? iov_iter_fault_in_readable+0x1c0/0x630 [ 667.823213][T19943] ? iov_iter_fault_in_readable+0x1c8/0x630 [ 667.829097][T19943] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 667.835112][T19943] ? uuid_parse+0x3e0/0x3e0 [ 667.839922][T19943] ? balance_dirty_pages_ratelimited+0x363/0x520 [ 667.846362][T19943] generic_perform_write+0x2f7/0x590 [ 667.851665][T19943] ? grab_cache_page_write_begin+0x90/0x90 [ 667.857520][T19943] ? file_remove_privs+0x610/0x610 [ 667.862627][T19943] ? down_write+0x147/0x150 [ 667.867111][T19943] __generic_file_write_iter+0x232/0x460 [ 667.872839][T19943] ext4_file_write_iter+0x46f/0x1070 [ 667.878119][T19943] ? __kasan_kmalloc+0x189/0x1c0 [ 667.883217][T19943] ? ext4_file_read_iter+0x140/0x140 [ 667.888491][T19943] ? avc_policy_seqno+0x17/0x70 [ 667.893342][T19943] ? selinux_file_permission+0x2d0/0x520 [ 667.900195][T19943] aio_write+0x472/0x610 [ 667.904415][T19943] ? aio_read+0x4f0/0x4f0 [ 667.908746][T19943] ? fget_many+0x20/0x20 [ 667.912963][T19943] ? io_submit_one+0x15c/0x2340 [ 667.917813][T19943] io_submit_one+0xa41/0x2340 [ 667.922472][T19943] ? do_user_addr_fault+0x6dd/0xb10 [ 667.927646][T19943] ? lookup_ioctx+0x460/0x460 [ 667.932307][T19943] ? __se_sys_io_submit+0xa4/0x3c0 [ 667.937406][T19943] ? lookup_ioctx+0x273/0x460 [ 667.942126][T19943] ? __sb_end_write+0xb5/0x100 [ 667.946921][T19943] __se_sys_io_submit+0x179/0x3c0 [ 667.951946][T19943] ? __x64_sys_io_submit+0x80/0x80 [ 667.957050][T19943] ? __ia32_sys_read+0x80/0x80 [ 667.961801][T19943] do_syscall_64+0xcb/0x150 [ 667.966297][T19943] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 667.972169][T19943] RIP: 0033:0x45e219 [ 667.976050][T19943] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 667.995662][T19943] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 668.004052][T19943] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 [ 668.012015][T19943] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 [ 668.020001][T19943] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 [ 668.027952][T19943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000010 [ 668.036162][T19943] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 09:06:32 executing program 5 (fault-call:8 fault-nth:17): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:32 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0xffffff7f00000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:32 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:32 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x100000000000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:32 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x22000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 668.402445][T19956] FAULT_INJECTION: forcing a failure. [ 668.402445][T19956] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 668.420613][T19956] CPU: 0 PID: 19956 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 668.430810][T19956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 668.442852][T19956] Call Trace: [ 668.446149][T19956] dump_stack+0x1dd/0x24e [ 668.450804][T19956] ? devkmsg_release+0x11c/0x11c [ 668.455723][T19956] ? show_regs_print_info+0x12/0x12 [ 668.460929][T19956] ? ext4_da_get_block_prep+0xef5/0x1340 [ 668.466540][T19956] ? check_preemption_disabled+0x15a/0x330 [ 668.472370][T19956] should_fail+0x6fb/0x860 [ 668.476773][T19956] ? setup_fault_attr+0x3d0/0x3d0 [ 668.481799][T19956] ? _raw_spin_lock+0xa3/0x1b0 [ 668.486546][T19956] ? __rcu_read_lock+0x50/0x50 [ 668.491314][T19956] ? xas_load+0x468/0x4c0 [ 668.495631][T19956] __alloc_pages_nodemask+0x1ee/0x7c0 [ 668.500985][T19956] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 668.506511][T19956] pagecache_get_page+0x522/0x8a0 [ 668.511535][T19956] ? __up_read+0x6f/0x1b0 [ 668.515870][T19956] grab_cache_page_write_begin+0x50/0x90 [ 668.521621][T19956] ext4_da_write_begin+0x9e1/0xfc0 [ 668.526735][T19956] ? ext4_set_page_dirty+0x190/0x190 [ 668.532168][T19956] ? page_fault+0x2f/0x40 [ 668.536481][T19956] ? iov_iter_fault_in_readable+0x1a2/0x630 [ 668.542356][T19956] ? iov_iter_fault_in_readable+0x1c0/0x630 [ 668.548308][T19956] ? iov_iter_fault_in_readable+0x1c8/0x630 [ 668.554291][T19956] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 668.560190][T19956] ? uuid_parse+0x3e0/0x3e0 [ 668.564698][T19956] ? balance_dirty_pages_ratelimited+0x363/0x520 [ 668.571023][T19956] generic_perform_write+0x2f7/0x590 [ 668.576326][T19956] ? grab_cache_page_write_begin+0x90/0x90 [ 668.582119][T19956] ? file_remove_privs+0x610/0x610 [ 668.587207][T19956] ? down_write+0x147/0x150 [ 668.591719][T19956] __generic_file_write_iter+0x232/0x460 [ 668.597341][T19956] ext4_file_write_iter+0x46f/0x1070 [ 668.602619][T19956] ? __kasan_kmalloc+0x189/0x1c0 [ 668.607559][T19956] ? ext4_file_read_iter+0x140/0x140 [ 668.612822][T19956] ? avc_policy_seqno+0x17/0x70 [ 668.617677][T19956] ? selinux_file_permission+0x2d0/0x520 [ 668.623312][T19956] aio_write+0x472/0x610 [ 668.628079][T19956] ? aio_read+0x4f0/0x4f0 [ 668.632389][T19956] ? fget_many+0x20/0x20 [ 668.636615][T19956] ? io_submit_one+0x15c/0x2340 [ 668.641455][T19956] io_submit_one+0xa41/0x2340 [ 668.646112][T19956] ? do_user_addr_fault+0x6dd/0xb10 [ 668.651296][T19956] ? lookup_ioctx+0x460/0x460 [ 668.655955][T19956] ? __se_sys_io_submit+0xa4/0x3c0 [ 668.661074][T19956] ? lookup_ioctx+0x273/0x460 [ 668.665738][T19956] ? __sb_end_write+0xb5/0x100 [ 668.670494][T19956] __se_sys_io_submit+0x179/0x3c0 [ 668.675504][T19956] ? __x64_sys_io_submit+0x80/0x80 [ 668.680769][T19956] ? __ia32_sys_read+0x80/0x80 [ 668.685725][T19956] do_syscall_64+0xcb/0x150 [ 668.690331][T19956] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 668.696217][T19956] RIP: 0033:0x45e219 [ 668.700229][T19956] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 668.719922][T19956] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 668.728425][T19956] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 [ 668.736547][T19956] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 [ 668.744564][T19956] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 [ 668.752634][T19956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000011 [ 668.760612][T19956] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 [ 668.770645][T19969] 9pnet: Insufficient options for proto=fd 09:06:33 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x32, 0x0, 0x5, 0x0, 0x4}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:33 executing program 5 (fault-call:8 fault-nth:18): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 669.049911][T19979] FAULT_INJECTION: forcing a failure. [ 669.049911][T19979] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 669.063636][T19979] CPU: 0 PID: 19979 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 669.073881][T19979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 669.083937][T19979] Call Trace: [ 669.087218][T19979] dump_stack+0x1dd/0x24e [ 669.091536][T19979] ? devkmsg_release+0x11c/0x11c [ 669.096453][T19979] ? show_regs_print_info+0x12/0x12 [ 669.101627][T19979] ? ext4_da_get_block_prep+0xef5/0x1340 [ 669.107254][T19979] ? check_preemption_disabled+0x15a/0x330 [ 669.113044][T19979] should_fail+0x6fb/0x860 [ 669.117455][T19979] ? setup_fault_attr+0x3d0/0x3d0 [ 669.122473][T19979] ? _raw_spin_lock+0xa3/0x1b0 [ 669.127255][T19979] ? __rcu_read_lock+0x50/0x50 [ 669.132016][T19979] ? xas_load+0x468/0x4c0 [ 669.136361][T19979] __alloc_pages_nodemask+0x1ee/0x7c0 [ 669.141727][T19979] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 669.147270][T19979] pagecache_get_page+0x522/0x8a0 [ 669.152314][T19979] ? __up_read+0x6f/0x1b0 [ 669.156640][T19979] grab_cache_page_write_begin+0x50/0x90 [ 669.162297][T19979] ext4_da_write_begin+0x9e1/0xfc0 [ 669.167405][T19979] ? ext4_set_page_dirty+0x190/0x190 [ 669.172714][T19979] ? page_fault+0x2f/0x40 [ 669.177045][T19979] ? iov_iter_fault_in_readable+0x1a2/0x630 [ 669.182933][T19979] ? iov_iter_fault_in_readable+0x1c0/0x630 [ 669.188823][T19979] ? iov_iter_fault_in_readable+0x1c8/0x630 [ 669.194714][T19979] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 669.200610][T19979] ? uuid_parse+0x3e0/0x3e0 [ 669.205140][T19979] ? balance_dirty_pages_ratelimited+0x363/0x520 [ 669.211467][T19979] generic_perform_write+0x2f7/0x590 [ 669.216753][T19979] ? grab_cache_page_write_begin+0x90/0x90 [ 669.222556][T19979] ? file_remove_privs+0x610/0x610 [ 669.227668][T19979] ? down_write+0x147/0x150 [ 669.232170][T19979] __generic_file_write_iter+0x232/0x460 [ 669.238099][T19979] ext4_file_write_iter+0x46f/0x1070 [ 669.243383][T19979] ? __kasan_kmalloc+0x189/0x1c0 [ 669.248320][T19979] ? ext4_file_read_iter+0x140/0x140 [ 669.253605][T19979] ? avc_policy_seqno+0x17/0x70 [ 669.258456][T19979] ? selinux_file_permission+0x2d0/0x520 [ 669.264088][T19979] aio_write+0x472/0x610 [ 669.268329][T19979] ? aio_read+0x4f0/0x4f0 [ 669.272659][T19979] ? fget_many+0x20/0x20 [ 669.276903][T19979] ? io_submit_one+0x15c/0x2340 [ 669.281778][T19979] io_submit_one+0xa41/0x2340 [ 669.286486][T19979] ? do_user_addr_fault+0x6dd/0xb10 [ 669.291955][T19979] ? lookup_ioctx+0x460/0x460 [ 669.296627][T19979] ? __se_sys_io_submit+0xa4/0x3c0 [ 669.301733][T19979] ? lookup_ioctx+0x273/0x460 [ 669.306407][T19979] ? __sb_end_write+0xb5/0x100 [ 669.311174][T19979] __se_sys_io_submit+0x179/0x3c0 [ 669.317065][T19979] ? __x64_sys_io_submit+0x80/0x80 [ 669.322177][T19979] ? __ia32_sys_read+0x80/0x80 [ 669.326943][T19979] do_syscall_64+0xcb/0x150 [ 669.331442][T19979] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 669.337354][T19979] RIP: 0033:0x45e219 [ 669.341249][T19979] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 669.361635][T19979] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 669.370065][T19979] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 [ 669.378069][T19979] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 [ 669.386247][T19979] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 09:06:33 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x40000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:33 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:33 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x200000000000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 669.394307][T19979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000012 [ 669.402283][T19979] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 09:06:33 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0xffffffffffffff0f, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:33 executing program 5 (fault-call:8 fault-nth:19): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 669.505082][T19999] 9pnet: Insufficient options for proto=fd [ 669.618565][T20006] FAULT_INJECTION: forcing a failure. [ 669.618565][T20006] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 669.632151][T20006] CPU: 0 PID: 20006 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 669.642741][T20006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 669.652997][T20006] Call Trace: [ 669.656295][T20006] dump_stack+0x1dd/0x24e [ 669.660616][T20006] ? devkmsg_release+0x11c/0x11c [ 669.666158][T20006] ? show_regs_print_info+0x12/0x12 [ 669.671359][T20006] ? ext4_da_get_block_prep+0xef5/0x1340 [ 669.677132][T20006] ? check_preemption_disabled+0x15a/0x330 [ 669.682940][T20006] should_fail+0x6fb/0x860 [ 669.687356][T20006] ? setup_fault_attr+0x3d0/0x3d0 [ 669.692497][T20006] ? _raw_spin_lock+0xa3/0x1b0 [ 669.697279][T20006] ? __rcu_read_lock+0x50/0x50 [ 669.702595][T20006] ? xas_load+0x468/0x4c0 [ 669.706919][T20006] __alloc_pages_nodemask+0x1ee/0x7c0 [ 669.712414][T20006] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 669.717962][T20006] pagecache_get_page+0x522/0x8a0 [ 669.723013][T20006] ? __up_read+0x6f/0x1b0 [ 669.727343][T20006] grab_cache_page_write_begin+0x50/0x90 [ 669.732987][T20006] ext4_da_write_begin+0x9e1/0xfc0 [ 669.738111][T20006] ? ext4_set_page_dirty+0x190/0x190 [ 669.743392][T20006] ? page_fault+0x2f/0x40 [ 669.747726][T20006] ? iov_iter_fault_in_readable+0x1a2/0x630 [ 669.753688][T20006] ? iov_iter_fault_in_readable+0x1c0/0x630 [ 669.759574][T20006] ? iov_iter_fault_in_readable+0x1c8/0x630 [ 669.765458][T20006] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 669.771514][T20006] ? uuid_parse+0x3e0/0x3e0 [ 669.776039][T20006] ? balance_dirty_pages_ratelimited+0x363/0x520 [ 669.782469][T20006] generic_perform_write+0x2f7/0x590 [ 669.787752][T20006] ? grab_cache_page_write_begin+0x90/0x90 [ 669.793544][T20006] ? file_remove_privs+0x610/0x610 [ 669.798651][T20006] ? down_write+0x147/0x150 [ 669.803169][T20006] __generic_file_write_iter+0x232/0x460 [ 669.808813][T20006] ext4_file_write_iter+0x46f/0x1070 [ 669.814103][T20006] ? __kasan_kmalloc+0x189/0x1c0 [ 669.819021][T20006] ? ext4_file_read_iter+0x140/0x140 [ 669.824297][T20006] ? avc_policy_seqno+0x17/0x70 [ 669.829142][T20006] ? selinux_file_permission+0x2d0/0x520 [ 669.834765][T20006] aio_write+0x472/0x610 [ 669.838998][T20006] ? aio_read+0x4f0/0x4f0 [ 669.843332][T20006] ? fget_many+0x20/0x20 [ 669.847828][T20006] ? io_submit_one+0x15c/0x2340 [ 669.852697][T20006] io_submit_one+0xa41/0x2340 [ 669.857423][T20006] ? do_user_addr_fault+0x6dd/0xb10 [ 669.862625][T20006] ? lookup_ioctx+0x460/0x460 [ 669.867297][T20006] ? __se_sys_io_submit+0xa4/0x3c0 [ 669.872397][T20006] ? lookup_ioctx+0x273/0x460 [ 669.877138][T20006] ? __sb_end_write+0xb5/0x100 [ 669.881929][T20006] __se_sys_io_submit+0x179/0x3c0 [ 669.886950][T20006] ? __x64_sys_io_submit+0x80/0x80 [ 669.893102][T20006] ? __ia32_sys_read+0x80/0x80 [ 669.897866][T20006] do_syscall_64+0xcb/0x150 [ 669.902375][T20006] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 669.908277][T20006] RIP: 0033:0x45e219 [ 669.912974][T20006] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 669.932785][T20006] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 669.941219][T20006] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 [ 669.949197][T20006] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 [ 669.957290][T20006] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 [ 669.965510][T20006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 669.973470][T20006] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 09:06:34 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000100)={0x38, 0x2, 0x0, 0x3, 0x5, 0x0, 0x4}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x94) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x23) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:34 executing program 5 (fault-call:8 fault-nth:20): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 670.138654][T20015] FAULT_INJECTION: forcing a failure. [ 670.138654][T20015] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 670.152204][T20015] CPU: 1 PID: 20015 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 670.162372][T20015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 670.172426][T20015] Call Trace: [ 670.175725][T20015] dump_stack+0x1dd/0x24e [ 670.180041][T20015] ? devkmsg_release+0x11c/0x11c [ 670.184967][T20015] ? show_regs_print_info+0x12/0x12 [ 670.190152][T20015] ? ext4_da_get_block_prep+0xef5/0x1340 [ 670.196115][T20015] ? check_preemption_disabled+0x15a/0x330 [ 670.201912][T20015] should_fail+0x6fb/0x860 [ 670.206315][T20015] ? setup_fault_attr+0x3d0/0x3d0 [ 670.211333][T20015] ? _raw_spin_lock+0xa3/0x1b0 [ 670.216226][T20015] ? __rcu_read_lock+0x50/0x50 [ 670.220980][T20015] ? xas_load+0x468/0x4c0 [ 670.225407][T20015] __alloc_pages_nodemask+0x1ee/0x7c0 [ 670.230762][T20015] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 670.236290][T20015] pagecache_get_page+0x522/0x8a0 [ 670.241407][T20015] ? __up_read+0x6f/0x1b0 [ 670.245727][T20015] grab_cache_page_write_begin+0x50/0x90 [ 670.251511][T20015] ext4_da_write_begin+0x9e1/0xfc0 [ 670.256740][T20015] ? ext4_set_page_dirty+0x190/0x190 [ 670.262016][T20015] ? page_fault+0x2f/0x40 [ 670.266332][T20015] ? iov_iter_fault_in_readable+0x1a2/0x630 [ 670.272246][T20015] ? iov_iter_fault_in_readable+0x1c0/0x630 [ 670.278119][T20015] ? iov_iter_fault_in_readable+0x1c8/0x630 [ 670.283992][T20015] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 670.289878][T20015] ? uuid_parse+0x3e0/0x3e0 [ 670.294495][T20015] ? balance_dirty_pages_ratelimited+0x363/0x520 [ 670.300845][T20015] generic_perform_write+0x2f7/0x590 [ 670.306123][T20015] ? grab_cache_page_write_begin+0x90/0x90 [ 670.311931][T20015] ? file_remove_privs+0x610/0x610 [ 670.317127][T20015] ? down_write+0x147/0x150 [ 670.321617][T20015] __generic_file_write_iter+0x232/0x460 [ 670.327241][T20015] ext4_file_write_iter+0x46f/0x1070 [ 670.332523][T20015] ? __kasan_kmalloc+0x189/0x1c0 [ 670.337488][T20015] ? ext4_file_read_iter+0x140/0x140 [ 670.342762][T20015] ? avc_policy_seqno+0x17/0x70 [ 670.347603][T20015] ? selinux_file_permission+0x2d0/0x520 [ 670.353219][T20015] aio_write+0x472/0x610 [ 670.357443][T20015] ? aio_read+0x4f0/0x4f0 [ 670.361771][T20015] ? fget_many+0x20/0x20 [ 670.366002][T20015] ? io_submit_one+0x15c/0x2340 [ 670.371707][T20015] io_submit_one+0xa41/0x2340 [ 670.376371][T20015] ? do_user_addr_fault+0x6dd/0xb10 [ 670.381743][T20015] ? lookup_ioctx+0x460/0x460 09:06:34 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 670.386599][T20015] ? __se_sys_io_submit+0xa4/0x3c0 [ 670.391824][T20015] ? lookup_ioctx+0x273/0x460 [ 670.396504][T20015] ? __sb_end_write+0xb5/0x100 [ 670.401259][T20015] __se_sys_io_submit+0x179/0x3c0 [ 670.406271][T20015] ? __x64_sys_io_submit+0x80/0x80 [ 670.411467][T20015] ? __ia32_sys_read+0x80/0x80 [ 670.416253][T20015] do_syscall_64+0xcb/0x150 [ 670.420771][T20015] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 670.426705][T20015] RIP: 0033:0x45e219 [ 670.430626][T20015] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 670.450233][T20015] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 670.458650][T20015] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 [ 670.466618][T20015] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 [ 670.474698][T20015] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 09:06:34 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x2, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 670.482651][T20015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 670.490607][T20015] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 09:06:34 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x800000000000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:34 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x8cffffff, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:34 executing program 5 (fault-call:8 fault-nth:21): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 670.771280][T20038] 9pnet: Insufficient options for proto=fd [ 670.825088][T20042] FAULT_INJECTION: forcing a failure. [ 670.825088][T20042] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 670.838893][T20042] CPU: 0 PID: 20042 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 670.849038][T20042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 670.859084][T20042] Call Trace: [ 670.862449][T20042] dump_stack+0x1dd/0x24e [ 670.867245][T20042] ? devkmsg_release+0x11c/0x11c [ 670.872188][T20042] ? show_regs_print_info+0x12/0x12 [ 670.877367][T20042] ? ext4_da_get_block_prep+0xef5/0x1340 [ 670.883059][T20042] ? check_preemption_disabled+0x15a/0x330 [ 670.888858][T20042] should_fail+0x6fb/0x860 [ 670.893253][T20042] ? setup_fault_attr+0x3d0/0x3d0 [ 670.898255][T20042] ? _raw_spin_lock+0xa3/0x1b0 [ 670.903003][T20042] ? __rcu_read_lock+0x50/0x50 [ 670.907753][T20042] ? xas_load+0x468/0x4c0 [ 670.912075][T20042] __alloc_pages_nodemask+0x1ee/0x7c0 [ 670.917583][T20042] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 670.923396][T20042] pagecache_get_page+0x522/0x8a0 [ 670.928437][T20042] ? __up_read+0x6f/0x1b0 [ 670.932798][T20042] grab_cache_page_write_begin+0x50/0x90 [ 670.938434][T20042] ext4_da_write_begin+0x9e1/0xfc0 [ 670.943654][T20042] ? ext4_set_page_dirty+0x190/0x190 [ 670.948934][T20042] ? page_fault+0x2f/0x40 [ 670.953244][T20042] ? iov_iter_fault_in_readable+0x1a2/0x630 [ 670.959230][T20042] ? iov_iter_fault_in_readable+0x1c0/0x630 [ 670.965219][T20042] ? iov_iter_fault_in_readable+0x1c8/0x630 [ 670.971118][T20042] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 670.977008][T20042] ? uuid_parse+0x3e0/0x3e0 [ 670.981494][T20042] ? balance_dirty_pages_ratelimited+0x363/0x520 [ 670.987802][T20042] generic_perform_write+0x2f7/0x590 [ 670.993071][T20042] ? grab_cache_page_write_begin+0x90/0x90 [ 670.998858][T20042] ? file_remove_privs+0x610/0x610 [ 671.003948][T20042] ? down_write_trylock+0xd8/0x150 [ 671.009060][T20042] __generic_file_write_iter+0x232/0x460 [ 671.014685][T20042] ext4_file_write_iter+0x46f/0x1070 [ 671.019961][T20042] ? __kasan_kmalloc+0x189/0x1c0 [ 671.024909][T20042] ? ext4_file_read_iter+0x140/0x140 [ 671.030186][T20042] ? avc_policy_seqno+0x17/0x70 [ 671.035138][T20042] ? selinux_file_permission+0x2d0/0x520 [ 671.040766][T20042] aio_write+0x472/0x610 [ 671.045074][T20042] ? aio_read+0x4f0/0x4f0 [ 671.049387][T20042] ? fget_many+0x20/0x20 [ 671.053619][T20042] ? io_submit_one+0x15c/0x2340 [ 671.058452][T20042] io_submit_one+0xa41/0x2340 [ 671.063163][T20042] ? do_user_addr_fault+0x6dd/0xb10 [ 671.068416][T20042] ? lookup_ioctx+0x460/0x460 [ 671.073441][T20042] ? __se_sys_io_submit+0xa4/0x3c0 [ 671.078534][T20042] ? lookup_ioctx+0x273/0x460 [ 671.083202][T20042] ? __sb_end_write+0xb5/0x100 [ 671.087985][T20042] __se_sys_io_submit+0x179/0x3c0 [ 671.092995][T20042] ? __x64_sys_io_submit+0x80/0x80 [ 671.098110][T20042] ? __ia32_sys_read+0x80/0x80 [ 671.102898][T20042] do_syscall_64+0xcb/0x150 [ 671.107399][T20042] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 671.113284][T20042] RIP: 0033:0x45e219 [ 671.117171][T20042] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 671.137138][T20042] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 671.146514][T20042] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 [ 671.154495][T20042] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 [ 671.162468][T20042] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 [ 671.170450][T20042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 671.178402][T20042] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 09:06:35 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r2, 0x4200, 0x0) creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x4, &(0x7f0000000540)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x7, 0x40, r1, &(0x7f00000000c0)="55a4c1114ab7f87419f3214a23750b3e7f321ba8caf151cb70ce1d2cce", 0x1d, 0xff, 0x0, 0x1}, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x8, 0x3ff, r4, &(0x7f00000002c0)="b5fdd6a0633a24f1d2dcc91a3c0b4fda2a07d5f4ab11f023df497c38213a0185b14d4992156cc1dfc7d2197e4531ea3f2dc23ddb3fb5f8dfb7681e3bd38ffeb8e8b1457607481bfde2a586dcb64029dff823aac508db", 0x56, 0xfffffffffffffffd, 0x0, 0x1}, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x7, 0x3, 0xffffffffffffffff, &(0x7f0000000340)="3e8ca2d5c8", 0x5, 0x81, 0x0, 0x3, r4}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x3, 0x400, 0xffffffffffffffff, &(0x7f00000003c0)="39a34a47beba6fcbc54fb1df959d3e62a8742162b23a17293567603831c3e1f041f916c5842c221d0c26ffe939a93567644c6ad5a95eda5b3eea03fe6a20516e7099115054a2be7aa00e6e65ffb917d133c0368b13f1a58364b559b85d8be91503bd7697f1117fd586c3884f277b8fe702e445c867e2f39c848df891c43cfb78166ed8e4c358da0b765e697b79cb26b147cbe663e459356fd048047d1f573039e496dd1f5a89c270b720deb0e8a68bd09ff593375aad", 0xb6, 0x0, 0x0, 0x1}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:35 executing program 5 (fault-call:8 fault-nth:22): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 671.435496][T20052] FAULT_INJECTION: forcing a failure. [ 671.435496][T20052] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 671.449231][T20052] CPU: 1 PID: 20052 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 671.459365][T20052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 671.469566][T20052] Call Trace: [ 671.472894][T20052] dump_stack+0x1dd/0x24e [ 671.477217][T20052] ? devkmsg_release+0x11c/0x11c [ 671.482151][T20052] ? show_regs_print_info+0x12/0x12 [ 671.487335][T20052] ? ext4_da_get_block_prep+0xef5/0x1340 [ 671.493098][T20052] ? check_preemption_disabled+0x15a/0x330 [ 671.498913][T20052] should_fail+0x6fb/0x860 [ 671.503316][T20052] ? setup_fault_attr+0x3d0/0x3d0 [ 671.508667][T20052] ? _raw_spin_lock+0xa3/0x1b0 [ 671.513505][T20052] ? __rcu_read_lock+0x50/0x50 [ 671.519672][T20052] ? xas_load+0x468/0x4c0 [ 671.523982][T20052] __alloc_pages_nodemask+0x1ee/0x7c0 [ 671.529669][T20052] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 671.535394][T20052] pagecache_get_page+0x522/0x8a0 [ 671.541250][T20052] ? __up_read+0x6f/0x1b0 [ 671.545941][T20052] grab_cache_page_write_begin+0x50/0x90 [ 671.555386][T20052] ext4_da_write_begin+0x9e1/0xfc0 [ 671.560821][T20052] ? ext4_set_page_dirty+0x190/0x190 [ 671.567609][T20052] ? page_fault+0x2f/0x40 [ 671.572146][T20052] ? iov_iter_fault_in_readable+0x1a2/0x630 [ 671.578056][T20052] ? iov_iter_fault_in_readable+0x1c0/0x630 09:06:35 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xa00000000000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 671.583967][T20052] ? iov_iter_fault_in_readable+0x1c8/0x630 [ 671.590849][T20052] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 671.597192][T20052] ? uuid_parse+0x3e0/0x3e0 [ 671.601775][T20052] ? balance_dirty_pages_ratelimited+0x363/0x520 [ 671.608278][T20052] generic_perform_write+0x2f7/0x590 [ 671.614353][T20052] ? grab_cache_page_write_begin+0x90/0x90 [ 671.620674][T20052] ? file_remove_privs+0x610/0x610 [ 671.625794][T20052] ? down_write+0x147/0x150 [ 671.630393][T20052] __generic_file_write_iter+0x232/0x460 [ 671.636294][T20052] ext4_file_write_iter+0x46f/0x1070 [ 671.641698][T20052] ? __kasan_kmalloc+0x189/0x1c0 [ 671.649199][T20052] ? ext4_file_read_iter+0x140/0x140 [ 671.654709][T20052] ? avc_policy_seqno+0x17/0x70 [ 671.660509][T20052] ? selinux_file_permission+0x2d0/0x520 [ 671.666858][T20052] aio_write+0x472/0x610 [ 671.671106][T20052] ? aio_read+0x4f0/0x4f0 [ 671.675463][T20052] ? fget_many+0x20/0x20 [ 671.679691][T20052] ? io_submit_one+0x15c/0x2340 [ 671.684579][T20052] io_submit_one+0xa41/0x2340 [ 671.689266][T20052] ? do_user_addr_fault+0x6dd/0xb10 [ 671.694628][T20052] ? lookup_ioctx+0x460/0x460 [ 671.699533][T20052] ? __se_sys_io_submit+0xa4/0x3c0 [ 671.704639][T20052] ? lookup_ioctx+0x273/0x460 [ 671.709489][T20052] ? __sb_end_write+0xb5/0x100 [ 671.716732][T20052] __se_sys_io_submit+0x179/0x3c0 [ 671.721756][T20052] ? __x64_sys_io_submit+0x80/0x80 [ 671.726861][T20052] ? __ia32_sys_read+0x80/0x80 [ 671.731633][T20052] do_syscall_64+0xcb/0x150 [ 671.736113][T20052] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 671.741981][T20052] RIP: 0033:0x45e219 [ 671.745869][T20052] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 671.768350][T20052] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 671.777014][T20052] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 09:06:35 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 671.785502][T20052] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 [ 671.793729][T20052] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 [ 671.801709][T20052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 671.810194][T20052] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 09:06:35 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f0000000100)='./bus\x00', 0xc) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:36 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xc0ed0000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:36 executing program 5 (fault-call:8 fault-nth:23): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 672.118090][T20078] FAULT_INJECTION: forcing a failure. [ 672.118090][T20078] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 672.131570][T20078] CPU: 1 PID: 20078 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 672.141977][T20078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 672.152048][T20078] Call Trace: [ 672.155412][T20078] dump_stack+0x1dd/0x24e [ 672.159812][T20078] ? devkmsg_release+0x11c/0x11c [ 672.165653][T20078] ? show_regs_print_info+0x12/0x12 [ 672.170925][T20078] ? ext4_da_get_block_prep+0xef5/0x1340 [ 672.176650][T20078] ? check_preemption_disabled+0x15a/0x330 [ 672.182535][T20078] should_fail+0x6fb/0x860 [ 672.186952][T20078] ? setup_fault_attr+0x3d0/0x3d0 [ 672.191980][T20078] ? _raw_spin_lock+0xa3/0x1b0 [ 672.197001][T20078] ? __rcu_read_lock+0x50/0x50 [ 672.201838][T20078] ? xas_load+0x468/0x4c0 [ 672.206342][T20078] __alloc_pages_nodemask+0x1ee/0x7c0 [ 672.213796][T20078] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 672.219339][T20078] pagecache_get_page+0x522/0x8a0 [ 672.224345][T20078] ? __up_read+0x6f/0x1b0 [ 672.228670][T20078] grab_cache_page_write_begin+0x50/0x90 [ 672.234287][T20078] ext4_da_write_begin+0x9e1/0xfc0 [ 672.239389][T20078] ? ext4_set_page_dirty+0x190/0x190 [ 672.244680][T20078] ? page_fault+0x2f/0x40 [ 672.249020][T20078] ? iov_iter_fault_in_readable+0x1a2/0x630 [ 672.255017][T20078] ? iov_iter_fault_in_readable+0x1c0/0x630 [ 672.260907][T20078] ? iov_iter_fault_in_readable+0x1c8/0x630 [ 672.266909][T20078] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 672.272822][T20078] ? uuid_parse+0x3e0/0x3e0 [ 672.277321][T20078] ? balance_dirty_pages_ratelimited+0x363/0x520 [ 672.283646][T20078] generic_perform_write+0x2f7/0x590 [ 672.288939][T20078] ? grab_cache_page_write_begin+0x90/0x90 [ 672.294743][T20078] ? file_remove_privs+0x610/0x610 [ 672.299853][T20078] ? down_write+0x147/0x150 [ 672.304360][T20078] __generic_file_write_iter+0x232/0x460 [ 672.310022][T20078] ext4_file_write_iter+0x46f/0x1070 [ 672.315308][T20078] ? ext4_file_read_iter+0x140/0x140 [ 672.320599][T20078] ? avc_policy_seqno+0x17/0x70 [ 672.325431][T20078] ? selinux_file_permission+0x2d0/0x520 [ 672.331050][T20078] aio_write+0x472/0x610 [ 672.335288][T20078] ? aio_read+0x4f0/0x4f0 [ 672.339679][T20078] ? fget_many+0x20/0x20 [ 672.343902][T20078] ? io_submit_one+0x15c/0x2340 [ 672.348745][T20078] io_submit_one+0xa41/0x2340 [ 672.353413][T20078] ? do_user_addr_fault+0x6dd/0xb10 [ 672.358865][T20078] ? lookup_ioctx+0x460/0x460 [ 672.363797][T20078] ? __se_sys_io_submit+0xa4/0x3c0 [ 672.369042][T20078] ? lookup_ioctx+0x273/0x460 [ 672.373722][T20078] ? __sb_end_write+0xb5/0x100 [ 672.378474][T20078] __se_sys_io_submit+0x179/0x3c0 [ 672.383483][T20078] ? __x64_sys_io_submit+0x80/0x80 [ 672.388687][T20078] ? __ia32_sys_read+0x80/0x80 [ 672.393481][T20078] do_syscall_64+0xcb/0x150 [ 672.398060][T20078] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 672.403953][T20078] RIP: 0033:0x45e219 [ 672.407846][T20078] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 672.427704][T20078] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 672.436473][T20078] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 [ 672.444631][T20078] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 [ 672.452661][T20078] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 [ 672.463098][T20078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 672.471262][T20078] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 09:06:36 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x341042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0xca000, 0x160) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:36 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xa, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:37 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xf6ffffff, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:37 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xfffffffffffffff, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:37 executing program 5 (fault-call:8 fault-nth:24): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:37 executing program 4: prlimit64(0x0, 0x4, &(0x7f0000000280)={0x2, 0xfffffffffffffff9}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x49a}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)) io_submit(0x0, 0x2, &(0x7f0000000300)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x2, 0x2, r5, &(0x7f00000000c0)="eafe178ee1361bf0f8d60905361589fe18b97ec86373342c82fc0061c3439667f5088262ecb8b32576eeb438e46afe03033480fef81725f507186016c20fdf49b4fff6de421750db1b8e6e72f40bc101141f4ef1044c7bc9c5a8ecf1fe547d1fcd9c53ed4f", 0x65, 0x5, 0x0, 0x7b73a553346abc86}, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x1, 0xffffffffffffffff, &(0x7f0000000200), 0x0, 0x6, 0x0, 0x0, r4}]) r6 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) [ 673.136336][T20108] FAULT_INJECTION: forcing a failure. [ 673.136336][T20108] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 673.150399][T20108] CPU: 0 PID: 20108 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 673.160975][T20108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 673.171078][T20108] Call Trace: [ 673.174399][T20108] dump_stack+0x1dd/0x24e [ 673.178757][T20108] ? devkmsg_release+0x11c/0x11c [ 673.183683][T20108] ? show_regs_print_info+0x12/0x12 [ 673.188893][T20108] ? ext4_da_get_block_prep+0xef5/0x1340 [ 673.194529][T20108] ? check_preemption_disabled+0x15a/0x330 [ 673.200732][T20108] should_fail+0x6fb/0x860 [ 673.205264][T20108] ? setup_fault_attr+0x3d0/0x3d0 [ 673.210824][T20108] ? _raw_spin_lock+0xa3/0x1b0 [ 673.216549][T20108] ? __rcu_read_lock+0x50/0x50 [ 673.223440][T20108] ? xas_load+0x468/0x4c0 [ 673.228166][T20108] __alloc_pages_nodemask+0x1ee/0x7c0 [ 673.233845][T20108] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 673.239382][T20108] pagecache_get_page+0x522/0x8a0 [ 673.246060][T20108] ? __up_read+0x6f/0x1b0 [ 673.250369][T20108] grab_cache_page_write_begin+0x50/0x90 [ 673.256350][T20108] ext4_da_write_begin+0x9e1/0xfc0 [ 673.262108][T20108] ? ext4_set_page_dirty+0x190/0x190 [ 673.267412][T20108] ? page_fault+0x2f/0x40 [ 673.273331][T20108] ? iov_iter_fault_in_readable+0x1a2/0x630 [ 673.279246][T20108] ? iov_iter_fault_in_readable+0x1c0/0x630 [ 673.285137][T20108] ? iov_iter_fault_in_readable+0x1c8/0x630 [ 673.291114][T20108] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 673.297171][T20108] ? uuid_parse+0x3e0/0x3e0 [ 673.301660][T20108] ? balance_dirty_pages_ratelimited+0x363/0x520 [ 673.307995][T20108] generic_perform_write+0x2f7/0x590 [ 673.313271][T20108] ? grab_cache_page_write_begin+0x90/0x90 [ 673.319618][T20108] ? file_remove_privs+0x610/0x610 [ 673.324720][T20108] ? down_write+0x147/0x150 [ 673.329246][T20108] __generic_file_write_iter+0x232/0x460 [ 673.334891][T20108] ext4_file_write_iter+0x46f/0x1070 [ 673.340159][T20108] ? __kasan_kmalloc+0x189/0x1c0 [ 673.345113][T20108] ? ext4_file_read_iter+0x140/0x140 [ 673.350380][T20108] ? avc_policy_seqno+0x17/0x70 [ 673.355213][T20108] ? selinux_file_permission+0x2d0/0x520 [ 673.360843][T20108] aio_write+0x472/0x610 [ 673.365082][T20108] ? aio_read+0x4f0/0x4f0 [ 673.369410][T20108] ? fget_many+0x20/0x20 [ 673.373629][T20108] ? io_submit_one+0x15c/0x2340 [ 673.378476][T20108] io_submit_one+0xa41/0x2340 [ 673.383328][T20108] ? do_user_addr_fault+0x6dd/0xb10 [ 673.388696][T20108] ? lookup_ioctx+0x460/0x460 [ 673.393373][T20108] ? __se_sys_io_submit+0xa4/0x3c0 [ 673.398472][T20108] ? lookup_ioctx+0x273/0x460 [ 673.403143][T20108] ? __sb_end_write+0xb5/0x100 [ 673.407900][T20108] __se_sys_io_submit+0x179/0x3c0 [ 673.412916][T20108] ? __x64_sys_io_submit+0x80/0x80 [ 673.418005][T20108] ? __ia32_sys_read+0x80/0x80 [ 673.423328][T20108] do_syscall_64+0xcb/0x150 [ 673.427811][T20108] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 673.433682][T20108] RIP: 0033:0x45e219 [ 673.437566][T20108] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 673.457275][T20108] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 673.465730][T20108] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 [ 673.473687][T20108] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 [ 673.481752][T20108] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 [ 673.489724][T20108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000018 [ 673.497696][T20108] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 09:06:37 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:37 executing program 5 (fault-call:8 fault-nth:25): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:37 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) getrlimit(0x4, &(0x7f0000000100)) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) prlimit64(r0, 0x1, &(0x7f0000000180)={0x1000, 0x8}, &(0x7f0000000200)) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) [ 673.809053][T20125] FAULT_INJECTION: forcing a failure. [ 673.809053][T20125] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 673.852209][T20125] CPU: 0 PID: 20125 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 673.862696][T20125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 673.873127][T20125] Call Trace: [ 673.876524][T20125] dump_stack+0x1dd/0x24e [ 673.880854][T20125] ? devkmsg_release+0x11c/0x11c [ 673.885985][T20125] ? show_regs_print_info+0x12/0x12 [ 673.891559][T20125] ? ext4_da_get_block_prep+0xef5/0x1340 [ 673.897223][T20125] ? check_preemption_disabled+0x15a/0x330 [ 673.903118][T20125] should_fail+0x6fb/0x860 [ 673.907547][T20125] ? setup_fault_attr+0x3d0/0x3d0 [ 673.912692][T20125] ? _raw_spin_lock+0xa3/0x1b0 [ 673.917936][T20125] ? __rcu_read_lock+0x50/0x50 [ 673.922709][T20125] ? xas_load+0x468/0x4c0 [ 673.927332][T20125] __alloc_pages_nodemask+0x1ee/0x7c0 [ 673.933378][T20125] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 673.939904][T20125] pagecache_get_page+0x522/0x8a0 [ 673.945114][T20125] ? __up_read+0x6f/0x1b0 [ 673.949471][T20125] grab_cache_page_write_begin+0x50/0x90 [ 673.955389][T20125] ext4_da_write_begin+0x9e1/0xfc0 [ 673.960552][T20125] ? ext4_set_page_dirty+0x190/0x190 [ 673.965843][T20125] ? page_fault+0x2f/0x40 [ 673.972734][T20125] ? iov_iter_fault_in_readable+0x1a2/0x630 [ 673.978659][T20125] ? iov_iter_fault_in_readable+0x1c0/0x630 [ 673.984586][T20125] ? iov_iter_fault_in_readable+0x1c8/0x630 [ 673.990488][T20125] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 673.996606][T20125] ? uuid_parse+0x3e0/0x3e0 [ 674.001122][T20125] ? balance_dirty_pages_ratelimited+0x363/0x520 [ 674.007895][T20125] generic_perform_write+0x2f7/0x590 [ 674.013205][T20125] ? grab_cache_page_write_begin+0x90/0x90 [ 674.019107][T20125] ? file_remove_privs+0x610/0x610 [ 674.024233][T20125] ? down_write+0x147/0x150 [ 674.028760][T20125] __generic_file_write_iter+0x232/0x460 [ 674.034406][T20125] ext4_file_write_iter+0x46f/0x1070 [ 674.039792][T20125] ? __kasan_kmalloc+0x189/0x1c0 [ 674.044738][T20125] ? ext4_file_read_iter+0x140/0x140 [ 674.050129][T20125] ? avc_policy_seqno+0x17/0x70 [ 674.055121][T20125] ? selinux_file_permission+0x2d0/0x520 [ 674.060771][T20125] aio_write+0x472/0x610 [ 674.067729][T20125] ? aio_read+0x4f0/0x4f0 [ 674.072066][T20125] ? fget_many+0x20/0x20 [ 674.076338][T20125] ? io_submit_one+0x15c/0x2340 [ 674.081193][T20125] io_submit_one+0xa41/0x2340 [ 674.085901][T20125] ? do_user_addr_fault+0x6dd/0xb10 [ 674.091197][T20125] ? lookup_ioctx+0x460/0x460 [ 674.095910][T20125] ? __se_sys_io_submit+0xa4/0x3c0 [ 674.101042][T20125] ? lookup_ioctx+0x273/0x460 [ 674.105725][T20125] ? __sb_end_write+0xb5/0x100 [ 674.110514][T20125] __se_sys_io_submit+0x179/0x3c0 [ 674.116148][T20125] ? __x64_sys_io_submit+0x80/0x80 [ 674.121612][T20125] ? __ia32_sys_read+0x80/0x80 [ 674.127072][T20125] do_syscall_64+0xcb/0x150 [ 674.131596][T20125] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 674.138135][T20125] RIP: 0033:0x45e219 [ 674.142036][T20125] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 674.161636][T20125] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 674.170237][T20125] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 [ 674.178423][T20125] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 [ 674.186594][T20125] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 [ 674.194573][T20125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000019 [ 674.202604][T20125] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 09:06:38 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x1000000000000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:38 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xfeffffff, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:38 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x2, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x400000, 0xec) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:38 executing program 5 (fault-call:8 fault-nth:26): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 674.462995][T20145] FAULT_INJECTION: forcing a failure. [ 674.462995][T20145] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 674.485374][T20145] CPU: 1 PID: 20145 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 674.495567][T20145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 674.505622][T20145] Call Trace: [ 674.508943][T20145] dump_stack+0x1dd/0x24e [ 674.513275][T20145] ? devkmsg_release+0x11c/0x11c [ 674.518248][T20145] ? rcu_note_context_switch+0xf00/0x1220 [ 674.524157][T20145] ? show_regs_print_info+0x12/0x12 [ 674.529370][T20145] ? __perf_event_task_sched_in+0x591/0x600 [ 674.535274][T20145] ? check_preemption_disabled+0x15a/0x330 [ 674.541091][T20145] should_fail+0x6fb/0x860 [ 674.546514][T20145] ? setup_fault_attr+0x3d0/0x3d0 [ 674.551542][T20145] ? __rcu_read_lock+0x50/0x50 [ 674.556743][T20145] ? xas_load+0x468/0x4c0 [ 674.561099][T20145] __alloc_pages_nodemask+0x1ee/0x7c0 [ 674.566521][T20145] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 674.572132][T20145] pagecache_get_page+0x522/0x8a0 [ 674.577168][T20145] ? __up_read+0x6f/0x1b0 [ 674.581764][T20145] grab_cache_page_write_begin+0x50/0x90 [ 674.588026][T20145] ext4_da_write_begin+0x9e1/0xfc0 [ 674.593461][T20145] ? ext4_set_page_dirty+0x190/0x190 [ 674.598748][T20145] ? page_fault+0x2f/0x40 [ 674.603077][T20145] ? iov_iter_fault_in_readable+0x1a2/0x630 [ 674.609270][T20145] ? iov_iter_fault_in_readable+0x1c0/0x630 [ 674.615280][T20145] ? iov_iter_fault_in_readable+0x1c8/0x630 [ 674.621213][T20145] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 674.627318][T20145] ? uuid_parse+0x3e0/0x3e0 [ 674.631939][T20145] ? balance_dirty_pages_ratelimited+0x363/0x520 [ 674.638314][T20145] generic_perform_write+0x2f7/0x590 [ 674.644162][T20145] ? grab_cache_page_write_begin+0x90/0x90 [ 674.650091][T20145] ? file_remove_privs+0x610/0x610 [ 674.655241][T20145] ? down_write+0x147/0x150 [ 674.659881][T20145] __generic_file_write_iter+0x232/0x460 [ 674.665544][T20145] ext4_file_write_iter+0x46f/0x1070 [ 674.670854][T20145] ? __kasan_kmalloc+0x189/0x1c0 [ 674.675932][T20145] ? ext4_file_read_iter+0x140/0x140 [ 674.681760][T20145] ? avc_policy_seqno+0x17/0x70 [ 674.686629][T20145] ? selinux_file_permission+0x2d0/0x520 [ 674.692277][T20145] aio_write+0x472/0x610 [ 674.696517][T20145] ? aio_read+0x4f0/0x4f0 [ 674.700849][T20145] ? fget_many+0x20/0x20 [ 674.705115][T20145] ? io_submit_one+0x15c/0x2340 [ 674.709969][T20145] io_submit_one+0xa41/0x2340 [ 674.715289][T20145] ? do_user_addr_fault+0x6dd/0xb10 [ 674.720487][T20145] ? lookup_ioctx+0x460/0x460 [ 674.725256][T20145] ? __se_sys_io_submit+0xa4/0x3c0 [ 674.730456][T20145] ? lookup_ioctx+0x273/0x460 [ 674.735517][T20145] ? __sb_end_write+0xb5/0x100 [ 674.740995][T20145] __se_sys_io_submit+0x179/0x3c0 [ 674.746601][T20145] ? __x64_sys_io_submit+0x80/0x80 [ 674.751813][T20145] ? __ia32_sys_read+0x80/0x80 [ 674.756737][T20145] do_syscall_64+0xcb/0x150 [ 674.761830][T20145] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 674.768769][T20145] RIP: 0033:0x45e219 [ 674.772661][T20145] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 674.792428][T20145] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 674.800886][T20145] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 09:06:38 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x22, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 674.808840][T20145] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 [ 674.816815][T20145] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 [ 674.825207][T20145] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001a [ 674.834144][T20145] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 09:06:39 executing program 5 (fault-call:8 fault-nth:27): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:39 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x7, 0x3, 0x0, 0x0, 0xe3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x391442, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x8000, r6}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) [ 675.030475][T20163] FAULT_INJECTION: forcing a failure. [ 675.030475][T20163] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 675.048986][T20163] CPU: 0 PID: 20163 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 675.060048][T20163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 675.071570][T20163] Call Trace: [ 675.074901][T20163] dump_stack+0x1dd/0x24e [ 675.079246][T20163] ? devkmsg_release+0x11c/0x11c [ 675.084194][T20163] ? show_regs_print_info+0x12/0x12 [ 675.089681][T20163] ? ext4_da_get_block_prep+0xef5/0x1340 [ 675.095329][T20163] ? check_preemption_disabled+0x15a/0x330 [ 675.101142][T20163] should_fail+0x6fb/0x860 [ 675.105574][T20163] ? setup_fault_attr+0x3d0/0x3d0 [ 675.110603][T20163] ? _raw_spin_lock+0xa3/0x1b0 [ 675.115377][T20163] ? __rcu_read_lock+0x50/0x50 [ 675.120213][T20163] ? xas_load+0x468/0x4c0 [ 675.124550][T20163] __alloc_pages_nodemask+0x1ee/0x7c0 [ 675.129931][T20163] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 675.135484][T20163] pagecache_get_page+0x522/0x8a0 [ 675.140543][T20163] ? __up_read+0x6f/0x1b0 [ 675.144877][T20163] grab_cache_page_write_begin+0x50/0x90 [ 675.152338][T20163] ext4_da_write_begin+0x9e1/0xfc0 [ 675.157482][T20163] ? ext4_set_page_dirty+0x190/0x190 [ 675.162811][T20163] ? page_fault+0x2f/0x40 [ 675.167843][T20163] ? iov_iter_fault_in_readable+0x1a2/0x630 [ 675.174716][T20163] ? iov_iter_fault_in_readable+0x1c0/0x630 [ 675.180633][T20163] ? iov_iter_fault_in_readable+0x1c8/0x630 [ 675.186544][T20163] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 675.192479][T20163] ? uuid_parse+0x3e0/0x3e0 [ 675.197449][T20163] ? balance_dirty_pages_ratelimited+0x363/0x520 [ 675.203953][T20163] generic_perform_write+0x2f7/0x590 [ 675.209707][T20163] ? grab_cache_page_write_begin+0x90/0x90 [ 675.216425][T20163] ? file_remove_privs+0x610/0x610 [ 675.221766][T20163] ? down_write+0x147/0x150 [ 675.226280][T20163] __generic_file_write_iter+0x232/0x460 [ 675.232001][T20163] ext4_file_write_iter+0x46f/0x1070 [ 675.237703][T20163] ? ext4_file_read_iter+0x140/0x140 [ 675.243701][T20163] ? avc_policy_seqno+0x17/0x70 [ 675.248567][T20163] ? selinux_file_permission+0x2d0/0x520 [ 675.254409][T20163] aio_write+0x472/0x610 [ 675.259373][T20163] ? aio_read+0x4f0/0x4f0 [ 675.263803][T20163] ? fget_many+0x20/0x20 [ 675.268169][T20163] ? io_submit_one+0x15c/0x2340 [ 675.273567][T20163] io_submit_one+0xa41/0x2340 [ 675.278324][T20163] ? do_user_addr_fault+0x6dd/0xb10 [ 675.283906][T20163] ? lookup_ioctx+0x460/0x460 [ 675.288658][T20163] ? __se_sys_io_submit+0xa4/0x3c0 [ 675.295174][T20163] ? lookup_ioctx+0x273/0x460 [ 675.299880][T20163] ? __sb_end_write+0xb5/0x100 [ 675.304736][T20163] __se_sys_io_submit+0x179/0x3c0 [ 675.310577][T20163] ? __x64_sys_io_submit+0x80/0x80 [ 675.316204][T20163] ? __ia32_sys_read+0x80/0x80 [ 675.322630][T20163] do_syscall_64+0xcb/0x150 [ 675.327144][T20163] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 675.333239][T20163] RIP: 0033:0x45e219 [ 675.337416][T20163] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 675.359955][T20163] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 675.368830][T20163] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 09:06:39 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x2000000000000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 675.376808][T20163] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 [ 675.385023][T20163] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 [ 675.392985][T20163] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001b [ 675.400957][T20163] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 09:06:39 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xffff0000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:39 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x7ffff000) 09:06:39 executing program 5 (fault-call:8 fault-nth:28): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:39 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xa00, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 675.706253][T20187] FAULT_INJECTION: forcing a failure. [ 675.706253][T20187] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 675.720455][T20187] CPU: 1 PID: 20187 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 675.730637][T20187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 675.740740][T20187] Call Trace: [ 675.744210][T20187] dump_stack+0x1dd/0x24e [ 675.749492][T20187] ? devkmsg_release+0x11c/0x11c [ 675.754419][T20187] ? show_regs_print_info+0x12/0x12 [ 675.759884][T20187] ? ext4_da_get_block_prep+0xef5/0x1340 [ 675.765595][T20187] ? check_preemption_disabled+0x15a/0x330 [ 675.771665][T20187] should_fail+0x6fb/0x860 [ 675.776086][T20187] ? setup_fault_attr+0x3d0/0x3d0 [ 675.781198][T20187] ? _raw_spin_lock+0xa3/0x1b0 [ 675.786998][T20187] ? __rcu_read_lock+0x50/0x50 [ 675.791876][T20187] ? xas_load+0x468/0x4c0 [ 675.796637][T20187] __alloc_pages_nodemask+0x1ee/0x7c0 [ 675.802142][T20187] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 675.807688][T20187] pagecache_get_page+0x522/0x8a0 [ 675.813360][T20187] ? __up_read+0x6f/0x1b0 [ 675.817789][T20187] grab_cache_page_write_begin+0x50/0x90 [ 675.823771][T20187] ext4_da_write_begin+0x9e1/0xfc0 [ 675.829012][T20187] ? ext4_set_page_dirty+0x190/0x190 [ 675.834471][T20187] ? page_fault+0x2f/0x40 [ 675.838844][T20187] ? iov_iter_fault_in_readable+0x1a2/0x630 [ 675.846937][T20187] ? iov_iter_fault_in_readable+0x1c0/0x630 [ 675.853855][T20187] ? iov_iter_fault_in_readable+0x1c8/0x630 [ 675.861134][T20187] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 675.868453][T20187] ? uuid_parse+0x3e0/0x3e0 [ 675.872937][T20187] ? balance_dirty_pages_ratelimited+0x363/0x520 [ 675.879255][T20187] generic_perform_write+0x2f7/0x590 [ 675.884530][T20187] ? grab_cache_page_write_begin+0x90/0x90 [ 675.890350][T20187] ? file_remove_privs+0x610/0x610 [ 675.895558][T20187] ? down_write+0x147/0x150 [ 675.900218][T20187] __generic_file_write_iter+0x232/0x460 [ 675.906009][T20187] ext4_file_write_iter+0x46f/0x1070 [ 675.911811][T20187] ? __kasan_kmalloc+0x189/0x1c0 [ 675.916749][T20187] ? ext4_file_read_iter+0x140/0x140 [ 675.922255][T20187] ? avc_policy_seqno+0x17/0x70 [ 675.927199][T20187] ? selinux_file_permission+0x2d0/0x520 [ 675.932911][T20187] aio_write+0x472/0x610 [ 675.938048][T20187] ? aio_read+0x4f0/0x4f0 [ 675.942632][T20187] ? fget_many+0x20/0x20 [ 675.946979][T20187] ? io_submit_one+0x15c/0x2340 [ 675.951999][T20187] io_submit_one+0xa41/0x2340 [ 675.956707][T20187] ? do_user_addr_fault+0x6dd/0xb10 [ 675.961921][T20187] ? lookup_ioctx+0x460/0x460 [ 675.966628][T20187] ? __se_sys_io_submit+0xa4/0x3c0 [ 675.971751][T20187] ? lookup_ioctx+0x273/0x460 [ 675.976447][T20187] ? __sb_end_write+0xb5/0x100 [ 675.981235][T20187] __se_sys_io_submit+0x179/0x3c0 [ 675.986634][T20187] ? __x64_sys_io_submit+0x80/0x80 [ 675.991777][T20187] ? __ia32_sys_read+0x80/0x80 [ 675.996547][T20187] do_syscall_64+0xcb/0x150 [ 676.001048][T20187] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 676.006939][T20187] RIP: 0033:0x45e219 [ 676.010830][T20187] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 676.030526][T20187] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 676.038932][T20187] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 [ 676.046986][T20187] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 [ 676.054940][T20187] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 [ 676.062940][T20187] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001c [ 676.070938][T20187] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 09:06:40 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5, 0xfffffffffffffffe, 0x0, 0x0, 0xffffffff}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:40 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x2010000000000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:40 executing program 5 (fault-call:8 fault-nth:29): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:40 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xfffffe00, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 676.500409][T20212] FAULT_INJECTION: forcing a failure. [ 676.500409][T20212] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 676.516704][T20212] CPU: 0 PID: 20212 Comm: syz-executor.5 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 676.526855][T20212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 676.537038][T20212] Call Trace: [ 676.540336][T20212] dump_stack+0x1dd/0x24e [ 676.544660][T20212] ? devkmsg_release+0x11c/0x11c [ 676.549593][T20212] ? show_regs_print_info+0x12/0x12 [ 676.554786][T20212] ? should_fail+0x175/0x860 [ 676.559964][T20212] should_fail+0x6fb/0x860 [ 676.564361][T20212] ? setup_fault_attr+0x3d0/0x3d0 [ 676.569387][T20212] ? __rcu_read_lock+0x50/0x50 [ 676.574136][T20212] ? xas_load+0x468/0x4c0 [ 676.578461][T20212] __alloc_pages_nodemask+0x1ee/0x7c0 [ 676.583881][T20212] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 676.589627][T20212] pagecache_get_page+0x522/0x8a0 [ 676.594633][T20212] ? __up_read+0x6f/0x1b0 [ 676.598973][T20212] grab_cache_page_write_begin+0x50/0x90 [ 676.604601][T20212] ext4_da_write_begin+0x9e1/0xfc0 [ 676.609775][T20212] ? ext4_set_page_dirty+0x190/0x190 [ 676.615061][T20212] ? page_fault+0x2f/0x40 [ 676.619378][T20212] ? iov_iter_fault_in_readable+0x1a2/0x630 [ 676.625254][T20212] ? iov_iter_fault_in_readable+0x1c0/0x630 [ 676.631586][T20212] ? iov_iter_fault_in_readable+0x1c8/0x630 [ 676.637492][T20212] ? iov_iter_fault_in_readable+0x2d2/0x630 [ 676.643380][T20212] ? uuid_parse+0x3e0/0x3e0 [ 676.647961][T20212] ? balance_dirty_pages_ratelimited+0x363/0x520 [ 676.654373][T20212] generic_perform_write+0x2f7/0x590 [ 676.659667][T20212] ? grab_cache_page_write_begin+0x90/0x90 [ 676.665449][T20212] ? file_remove_privs+0x610/0x610 [ 676.670547][T20212] ? down_write+0x147/0x150 [ 676.675038][T20212] __generic_file_write_iter+0x232/0x460 [ 676.680663][T20212] ext4_file_write_iter+0x46f/0x1070 [ 676.686949][T20212] ? __kasan_kmalloc+0x189/0x1c0 [ 676.692155][T20212] ? ext4_file_read_iter+0x140/0x140 [ 676.697451][T20212] ? avc_policy_seqno+0x17/0x70 [ 676.702326][T20212] ? selinux_file_permission+0x2d0/0x520 [ 676.708102][T20212] aio_write+0x472/0x610 [ 676.713865][T20212] ? aio_read+0x4f0/0x4f0 [ 676.718177][T20212] ? fget_many+0x20/0x20 [ 676.722407][T20212] ? io_submit_one+0x15c/0x2340 [ 676.727252][T20212] io_submit_one+0xa41/0x2340 [ 676.732059][T20212] ? do_user_addr_fault+0x6dd/0xb10 [ 676.737775][T20212] ? lookup_ioctx+0x460/0x460 [ 676.743526][T20212] ? __se_sys_io_submit+0xa4/0x3c0 [ 676.748627][T20212] ? lookup_ioctx+0x273/0x460 [ 676.753277][T20212] __se_sys_io_submit+0x179/0x3c0 [ 676.758291][T20212] ? __x64_sys_io_submit+0x80/0x80 [ 676.763401][T20212] ? __fpregs_load_activate+0x2d3/0x390 [ 676.768926][T20212] ? switch_fpu_return+0x10/0x10 [ 676.773939][T20212] do_syscall_64+0xcb/0x150 [ 676.778421][T20212] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 676.784286][T20212] RIP: 0033:0x45e219 [ 676.788153][T20212] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 676.807732][T20212] RSP: 002b:00007fec951f0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 676.816135][T20212] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219 [ 676.824940][T20212] RDX: 0000000020000540 RSI: 00000000000000f0 RDI: 00007fec951ce000 [ 676.833107][T20212] RBP: 00007fec951f0ca0 R08: 0000000000000000 R09: 0000000000000000 [ 676.841065][T20212] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001d [ 676.849342][T20212] R13: 00007ffdc9943e4f R14: 00007fec951f19c0 R15: 000000000119c034 09:06:41 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x1020, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:41 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x40000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:41 executing program 5 (fault-call:8 fault-nth:30): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:41 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x2200000000000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:41 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xffffff7f, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:41 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5, 0x5, 0x0, 0x0, 0x0, 0x3}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f00000006c0)="57418c434481c10d9fe8af48aa9fc0daed2c4ebc37579c07631cc70a7393a380e1326e10c355cb0bc611099af8de85fa1b5af77758ff61384e21c730a43d1e5b46f440a2315d60d1569144108832d17f0d9978feae42ebc0607f4dad6498339bc2da2db7c5162aea397d30b6ae6e8b31fed077c8be4409507659e491ce3c82cdd1c2c5cf3cc540d69d08587d733a3185fb8bea8619e4b0712e3f54b0854e0b38157c6b9f4c7d90e05d5952e040bcb3c47c7feea21582df08a880c3a5e5af8631d1eb56a625ca42e0be4312de1d86e744b89573e7a8f02ffec7e9efc0bec56e6196d54af5638116c8a46cabd5e4626251cedd30ecead05aa560f075d44b0bb4742c7574f440a9ea42839657963f57109ff604a85128de2e4b891abd884a000000000000", 0x123) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r3 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r4 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x46000) lseek(r4, 0x4200, 0x0) r5 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r5, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r4, r7, 0x0, 0x8400fffffffb) sendfile(r3, r3, 0x0, 0x101) 09:06:41 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:41 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0x2, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:41 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x2000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:41 executing program 4 (fault-call:7 fault-nth:0): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:41 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0x3, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 678.003603][T20272] FAULT_INJECTION: forcing a failure. [ 678.003603][T20272] name failslab, interval 1, probability 0, space 0, times 0 [ 678.016325][T20272] CPU: 0 PID: 20272 Comm: syz-executor.4 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 678.026754][T20272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 678.037478][T20272] Call Trace: [ 678.041043][T20272] dump_stack+0x1dd/0x24e [ 678.045376][T20272] ? devkmsg_release+0x11c/0x11c [ 678.050418][T20272] ? show_regs_print_info+0x12/0x12 [ 678.055607][T20272] ? check_preemption_disabled+0x9e/0x330 [ 678.061718][T20272] ? debug_smp_processor_id+0x20/0x20 [ 678.067088][T20272] should_fail+0x6fb/0x860 [ 678.071844][T20272] ? setup_fault_attr+0x3d0/0x3d0 [ 678.076873][T20272] ? __sb_end_write+0xb5/0x100 [ 678.081665][T20272] ? vfs_write+0x427/0x4f0 [ 678.086242][T20272] ? ksys_mount+0x30/0xf0 [ 678.091756][T20272] should_failslab+0x5/0x20 [ 678.096336][T20272] __kmalloc_track_caller+0x5d/0x2c0 [ 678.101760][T20272] ? strnlen_user+0x185/0x210 [ 678.106460][T20272] strndup_user+0x73/0x150 [ 678.110864][T20272] ksys_mount+0x30/0xf0 [ 678.115920][T20272] __x64_sys_mount+0xb1/0xc0 [ 678.120799][T20272] do_syscall_64+0xcb/0x150 [ 678.125294][T20272] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 678.131178][T20272] RIP: 0033:0x45e219 [ 678.135068][T20272] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 678.155314][T20272] RSP: 002b:00007fa6aaf00c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 678.163832][T20272] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 678.171900][T20272] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 678.180343][T20272] RBP: 00007fa6aaf00ca0 R08: 0000000020000580 R09: 0000000000000000 [ 678.189233][T20272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 09:06:42 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x4000000000000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:42 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xffffff8c, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 678.197814][T20272] R13: 00007fff6d55824f R14: 00007fa6aaf019c0 R15: 000000000119c034 09:06:42 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0x4, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:42 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x3, 0x0, 0x2, 0x3, 0x2000001, 0x0, 0x0, 0x6, 0x40000}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) dup(0xffffffffffffffff) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:42 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0x5, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:42 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x2010, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:42 executing program 4 (fault-call:7 fault-nth:1): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:42 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0x6, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 678.850805][T20313] FAULT_INJECTION: forcing a failure. [ 678.850805][T20313] name failslab, interval 1, probability 0, space 0, times 0 [ 678.864469][T20313] CPU: 1 PID: 20313 Comm: syz-executor.4 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 678.874956][T20313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 678.885250][T20313] Call Trace: [ 678.888553][T20313] dump_stack+0x1dd/0x24e [ 678.893101][T20313] ? devkmsg_release+0x11c/0x11c [ 678.898390][T20313] ? show_regs_print_info+0x12/0x12 [ 678.903589][T20313] should_fail+0x6fb/0x860 [ 678.908713][T20313] ? setup_fault_attr+0x3d0/0x3d0 [ 678.913764][T20313] ? copy_mount_options+0x59/0x320 [ 678.918894][T20313] should_failslab+0x5/0x20 [ 678.923422][T20313] kmem_cache_alloc_trace+0x39/0x290 [ 678.928731][T20313] copy_mount_options+0x59/0x320 [ 678.933755][T20313] ? ksys_mount+0x86/0xf0 [ 678.938187][T20313] ksys_mount+0x97/0xf0 [ 678.942342][T20313] __x64_sys_mount+0xb1/0xc0 [ 678.946932][T20313] do_syscall_64+0xcb/0x150 [ 678.951423][T20313] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 678.958212][T20313] RIP: 0033:0x45e219 [ 678.962381][T20313] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 678.982635][T20313] RSP: 002b:00007fa6aaf00c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 678.992134][T20313] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 679.000195][T20313] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 679.008246][T20313] RBP: 00007fa6aaf00ca0 R08: 0000000020000580 R09: 0000000000000000 [ 679.016638][T20313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 679.025406][T20313] R13: 00007fff6d55824f R14: 00007fa6aaf019c0 R15: 000000000119c034 09:06:43 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x8cffffff00000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:43 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xfffffff6, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:43 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0x7, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:43 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x1, 0x6}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x40003) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:43 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:43 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x2200, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:43 executing program 4 (fault-call:7 fault-nth:2): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 679.706295][T20352] FAULT_INJECTION: forcing a failure. [ 679.706295][T20352] name failslab, interval 1, probability 0, space 0, times 0 [ 679.719370][T20352] CPU: 0 PID: 20352 Comm: syz-executor.4 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 679.729620][T20352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 679.739718][T20352] Call Trace: [ 679.742999][T20352] dump_stack+0x1dd/0x24e [ 679.747329][T20352] ? devkmsg_release+0x11c/0x11c [ 679.752247][T20352] ? show_regs_print_info+0x12/0x12 [ 679.757441][T20352] should_fail+0x6fb/0x860 [ 679.761856][T20352] ? setup_fault_attr+0x3d0/0x3d0 [ 679.766895][T20352] ? getname_flags+0xb8/0x610 [ 679.772088][T20352] should_failslab+0x5/0x20 [ 679.776589][T20352] kmem_cache_alloc+0x36/0x270 [ 679.781771][T20352] getname_flags+0xb8/0x610 [ 679.786252][T20352] user_path_at_empty+0x28/0x50 [ 679.791099][T20352] do_mount+0x167/0x2660 [ 679.795337][T20352] ? copy_mount_string+0x30/0x30 [ 679.800274][T20352] ? page_fault+0x2f/0x40 [ 679.804616][T20352] ? copy_mount_options+0x1e8/0x320 [ 679.809941][T20352] ? copy_mount_options+0x293/0x320 [ 679.815183][T20352] ksys_mount+0xc2/0xf0 [ 679.819519][T20352] __x64_sys_mount+0xb1/0xc0 [ 679.824167][T20352] do_syscall_64+0xcb/0x150 [ 679.828674][T20352] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 679.834848][T20352] RIP: 0033:0x45e219 [ 679.839943][T20352] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 679.859635][T20352] RSP: 002b:00007fa6aaf00c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 679.868359][T20352] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 679.876368][T20352] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 679.884529][T20352] RBP: 00007fa6aaf00ca0 R08: 0000000020000580 R09: 0000000000000000 [ 679.892861][T20352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 679.900856][T20352] R13: 00007fff6d55824f R14: 00007fa6aaf019c0 R15: 000000000119c034 09:06:44 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0x9, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:44 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xfffffffe, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:44 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xf6ffffff00000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:44 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xa, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:44 executing program 3: prlimit64(0x0, 0x7, &(0x7f0000000100)={0x9, 0x8b}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x2) io_submit(0x0, 0x8, &(0x7f0000000b00)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x3, 0x5, r1, &(0x7f0000000140)="70cc3a072ea418e67527366641b5e574f5100abf04de0c8b6f283f869b1d133f", 0x20, 0x4, 0x0, 0x3}, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x8, r2, &(0x7f0000000280)="682dcd0163d5b10c1e9e313f564a3fb829f8c2948fcd8ad496f10b6a6e5f5a47cb6b971f93210a408fc2336fa8db6614c0e19e13c7b93b92acab85613c45192a21dccda1f1cc034bb05e80f213ae12170d9d0b31100cf26db96243406cd153942cf9b520c49ed14dcbb46ffcb23f3fb0c3cc25ec6430f5a4feedac18e3a238d9db50e68de15206a3", 0x88, 0x7d16, 0x0, 0x2}, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x8, 0x68, 0xffffffffffffffff, &(0x7f0000000380)="893d9d879aa60a1ac318c630989262bf56fda31af3b4eabed16ac9bce32cf58d444c675f9f1019b4678ba95149c0e13e481b419e1e6dad58dfbf51b3e9d0e8117aa8e813bab62c536b8a817d6aca28febfb123310c68f6623b7d0a7a47d8c417d4b5cc1540197179f4132818ed1d32f3bff2301fa7f9c804be8d26407436de68398a2f2cc283974e0fd14499b8a2ef573e63a99ffdcfebec29311328eb5520e75a30fbbb8c", 0xa5, 0x6, 0x0, 0x0, r3}, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x8, 0x4, r3, &(0x7f0000000580)="20bc8978b62b76828a916ed4ff4c1e9f87c48ca8933c098d1459ed4ca6fb14f7244b017bf7b49e3420e4178b14e1fb226d3d44ba3125ede692a90ad0031b29e8be089f3fb4d91eabc73ed726209b728addfc3e4d9b4a7a6065a953d3e72a4f899bf6372bfb21390b0d64a059d8a9e5092375d1b9d282d87653f2400c4d3d37cf5aa004c141915d4312d2bc457c5bdcb65d25138c09ebd9253442a49b244ddd8c85ab87267c0a090660757ed64d803d98b44af37f23acff95e91d25460cc2e0be925dcf0dc479bfba5ca546988eca3fbdad41a21745b24f7c", 0xd8, 0x6, 0x0, 0x2}, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x2, 0x7, 0xffffffffffffffff, &(0x7f0000000700)="7c85b6e35266bf2b12a21734db89b43412bb6b19744cdbd1e6350ded6dd8b90e56354e7b3964e45a7e4f69b87290e07207fd36629a44095b9ddbdd9b2a3cea921872c3641b47453d5ca8eb161928751d2b07dc716e61ee90f6ea5f944876a0b5fa540262944ce0ffecb1556d96e6d96159afc5953c0c4c926f37bd83661c4c22db5232a8e50e32419b60aa77458219e3765d683fd6a5d01b72b89602fb98c868d1417069589145c7ec325502c222b5dfdda8cdff5b0acdfd4956cb5b6d614e61ff2c3fb5aecc152da88a45", 0xcb, 0x800, 0x0, 0x2, r2}, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x3, 0x7, 0xffffffffffffffff, &(0x7f0000000840)="ee1bbe7013137d1ad1983f765d17051a85", 0x11, 0x6, 0x0, 0x1, r3}, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x3, 0x20, r1, &(0x7f00000008c0)="52a8619f1e4964bf3e5827a653858482b21c5c892aad3ac3b3d5fb3b1a47bdc8c7ed16c016664615a4ef938404ab6a7ba44fd8ab3b448b98d946567e5949eb1420d1c8e08277e2fbcf97f47fc761f9332418418d86814534e0e4f2725cbf2dde09da38d098e0f5a4c0729bb6db211f31811b0b6aea25e85204c8799b647aca51d451", 0x82, 0xd8, 0x0, 0x2, r1}, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x6, 0x100, 0xffffffffffffffff, &(0x7f00000009c0)="5e2a30d6f3a60818a155295a35e845f9bcad2499500bb839d2c7adce136bccbf69861e6c1c48ebe69384ca2504ce4a00c4f94402e6c04ace21fb9bf6fd0aff6ec2636caa2c15a167e4772cd2c578b6f1bc85daa2883debd56dc33cfac0034f2b73d44ea0a208693887f825601252ac51bab59af6116070aaf54db0c88bc1c12a2fde2de4a5791477b6ca391ff611dc2ef45a248891c60c5ba63ad5010448073e2e46c4d5d65688e2400e69fb55480be60a6bf99196258728e4f9906371e59e11f45f7d5ce5", 0xc5, 0xffff, 0x0, 0x2, r3}]) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x2, 0x3, 0x0, 0x0, 0x1, 0x0, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46000) lseek(0xffffffffffffffff, 0x4200, 0x0) r5 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x3, 0x0, r5}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x101003, 0x0) sendfile(0xffffffffffffffff, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:44 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x3f00, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:44 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xb, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:44 executing program 4 (fault-call:7 fault-nth:3): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 680.559832][T20389] FAULT_INJECTION: forcing a failure. [ 680.559832][T20389] name failslab, interval 1, probability 0, space 0, times 0 [ 680.578085][T20389] CPU: 1 PID: 20389 Comm: syz-executor.4 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 680.599524][T20389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 680.622038][T20389] Call Trace: [ 680.626543][T20389] dump_stack+0x1dd/0x24e [ 680.631789][T20389] ? devkmsg_release+0x11c/0x11c [ 680.636988][T20389] ? show_regs_print_info+0x12/0x12 [ 680.642398][T20389] should_fail+0x6fb/0x860 [ 680.647354][T20389] ? setup_fault_attr+0x3d0/0x3d0 [ 680.655159][T20389] ? alloc_fs_context+0x61/0x650 [ 680.660706][T20389] should_failslab+0x5/0x20 [ 680.665241][T20389] kmem_cache_alloc_trace+0x39/0x290 [ 680.670939][T20389] alloc_fs_context+0x61/0x650 [ 680.675721][T20389] ? _raw_read_unlock+0x21/0x40 [ 680.680938][T20389] ? get_fs_type+0x410/0x490 [ 680.685538][T20389] do_mount+0x12d1/0x2660 [ 680.689973][T20389] ? copy_mount_string+0x30/0x30 [ 680.696118][T20389] ? page_fault+0x2f/0x40 [ 680.700570][T20389] ? copy_mount_options+0x1e8/0x320 [ 680.705901][T20389] ? copy_mount_options+0x293/0x320 [ 680.711105][T20389] ksys_mount+0xc2/0xf0 [ 680.715266][T20389] __x64_sys_mount+0xb1/0xc0 [ 680.719961][T20389] do_syscall_64+0xcb/0x150 [ 680.725148][T20389] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 680.731145][T20389] RIP: 0033:0x45e219 [ 680.735042][T20389] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 680.755521][T20389] RSP: 002b:00007fa6aaf00c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 680.763917][T20389] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 680.771876][T20389] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 680.779936][T20389] RBP: 00007fa6aaf00ca0 R08: 0000000020000580 R09: 0000000000000000 [ 680.788888][T20389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 680.796864][T20389] R13: 00007fff6d55824f R14: 00007fa6aaf019c0 R15: 000000000119c034 09:06:44 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xffff000000000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:44 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xedc000000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:45 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xc, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:45 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xd, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:45 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x4000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:45 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0xffffffff, 0x5, 0x0, 0x0, 0x0, 0x400000}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680), 0x0, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(0xffffffffffffffff, 0x9, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x9, r6, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x3}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) open(&(0x7f0000000100)='./bus\x00', 0x80, 0x20) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:45 executing program 4 (fault-call:7 fault-nth:4): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 681.425532][T20425] FAULT_INJECTION: forcing a failure. [ 681.425532][T20425] name failslab, interval 1, probability 0, space 0, times 0 [ 681.438552][T20425] CPU: 0 PID: 20425 Comm: syz-executor.4 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 681.448908][T20425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 681.460555][T20425] Call Trace: [ 681.464932][T20425] dump_stack+0x1dd/0x24e [ 681.470141][T20425] ? devkmsg_release+0x11c/0x11c [ 681.476055][T20425] ? show_regs_print_info+0x12/0x12 [ 681.481535][T20425] should_fail+0x6fb/0x860 [ 681.486171][T20425] ? setup_fault_attr+0x3d0/0x3d0 [ 681.491210][T20425] ? alloc_fs_context+0x61/0x650 [ 681.496157][T20425] should_failslab+0x5/0x20 [ 681.500683][T20425] kmem_cache_alloc_trace+0x39/0x290 [ 681.505971][T20425] alloc_fs_context+0x61/0x650 [ 681.510832][T20425] ? _raw_read_unlock+0x21/0x40 [ 681.515689][T20425] ? get_fs_type+0x410/0x490 [ 681.520298][T20425] do_mount+0x12d1/0x2660 [ 681.524725][T20425] ? copy_mount_string+0x30/0x30 [ 681.531400][T20425] ? page_fault+0x2f/0x40 [ 681.535735][T20425] ? copy_mount_options+0x1e8/0x320 [ 681.541901][T20425] ? copy_mount_options+0x293/0x320 [ 681.547099][T20425] ksys_mount+0xc2/0xf0 [ 681.551259][T20425] __x64_sys_mount+0xb1/0xc0 [ 681.557121][T20425] do_syscall_64+0xcb/0x150 [ 681.561972][T20425] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 681.567849][T20425] RIP: 0033:0x45e219 [ 681.574348][T20425] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 681.594027][T20425] RSP: 002b:00007fa6aaf00c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 681.602457][T20425] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 681.611195][T20425] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 09:06:45 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xe, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 681.619177][T20425] RBP: 00007fa6aaf00ca0 R08: 0000000020000580 R09: 0000000000000000 [ 681.627231][T20425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 681.635278][T20425] R13: 00007fff6d55824f R14: 00007fa6aaf019c0 R15: 000000000119c034 09:06:45 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xffffff7f00000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:45 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x1000000000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:45 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000), 0x0, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x0, 0xfffffffffffffffe}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:45 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:46 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0x17f, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:46 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xedc0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:46 executing program 4 (fault-call:7 fault-nth:5): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 682.272679][T20463] FAULT_INJECTION: forcing a failure. [ 682.272679][T20463] name failslab, interval 1, probability 0, space 0, times 0 [ 682.285662][T20463] CPU: 0 PID: 20463 Comm: syz-executor.4 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 682.295815][T20463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 682.307156][T20463] Call Trace: [ 682.310433][T20463] dump_stack+0x1dd/0x24e [ 682.314741][T20463] ? devkmsg_release+0x11c/0x11c [ 682.319859][T20463] ? avc_has_perm_noaudit+0x30c/0x400 [ 682.325233][T20463] ? show_regs_print_info+0x12/0x12 [ 682.330578][T20463] ? avc_denied+0x1c0/0x1c0 [ 682.335270][T20463] should_fail+0x6fb/0x860 [ 682.339689][T20463] ? setup_fault_attr+0x3d0/0x3d0 [ 682.345555][T20463] ? cred_has_capability+0x1b1/0x410 [ 682.351946][T20463] ? cred_has_capability+0x2c3/0x410 [ 682.358210][T20463] ? v9fs_mount+0x5c/0x790 [ 682.362921][T20463] should_failslab+0x5/0x20 [ 682.367989][T20463] kmem_cache_alloc_trace+0x39/0x290 [ 682.373275][T20463] ? legacy_init_fs_context+0x4d/0xc0 [ 682.378771][T20463] v9fs_mount+0x5c/0x790 [ 682.383437][T20463] ? cap_capable+0x23f/0x280 [ 682.393376][T20463] legacy_get_tree+0xde/0x170 [ 682.400131][T20463] ? iterate_incfs_dir+0x370/0x370 [ 682.405223][T20463] vfs_get_tree+0x85/0x260 [ 682.409710][T20463] do_mount+0x18ab/0x2660 [ 682.414496][T20463] ? copy_mount_string+0x30/0x30 [ 682.420640][T20463] ? page_fault+0x2f/0x40 [ 682.425090][T20463] ? copy_mount_options+0x1e8/0x320 [ 682.430319][T20463] ? copy_mount_options+0x293/0x320 [ 682.435874][T20463] ksys_mount+0xc2/0xf0 [ 682.440242][T20463] __x64_sys_mount+0xb1/0xc0 [ 682.444930][T20463] do_syscall_64+0xcb/0x150 [ 682.449862][T20463] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 682.456031][T20463] RIP: 0033:0x45e219 [ 682.461027][T20463] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 682.480897][T20463] RSP: 002b:00007fa6aaf00c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 682.489723][T20463] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 682.497992][T20463] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 682.506047][T20463] RBP: 00007fa6aaf00ca0 R08: 0000000020000580 R09: 0000000000000000 [ 682.514006][T20463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 09:06:46 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xffffffffffffff0f, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:46 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xfeffff00000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 682.523046][T20463] R13: 00007fff6d55824f R14: 00007fa6aaf019c0 R15: 000000000119c034 09:06:46 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x20000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:46 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r2 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r3 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x46000) lseek(r3, 0x4200, 0x0) r4 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r5, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r4}]) r6 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r3, r6, 0x0, 0x8400fffffffb) sendfile(r2, r2, 0x0, 0x8080ffffff7e) 09:06:46 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000002, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:47 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xfeffff, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:47 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000003, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:47 executing program 4 (fault-call:7 fault-nth:6): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 683.119431][T20499] FAULT_INJECTION: forcing a failure. [ 683.119431][T20499] name failslab, interval 1, probability 0, space 0, times 0 [ 683.132193][T20499] CPU: 0 PID: 20499 Comm: syz-executor.4 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 683.142804][T20499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 683.154212][T20499] Call Trace: [ 683.158946][T20499] dump_stack+0x1dd/0x24e [ 683.163613][T20499] ? devkmsg_release+0x11c/0x11c [ 683.168782][T20499] ? show_regs_print_info+0x12/0x12 [ 683.173992][T20499] ? stack_trace_save+0x120/0x1f0 [ 683.179206][T20499] should_fail+0x6fb/0x860 [ 683.184503][T20499] ? setup_fault_attr+0x3d0/0x3d0 [ 683.189939][T20499] ? __kasan_kmalloc+0x189/0x1c0 [ 683.195008][T20499] ? v9fs_session_init+0xaf/0x1a00 [ 683.200313][T20499] should_failslab+0x5/0x20 [ 683.204872][T20499] __kmalloc_track_caller+0x5d/0x2c0 [ 683.210174][T20499] ? vfs_get_tree+0x85/0x260 [ 683.214760][T20499] ? do_mount+0x18ab/0x2660 [ 683.219248][T20499] ? ksys_mount+0xc2/0xf0 [ 683.223555][T20499] ? __x64_sys_mount+0xb1/0xc0 [ 683.228837][T20499] kstrdup+0x31/0x70 [ 683.232721][T20499] v9fs_session_init+0xaf/0x1a00 [ 683.237682][T20499] ? v9fs_show_options+0x530/0x530 [ 683.242865][T20499] ? v9fs_mount+0x5c/0x790 [ 683.247275][T20499] ? kmem_cache_alloc_trace+0xc3/0x290 [ 683.252740][T20499] ? legacy_init_fs_context+0x4d/0xc0 [ 683.258098][T20499] v9fs_mount+0x7f/0x790 [ 683.262863][T20499] ? cap_capable+0x23f/0x280 [ 683.267575][T20499] legacy_get_tree+0xde/0x170 [ 683.272900][T20499] ? iterate_incfs_dir+0x370/0x370 [ 683.278028][T20499] vfs_get_tree+0x85/0x260 [ 683.282430][T20499] do_mount+0x18ab/0x2660 [ 683.287033][T20499] ? copy_mount_string+0x30/0x30 [ 683.291967][T20499] ? page_fault+0x2f/0x40 [ 683.296300][T20499] ? copy_mount_options+0x1e8/0x320 [ 683.301505][T20499] ? copy_mount_options+0x293/0x320 [ 683.306699][T20499] ksys_mount+0xc2/0xf0 [ 683.310861][T20499] __x64_sys_mount+0xb1/0xc0 [ 683.315499][T20499] do_syscall_64+0xcb/0x150 [ 683.320007][T20499] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 683.326192][T20499] RIP: 0033:0x45e219 [ 683.330241][T20499] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 683.351565][T20499] RSP: 002b:00007fa6aaf00c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 683.360140][T20499] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 09:06:47 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='\"rans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:47 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x100000000000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 683.368223][T20499] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 683.377498][T20499] RBP: 00007fa6aaf00ca0 R08: 0000000020000580 R09: 0000000000000000 [ 683.387309][T20499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 683.395331][T20499] R13: 00007fff6d55824f R14: 00007fa6aaf019c0 R15: 000000000119c034 09:06:47 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000004, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:47 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:47 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000005, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:47 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x1000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:47 executing program 4 (fault-call:7 fault-nth:7): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 683.979971][T20533] FAULT_INJECTION: forcing a failure. [ 683.979971][T20533] name failslab, interval 1, probability 0, space 0, times 0 [ 683.993154][T20533] CPU: 1 PID: 20533 Comm: syz-executor.4 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 684.003309][T20533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 684.013452][T20533] Call Trace: [ 684.016772][T20533] dump_stack+0x1dd/0x24e [ 684.021107][T20533] ? devkmsg_release+0x11c/0x11c [ 684.026123][T20533] ? show_regs_print_info+0x12/0x12 [ 684.032282][T20533] should_fail+0x6fb/0x860 [ 684.037582][T20533] ? setup_fault_attr+0x3d0/0x3d0 [ 684.042953][T20533] ? __kasan_kmalloc+0x189/0x1c0 [ 684.047989][T20533] ? v9fs_session_init+0xfa/0x1a00 [ 684.053289][T20533] should_failslab+0x5/0x20 [ 684.059624][T20533] __kmalloc_track_caller+0x5d/0x2c0 [ 684.065024][T20533] ? vfs_get_tree+0x85/0x260 [ 684.070727][T20533] ? kstrdup+0x4c/0x70 [ 684.075091][T20533] kstrdup+0x31/0x70 [ 684.079074][T20533] v9fs_session_init+0xfa/0x1a00 [ 684.084943][T20533] ? v9fs_show_options+0x530/0x530 [ 684.090286][T20533] ? v9fs_mount+0x5c/0x790 [ 684.094930][T20533] ? kmem_cache_alloc_trace+0xc3/0x290 [ 684.101273][T20533] ? legacy_init_fs_context+0x4d/0xc0 [ 684.106649][T20533] v9fs_mount+0x7f/0x790 [ 684.111701][T20533] ? cap_capable+0x23f/0x280 [ 684.116554][T20533] legacy_get_tree+0xde/0x170 [ 684.121840][T20533] ? iterate_incfs_dir+0x370/0x370 [ 684.127554][T20533] vfs_get_tree+0x85/0x260 [ 684.132490][T20533] do_mount+0x18ab/0x2660 [ 684.137185][T20533] ? copy_mount_string+0x30/0x30 [ 684.142219][T20533] ? page_fault+0x2f/0x40 [ 684.146562][T20533] ? copy_mount_options+0x1e8/0x320 [ 684.151786][T20533] ? copy_mount_options+0x293/0x320 [ 684.157607][T20533] ksys_mount+0xc2/0xf0 [ 684.163627][T20533] __x64_sys_mount+0xb1/0xc0 [ 684.168375][T20533] do_syscall_64+0xcb/0x150 [ 684.172869][T20533] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 684.178884][T20533] RIP: 0033:0x45e219 [ 684.183148][T20533] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 684.204199][T20533] RSP: 002b:00007fa6aaf00c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 684.213035][T20533] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 684.221011][T20533] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 09:06:48 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB=',rans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:48 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x200000000000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 684.228996][T20533] RBP: 00007fa6aaf00ca0 R08: 0000000020000580 R09: 0000000000000000 [ 684.237212][T20533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 684.245275][T20533] R13: 00007fff6d55824f R14: 00007fa6aaf019c0 R15: 000000000119c034 09:06:48 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000006, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:48 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x7d, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f00000000c0)}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x0, &(0x7f0000000540)) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:48 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000007, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:48 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x2000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:48 executing program 4 (fault-call:7 fault-nth:8): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 684.828464][T20570] FAULT_INJECTION: forcing a failure. [ 684.828464][T20570] name failslab, interval 1, probability 0, space 0, times 0 [ 684.842048][T20570] CPU: 0 PID: 20570 Comm: syz-executor.4 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 684.852188][T20570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 684.863208][T20570] Call Trace: [ 684.866836][T20570] dump_stack+0x1dd/0x24e [ 684.871280][T20570] ? devkmsg_release+0x11c/0x11c [ 684.876220][T20570] ? show_regs_print_info+0x12/0x12 [ 684.881471][T20570] ? __kasan_kmalloc+0x189/0x1c0 [ 684.887108][T20570] should_fail+0x6fb/0x860 [ 684.892152][T20570] ? setup_fault_attr+0x3d0/0x3d0 [ 684.897722][T20570] ? p9_client_create+0xc4/0xb90 [ 684.902708][T20570] should_failslab+0x5/0x20 [ 684.907439][T20570] kmem_cache_alloc_trace+0x39/0x290 [ 684.912971][T20570] p9_client_create+0xc4/0xb90 [ 684.917821][T20570] ? p9_parse_header+0x6b0/0x6b0 [ 684.922763][T20570] ? __kasan_kmalloc+0x189/0x1c0 [ 684.927722][T20570] ? v9fs_session_init+0xfa/0x1a00 [ 684.933174][T20570] ? __kmalloc_track_caller+0x20e/0x2c0 [ 684.941375][T20570] ? vfs_get_tree+0x85/0x260 [ 684.946167][T20570] ? kstrdup+0x4c/0x70 [ 684.950689][T20570] v9fs_session_init+0x208/0x1a00 [ 684.955697][T20570] ? v9fs_show_options+0x530/0x530 [ 684.961158][T20570] ? v9fs_mount+0x5c/0x790 [ 684.965684][T20570] ? kmem_cache_alloc_trace+0xc3/0x290 [ 684.972461][T20570] ? legacy_init_fs_context+0x4d/0xc0 [ 684.977825][T20570] v9fs_mount+0x7f/0x790 [ 684.982060][T20570] ? cap_capable+0x23f/0x280 [ 684.987431][T20570] legacy_get_tree+0xde/0x170 [ 684.992180][T20570] ? iterate_incfs_dir+0x370/0x370 [ 684.997369][T20570] vfs_get_tree+0x85/0x260 [ 685.002658][T20570] do_mount+0x18ab/0x2660 [ 685.007942][T20570] ? copy_mount_string+0x30/0x30 [ 685.013487][T20570] ? page_fault+0x2f/0x40 [ 685.017893][T20570] ? copy_mount_options+0x1e8/0x320 [ 685.023278][T20570] ? copy_mount_options+0x293/0x320 [ 685.029338][T20570] ksys_mount+0xc2/0xf0 [ 685.035093][T20570] __x64_sys_mount+0xb1/0xc0 [ 685.042791][T20570] do_syscall_64+0xcb/0x150 [ 685.049302][T20570] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 685.056914][T20570] RIP: 0033:0x45e219 [ 685.061181][T20570] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 685.082720][T20570] RSP: 002b:00007fa6aaf00c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 685.091818][T20570] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 685.104160][T20570] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 685.114132][T20570] RBP: 00007fa6aaf00ca0 R08: 0000000020000580 R09: 0000000000000000 09:06:49 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='t\"ans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 685.122303][T20570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008 [ 685.131061][T20570] R13: 00007fff6d55824f R14: 00007fa6aaf019c0 R15: 000000000119c034 09:06:49 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x800000000000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:49 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000008, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:49 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000009, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:49 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680), 0x0, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500)}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x3, 0x1000003e, 0x0, 0x3, 0x800000, 0x0, 0x200400000002, 0x10, 0x4000d}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x20, r6}]) open(&(0x7f0000000080)='./bus\x00', 0x0, 0x12c) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:49 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x8000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:49 executing program 4 (fault-call:7 fault-nth:9): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:49 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x1500000a, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 685.676253][T20603] FAULT_INJECTION: forcing a failure. [ 685.676253][T20603] name failslab, interval 1, probability 0, space 0, times 0 [ 685.689918][T20603] CPU: 1 PID: 20603 Comm: syz-executor.4 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 685.700988][T20603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 685.711223][T20603] Call Trace: [ 685.716112][T20603] dump_stack+0x1dd/0x24e [ 685.720709][T20603] ? devkmsg_release+0x11c/0x11c [ 685.726379][T20603] ? show_regs_print_info+0x12/0x12 [ 685.732223][T20603] should_fail+0x6fb/0x860 [ 685.738514][T20603] ? setup_fault_attr+0x3d0/0x3d0 [ 685.743720][T20603] ? p9_client_create+0x2fc/0xb90 [ 685.748852][T20603] should_failslab+0x5/0x20 [ 685.753466][T20603] __kmalloc_track_caller+0x5d/0x2c0 [ 685.759096][T20603] kstrdup+0x31/0x70 [ 685.763816][T20603] p9_client_create+0x2fc/0xb90 [ 685.769554][T20603] ? p9_parse_header+0x6b0/0x6b0 [ 685.774716][T20603] ? __kasan_kmalloc+0x189/0x1c0 [ 685.780003][T20603] ? __kmalloc_track_caller+0x20e/0x2c0 [ 685.785534][T20603] ? vfs_get_tree+0x85/0x260 [ 685.790292][T20603] v9fs_session_init+0x208/0x1a00 [ 685.795530][T20603] ? v9fs_show_options+0x530/0x530 [ 685.800655][T20603] ? v9fs_mount+0x5c/0x790 [ 685.805702][T20603] ? kmem_cache_alloc_trace+0xc3/0x290 [ 685.811305][T20603] ? legacy_init_fs_context+0x4d/0xc0 [ 685.816696][T20603] v9fs_mount+0x7f/0x790 [ 685.821048][T20603] ? cap_capable+0x23f/0x280 [ 685.825646][T20603] legacy_get_tree+0xde/0x170 [ 685.830319][T20603] ? iterate_incfs_dir+0x370/0x370 [ 685.835587][T20603] vfs_get_tree+0x85/0x260 [ 685.840888][T20603] do_mount+0x18ab/0x2660 [ 685.845225][T20603] ? copy_mount_string+0x30/0x30 [ 685.850388][T20603] ? page_fault+0x2f/0x40 [ 685.854746][T20603] ? copy_mount_options+0x1e8/0x320 [ 685.859947][T20603] ? copy_mount_options+0x293/0x320 [ 685.865225][T20603] ksys_mount+0xc2/0xf0 [ 685.869405][T20603] __x64_sys_mount+0xb1/0xc0 [ 685.873994][T20603] do_syscall_64+0xcb/0x150 [ 685.878498][T20603] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 685.884881][T20603] RIP: 0033:0x45e219 [ 685.888874][T20603] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 685.908758][T20603] RSP: 002b:00007fa6aaf00c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 685.918566][T20603] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 09:06:50 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='t,ans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 685.926555][T20603] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 685.934527][T20603] RBP: 00007fa6aaf00ca0 R08: 0000000020000580 R09: 0000000000000000 [ 685.942512][T20603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000009 [ 685.950568][T20603] R13: 00007fff6d55824f R14: 00007fa6aaf019c0 R15: 000000000119c034 09:06:50 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x1500000b, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:50 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xa00000000000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:50 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x1500000c, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:50 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xa000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:50 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x10000, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:50 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x1500000d, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:50 executing program 4 (fault-call:7 fault-nth:10): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 686.530568][T20644] FAULT_INJECTION: forcing a failure. [ 686.530568][T20644] name failslab, interval 1, probability 0, space 0, times 0 [ 686.544597][T20644] CPU: 1 PID: 20644 Comm: syz-executor.4 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 686.555247][T20644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 686.565306][T20644] Call Trace: [ 686.568633][T20644] dump_stack+0x1dd/0x24e [ 686.572976][T20644] ? devkmsg_release+0x11c/0x11c [ 686.577947][T20644] ? show_regs_print_info+0x12/0x12 [ 686.583158][T20644] should_fail+0x6fb/0x860 [ 686.588019][T20644] ? setup_fault_attr+0x3d0/0x3d0 [ 686.593227][T20644] ? match_token+0x6a2/0x710 [ 686.597821][T20644] ? p9_client_create+0x506/0xb90 [ 686.602881][T20644] should_failslab+0x5/0x20 [ 686.607746][T20644] __kmalloc_track_caller+0x5d/0x2c0 [ 686.613037][T20644] ? kstrdup+0x4c/0x70 [ 686.617117][T20644] kmemdup_nul+0x27/0xa0 [ 686.621513][T20644] p9_client_create+0x506/0xb90 [ 686.626375][T20644] ? p9_parse_header+0x6b0/0x6b0 [ 686.631320][T20644] ? __kasan_kmalloc+0x189/0x1c0 [ 686.636276][T20644] ? __kmalloc_track_caller+0x20e/0x2c0 [ 686.642114][T20644] ? vfs_get_tree+0x85/0x260 [ 686.646726][T20644] v9fs_session_init+0x208/0x1a00 [ 686.651994][T20644] ? v9fs_show_options+0x530/0x530 [ 686.657250][T20644] ? v9fs_mount+0x5c/0x790 [ 686.661653][T20644] ? kmem_cache_alloc_trace+0xc3/0x290 [ 686.667512][T20644] ? legacy_init_fs_context+0x4d/0xc0 [ 686.673213][T20644] v9fs_mount+0x7f/0x790 [ 686.677446][T20644] ? cap_capable+0x23f/0x280 [ 686.682047][T20644] legacy_get_tree+0xde/0x170 [ 686.687097][T20644] ? iterate_incfs_dir+0x370/0x370 [ 686.692312][T20644] vfs_get_tree+0x85/0x260 [ 686.696718][T20644] do_mount+0x18ab/0x2660 [ 686.701026][T20644] ? copy_mount_string+0x30/0x30 [ 686.705959][T20644] ? page_fault+0x2f/0x40 [ 686.710287][T20644] ? copy_mount_options+0x1e8/0x320 [ 686.715717][T20644] ? copy_mount_options+0x293/0x320 [ 686.721259][T20644] ksys_mount+0xc2/0xf0 [ 686.725552][T20644] __x64_sys_mount+0xb1/0xc0 [ 686.730236][T20644] do_syscall_64+0xcb/0x150 [ 686.734716][T20644] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 686.740692][T20644] RIP: 0033:0x45e219 [ 686.744682][T20644] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 686.765177][T20644] RSP: 002b:00007fa6aaf00c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 686.773590][T20644] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 09:06:50 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='tr\"ns=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 686.781587][T20644] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 686.790003][T20644] RBP: 00007fa6aaf00ca0 R08: 0000000020000580 R09: 0000000000000000 [ 686.797982][T20644] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000a [ 686.805943][T20644] R13: 00007fff6d55824f R14: 00007fa6aaf019c0 R15: 000000000119c034 09:06:50 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xfffffffffffffff, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:50 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x1500000e, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:51 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x1500000f, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:51 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x10000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:51 executing program 4 (fault-call:7 fault-nth:11): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:51 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x400, 0x100) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) [ 687.374448][T20679] FAULT_INJECTION: forcing a failure. [ 687.374448][T20679] name failslab, interval 1, probability 0, space 0, times 0 [ 687.388019][T20679] CPU: 1 PID: 20679 Comm: syz-executor.4 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 687.398792][T20679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 687.408848][T20679] Call Trace: [ 687.412138][T20679] dump_stack+0x1dd/0x24e [ 687.417244][T20679] ? devkmsg_release+0x11c/0x11c [ 687.422178][T20679] ? show_regs_print_info+0x12/0x12 [ 687.427383][T20679] ? stack_trace_save+0x120/0x1f0 [ 687.432441][T20679] ? stack_trace_snprint+0x150/0x150 [ 687.438161][T20679] should_fail+0x6fb/0x860 [ 687.443274][T20679] ? setup_fault_attr+0x3d0/0x3d0 [ 687.448296][T20679] ? slab_free_freelist_hook+0xd0/0x150 [ 687.454741][T20679] ? kfree+0x12c/0x660 [ 687.458799][T20679] ? p9_client_create+0x789/0xb90 [ 687.464979][T20679] ? v9fs_session_init+0x208/0x1a00 [ 687.470162][T20679] ? v9fs_mount+0x7f/0x790 [ 687.474564][T20679] ? vfs_get_tree+0x85/0x260 [ 687.479150][T20679] ? do_mount+0x18ab/0x2660 [ 687.483643][T20679] ? ksys_mount+0xc2/0xf0 [ 687.487983][T20679] ? parse_opts+0x1a1/0x6e0 [ 687.492744][T20679] should_failslab+0x5/0x20 [ 687.497262][T20679] __kmalloc_track_caller+0x5d/0x2c0 [ 687.502550][T20679] kstrdup+0x31/0x70 [ 687.506436][T20679] parse_opts+0x1a1/0x6e0 [ 687.510764][T20679] ? p9_fd_show_options+0x1a0/0x1a0 [ 687.516076][T20679] p9_fd_create+0x91/0x480 [ 687.520485][T20679] ? p9_client_create+0x789/0xb90 [ 687.525518][T20679] ? p9_fd_create_unix+0x470/0x470 [ 687.530651][T20679] ? __kmalloc_track_caller+0x20e/0x2c0 [ 687.536209][T20679] ? kmemdup_nul+0x42/0xa0 [ 687.541068][T20679] p9_client_create+0x81b/0xb90 [ 687.545926][T20679] ? p9_parse_header+0x6b0/0x6b0 [ 687.550899][T20679] ? __kasan_kmalloc+0x189/0x1c0 [ 687.555848][T20679] ? __kmalloc_track_caller+0x20e/0x2c0 [ 687.561398][T20679] ? vfs_get_tree+0x85/0x260 [ 687.566082][T20679] v9fs_session_init+0x208/0x1a00 [ 687.571136][T20679] ? v9fs_show_options+0x530/0x530 [ 687.576280][T20679] ? v9fs_mount+0x5c/0x790 [ 687.580719][T20679] ? kmem_cache_alloc_trace+0xc3/0x290 [ 687.586705][T20679] ? legacy_init_fs_context+0x4d/0xc0 [ 687.592088][T20679] v9fs_mount+0x7f/0x790 [ 687.597474][T20679] ? cap_capable+0x23f/0x280 [ 687.603052][T20679] legacy_get_tree+0xde/0x170 [ 687.607731][T20679] ? iterate_incfs_dir+0x370/0x370 [ 687.612823][T20679] vfs_get_tree+0x85/0x260 [ 687.617344][T20679] do_mount+0x18ab/0x2660 [ 687.621935][T20679] ? copy_mount_string+0x30/0x30 [ 687.626865][T20679] ? page_fault+0x2f/0x40 [ 687.631213][T20679] ? copy_mount_options+0x1e8/0x320 [ 687.636483][T20679] ? copy_mount_options+0x293/0x320 [ 687.641803][T20679] ksys_mount+0xc2/0xf0 [ 687.646026][T20679] __x64_sys_mount+0xb1/0xc0 [ 687.650651][T20679] do_syscall_64+0xcb/0x150 [ 687.656026][T20679] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 687.661907][T20679] RIP: 0033:0x45e219 [ 687.665797][T20679] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 687.685652][T20679] RSP: 002b:00007fa6aaf00c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 687.694681][T20679] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 687.702643][T20679] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 687.710622][T20679] RBP: 00007fa6aaf00ca0 R08: 0000000020000580 R09: 0000000000000000 09:06:51 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000010, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 687.719216][T20679] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000b [ 687.727184][T20679] R13: 00007fff6d55824f R14: 00007fa6aaf019c0 R15: 000000000119c034 [ 687.735421][T20679] 9pnet: Insufficient options for proto=fd 09:06:51 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x1000000000000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:51 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='tr,ns=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:52 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000011, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:52 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x20000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:52 executing program 4 (fault-call:7 fault-nth:12): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 688.232013][T20711] FAULT_INJECTION: forcing a failure. [ 688.232013][T20711] name failslab, interval 1, probability 0, space 0, times 0 [ 688.245359][T20711] CPU: 0 PID: 20711 Comm: syz-executor.4 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 688.256759][T20711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 688.267169][T20711] Call Trace: [ 688.271225][T20711] dump_stack+0x1dd/0x24e [ 688.275551][T20711] ? devkmsg_release+0x11c/0x11c [ 688.280563][T20711] ? p9_client_create+0x81b/0xb90 [ 688.285566][T20711] ? show_regs_print_info+0x12/0x12 [ 688.290874][T20711] ? vfs_get_tree+0x85/0x260 [ 688.295676][T20711] ? ksys_mount+0xc2/0xf0 [ 688.300157][T20711] ? __x64_sys_mount+0xb1/0xc0 [ 688.304912][T20711] ? do_syscall_64+0xcb/0x150 [ 688.309662][T20711] should_fail+0x6fb/0x860 [ 688.314083][T20711] ? setup_fault_attr+0x3d0/0x3d0 [ 688.319197][T20711] ? simple_strtoul+0x107/0x1e0 [ 688.324052][T20711] ? simple_strtoull+0x1e0/0x1e0 [ 688.328972][T20711] ? match_int+0xd9/0x1e0 [ 688.333302][T20711] should_failslab+0x5/0x20 [ 688.337977][T20711] __kmalloc_track_caller+0x5d/0x2c0 [ 688.343317][T20711] kmemdup_nul+0x27/0xa0 [ 688.347552][T20711] match_int+0xd9/0x1e0 [ 688.351699][T20711] ? match_token+0x710/0x710 [ 688.356843][T20711] ? __kmalloc_track_caller+0x20e/0x2c0 [ 688.362575][T20711] ? kstrdup+0x4c/0x70 [ 688.367250][T20711] parse_opts+0x2a6/0x6e0 [ 688.371574][T20711] ? p9_fd_show_options+0x1a0/0x1a0 [ 688.376773][T20711] p9_fd_create+0x91/0x480 [ 688.381171][T20711] ? p9_client_create+0x789/0xb90 [ 688.386769][T20711] ? p9_fd_create_unix+0x470/0x470 [ 688.392671][T20711] ? __kmalloc_track_caller+0x20e/0x2c0 [ 688.398201][T20711] ? kmemdup_nul+0x42/0xa0 [ 688.402619][T20711] p9_client_create+0x81b/0xb90 [ 688.407451][T20711] ? p9_parse_header+0x6b0/0x6b0 [ 688.412384][T20711] ? __kasan_kmalloc+0x189/0x1c0 [ 688.417312][T20711] ? __kmalloc_track_caller+0x20e/0x2c0 [ 688.423446][T20711] ? vfs_get_tree+0x85/0x260 [ 688.428039][T20711] v9fs_session_init+0x208/0x1a00 [ 688.433065][T20711] ? v9fs_show_options+0x530/0x530 [ 688.438487][T20711] ? v9fs_mount+0x5c/0x790 [ 688.442902][T20711] ? kmem_cache_alloc_trace+0xc3/0x290 [ 688.448478][T20711] ? legacy_init_fs_context+0x4d/0xc0 [ 688.454823][T20711] v9fs_mount+0x7f/0x790 [ 688.459166][T20711] ? cap_capable+0x23f/0x280 [ 688.463775][T20711] legacy_get_tree+0xde/0x170 [ 688.468576][T20711] ? iterate_incfs_dir+0x370/0x370 [ 688.473876][T20711] vfs_get_tree+0x85/0x260 [ 688.478315][T20711] do_mount+0x18ab/0x2660 [ 688.482631][T20711] ? copy_mount_string+0x30/0x30 [ 688.487562][T20711] ? page_fault+0x2f/0x40 [ 688.491883][T20711] ? copy_mount_options+0x1e8/0x320 [ 688.497066][T20711] ? copy_mount_options+0x293/0x320 [ 688.502292][T20711] ksys_mount+0xc2/0xf0 [ 688.506458][T20711] __x64_sys_mount+0xb1/0xc0 [ 688.511049][T20711] do_syscall_64+0xcb/0x150 [ 688.515542][T20711] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 688.521561][T20711] RIP: 0033:0x45e219 [ 688.525616][T20711] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 688.548341][T20711] RSP: 002b:00007fa6aaf00c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 688.556879][T20711] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 688.564840][T20711] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 688.572831][T20711] RBP: 00007fa6aaf00ca0 R08: 0000000020000580 R09: 0000000000000000 [ 688.580904][T20711] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000c [ 688.588881][T20711] R13: 00007fff6d55824f R14: 00007fa6aaf019c0 R15: 000000000119c034 [ 688.596999][T20711] 9pnet: Insufficient options for proto=fd 09:06:52 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r8, r4, 0x0, 0x8080ffffff7e) 09:06:52 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='tra\"s=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:52 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x2000000000000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:52 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000012, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:53 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x20100000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:53 executing program 4 (fault-call:7 fault-nth:13): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 689.101527][T20744] FAULT_INJECTION: forcing a failure. [ 689.101527][T20744] name failslab, interval 1, probability 0, space 0, times 0 [ 689.114383][T20744] CPU: 0 PID: 20744 Comm: syz-executor.4 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 689.125025][T20744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 689.135089][T20744] Call Trace: [ 689.138478][T20744] dump_stack+0x1dd/0x24e [ 689.142888][T20744] ? devkmsg_release+0x11c/0x11c [ 689.148289][T20744] ? show_regs_print_info+0x12/0x12 [ 689.153493][T20744] should_fail+0x6fb/0x860 [ 689.157925][T20744] ? setup_fault_attr+0x3d0/0x3d0 [ 689.162940][T20744] ? simple_strtoul+0x107/0x1e0 [ 689.167786][T20744] ? simple_strtoull+0x1e0/0x1e0 [ 689.173073][T20744] ? match_int+0xd9/0x1e0 [ 689.177423][T20744] should_failslab+0x5/0x20 [ 689.182205][T20744] __kmalloc_track_caller+0x5d/0x2c0 [ 689.187493][T20744] ? kmemdup_nul+0x42/0xa0 [ 689.191916][T20744] kmemdup_nul+0x27/0xa0 [ 689.196181][T20744] match_int+0xd9/0x1e0 [ 689.200490][T20744] ? match_token+0x710/0x710 [ 689.205077][T20744] ? __kmalloc_track_caller+0x20e/0x2c0 [ 689.210608][T20744] ? kstrdup+0x4c/0x70 [ 689.214835][T20744] parse_opts+0x2a6/0x6e0 [ 689.219207][T20744] ? p9_fd_show_options+0x1a0/0x1a0 [ 689.224403][T20744] p9_fd_create+0x91/0x480 [ 689.228837][T20744] ? p9_client_create+0x789/0xb90 [ 689.234034][T20744] ? p9_fd_create_unix+0x470/0x470 [ 689.239135][T20744] ? __kmalloc_track_caller+0x20e/0x2c0 [ 689.244679][T20744] ? kmemdup_nul+0x42/0xa0 [ 689.249088][T20744] p9_client_create+0x81b/0xb90 [ 689.253919][T20744] ? p9_parse_header+0x6b0/0x6b0 [ 689.258849][T20744] ? __kasan_kmalloc+0x189/0x1c0 [ 689.263813][T20744] ? __kmalloc_track_caller+0x20e/0x2c0 [ 689.269510][T20744] ? vfs_get_tree+0x85/0x260 [ 689.274096][T20744] v9fs_session_init+0x208/0x1a00 [ 689.279252][T20744] ? v9fs_show_options+0x530/0x530 [ 689.284362][T20744] ? v9fs_mount+0x5c/0x790 [ 689.288869][T20744] ? kmem_cache_alloc_trace+0xc3/0x290 [ 689.294407][T20744] ? legacy_init_fs_context+0x4d/0xc0 [ 689.299915][T20744] v9fs_mount+0x7f/0x790 [ 689.304512][T20744] ? cap_capable+0x23f/0x280 [ 689.309215][T20744] legacy_get_tree+0xde/0x170 [ 689.313885][T20744] ? iterate_incfs_dir+0x370/0x370 [ 689.319098][T20744] vfs_get_tree+0x85/0x260 [ 689.323519][T20744] do_mount+0x18ab/0x2660 [ 689.327994][T20744] ? copy_mount_string+0x30/0x30 [ 689.332943][T20744] ? page_fault+0x2f/0x40 [ 689.337286][T20744] ? copy_mount_options+0x1e8/0x320 [ 689.342475][T20744] ? copy_mount_options+0x293/0x320 [ 689.349708][T20744] ksys_mount+0xc2/0xf0 [ 689.353951][T20744] __x64_sys_mount+0xb1/0xc0 [ 689.358533][T20744] do_syscall_64+0xcb/0x150 [ 689.363360][T20744] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 689.369449][T20744] RIP: 0033:0x45e219 [ 689.373525][T20744] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 689.395811][T20744] RSP: 002b:00007fa6aaf00c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 689.404660][T20744] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 689.412661][T20744] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 689.420639][T20744] RBP: 00007fa6aaf00ca0 R08: 0000000020000580 R09: 0000000000000000 [ 689.428633][T20744] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000d [ 689.437638][T20744] R13: 00007fff6d55824f R14: 00007fa6aaf019c0 R15: 000000000119c034 09:06:53 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000013, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 689.448963][T20744] 9pnet: Insufficient options for proto=fd 09:06:53 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='tra,s=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:53 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x2010000000000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:53 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x1a1c}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:53 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000014, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:54 executing program 4 (fault-call:7 fault-nth:14): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:54 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x22000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 690.055515][T20780] FAULT_INJECTION: forcing a failure. [ 690.055515][T20780] name failslab, interval 1, probability 0, space 0, times 0 [ 690.068375][T20780] CPU: 1 PID: 20780 Comm: syz-executor.4 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 690.078547][T20780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 690.088824][T20780] Call Trace: [ 690.092102][T20780] dump_stack+0x1dd/0x24e [ 690.096607][T20780] ? devkmsg_release+0x11c/0x11c [ 690.101553][T20780] ? show_regs_print_info+0x12/0x12 [ 690.106835][T20780] should_fail+0x6fb/0x860 [ 690.111260][T20780] ? setup_fault_attr+0x3d0/0x3d0 [ 690.116273][T20780] ? simple_strtoul+0x107/0x1e0 [ 690.121170][T20780] ? simple_strtoull+0x1e0/0x1e0 [ 690.126420][T20780] ? match_int+0xd9/0x1e0 [ 690.130801][T20780] should_failslab+0x5/0x20 [ 690.135323][T20780] __kmalloc_track_caller+0x5d/0x2c0 [ 690.140604][T20780] ? kmemdup_nul+0x42/0xa0 [ 690.145268][T20780] kmemdup_nul+0x27/0xa0 [ 690.149613][T20780] match_int+0xd9/0x1e0 [ 690.155958][T20780] ? match_token+0x710/0x710 [ 690.160679][T20780] ? __kmalloc_track_caller+0x20e/0x2c0 [ 690.166234][T20780] ? kstrdup+0x4c/0x70 [ 690.170307][T20780] parse_opts+0x2a6/0x6e0 [ 690.174762][T20780] ? p9_fd_show_options+0x1a0/0x1a0 [ 690.179974][T20780] p9_fd_create+0x91/0x480 [ 690.184412][T20780] ? p9_client_create+0x789/0xb90 [ 690.189470][T20780] ? p9_fd_create_unix+0x470/0x470 [ 690.194614][T20780] ? __kmalloc_track_caller+0x20e/0x2c0 [ 690.200414][T20780] ? kmemdup_nul+0x42/0xa0 [ 690.204868][T20780] p9_client_create+0x81b/0xb90 [ 690.209729][T20780] ? p9_parse_header+0x6b0/0x6b0 [ 690.214759][T20780] ? __kasan_kmalloc+0x189/0x1c0 [ 690.219691][T20780] ? __kmalloc_track_caller+0x20e/0x2c0 [ 690.225493][T20780] ? vfs_get_tree+0x85/0x260 [ 690.230642][T20780] v9fs_session_init+0x208/0x1a00 [ 690.236024][T20780] ? v9fs_show_options+0x530/0x530 [ 690.241120][T20780] ? v9fs_mount+0x5c/0x790 [ 690.245531][T20780] ? kmem_cache_alloc_trace+0xc3/0x290 [ 690.250982][T20780] ? legacy_init_fs_context+0x4d/0xc0 [ 690.256356][T20780] v9fs_mount+0x7f/0x790 [ 690.260629][T20780] ? cap_capable+0x23f/0x280 [ 690.265201][T20780] legacy_get_tree+0xde/0x170 [ 690.269889][T20780] ? iterate_incfs_dir+0x370/0x370 [ 690.274996][T20780] vfs_get_tree+0x85/0x260 [ 690.279413][T20780] do_mount+0x18ab/0x2660 [ 690.283745][T20780] ? copy_mount_string+0x30/0x30 [ 690.288666][T20780] ? page_fault+0x2f/0x40 [ 690.292999][T20780] ? copy_mount_options+0x1e8/0x320 [ 690.298183][T20780] ? copy_mount_options+0x293/0x320 [ 690.303400][T20780] ksys_mount+0xc2/0xf0 [ 690.307548][T20780] __x64_sys_mount+0xb1/0xc0 [ 690.312130][T20780] do_syscall_64+0xcb/0x150 [ 690.316619][T20780] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 690.322515][T20780] RIP: 0033:0x45e219 [ 690.326395][T20780] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 690.346744][T20780] RSP: 002b:00007fa6aaf00c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 690.355160][T20780] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 690.364259][T20780] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 690.372227][T20780] RBP: 00007fa6aaf00ca0 R08: 0000000020000580 R09: 0000000000000000 [ 690.380280][T20780] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000e [ 690.388240][T20780] R13: 00007fff6d55824f R14: 00007fa6aaf019c0 R15: 000000000119c034 [ 690.396413][T20780] 9pnet: Insufficient options for proto=fd 09:06:54 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='tran\"=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:54 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x2200000000000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:54 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000015, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:54 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x6, 0x10000028, 0x9, 0x7}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x0, 0x9}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:54 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x3f000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:54 executing program 4 (fault-call:7 fault-nth:15): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:54 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000016, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 690.903321][T20813] FAULT_INJECTION: forcing a failure. [ 690.903321][T20813] name failslab, interval 1, probability 0, space 0, times 0 [ 690.916022][T20813] CPU: 0 PID: 20813 Comm: syz-executor.4 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 690.926190][T20813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 690.936387][T20813] Call Trace: [ 690.939713][T20813] dump_stack+0x1dd/0x24e [ 690.944038][T20813] ? devkmsg_release+0x11c/0x11c [ 690.948967][T20813] ? arch_stack_walk+0xf8/0x140 [ 690.953823][T20813] ? show_regs_print_info+0x12/0x12 [ 690.959037][T20813] should_fail+0x6fb/0x860 [ 690.963463][T20813] ? setup_fault_attr+0x3d0/0x3d0 [ 690.968889][T20813] ? p9_client_prepare_req+0xb1/0x7e0 [ 690.974368][T20813] should_failslab+0x5/0x20 [ 690.978872][T20813] kmem_cache_alloc+0x36/0x270 [ 690.983652][T20813] p9_client_prepare_req+0xb1/0x7e0 [ 690.988835][T20813] ? p9_client_create+0x81b/0xb90 [ 690.993876][T20813] ? v9fs_session_init+0x208/0x1a00 [ 690.999107][T20813] ? v9fs_mount+0x7f/0x790 [ 691.003520][T20813] p9_client_rpc+0x12c/0xb80 [ 691.008202][T20813] ? _raw_spin_lock_irqsave+0xf8/0x210 [ 691.013652][T20813] ? p9_fid_create+0x260/0x260 [ 691.018405][T20813] ? __fget+0x37c/0x3c0 [ 691.022576][T20813] ? add_wait_queue+0x77/0x130 [ 691.027516][T20813] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 691.033353][T20813] p9_client_version+0x183/0x700 [ 691.038564][T20813] ? p9_conn_create+0x4a6/0x520 [ 691.043559][T20813] ? p9_fd_create+0x391/0x480 [ 691.049543][T20813] ? p9_client_create+0xb90/0xb90 [ 691.064152][T20813] ? p9_fd_create_unix+0x470/0x470 [ 691.069270][T20813] ? __kmalloc_track_caller+0x20e/0x2c0 [ 691.075795][T20813] ? kmemdup_nul+0x42/0xa0 [ 691.080215][T20813] p9_client_create+0x8e5/0xb90 [ 691.085357][T20813] ? p9_parse_header+0x6b0/0x6b0 [ 691.091946][T20813] ? __kasan_kmalloc+0x189/0x1c0 [ 691.097065][T20813] ? __kmalloc_track_caller+0x20e/0x2c0 [ 691.102931][T20813] ? vfs_get_tree+0x85/0x260 [ 691.107509][T20813] v9fs_session_init+0x208/0x1a00 [ 691.117160][T20813] ? v9fs_show_options+0x530/0x530 [ 691.122457][T20813] ? v9fs_mount+0x5c/0x790 [ 691.126896][T20813] ? kmem_cache_alloc_trace+0xc3/0x290 [ 691.132395][T20813] ? legacy_init_fs_context+0x4d/0xc0 [ 691.137809][T20813] v9fs_mount+0x7f/0x790 [ 691.142079][T20813] ? cap_capable+0x23f/0x280 [ 691.146808][T20813] legacy_get_tree+0xde/0x170 [ 691.153476][T20813] ? iterate_incfs_dir+0x370/0x370 [ 691.165728][T20813] vfs_get_tree+0x85/0x260 [ 691.173547][T20813] do_mount+0x18ab/0x2660 [ 691.179809][T20813] ? copy_mount_string+0x30/0x30 [ 691.185840][T20813] ? page_fault+0x2f/0x40 [ 691.190508][T20813] ? copy_mount_options+0x1e8/0x320 [ 691.195727][T20813] ? copy_mount_options+0x293/0x320 [ 691.201147][T20813] ksys_mount+0xc2/0xf0 [ 691.207947][T20813] __x64_sys_mount+0xb1/0xc0 [ 691.214664][T20813] do_syscall_64+0xcb/0x150 [ 691.221227][T20813] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 691.227242][T20813] RIP: 0033:0x45e219 [ 691.231234][T20813] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 691.250834][T20813] RSP: 002b:00007fa6aaf00c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 09:06:55 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='tran%=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 691.259458][T20813] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 691.267415][T20813] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 691.275367][T20813] RBP: 00007fa6aaf00ca0 R08: 0000000020000580 R09: 0000000000000000 [ 691.283320][T20813] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000f [ 691.291376][T20813] R13: 00007fff6d55824f R14: 00007fa6aaf019c0 R15: 000000000119c034 09:06:55 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000017, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:55 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x4000000000000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:55 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) prlimit64(r0, 0xa, &(0x7f0000000180)={0x6}, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000100)="1ae7", 0x2}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x2, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x20}, 0x0) r4 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46000) lseek(r4, 0x4200, 0x0) r5 = creat(&(0x7f0000000040)='./bus\x00', 0x48) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r5, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) sendfile(r4, r7, 0x0, 0x8400fffffffb) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8080ffffff7e) 09:06:55 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000018, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:55 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x40000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:55 executing program 4 (fault-call:7 fault-nth:16): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 691.884639][T20849] FAULT_INJECTION: forcing a failure. [ 691.884639][T20849] name failslab, interval 1, probability 0, space 0, times 0 [ 691.897297][T20849] CPU: 0 PID: 20849 Comm: syz-executor.4 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 691.907601][T20849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 691.917920][T20849] Call Trace: [ 691.921223][T20849] dump_stack+0x1dd/0x24e [ 691.925556][T20849] ? devkmsg_release+0x11c/0x11c [ 691.930501][T20849] ? show_regs_print_info+0x12/0x12 [ 691.936058][T20849] should_fail+0x6fb/0x860 [ 691.940916][T20849] ? setup_fault_attr+0x3d0/0x3d0 [ 691.945973][T20849] ? p9_fcall_init+0x117/0x200 [ 691.950743][T20849] should_failslab+0x5/0x20 [ 691.955278][T20849] __kmalloc+0x5f/0x2d0 [ 691.959436][T20849] p9_fcall_init+0x117/0x200 [ 691.964277][T20849] p9_client_prepare_req+0x10d/0x7e0 [ 691.974698][T20849] ? p9_client_create+0x81b/0xb90 [ 691.980016][T20849] ? v9fs_session_init+0x208/0x1a00 [ 691.985215][T20849] ? v9fs_mount+0x7f/0x790 [ 691.989633][T20849] p9_client_rpc+0x12c/0xb80 [ 691.994227][T20849] ? _raw_spin_lock_irqsave+0xf8/0x210 [ 691.999707][T20849] ? p9_fid_create+0x260/0x260 [ 692.004497][T20849] ? __fget+0x37c/0x3c0 [ 692.008676][T20849] ? add_wait_queue+0x77/0x130 [ 692.013468][T20849] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 692.019422][T20849] p9_client_version+0x183/0x700 [ 692.024491][T20849] ? p9_conn_create+0x4a6/0x520 [ 692.029349][T20849] ? p9_fd_create+0x391/0x480 [ 692.034027][T20849] ? p9_client_create+0xb90/0xb90 [ 692.039052][T20849] ? p9_fd_create_unix+0x470/0x470 [ 692.044165][T20849] ? __kmalloc_track_caller+0x20e/0x2c0 [ 692.049806][T20849] ? kmemdup_nul+0x42/0xa0 [ 692.054229][T20849] p9_client_create+0x8e5/0xb90 [ 692.059277][T20849] ? p9_parse_header+0x6b0/0x6b0 [ 692.064431][T20849] ? __kasan_kmalloc+0x189/0x1c0 [ 692.069477][T20849] ? __kmalloc_track_caller+0x20e/0x2c0 [ 692.075891][T20849] ? vfs_get_tree+0x85/0x260 [ 692.080505][T20849] v9fs_session_init+0x208/0x1a00 [ 692.085533][T20849] ? v9fs_show_options+0x530/0x530 [ 692.090667][T20849] ? v9fs_mount+0x5c/0x790 [ 692.095206][T20849] ? kmem_cache_alloc_trace+0xc3/0x290 [ 692.100672][T20849] ? legacy_init_fs_context+0x4d/0xc0 [ 692.106065][T20849] v9fs_mount+0x7f/0x790 [ 692.110338][T20849] ? cap_capable+0x23f/0x280 [ 692.114926][T20849] legacy_get_tree+0xde/0x170 [ 692.119625][T20849] ? iterate_incfs_dir+0x370/0x370 [ 692.124770][T20849] vfs_get_tree+0x85/0x260 [ 692.130248][T20849] do_mount+0x18ab/0x2660 [ 692.134573][T20849] ? copy_mount_string+0x30/0x30 [ 692.139504][T20849] ? page_fault+0x2f/0x40 [ 692.143839][T20849] ? copy_mount_options+0x1e8/0x320 [ 692.152088][T20849] ? copy_mount_options+0x293/0x320 [ 692.157378][T20849] ksys_mount+0xc2/0xf0 [ 692.161623][T20849] __x64_sys_mount+0xb1/0xc0 [ 692.167561][T20849] do_syscall_64+0xcb/0x150 [ 692.172088][T20849] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 692.179868][T20849] RIP: 0033:0x45e219 [ 692.185789][T20849] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 692.205527][T20849] RSP: 002b:00007fa6aaf00c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 692.214733][T20849] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 692.223175][T20849] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 09:06:56 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x8cffffff00000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:56 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='tran,=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 692.233522][T20849] RBP: 00007fa6aaf00ca0 R08: 0000000020000580 R09: 0000000000000000 [ 692.241957][T20849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000010 [ 692.250471][T20849] R13: 00007fff6d55824f R14: 00007fa6aaf019c0 R15: 000000000119c034 09:06:56 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$key(0xf, 0x3, 0x2) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f00000002c0)="e3593aaba098cfa13c8d7d330000e19c11082fd63279c6234adef0318202a64898ef60c135b97b1d805fcee5c1ecbb270e135755d4f0497b17e0752c64555e737decca2c84a4f8329c8943af5f83ae07ffc1b251895825e65039c9ed793293e0ef150655", 0x64}], 0x1, 0x0) setreuid(0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000340)={{{@in6=@initdev={0xfe, 0x88, [], 0x0, 0x0}, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x4e20, 0x9, 0x4e22, 0xfffd, 0xa, 0x80, 0x80, 0x1d}, {0x9, 0x1, 0xe7, 0x80000001, 0x40, 0x2, 0x5, 0x9}, {0x9, 0x100000001, 0x100, 0x8000}, 0xa000, 0x6e6bb7, 0x2, 0x1, 0x3}, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x4d6, 0x3c}, 0x2, @in6=@mcast2, 0x3502, 0x4, 0x1, 0x81, 0xada, 0x7ff, 0x80000000}}, 0xe8) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r3 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r4 = creat(&(0x7f0000000140)='./bus\x00', 0x0) r5 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ashmem\x00', 0x101100, 0x0) fcntl$setstatus(r5, 0x4, 0x42400) lseek(r4, 0x80000004201, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) sendfile(r4, 0xffffffffffffffff, 0x0, 0x8400fffffffb) sendfile(r3, r3, 0x0, 0x8080ffffff7e) 09:06:56 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000019, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:56 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x8cffffff, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:56 executing program 4 (fault-call:7 fault-nth:17): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 692.743388][T20874] FAULT_INJECTION: forcing a failure. [ 692.743388][T20874] name failslab, interval 1, probability 0, space 0, times 0 [ 692.756832][T20874] CPU: 1 PID: 20874 Comm: syz-executor.4 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 692.768153][T20874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 692.779577][T20874] Call Trace: [ 692.782867][T20874] dump_stack+0x1dd/0x24e [ 692.787190][T20874] ? devkmsg_release+0x11c/0x11c [ 692.792121][T20874] ? show_regs_print_info+0x12/0x12 [ 692.797303][T20874] should_fail+0x6fb/0x860 [ 692.801823][T20874] ? setup_fault_attr+0x3d0/0x3d0 [ 692.806892][T20874] ? p9_fcall_init+0x117/0x200 [ 692.811747][T20874] should_failslab+0x5/0x20 [ 692.816234][T20874] __kmalloc+0x5f/0x2d0 [ 692.820512][T20874] ? p9_fcall_init+0x117/0x200 [ 692.825279][T20874] p9_fcall_init+0x117/0x200 [ 692.829952][T20874] p9_client_prepare_req+0x159/0x7e0 [ 692.835250][T20874] ? p9_client_create+0x81b/0xb90 [ 692.840254][T20874] ? v9fs_session_init+0x208/0x1a00 [ 692.845461][T20874] p9_client_rpc+0x12c/0xb80 [ 692.850037][T20874] ? _raw_spin_lock_irqsave+0xf8/0x210 [ 692.855492][T20874] ? p9_fid_create+0x260/0x260 [ 692.860234][T20874] ? __fget+0x37c/0x3c0 [ 692.864379][T20874] ? add_wait_queue+0x77/0x130 [ 692.869728][T20874] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 692.875529][T20874] p9_client_version+0x183/0x700 [ 692.880715][T20874] ? p9_conn_create+0x4a6/0x520 [ 692.885560][T20874] ? p9_fd_create+0x391/0x480 [ 692.890233][T20874] ? p9_client_create+0xb90/0xb90 [ 692.895581][T20874] ? p9_fd_create_unix+0x470/0x470 [ 692.900691][T20874] ? __kmalloc_track_caller+0x20e/0x2c0 [ 692.906850][T20874] ? kmemdup_nul+0x42/0xa0 [ 692.911591][T20874] p9_client_create+0x8e5/0xb90 [ 692.916470][T20874] ? p9_parse_header+0x6b0/0x6b0 [ 692.921383][T20874] ? __kasan_kmalloc+0x189/0x1c0 [ 692.926320][T20874] ? __kmalloc_track_caller+0x20e/0x2c0 [ 692.933602][T20874] ? vfs_get_tree+0x85/0x260 [ 692.938281][T20874] v9fs_session_init+0x208/0x1a00 [ 692.943337][T20874] ? v9fs_show_options+0x530/0x530 [ 692.948780][T20874] ? v9fs_mount+0x5c/0x790 [ 692.954482][T20874] ? kmem_cache_alloc_trace+0xc3/0x290 [ 692.960017][T20874] ? legacy_init_fs_context+0x4d/0xc0 [ 692.965516][T20874] v9fs_mount+0x7f/0x790 [ 692.970359][T20874] ? cap_capable+0x23f/0x280 [ 692.975119][T20874] legacy_get_tree+0xde/0x170 [ 692.980193][T20874] ? iterate_incfs_dir+0x370/0x370 [ 692.985705][T20874] vfs_get_tree+0x85/0x260 [ 692.990115][T20874] do_mount+0x18ab/0x2660 [ 692.994706][T20874] ? copy_mount_string+0x30/0x30 [ 692.999634][T20874] ? page_fault+0x2f/0x40 [ 693.003945][T20874] ? copy_mount_options+0x1e8/0x320 [ 693.009126][T20874] ? copy_mount_options+0x293/0x320 [ 693.014316][T20874] ksys_mount+0xc2/0xf0 [ 693.018452][T20874] __x64_sys_mount+0xb1/0xc0 [ 693.023195][T20874] do_syscall_64+0xcb/0x150 [ 693.027953][T20874] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 693.034847][T20874] RIP: 0033:0x45e219 [ 693.039373][T20874] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 693.059571][T20874] RSP: 002b:00007fa6aaf00c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 693.068014][T20874] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 693.076088][T20874] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 693.085004][T20874] RBP: 00007fa6aaf00ca0 R08: 0000000020000580 R09: 0000000000000000 [ 693.092967][T20874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000011 [ 693.101068][T20874] R13: 00007fff6d55824f R14: 00007fa6aaf019c0 R15: 000000000119c034 09:06:57 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xf6ffffff00000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:57 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='tranI=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:57 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x1500001a, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:57 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xc0ed0000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:57 executing program 4 (fault-call:7 fault-nth:18): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 693.584256][T20902] FAULT_INJECTION: forcing a failure. [ 693.584256][T20902] name failslab, interval 1, probability 0, space 0, times 0 [ 693.597089][T20902] CPU: 0 PID: 20902 Comm: syz-executor.4 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 693.607862][T20902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 693.618335][T20902] Call Trace: [ 693.621742][T20902] dump_stack+0x1dd/0x24e [ 693.626078][T20902] ? devkmsg_release+0x11c/0x11c [ 693.630997][T20902] ? stack_trace_save+0x120/0x1f0 [ 693.636539][T20902] ? show_regs_print_info+0x12/0x12 [ 693.641747][T20902] ? stack_trace_snprint+0x150/0x150 [ 693.647023][T20902] ? preempt_count_add+0x66/0x150 [ 693.652046][T20902] ? unwind_next_frame+0x1aa9/0x1f30 [ 693.657311][T20902] should_fail+0x6fb/0x860 [ 693.661733][T20902] ? setup_fault_attr+0x3d0/0x3d0 [ 693.667185][T20902] ? __kmalloc+0xe7/0x2d0 [ 693.671529][T20902] ? p9_fcall_init+0x117/0x200 [ 693.676309][T20902] ? p9_client_prepare_req+0x159/0x7e0 [ 693.681782][T20902] ? p9_client_rpc+0x12c/0xb80 [ 693.686540][T20902] ? p9_client_version+0x183/0x700 [ 693.691655][T20902] ? v9fs_session_init+0x208/0x1a00 [ 693.696828][T20902] ? v9fs_mount+0x7f/0x790 [ 693.701222][T20902] ? legacy_get_tree+0xde/0x170 [ 693.706062][T20902] ? vfs_get_tree+0x85/0x260 [ 693.710627][T20902] ? do_mount+0x18ab/0x2660 [ 693.715229][T20902] ? radix_tree_node_alloc+0x194/0x3a0 [ 693.720698][T20902] should_failslab+0x5/0x20 [ 693.725212][T20902] kmem_cache_alloc+0x36/0x270 [ 693.730010][T20902] radix_tree_node_alloc+0x194/0x3a0 [ 693.735428][T20902] idr_get_free+0x2aa/0x880 [ 693.740337][T20902] idr_alloc+0x19f/0x300 [ 693.744595][T20902] ? debug_smp_processor_id+0x20/0x20 [ 693.750070][T20902] ? idr_alloc_u32+0x300/0x300 [ 693.754817][T20902] ? _raw_spin_lock_irq+0xa4/0x1b0 [ 693.761203][T20902] ? __radix_tree_preload+0x2c5/0x310 [ 693.766646][T20902] p9_client_prepare_req+0x396/0x7e0 [ 693.772051][T20902] ? p9_client_create+0x81b/0xb90 [ 693.777058][T20902] ? v9fs_session_init+0x208/0x1a00 [ 693.782239][T20902] p9_client_rpc+0x12c/0xb80 [ 693.786812][T20902] ? _raw_spin_lock_irqsave+0xf8/0x210 [ 693.792266][T20902] ? p9_fid_create+0x260/0x260 [ 693.797023][T20902] ? __fget+0x37c/0x3c0 [ 693.801168][T20902] ? add_wait_queue+0x77/0x130 [ 693.805931][T20902] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 693.811748][T20902] p9_client_version+0x183/0x700 [ 693.816791][T20902] ? p9_conn_create+0x4a6/0x520 [ 693.821650][T20902] ? p9_fd_create+0x391/0x480 [ 693.826319][T20902] ? p9_client_create+0xb90/0xb90 [ 693.832123][T20902] ? p9_fd_create_unix+0x470/0x470 [ 693.837230][T20902] ? __kmalloc_track_caller+0x20e/0x2c0 [ 693.843771][T20902] ? kmemdup_nul+0x42/0xa0 [ 693.848164][T20902] p9_client_create+0x8e5/0xb90 [ 693.852997][T20902] ? p9_parse_header+0x6b0/0x6b0 [ 693.858026][T20902] ? __kasan_kmalloc+0x189/0x1c0 [ 693.863264][T20902] ? __kmalloc_track_caller+0x20e/0x2c0 [ 693.868801][T20902] ? vfs_get_tree+0x85/0x260 [ 693.873371][T20902] v9fs_session_init+0x208/0x1a00 [ 693.878396][T20902] ? v9fs_show_options+0x530/0x530 [ 693.883705][T20902] ? v9fs_mount+0x5c/0x790 [ 693.888305][T20902] ? kmem_cache_alloc_trace+0xc3/0x290 [ 693.894397][T20902] ? legacy_init_fs_context+0x4d/0xc0 [ 693.900030][T20902] v9fs_mount+0x7f/0x790 [ 693.904313][T20902] ? cap_capable+0x23f/0x280 [ 693.908892][T20902] legacy_get_tree+0xde/0x170 [ 693.913554][T20902] ? iterate_incfs_dir+0x370/0x370 [ 693.918697][T20902] vfs_get_tree+0x85/0x260 [ 693.923111][T20902] do_mount+0x18ab/0x2660 [ 693.927418][T20902] ? copy_mount_string+0x30/0x30 [ 693.932399][T20902] ? page_fault+0x2f/0x40 [ 693.938801][T20902] ? copy_mount_options+0x1e8/0x320 [ 693.943996][T20902] ? copy_mount_options+0x293/0x320 [ 693.949330][T20902] ksys_mount+0xc2/0xf0 [ 693.953597][T20902] __x64_sys_mount+0xb1/0xc0 [ 693.958303][T20902] do_syscall_64+0xcb/0x150 [ 693.962808][T20902] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 693.968721][T20902] RIP: 0033:0x45e219 [ 693.972594][T20902] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 693.992460][T20902] RSP: 002b:00007fa6aaf00c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 694.000882][T20902] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 694.008879][T20902] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 694.017136][T20902] RBP: 00007fa6aaf00ca0 R08: 0000000020000580 R09: 0000000000000000 [ 694.025176][T20902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000012 09:06:58 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xfeffffff00000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:58 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x1500001b, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 694.033135][T20902] R13: 00007fff6d55824f R14: 00007fa6aaf019c0 R15: 000000000119c034 09:06:58 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) getrlimit(0x7, &(0x7f0000000200)) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) prlimit64(r0, 0x7, &(0x7f0000000100)={0xbd, 0x2}, &(0x7f0000000180)) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x2}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r5, r7, 0x0, 0x3f) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:58 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='tranQ=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:58 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xf6ffffff, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:58 executing program 4 (fault-call:7 fault-nth:19): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:58 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x1500001c, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 694.432596][T20938] FAULT_INJECTION: forcing a failure. [ 694.432596][T20938] name failslab, interval 1, probability 0, space 0, times 0 [ 694.445208][T20938] CPU: 1 PID: 20938 Comm: syz-executor.4 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 694.455429][T20938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 694.465552][T20938] Call Trace: [ 694.468937][T20938] dump_stack+0x1dd/0x24e [ 694.473260][T20938] ? devkmsg_release+0x11c/0x11c [ 694.478698][T20938] ? show_regs_print_info+0x12/0x12 [ 694.486938][T20938] should_fail+0x6fb/0x860 [ 694.491350][T20938] ? setup_fault_attr+0x3d0/0x3d0 [ 694.496367][T20938] ? do_mount+0x18ab/0x2660 [ 694.501175][T20938] ? radix_tree_node_alloc+0x194/0x3a0 [ 694.506640][T20938] should_failslab+0x5/0x20 [ 694.511144][T20938] kmem_cache_alloc+0x36/0x270 [ 694.516000][T20938] radix_tree_node_alloc+0x194/0x3a0 [ 694.521285][T20938] idr_get_free+0x2aa/0x880 [ 694.525773][T20938] idr_alloc+0x19f/0x300 [ 694.530020][T20938] ? debug_smp_processor_id+0x20/0x20 [ 694.535498][T20938] ? idr_alloc_u32+0x300/0x300 [ 694.540484][T20938] ? _raw_spin_lock_irq+0xa4/0x1b0 [ 694.545676][T20938] ? __radix_tree_preload+0x2c5/0x310 [ 694.551749][T20938] p9_client_prepare_req+0x396/0x7e0 [ 694.557987][T20938] ? p9_client_create+0x81b/0xb90 [ 694.563342][T20938] ? v9fs_session_init+0x208/0x1a00 [ 694.569067][T20938] p9_client_rpc+0x12c/0xb80 [ 694.573696][T20938] ? _raw_spin_lock_irqsave+0xf8/0x210 [ 694.579380][T20938] ? p9_fid_create+0x260/0x260 [ 694.584485][T20938] ? __fget+0x37c/0x3c0 [ 694.588653][T20938] ? add_wait_queue+0x77/0x130 [ 694.593396][T20938] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 694.599188][T20938] p9_client_version+0x183/0x700 [ 694.605684][T20938] ? p9_conn_create+0x4a6/0x520 [ 694.610632][T20938] ? p9_fd_create+0x391/0x480 [ 694.615297][T20938] ? p9_client_create+0xb90/0xb90 [ 694.620309][T20938] ? p9_fd_create_unix+0x470/0x470 [ 694.625411][T20938] ? __kmalloc_track_caller+0x20e/0x2c0 [ 694.630955][T20938] ? kmemdup_nul+0x42/0xa0 [ 694.635361][T20938] p9_client_create+0x8e5/0xb90 [ 694.640191][T20938] ? p9_parse_header+0x6b0/0x6b0 [ 694.645102][T20938] ? __kasan_kmalloc+0x189/0x1c0 [ 694.650013][T20938] ? __kmalloc_track_caller+0x20e/0x2c0 [ 694.655541][T20938] ? vfs_get_tree+0x85/0x260 [ 694.660130][T20938] v9fs_session_init+0x208/0x1a00 [ 694.665237][T20938] ? v9fs_show_options+0x530/0x530 [ 694.672033][T20938] ? v9fs_mount+0x5c/0x790 [ 694.676426][T20938] ? v9fs_mount+0x5c/0x790 [ 694.680826][T20938] ? kmem_cache_alloc_trace+0xc3/0x290 [ 694.686309][T20938] v9fs_mount+0x7f/0x790 [ 694.690546][T20938] ? cap_capable+0x23f/0x280 [ 694.695130][T20938] legacy_get_tree+0xde/0x170 [ 694.699927][T20938] ? iterate_incfs_dir+0x370/0x370 [ 694.705822][T20938] vfs_get_tree+0x85/0x260 [ 694.710259][T20938] do_mount+0x18ab/0x2660 [ 694.714577][T20938] ? copy_mount_string+0x30/0x30 [ 694.721036][T20938] ? page_fault+0x2f/0x40 [ 694.725701][T20938] ? copy_mount_options+0x1e8/0x320 [ 694.731303][T20938] ? copy_mount_options+0x293/0x320 [ 694.737278][T20938] ksys_mount+0xc2/0xf0 [ 694.741723][T20938] __x64_sys_mount+0xb1/0xc0 [ 694.746686][T20938] do_syscall_64+0xcb/0x150 [ 694.751526][T20938] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 694.757406][T20938] RIP: 0033:0x45e219 [ 694.761286][T20938] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 694.780871][T20938] RSP: 002b:00007fa6aaf00c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 694.789269][T20938] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 694.797227][T20938] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 694.805571][T20938] RBP: 00007fa6aaf00ca0 R08: 0000000020000580 R09: 0000000000000000 [ 694.813757][T20938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 694.821723][T20938] R13: 00007fff6d55824f R14: 00007fa6aaf019c0 R15: 000000000119c034 09:06:59 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='tranR=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:59 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xffff000000000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:59 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x1500001d, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:59 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f00000002c0)={0x38, 0x0, 0x0, 0x2, 0x5, 0x0, 0x801, 0x80001, 0x0, 0xfffffffc}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000340)="304bf986cc9c39b3eb333f615c1b1cf1d817c8ff11a4ad76730b369be31c83582edc39edf2ced7bfb1a1425379bf319e6b87d1fdff229d30873d46ea7a7ed0a5ba0d6561a9b91e26b3223a30ff7cd90be06debbc66c3e3a4b4575b224a330294483e06966afa8f6c9a3c8b4affb4c01526836d736103fe532e819d37592964c0d88a039ae6a314", 0x87}, {&(0x7f0000000500)="b4f2aca9e9a0c4fff868275574505761135ccff1cf143d9bab6f38017f9d392998d597d86ce72962603b8c9fb360dfd9291972eba47d0672c2b2a14c47d7b2c80bc17d337bb0d6485d1bab76b5507bf255047c66612675e618b7e3879b8a457149a2ba3a31ec5cd1c320e66ea61297da808539618615a5c0abf19c9ae8122841cd07992e62759c3aac5b6b230a7c2c5e603dca547c69b9f2b1082a8c7be9f3155f7f6afd06da47cd078e13b9e053df19cf61369c", 0xb4}, {&(0x7f00000006c0)="f641485c8b4aa17d3e140109af2e1b6177c1e1be1794b6aefdc8e0809925f16f8065d7de8152cf6b9a4d1197a762fcc3d1e407242ea686554cdc0a98e7ddae168fa70e68ac59a011e21b194c9daa5743f0b27a45f75a2a695a9dfd72598c9802c7bcd22c4cc543d82e3ca357b2e8f14dd0af4059d74cc6ef47a48c5987a5c51fe311e8c9408ad5c0c1aae90437175de70fe0e6ada5ed7e1ebe172f88f25fdc70ad68e8f2897852220e4074d8f1db19bd3801a32fdc2fa5b1b47e8e9ba91d20234df7ab198ced495c2130cbca9f0772179505b3552feeaa7d6e726e8f160339c15e4d4ca610906e2e64a8cdef71cdd0bcbe4f8d0aa80253addddc1b00588ad56f76453e9ffc18ca267d5a02ce5f5d8525d0e36637801a5886ca0d07dcc2365e675afd8d7df8ca80e9ee5e25fb9c8bfe08377f777b8cf8c6dba235312e1a0090d8fcbfd7d6fced582898a055c9c9864935e88da63105dde0de57cc95981c426465a8525c34641e0e4da38b9d794b646d05ee84229610f07a9a335087d6594631305466193ae944e6037a92a441199ccc488d5773ebc793b9565df9031368f7f0e8eaa9c68ac129f732d2b1c4d9719223dc69168f3e66dacfb3356a1065a80518b468a839a4ae7a68ce4a8a1666089147828489834bcceccd23853aa2b66e1c0ee4da48a7ff9d07a073892ff0a20ac7da811f79f8c35b600c6083692434519843b7d4763314a53348c4f68096553145e6a632972bac460eb0a4a602946354740245d1c27f012092439954d1a6353e37d39814b669b08775f7de4a2c287a780545f0ba3faa03f675ebdb3a22a02e34f4475de08bd390b74fcd71f7f9d6f1e154823f7630e9327ba75a1ff259d545c637a4db26891074c81bcd0b15840b379f3dd4ed6bc562a4e9e05c14e845e82f39550a03145c8a47e0709a33df852b8b1ec7b25bef9bbf204468a59c717745a1bdc03ae09b65efbee5eb9251d0d0231d660995eb983b43db04a9b2fef0d8c1c24e9953e864a80211f0756aaf73d6e39d0ccdb02a946c52c3d6a1ad8fcd6f3ed9cecc031ec5c0f54ced1b255e8ab9b7e202e73788ea086b823bae831aa1f742160f6a557cb877a50f434be4fd43841b40735268339ddeb0b89a906ad1d572cc346bc78c984b8517afefca10b10cc260bd3978f932e5605c7941f6a35b86171b9a4849c20440474952064a23c9b85522f8b80964bea31e2bcfa981754accfac8364e66795223dd676a4cd32d242dfa35987c259fffd9b407083e4804bb693b7fa7c29d460b6de240ef9cafbbff4a19730230ca2e07c3ec338634399832d3354ff41167fd9ae996ccc4fd2547fc68070f62e32226e332f89954dcf33835dd6e4a6e82d30f836fbbd254cc7f44e64f78af1b0980c9a84f7de3eb55d778e5421717fd39d9163d8207571a5790f70b88d082a7d1beb5eec88c4bb675e44ef80f4e93297525c4a09f7946d25c0a61b885b15dea1c281fbe24f11c5489ab1a2e8859eb24d2bad4ecbc20297ca568b3f00c77283b507aac67e0f285b4b6903d9ae0fc656b8414fa18acde24b8da4d5626c5ab4b6d328b00967a735cef864f0f1a494fab543e9eaf9655cecb71dd59261b4d605e1dab51ac4b15a2de87fd8f6d81f6d33074d050bdb3b543658f7d36264ee892b5f8ad078e004b17e63764888bf621ea47a8f778270e92967dead602ab902baa26304893a773cbd3c8476c57443a553e4cd69988fe4c6d436d616fa9ff4eb9e8a5e9ab56c17a49d260bc3429932c2c37a7e9701383de05dac4c45bef0b586a6da336c5ec3505d842279b82fc2c6882cd7140680c9f5153b74a30a208361fc8336bf9330b115ddce2554b7c0f0952914674ab837011836726030cc9f35b8d056cf6f8f182e568590fe4001e52f780604b51f70854987128d63f72d0dcefc75398de6753bb9ce42018605f665d68f81e07c15bd78808b80e2082a03b6a4c529f658f1fa6a7d24d7405866602482bfb8d1a94cae537e9f7d02c51ce520d40794457916aecca82a31312bda6852091ac66042dfd416f0cce48956aed828852434c43e300b25b36cb2dbd66276c4b4c788af4e07597c2e6ca51323d151b997b71348bd7c9fb3887d800744baca97465688a398f6787f1622e5d8ac1fd6bf028de45a039d8b39e1a47ca3860f9fdf422df8db962b49dc2871e9ca50724c0c9f99570922f55638eefd24aed0c2623db3e138d12a2edcd438f8018af3621cac0f658ca41617d2b4d1860004a1258e441d89ea41c692fd107bf6870b0293c90155d7f51e3f322b5be4260fd738cb5571ed4ff16e7c2548d175c3b5e67eabd6ac816eda97cf1de83f6462caa2b740c4c5599d4ab8a8961d97a948f6e9e822bceb5393773b656e544919fcae955e1085f8fa82176a9c2157ee7e22e8137cb98f4dc475657b1715f8941068641a585f03c91a29b92f897219f62f18c99f92f448092679ad8e8118bc6430efb6c30ba3ba4891b72456400a719b9ec3d1c6603c9e2cfc24dfb3f323d6f15f2ad4643c12686f6e749c98d483150dbadacdd482237fca9844d89b4eaab48443652f165ed737c04034fd4bc68c9dd61db5c15b74e7cd0222af7fc32fc4e448ebdd852796b6b4b5eec228f722ad290af2b1e3ac50e6d48ef99430b47532f1b060d98aa974bab38bd7edf4dc3235c2e5510961848a32fbd8e3d9c3282e0f55f9e74381eb3b367cc731ba7341e27754e9479ae52ad373d00a7e29e40a1837ae4bfe3ed9e529ea07dc6359982c4ad5f39dd03c7a028c8b1e54e57fcba551116d01bcb0347e19732f65cd4665e190c48e891fa15a7c445c05b89e4410022173ec972af6691205f318cac8ef5b56db3f6c3b03ade28befe0c49e50360c9d6ceed719c5c0050d90c88ea747c2952283d73ac7be33b42b03044aed83a338dac8dfa8d86a6db6a446f8e8249210e416a29816d2f0f87852f7a080cf87638dbab866402653adcd16164f8f0358bb4318c9a8340a6bd1b621476d75c733c32c2c94add71abf6f6569bbf0c616bce27fd6efcf0f1a325a93db1bc0c753252ee717d1887eb1e275a83246fc60afba2caafd470ae38ee1e8de755d57d27c2cbe5e9969b53c267f57af864061c7fd94686bbaad15482a427539dc78e2fb6da45877c76e7631d7c3d013a2ddd20cfb94d6ee37ca99e2d2d56296b319e01fa0c4a7ee24ff7903f2ebea5401bd09115f45d90cc8984f1b95d011d04144b2ee7c6e302ab0b53f788627a233409c75d9cf107790a8beb4dd454cbde381b71016532cbd3dac388c6b5b20225e0c7a16dd65073cc2c25ce2d5d7f123fd49988ef21eae3faf753f5f0c47b2a7bb73f6a1f92286abc9ddb529f1defa25642d42a46c8b38387f463c90a993253035e243afdce43bd06bf0afa9ab81e57d43e79d2bbb5e6b858dbe719443528f5160f2b243910798126abda47f6e9c67b3d12d2a03fe935f39efdab22b43cf6c7710653c120dc14e45a5813682c02ee852f3f07d24f0c191c52ce0ed9ed5b8f3cd1ebe973c7ec35ba934aa0d216b82d135549dd5c9bae0d5680f0c472093ca26675dd1e986b7515b47e9c0ac54524b8dc11527859d139f8929e314f0468b19c4aa070a3b4c9f41c5f66c7596a8dd48c2a1b4cfdbaacacf3edc1ce1ba1bc68a05812c0cf4d675e399829ede70c7058b0c7a9ea2687fcf6ba9274ee4363989f0ce5a45f34cb159cb0df9867ab4ab9a1fe5a523ab64cb305958833926bc8c43c7aeff22f4f5d15ba45dcd6af31d775867d6e96b48f68e9d508774ab34d0587215ef9c218ad085504d6f5fac20468867444af7a468a34313187b25cd1313e4a5b23a34c9e76cb917574e9252a972f635afa1129867d2a1d931947a623a2f0d9d7f9e5dbcbfe1334badb401ac0caffcb9080397a83a8f5e9fa3e232c116227bd34e088967ab9a4679651d805556072aaf75b2f4dcab29cc02d40fb9d15375d87ac1932d5765994d9aa7f7e4e4903a4870cd8f0e768ffd36ba439a4dcdcaebd8809128d64482a1e8a66fa61d03d77b9cfe9becac3445fd14874a8b87b78e4774b9f165507c5bab89df0544a5efe73351cf5a02aeab9ab62b2db7fb28ba4baa2d21c1c228f5b0214e8a50c0e92be7eb99c180759270ea150c2478519b79937f88d2888a24f5e56fd3e3a49d4a36f827a6306349ece5ca19d293fe8d0ec4eb8f52d029ec067bab0a9c6599b434f3724d15c39fe79e521c9bc9444f9fcdd89f3a2c896aefe704dc17af861511f07b11e3da9f82ece24559ebac81a73331b01d90f34f3869749a5a7e106637b65cf0658591083b01d9a691bf88d9c8aefd5b17714afa1becd36a08bd278d5129b53b07d646076314972dc48a8a0f2c7d14d5c23f1ff1749aadbd1dcc7bfa05fcdee7caec576b51c68d742a5c5cd97bc7a5295af80f6714f33a7e2dcca475d282754853d2a9b047b27a87f1f8cf19583f37cae03dbe6b840419a8e6e7556cf3be67ae50f48775e46376e8d16aec0dc92cddcad603b213d701a19f75b09aefcdfae069ea6a8503eef328c76e552f3f8ccbdc3e7d21a196fecd9fe0227b639da1f8138989871962c5df1fb1d0664ae5be2ced6bb00e80dd728f0a9347ede77d921cfab0e606928450445b200b5aa5000d99bd254b7a65f08f2f1e6d15df3be9f0f6ef6206a608379a300ddd3d9d8128d16d7360145a2b53426fcbb1035ad6e0286af196de0da6fa9b3e853b4cba966911cb9bff6a1573b5a5b0d1470ef7d637c33e191175bef818051c42d84c6c6c1fec48bde51a46bf9563db3e290e60c5b1e6fc2cfb2075a7852a19dfe597e9df88759c63c8ce2c5d6b537519d0114f8367114d13d80528ae8bea828a99a61d919907317c229a2975189ecaa7f99aba015ba3d630b54673025e007345e78c8a47d57b45a27ea15f2476793f7f8472e834348432abc371def0fba9ad692a964da91b98daa25f33a6a8db24eed4dfd32ee09ba69748d54749d01153050ff4b844125fcf2d869e307ee91b1e754a309fdf4e499d57d0b54cf1aac93a6c04d886f8733a770fcbcae159862223a0abb8e7ca032add1650f5bd2a2dcb3ae0c1e85cdc9f168fe63380d0fa8701ea72335142fc30ab7b0236bdd344b4f6a287f62b32bb897d6af4ee36b2790e207179a69d465cc2a3c63939236aab5efaa73d81dfe8973a9e50d457347c7b6fc3720d83e892cf6720b23ac77baf0433b08ffa92de6aab5ebfe43612e607152a1316984f986612179795d619471ee184c6ef1c3ec245e7938d1358ff8bbd55ea27514ae163b430f02a67e09df6514b1f6c28f3c7718d31f19c73bbfd8bf1203a74ffc3564001fbaa9cd9f0790353bb2c9d4e9bd7b63acf2ca9c884622ee8f95da712f4a475b54333d05abf876108b572c80e374ca895cf0ecb0579965dd6ee98a996da4c2753ea9615328a994541fabc4c0133528c1f32bfb147ca7201043e07905a457409c6344a21338aa72997638ed75635a23ebbf7fc3e452837822839353415b0f51c0a6ea58a744a56e4ecbaa098508f56d43ad785940149a94d7d95fe916a62ee952abf7762f9527b353223660af1f748c093292888ec4e3a318112c9d9715141a1d630d311edfd479894ff3d2f2f59608bf4c221f3d043cb338dde86e8a22d453d331b997a793044200154eb04312120894d83b975b6cbb96c22beb672d142c3e8b100a912d99783f2b4afbc25077a6cfc6d9394a1de4623032cc8d3bb57e69562704c1ad0800939b891eb475e1a58ec310ffd28af260d2e38c02d2bfc078dcbc", 0x1000}, {&(0x7f00000005c0)="3930db13d082cc7ea42470ff4e274fd062effe4e9dcfbfad5e12ae61335ab0fce6658909fc95ad44f5aa55a3a3c5de894194eba28d798807e9d5c9066321dfa31899615dd7473d3027fa02a897c147da91c8a3005384e62ecd4390c483eae3e0262ba524f56779b6139722c4b3b61c9d607592cd34c2fc935507d25589bbcd3d4938b22fc0d7646196c61778c745d5fbe4e06dc23fa01a32faea8d5f6b6e8b76", 0xa0}], 0x4, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x4, 0x3}, 0x0) r4 = open(&(0x7f0000000100)='./bus\x00', 0x40042, 0x10) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)) sendmsg$key(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001840)=ANY=[@ANYBLOB="021840022c0000002dbd7000fddbdf250800120003000300000000000100000006003c00030700001f0000000000000020010000000000000000000000000000fc020000000000000000000000000001020013008100000025bd7000ff3400000b00080050020000512ed475d4dc35858b4083da3a57b9d1f165a22ea2952bba2ed70e8e6327f13318c6fbf8d84e12d30bd28e4bf8dfcd53d1a82cafffe24d2775cb56b7d8fe0000000000001300080050040000236bf174dbe927f8acda0c9be4e4796f6e9622b6fb8ef3a05ebd23b6c0adff168507c2e58ef7db2ef6ce66917d4b61a201cc70f80e44e1319dcd8697ffc23a672ee5e76a7e5d19fb6eff8c79f857eafd4fd448aae87eccf2793b3d8cba3c63b97d8de49c3ca36dbedd126505b0eab6825760b6e6a3810d282ec118a8ba7b18502c88cee24d27bfaadf6f000000000000020010b1104b1a7fd38c769b79faf3dcd1e200000004d6000004d300"/367], 0x160}}, 0x20040000) io_submit(0x0, 0x2, &(0x7f0000000300)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x8, 0xfff, r3, &(0x7f0000000040)="55c9c259e7fab9d1bda500ccd193b0c9", 0x10, 0x6, 0x0, 0x2, r4}, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x2, 0x6, 0xffffffffffffffff, &(0x7f0000000180)="6f0d44f8efe2ee36f126e8f8a67fa34a8a564b4465a6ec02f04407639353c16b4530a1877dd5", 0x26, 0x0, 0x0, 0x0, r3}]) r6 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r6, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:06:59 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xfeffffff, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:59 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x1500001e, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:59 executing program 4 (fault-call:7 fault-nth:20): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 695.282708][T20974] FAULT_INJECTION: forcing a failure. [ 695.282708][T20974] name failslab, interval 1, probability 0, space 0, times 0 [ 695.295517][T20974] CPU: 1 PID: 20974 Comm: syz-executor.4 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 695.306797][T20974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 695.316935][T20974] Call Trace: [ 695.320220][T20974] dump_stack+0x1dd/0x24e [ 695.324640][T20974] ? devkmsg_release+0x11c/0x11c [ 695.329566][T20974] ? show_regs_print_info+0x12/0x12 [ 695.334753][T20974] should_fail+0x6fb/0x860 [ 695.339191][T20974] ? setup_fault_attr+0x3d0/0x3d0 [ 695.344331][T20974] ? do_mount+0x18ab/0x2660 [ 695.348816][T20974] ? radix_tree_node_alloc+0x194/0x3a0 [ 695.354349][T20974] should_failslab+0x5/0x20 [ 695.359318][T20974] kmem_cache_alloc+0x36/0x270 [ 695.364229][T20974] radix_tree_node_alloc+0x194/0x3a0 [ 695.369513][T20974] idr_get_free+0x2aa/0x880 [ 695.374025][T20974] idr_alloc+0x19f/0x300 [ 695.378256][T20974] ? debug_smp_processor_id+0x20/0x20 [ 695.383607][T20974] ? idr_alloc_u32+0x300/0x300 [ 695.388365][T20974] ? _raw_spin_lock_irq+0xa4/0x1b0 [ 695.393473][T20974] ? __radix_tree_preload+0x2c5/0x310 [ 695.398823][T20974] p9_client_prepare_req+0x396/0x7e0 [ 695.404269][T20974] ? p9_client_create+0x81b/0xb90 [ 695.409296][T20974] ? v9fs_session_init+0x208/0x1a00 [ 695.414575][T20974] p9_client_rpc+0x12c/0xb80 [ 695.419160][T20974] ? _raw_spin_lock_irqsave+0xf8/0x210 [ 695.424804][T20974] ? p9_fid_create+0x260/0x260 [ 695.429558][T20974] ? __fget+0x37c/0x3c0 [ 695.433698][T20974] ? add_wait_queue+0x77/0x130 [ 695.438492][T20974] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 695.444328][T20974] p9_client_version+0x183/0x700 [ 695.449261][T20974] ? p9_conn_create+0x4a6/0x520 [ 695.454095][T20974] ? p9_fd_create+0x391/0x480 [ 695.458764][T20974] ? p9_client_create+0xb90/0xb90 [ 695.463788][T20974] ? p9_fd_create_unix+0x470/0x470 [ 695.468900][T20974] ? __kmalloc_track_caller+0x20e/0x2c0 [ 695.474531][T20974] ? kmemdup_nul+0x42/0xa0 [ 695.478960][T20974] p9_client_create+0x8e5/0xb90 [ 695.483820][T20974] ? p9_parse_header+0x6b0/0x6b0 [ 695.488849][T20974] ? __kasan_kmalloc+0x189/0x1c0 [ 695.493782][T20974] ? __kmalloc_track_caller+0x20e/0x2c0 [ 695.499430][T20974] ? vfs_get_tree+0x85/0x260 [ 695.504025][T20974] v9fs_session_init+0x208/0x1a00 [ 695.510198][T20974] ? v9fs_show_options+0x530/0x530 [ 695.515758][T20974] ? v9fs_mount+0x5c/0x790 [ 695.520466][T20974] ? kmem_cache_alloc_trace+0xc3/0x290 [ 695.527419][T20974] ? legacy_init_fs_context+0x4d/0xc0 [ 695.532787][T20974] v9fs_mount+0x7f/0x790 [ 695.538065][T20974] ? cap_capable+0x23f/0x280 [ 695.542722][T20974] legacy_get_tree+0xde/0x170 [ 695.547385][T20974] ? iterate_incfs_dir+0x370/0x370 [ 695.552503][T20974] vfs_get_tree+0x85/0x260 [ 695.556923][T20974] do_mount+0x18ab/0x2660 [ 695.561394][T20974] ? copy_mount_string+0x30/0x30 [ 695.566318][T20974] ? page_fault+0x2f/0x40 [ 695.570648][T20974] ? copy_mount_options+0x1e8/0x320 [ 695.575831][T20974] ? copy_mount_options+0x293/0x320 [ 695.581051][T20974] ksys_mount+0xc2/0xf0 [ 695.585298][T20974] __x64_sys_mount+0xb1/0xc0 [ 695.589879][T20974] do_syscall_64+0xcb/0x150 [ 695.594370][T20974] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 695.600518][T20974] RIP: 0033:0x45e219 [ 695.604407][T20974] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 695.624613][T20974] RSP: 002b:00007fa6aaf00c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 695.634131][T20974] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 695.642176][T20974] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 695.650128][T20974] RBP: 00007fa6aaf00ca0 R08: 0000000020000580 R09: 0000000000000000 [ 695.658091][T20974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 695.666071][T20974] R13: 00007fff6d55824f R14: 00007fa6aaf019c0 R15: 000000000119c034 09:06:59 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='tranS=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:59 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xffffff7f00000000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:06:59 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000021, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:06:59 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x40000100, 0x2}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000100)={0x38, 0x1, 0x0, 0x2, 0x3, 0xfe00000000000000}, 0x0) r3 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r4 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x46000) lseek(r4, 0x4200, 0x0) r5 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r6, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r5, &(0x7f0000000000), 0x10000}]) r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r4, r7, 0x0, 0x8400fffffffb) sendfile(r3, r3, 0x0, 0x8080ffffff7e) 09:07:00 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xffff0000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:07:00 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000022, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:07:00 executing program 4 (fault-call:7 fault-nth:21): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 696.141666][T21007] FAULT_INJECTION: forcing a failure. [ 696.141666][T21007] name failslab, interval 1, probability 0, space 0, times 0 [ 696.154375][T21007] CPU: 0 PID: 21007 Comm: syz-executor.4 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 696.164721][T21007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 696.174824][T21007] Call Trace: [ 696.178118][T21007] dump_stack+0x1dd/0x24e [ 696.182446][T21007] ? devkmsg_release+0x11c/0x11c [ 696.187390][T21007] ? show_regs_print_info+0x12/0x12 [ 696.192590][T21007] should_fail+0x6fb/0x860 [ 696.197003][T21007] ? setup_fault_attr+0x3d0/0x3d0 [ 696.202046][T21007] ? p9_check_errors+0x583/0x8b0 [ 696.206984][T21007] ? p9pdu_readf+0x1d50/0x2d40 [ 696.211919][T21007] should_failslab+0x5/0x20 [ 696.216513][T21007] __kmalloc+0x5f/0x2d0 [ 696.220673][T21007] ? p9pdu_readf+0x14a7/0x2d40 [ 696.225431][T21007] p9pdu_readf+0x1d50/0x2d40 [ 696.230885][T21007] ? p9_client_rpc+0xa1a/0xb80 [ 696.235654][T21007] ? p9_check_errors+0x45c/0x8b0 [ 696.240585][T21007] ? p9pdu_writef+0x120/0x120 [ 696.245264][T21007] ? add_wait_queue+0x77/0x130 [ 696.250031][T21007] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 696.255927][T21007] p9_client_version+0x20b/0x700 [ 696.260868][T21007] ? p9_conn_create+0x4a6/0x520 [ 696.265726][T21007] ? p9_client_create+0xb90/0xb90 [ 696.270754][T21007] ? p9_fd_create_unix+0x470/0x470 [ 696.275870][T21007] ? __kmalloc_track_caller+0x20e/0x2c0 [ 696.281415][T21007] ? kmemdup_nul+0x42/0xa0 [ 696.285830][T21007] p9_client_create+0x8e5/0xb90 [ 696.290719][T21007] ? p9_parse_header+0x6b0/0x6b0 [ 696.295650][T21007] ? __kasan_kmalloc+0x189/0x1c0 [ 696.300592][T21007] ? __kmalloc_track_caller+0x20e/0x2c0 [ 696.306130][T21007] ? vfs_get_tree+0x85/0x260 [ 696.310721][T21007] v9fs_session_init+0x208/0x1a00 [ 696.315834][T21007] ? v9fs_show_options+0x530/0x530 [ 696.320977][T21007] ? v9fs_mount+0x5c/0x790 [ 696.325519][T21007] ? kmem_cache_alloc_trace+0xc3/0x290 [ 696.330969][T21007] ? legacy_init_fs_context+0x4d/0xc0 [ 696.336438][T21007] v9fs_mount+0x7f/0x790 [ 696.341334][T21007] ? cap_capable+0x23f/0x280 [ 696.345986][T21007] legacy_get_tree+0xde/0x170 [ 696.351469][T21007] ? iterate_incfs_dir+0x370/0x370 [ 696.357150][T21007] vfs_get_tree+0x85/0x260 [ 696.362248][T21007] do_mount+0x18ab/0x2660 [ 696.366575][T21007] ? copy_mount_string+0x30/0x30 [ 696.372069][T21007] ? page_fault+0x2f/0x40 [ 696.376398][T21007] ? copy_mount_options+0x1e8/0x320 [ 696.381596][T21007] ? copy_mount_options+0x293/0x320 [ 696.386795][T21007] ksys_mount+0xc2/0xf0 [ 696.390948][T21007] __x64_sys_mount+0xb1/0xc0 [ 696.395541][T21007] do_syscall_64+0xcb/0x150 [ 696.400143][T21007] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 696.406018][T21007] RIP: 0033:0x45e219 [ 696.409900][T21007] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 696.430477][T21007] RSP: 002b:00007fa6aaf00c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 696.438868][T21007] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 696.447691][T21007] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 696.456187][T21007] RBP: 00007fa6aaf00ca0 R08: 0000000020000580 R09: 0000000000000000 [ 696.464289][T21007] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 696.472294][T21007] R13: 00007fff6d55824f R14: 00007fa6aaf019c0 R15: 000000000119c034 09:07:00 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='tranT=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:07:00 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xffffffffffffff0f, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:07:00 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000023, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:07:00 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xfffffe00, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:07:00 executing program 3: prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x10000044, 0x0, 0x8005, 0x400000000, 0x0, 0x0, 0x0, 0x1}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3, 0x8001, 0x0, 0x9}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x6da85d284378782e, 0x100) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x18000, 0x0) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:07:00 executing program 4 (fault-call:7 fault-nth:22): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 696.990772][T21039] FAULT_INJECTION: forcing a failure. [ 696.990772][T21039] name failslab, interval 1, probability 0, space 0, times 0 [ 697.004181][T21039] CPU: 0 PID: 21039 Comm: syz-executor.4 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 697.015019][T21039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 697.025106][T21039] Call Trace: [ 697.028397][T21039] dump_stack+0x1dd/0x24e [ 697.032720][T21039] ? devkmsg_release+0x11c/0x11c [ 697.037740][T21039] ? show_regs_print_info+0x12/0x12 [ 697.042960][T21039] should_fail+0x6fb/0x860 [ 697.048275][T21039] ? setup_fault_attr+0x3d0/0x3d0 [ 697.053301][T21039] ? p9_check_errors+0x583/0x8b0 [ 697.058337][T21039] ? p9pdu_readf+0x1d50/0x2d40 [ 697.063099][T21039] should_failslab+0x5/0x20 [ 697.067590][T21039] __kmalloc+0x5f/0x2d0 [ 697.071741][T21039] ? p9pdu_readf+0x14a7/0x2d40 [ 697.076526][T21039] p9pdu_readf+0x1d50/0x2d40 [ 697.081136][T21039] ? p9_client_rpc+0xa1a/0xb80 [ 697.085896][T21039] ? p9_check_errors+0x45c/0x8b0 [ 697.090831][T21039] ? p9pdu_writef+0x120/0x120 [ 697.095487][T21039] ? add_wait_queue+0x77/0x130 [ 697.100250][T21039] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 697.106058][T21039] p9_client_version+0x20b/0x700 [ 697.110976][T21039] ? p9_conn_create+0x4a6/0x520 [ 697.115801][T21039] ? p9_client_create+0xb90/0xb90 [ 697.120804][T21039] ? p9_fd_create_unix+0x470/0x470 [ 697.125907][T21039] ? __kmalloc_track_caller+0x20e/0x2c0 [ 697.131445][T21039] ? kmemdup_nul+0x42/0xa0 [ 697.135856][T21039] p9_client_create+0x8e5/0xb90 [ 697.140725][T21039] ? p9_parse_header+0x6b0/0x6b0 [ 697.145658][T21039] ? __kasan_kmalloc+0x189/0x1c0 [ 697.150592][T21039] ? __kmalloc_track_caller+0x20e/0x2c0 [ 697.156146][T21039] ? vfs_get_tree+0x85/0x260 [ 697.160710][T21039] v9fs_session_init+0x208/0x1a00 [ 697.165719][T21039] ? v9fs_show_options+0x530/0x530 [ 697.170820][T21039] ? v9fs_mount+0x5c/0x790 [ 697.175266][T21039] ? kmem_cache_alloc_trace+0xc3/0x290 [ 697.180721][T21039] ? legacy_init_fs_context+0x4d/0xc0 [ 697.186127][T21039] v9fs_mount+0x7f/0x790 [ 697.190376][T21039] ? cap_capable+0x23f/0x280 [ 697.194951][T21039] legacy_get_tree+0xde/0x170 [ 697.199720][T21039] ? iterate_incfs_dir+0x370/0x370 [ 697.204811][T21039] vfs_get_tree+0x85/0x260 [ 697.209227][T21039] do_mount+0x18ab/0x2660 [ 697.213639][T21039] ? copy_mount_string+0x30/0x30 [ 697.218567][T21039] ? page_fault+0x2f/0x40 [ 697.222905][T21039] ? copy_mount_options+0x1e8/0x320 [ 697.228140][T21039] ? copy_mount_options+0x293/0x320 [ 697.233444][T21039] ksys_mount+0xc2/0xf0 [ 697.237590][T21039] __x64_sys_mount+0xb1/0xc0 [ 697.242203][T21039] do_syscall_64+0xcb/0x150 [ 697.246695][T21039] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 697.252585][T21039] RIP: 0033:0x45e219 [ 697.256486][T21039] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 697.276716][T21039] RSP: 002b:00007fa6aaf00c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 697.285139][T21039] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 697.293145][T21039] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 697.301102][T21039] RBP: 00007fa6aaf00ca0 R08: 0000000020000580 R09: 0000000000000000 [ 697.309673][T21039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 697.317644][T21039] R13: 00007fff6d55824f R14: 00007fa6aaf019c0 R15: 000000000119c034 09:07:01 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000024, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:07:01 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='tranV=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:07:01 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='\"rans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:07:01 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000025, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:07:01 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xffffff7f, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:07:01 executing program 4 (fault-call:7 fault-nth:23): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:07:01 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000026, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) [ 697.842862][T21072] FAULT_INJECTION: forcing a failure. [ 697.842862][T21072] name failslab, interval 1, probability 0, space 0, times 0 [ 697.855704][T21072] CPU: 1 PID: 21072 Comm: syz-executor.4 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 697.865887][T21072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 697.877274][T21072] Call Trace: [ 697.880563][T21072] dump_stack+0x1dd/0x24e [ 697.884867][T21072] ? devkmsg_release+0x11c/0x11c [ 697.889789][T21072] ? show_regs_print_info+0x12/0x12 [ 697.895050][T21072] ? _raw_spin_lock_irqsave+0xf8/0x210 [ 697.900484][T21072] should_fail+0x6fb/0x860 [ 697.904897][T21072] ? setup_fault_attr+0x3d0/0x3d0 [ 697.909918][T21072] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 697.915703][T21072] ? __kmem_cache_create+0x180/0x6f0 [ 697.920965][T21072] should_failslab+0x5/0x20 [ 697.925472][T21072] kmem_cache_alloc+0x36/0x270 [ 697.930215][T21072] ? cache_random_seq_create+0x188/0x1c0 [ 697.935868][T21072] __kmem_cache_create+0x180/0x6f0 [ 697.940984][T21072] ? create_cache+0x3b/0x1f0 [ 697.945559][T21072] ? create_cache+0x3b/0x1f0 [ 697.950131][T21072] ? kmem_cache_alloc+0x1e0/0x270 [ 697.955376][T21072] create_cache+0x156/0x1f0 [ 697.967554][T21072] kmem_cache_create_usercopy+0x145/0x1d0 [ 697.973262][T21072] p9_client_create+0x9ff/0xb90 [ 697.978115][T21072] ? p9_parse_header+0x6b0/0x6b0 [ 697.983046][T21072] ? __kasan_kmalloc+0x189/0x1c0 [ 697.987973][T21072] ? __kmalloc_track_caller+0x20e/0x2c0 [ 697.993495][T21072] ? vfs_get_tree+0x85/0x260 [ 697.998069][T21072] v9fs_session_init+0x208/0x1a00 [ 698.003081][T21072] ? v9fs_show_options+0x530/0x530 [ 698.008167][T21072] ? v9fs_mount+0x5c/0x790 [ 698.012563][T21072] ? kmem_cache_alloc_trace+0xc3/0x290 [ 698.018001][T21072] ? legacy_init_fs_context+0x4d/0xc0 [ 698.023363][T21072] v9fs_mount+0x7f/0x790 [ 698.027586][T21072] ? cap_capable+0x23f/0x280 [ 698.032152][T21072] legacy_get_tree+0xde/0x170 [ 698.036829][T21072] ? iterate_incfs_dir+0x370/0x370 [ 698.041950][T21072] vfs_get_tree+0x85/0x260 [ 698.046358][T21072] do_mount+0x18ab/0x2660 [ 698.050681][T21072] ? copy_mount_string+0x30/0x30 [ 698.055602][T21072] ? page_fault+0x2f/0x40 [ 698.059912][T21072] ? copy_mount_options+0x1e8/0x320 [ 698.065095][T21072] ? copy_mount_options+0x293/0x320 [ 698.070289][T21072] ksys_mount+0xc2/0xf0 [ 698.074472][T21072] __x64_sys_mount+0xb1/0xc0 [ 698.079045][T21072] do_syscall_64+0xcb/0x150 [ 698.083521][T21072] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 698.089409][T21072] RIP: 0033:0x45e219 [ 698.093277][T21072] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 698.112857][T21072] RSP: 002b:00007fa6aaf00c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 698.121274][T21072] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 698.129237][T21072] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 698.137192][T21072] RBP: 00007fa6aaf00ca0 R08: 0000000020000580 R09: 0000000000000000 [ 698.145142][T21072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 698.153122][T21072] R13: 00007fff6d55824f R14: 00007fa6aaf019c0 R15: 000000000119c034 [ 698.161348][T21072] kmem_cache_create(9p-fcall-cache) failed with error -22 [ 698.168579][T21072] CPU: 1 PID: 21072 Comm: syz-executor.4 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 698.178720][T21072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 698.188788][T21072] Call Trace: [ 698.192105][T21072] dump_stack+0x1dd/0x24e [ 698.196420][T21072] ? devkmsg_release+0x11c/0x11c [ 698.201342][T21072] ? show_regs_print_info+0x12/0x12 [ 698.206533][T21072] ? create_cache+0x1cc/0x1f0 [ 698.211202][T21072] kmem_cache_create_usercopy+0x8c/0x1d0 [ 698.216837][T21072] p9_client_create+0x9ff/0xb90 [ 698.221725][T21072] ? p9_parse_header+0x6b0/0x6b0 [ 698.226692][T21072] ? __kasan_kmalloc+0x189/0x1c0 [ 698.231619][T21072] ? __kmalloc_track_caller+0x20e/0x2c0 [ 698.237153][T21072] ? vfs_get_tree+0x85/0x260 [ 698.241750][T21072] v9fs_session_init+0x208/0x1a00 [ 698.246801][T21072] ? v9fs_show_options+0x530/0x530 [ 698.251895][T21072] ? v9fs_mount+0x5c/0x790 [ 698.256314][T21072] ? kmem_cache_alloc_trace+0xc3/0x290 [ 698.261767][T21072] ? legacy_init_fs_context+0x4d/0xc0 [ 698.267129][T21072] v9fs_mount+0x7f/0x790 [ 698.271348][T21072] ? cap_capable+0x23f/0x280 [ 698.275922][T21072] legacy_get_tree+0xde/0x170 [ 698.280606][T21072] ? iterate_incfs_dir+0x370/0x370 [ 698.285723][T21072] vfs_get_tree+0x85/0x260 [ 698.290120][T21072] do_mount+0x18ab/0x2660 [ 698.294441][T21072] ? copy_mount_string+0x30/0x30 [ 698.299368][T21072] ? page_fault+0x2f/0x40 [ 698.303681][T21072] ? copy_mount_options+0x1e8/0x320 [ 698.308858][T21072] ? copy_mount_options+0x293/0x320 [ 698.314031][T21072] ksys_mount+0xc2/0xf0 [ 698.318162][T21072] __x64_sys_mount+0xb1/0xc0 [ 698.322753][T21072] do_syscall_64+0xcb/0x150 [ 698.327251][T21072] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 698.333128][T21072] RIP: 0033:0x45e219 [ 698.337192][T21072] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 698.360402][T21072] RSP: 002b:00007fa6aaf00c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 698.369199][T21072] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 698.377197][T21072] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 698.385162][T21072] RBP: 00007fa6aaf00ca0 R08: 0000000020000580 R09: 0000000000000000 09:07:02 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='tranb=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:07:02 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="150000006affff"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB=',rans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 698.394118][T21072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 698.402084][T21072] R13: 00007fff6d55824f R14: 00007fa6aaf019c0 R15: 000000000119c034 09:07:02 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000480)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x2, 0x3}, 0x0) r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x46000) lseek(r5, 0x4200, 0x0) r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f00000004c0)=0x0) io_submit(r7, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x10000}]) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x28) sendfile(r5, r8, 0x0, 0x8400fffffffb) sendfile(r4, r4, 0x0, 0x8080ffffff7e) 09:07:02 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xffffff8c, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 09:07:02 executing program 5: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = open(&(0x7f0000000080)='./bus\x00', 0x164142, 0x0) ftruncate(r0, 0x200005) sendfile(r1, r2, 0x0, 0x7bf53e62) io_setup(0x81, &(0x7f0000000040)=0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r3, 0xf0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15000027, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a19}]) 09:07:02 executing program 4 (fault-call:7 fault-nth:24): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 698.849726][T21105] FAULT_INJECTION: forcing a failure. [ 698.849726][T21105] name failslab, interval 1, probability 0, space 0, times 0 [ 698.862387][T21105] CPU: 0 PID: 21105 Comm: syz-executor.4 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 698.872532][T21105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 698.882695][T21105] Call Trace: [ 698.886085][T21105] dump_stack+0x1dd/0x24e [ 698.890416][T21105] ? devkmsg_release+0x11c/0x11c [ 698.895349][T21105] ? unwind_next_frame+0x1aa9/0x1f30 [ 698.900629][T21105] ? show_regs_print_info+0x12/0x12 [ 698.905824][T21105] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 698.911889][T21105] should_fail+0x6fb/0x860 [ 698.916310][T21105] ? setup_fault_attr+0x3d0/0x3d0 [ 698.921356][T21105] ? is_bpf_text_address+0x290/0x2b0 [ 698.926662][T21105] ? __kernfs_new_node+0xdb/0x6e0 [ 698.931685][T21105] should_failslab+0x5/0x20 [ 698.936187][T21105] kmem_cache_alloc+0x36/0x270 [ 698.940980][T21105] ? unwind_get_return_address+0x48/0x90 [ 698.946614][T21105] __kernfs_new_node+0xdb/0x6e0 [ 698.951483][T21105] ? kernfs_new_node+0x160/0x160 [ 698.956413][T21105] ? stack_trace_save+0x120/0x1f0 [ 698.961596][T21105] ? stack_trace_snprint+0x150/0x150 [ 698.966955][T21105] ? __kasan_kmalloc+0x189/0x1c0 [ 698.971899][T21105] kernfs_create_dir_ns+0x90/0x220 [ 698.977008][T21105] sysfs_create_dir_ns+0x181/0x3a0 [ 698.982203][T21105] ? sysfs_warn_dup+0xb0/0xb0 [ 698.986883][T21105] ? pcpu_block_update_hint_alloc+0x98f/0xd00 [ 698.992955][T21105] kobject_add_internal+0x55f/0xb50 [ 698.998150][T21105] kobject_init_and_add+0x122/0x190 [ 699.003487][T21105] ? kobject_add+0x230/0x230 [ 699.008091][T21105] ? cpumask_next+0xc/0x20 [ 699.012511][T21105] ? mutex_unlock+0x19/0x40 [ 699.017534][T21105] sysfs_slab_add+0x193/0x310 [ 699.022213][T21105] __kmem_cache_create+0x67c/0x6f0 [ 699.027322][T21105] ? __should_failslab+0x92/0x150 [ 699.032401][T21105] ? create_cache+0x3b/0x1f0 [ 699.037008][T21105] ? kmem_cache_alloc+0x1e0/0x270 [ 699.042036][T21105] create_cache+0x156/0x1f0 [ 699.046533][T21105] kmem_cache_create_usercopy+0x145/0x1d0 [ 699.052256][T21105] p9_client_create+0x9ff/0xb90 [ 699.057218][T21105] ? p9_parse_header+0x6b0/0x6b0 [ 699.063013][T21105] ? __kasan_kmalloc+0x189/0x1c0 [ 699.067954][T21105] ? __kmalloc_track_caller+0x20e/0x2c0 [ 699.073498][T21105] ? vfs_get_tree+0x85/0x260 [ 699.078074][T21105] v9fs_session_init+0x208/0x1a00 [ 699.083088][T21105] ? v9fs_show_options+0x530/0x530 [ 699.088201][T21105] ? v9fs_mount+0x5c/0x790 [ 699.092666][T21105] ? kmem_cache_alloc_trace+0xc3/0x290 [ 699.098110][T21105] ? legacy_init_fs_context+0x4d/0xc0 [ 699.103576][T21105] v9fs_mount+0x7f/0x790 [ 699.107831][T21105] ? cap_capable+0x23f/0x280 [ 699.112438][T21105] legacy_get_tree+0xde/0x170 [ 699.117569][T21105] ? iterate_incfs_dir+0x370/0x370 [ 699.122707][T21105] vfs_get_tree+0x85/0x260 [ 699.127123][T21105] do_mount+0x18ab/0x2660 [ 699.131454][T21105] ? copy_mount_string+0x30/0x30 [ 699.136412][T21105] ? page_fault+0x2f/0x40 [ 699.140738][T21105] ? copy_mount_options+0x1e8/0x320 [ 699.146009][T21105] ? copy_mount_options+0x293/0x320 [ 699.151201][T21105] ksys_mount+0xc2/0xf0 [ 699.155387][T21105] __x64_sys_mount+0xb1/0xc0 [ 699.159970][T21105] do_syscall_64+0xcb/0x150 [ 699.164458][T21105] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 699.170347][T21105] RIP: 0033:0x45e219 [ 699.174258][T21105] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 699.194407][T21105] RSP: 002b:00007fa6aaf00c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 699.202806][T21105] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 699.211073][T21105] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 699.219157][T21105] RBP: 00007fa6aaf00ca0 R08: 0000000020000580 R09: 0000000000000000 [ 699.227120][T21105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000018 [ 699.235200][T21105] R13: 00007fff6d55824f R14: 00007fa6aaf019c0 R15: 000000000119c034 [ 699.243942][T21105] kobject_add_internal failed for 9p-fcall-cache (error: -12 parent: slab) [ 699.252608][T21105] ================================================================== [ 699.260913][T21105] BUG: KASAN: double-free or invalid-free in kmem_cache_free+0xac/0x610 [ 699.269257][T21105] [ 699.271585][T21105] CPU: 0 PID: 21105 Comm: syz-executor.4 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 699.281829][T21105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 699.291934][T21105] Call Trace: [ 699.295320][T21105] dump_stack+0x1dd/0x24e [ 699.299650][T21105] ? show_regs_print_info+0x12/0x12 [ 699.304844][T21105] ? printk+0xcf/0x114 [ 699.308913][T21105] ? kmem_cache_free+0xac/0x610 [ 699.313763][T21105] ? kmem_cache_free+0xac/0x610 [ 699.318638][T21105] print_address_description+0x96/0x640 [ 699.324182][T21105] ? devkmsg_release+0x11c/0x11c [ 699.329113][T21105] ? do_mount+0x18ab/0x2660 [ 699.333610][T21105] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 699.339668][T21105] ? kmem_cache_free+0xac/0x610 [ 699.344515][T21105] ? kmem_cache_free+0xac/0x610 [ 699.349363][T21105] kasan_report_invalid_free+0x54/0xc0 [ 699.354821][T21105] __kasan_slab_free+0x102/0x230 [ 699.359756][T21105] ? slab_free_freelist_hook+0xd0/0x150 [ 699.365873][T21105] ? kobject_cleanup+0x1e1/0x3c0 [ 699.370811][T21105] ? sysfs_slab_remove_workfn+0x40/0x40 [ 699.376359][T21105] ? kmem_cache_free+0xac/0x610 [ 699.381900][T21105] ? kfree_const+0x26/0x40 [ 699.386302][T21105] ? kobject_cleanup+0x39c/0x3c0 [ 699.391240][T21105] slab_free_freelist_hook+0xd0/0x150 [ 699.396894][T21105] ? create_cache+0x1cc/0x1f0 [ 699.401568][T21105] kmem_cache_free+0xac/0x610 [ 699.406251][T21105] ? __kmem_cache_create+0x693/0x6f0 [ 699.411528][T21105] ? __should_failslab+0x92/0x150 [ 699.416574][T21105] ? create_cache+0x3b/0x1f0 [ 699.421778][T21105] create_cache+0x1cc/0x1f0 [ 699.428302][T21105] kmem_cache_create_usercopy+0x145/0x1d0 [ 699.434021][T21105] p9_client_create+0x9ff/0xb90 [ 699.438871][T21105] ? p9_parse_header+0x6b0/0x6b0 [ 699.444243][T21105] ? __kasan_kmalloc+0x189/0x1c0 [ 699.449289][T21105] ? __kmalloc_track_caller+0x20e/0x2c0 [ 699.454896][T21105] ? vfs_get_tree+0x85/0x260 [ 699.459494][T21105] v9fs_session_init+0x208/0x1a00 [ 699.464507][T21105] ? v9fs_show_options+0x530/0x530 [ 699.470215][T21105] ? v9fs_mount+0x5c/0x790 [ 699.474615][T21105] ? kmem_cache_alloc_trace+0xc3/0x290 [ 699.480059][T21105] ? legacy_init_fs_context+0x4d/0xc0 [ 699.485405][T21105] v9fs_mount+0x7f/0x790 [ 699.489623][T21105] ? cap_capable+0x23f/0x280 [ 699.494189][T21105] legacy_get_tree+0xde/0x170 [ 699.498837][T21105] ? iterate_incfs_dir+0x370/0x370 [ 699.503925][T21105] vfs_get_tree+0x85/0x260 [ 699.508395][T21105] do_mount+0x18ab/0x2660 [ 699.512701][T21105] ? copy_mount_string+0x30/0x30 [ 699.517785][T21105] ? page_fault+0x2f/0x40 [ 699.522103][T21105] ? copy_mount_options+0x1e8/0x320 [ 699.527293][T21105] ? copy_mount_options+0x293/0x320 [ 699.532488][T21105] ksys_mount+0xc2/0xf0 [ 699.536631][T21105] __x64_sys_mount+0xb1/0xc0 [ 699.541207][T21105] do_syscall_64+0xcb/0x150 [ 699.545738][T21105] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 699.551639][T21105] RIP: 0033:0x45e219 [ 699.555638][T21105] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 699.575500][T21105] RSP: 002b:00007fa6aaf00c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 699.584332][T21105] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 699.592296][T21105] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 699.600283][T21105] RBP: 00007fa6aaf00ca0 R08: 0000000020000580 R09: 0000000000000000 [ 699.608241][T21105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000018 [ 699.616381][T21105] R13: 00007fff6d55824f R14: 00007fa6aaf019c0 R15: 000000000119c034 [ 699.624366][T21105] [ 699.626679][T21105] Allocated by task 21105: [ 699.631076][T21105] __kasan_kmalloc+0x129/0x1c0 [ 699.635817][T21105] kmem_cache_alloc+0x1e0/0x270 [ 699.640661][T21105] create_cache+0x3b/0x1f0 [ 699.645053][T21105] kmem_cache_create_usercopy+0x145/0x1d0 [ 699.650765][T21105] p9_client_create+0x9ff/0xb90 [ 699.655791][T21105] v9fs_session_init+0x208/0x1a00 [ 699.660812][T21105] v9fs_mount+0x7f/0x790 [ 699.665061][T21105] legacy_get_tree+0xde/0x170 [ 699.669727][T21105] vfs_get_tree+0x85/0x260 [ 699.674219][T21105] do_mount+0x18ab/0x2660 [ 699.678521][T21105] ksys_mount+0xc2/0xf0 [ 699.682724][T21105] __x64_sys_mount+0xb1/0xc0 [ 699.687435][T21105] do_syscall_64+0xcb/0x150 [ 699.691955][T21105] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 699.697846][T21105] 09:07:03 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000340)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0xfffffff6, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 699.700684][T21105] Freed by task 21105: [ 699.705092][T21105] __kasan_slab_free+0x17e/0x230 [ 699.710021][T21105] slab_free_freelist_hook+0xd0/0x150 [ 699.715663][T21105] kmem_cache_free+0xac/0x610 [ 699.720416][T21105] kobject_cleanup+0x1e1/0x3c0 [ 699.725176][T21105] sysfs_slab_add+0x1a1/0x310 [ 699.729839][T21105] __kmem_cache_create+0x67c/0x6f0 [ 699.734938][T21105] create_cache+0x156/0x1f0 [ 699.739898][T21105] kmem_cache_create_usercopy+0x145/0x1d0 [ 699.745608][T21105] p9_client_create+0x9ff/0xb90 [ 699.750466][T21105] v9fs_session_init+0x208/0x1a00 [ 699.755934][T21105] v9fs_mount+0x7f/0x790 [ 699.760177][T21105] legacy_get_tree+0xde/0x170 [ 699.764828][T21105] vfs_get_tree+0x85/0x260 [ 699.769237][T21105] do_mount+0x18ab/0x2660 [ 699.773662][T21105] ksys_mount+0xc2/0xf0 [ 699.777821][T21105] __x64_sys_mount+0xb1/0xc0 [ 699.782406][T21105] do_syscall_64+0xcb/0x150 [ 699.786907][T21105] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 699.792792][T21105] [ 699.795094][T21105] The buggy address belongs to the object at ffff888198209900 [ 699.795094][T21105] which belongs to the cache kmem_cache of size 472 [ 699.809051][T21105] The buggy address is located 0 bytes inside of [ 699.809051][T21105] 472-byte region [ffff888198209900, ffff888198209ad8) [ 699.822136][T21105] The buggy address belongs to the page: [ 699.827828][T21105] page:ffffea0006608200 refcount:1 mapcount:0 mapping:ffff8881f6002000 index:0xffff888198208500 compound_mapcount: 0 [ 699.840040][T21105] flags: 0x8000000000010200(slab|head) [ 699.845481][T21105] raw: 8000000000010200 ffffea0007c69d80 0000000300000003 ffff8881f6002000 [ 699.854308][T21105] raw: ffff888198208500 00000000800c0007 00000001ffffffff 0000000000000000 [ 699.862866][T21105] page dumped because: kasan: bad access detected [ 699.870792][T21105] [ 699.873096][T21105] Memory state around the buggy address: [ 699.878707][T21105] ffff888198209800: fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc [ 699.887885][T21105] ffff888198209880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 699.895974][T21105] >ffff888198209900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb 09:07:04 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trand=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) [ 699.904021][T21105] ^ [ 699.908064][T21105] ffff888198209980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 699.916099][T21105] ffff888198209a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 699.924242][T21105] ================================================================== [ 699.932300][T21105] Disabling lock debugging due to kernel taint [ 699.938653][T21105] Kernel panic - not syncing: panic_on_warn set ... [ 699.945449][T21105] CPU: 0 PID: 21105 Comm: syz-executor.4 Tainted: G B 5.4.91-syzkaller-00438-g15cec007c4a8 #0 [ 699.956983][T21105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 699.967035][T21105] Call Trace: [ 699.970324][T21105] dump_stack+0x1dd/0x24e [ 699.974649][T21105] ? devkmsg_release+0x11c/0x11c [ 699.979576][T21105] ? show_regs_print_info+0x12/0x12 [ 699.985360][T21105] panic+0x285/0x750 [ 699.989242][T21105] ? schedule_preempt_disabled+0x20/0x20 [ 699.994870][T21105] ? nmi_panic+0x90/0x90 [ 699.999118][T21105] ? kmem_cache_free+0xac/0x610 [ 700.003972][T21105] ? ___preempt_schedule+0x16/0x20 [ 700.009059][T21105] ? kmem_cache_free+0xac/0x610 [ 700.013900][T21105] ? kmem_cache_free+0xac/0x610 [ 700.018745][T21105] kasan_report_invalid_free+0xb7/0xc0 [ 700.024206][T21105] __kasan_slab_free+0x102/0x230 [ 700.029153][T21105] ? slab_free_freelist_hook+0xd0/0x150 [ 700.034692][T21105] ? kobject_cleanup+0x1e1/0x3c0 [ 700.039603][T21105] ? sysfs_slab_remove_workfn+0x40/0x40 [ 700.045675][T21105] ? kmem_cache_free+0xac/0x610 [ 700.050519][T21105] ? kfree_const+0x26/0x40 [ 700.054941][T21105] ? kobject_cleanup+0x39c/0x3c0 [ 700.059878][T21105] slab_free_freelist_hook+0xd0/0x150 [ 700.065321][T21105] ? create_cache+0x1cc/0x1f0 [ 700.069997][T21105] kmem_cache_free+0xac/0x610 [ 700.074765][T21105] ? __kmem_cache_create+0x693/0x6f0 [ 700.080055][T21105] ? __should_failslab+0x92/0x150 [ 700.085056][T21105] ? create_cache+0x3b/0x1f0 [ 700.089620][T21105] create_cache+0x1cc/0x1f0 [ 700.094098][T21105] kmem_cache_create_usercopy+0x145/0x1d0 [ 700.099896][T21105] p9_client_create+0x9ff/0xb90 [ 700.109626][T21105] ? p9_parse_header+0x6b0/0x6b0 [ 700.114636][T21105] ? __kasan_kmalloc+0x189/0x1c0 [ 700.120058][T21105] ? __kmalloc_track_caller+0x20e/0x2c0 [ 700.125619][T21105] ? vfs_get_tree+0x85/0x260 [ 700.130728][T21105] v9fs_session_init+0x208/0x1a00 [ 700.135858][T21105] ? v9fs_show_options+0x530/0x530 [ 700.140976][T21105] ? v9fs_mount+0x5c/0x790 [ 700.145941][T21105] ? kmem_cache_alloc_trace+0xc3/0x290 [ 700.151487][T21105] ? legacy_init_fs_context+0x4d/0xc0 [ 700.156975][T21105] v9fs_mount+0x7f/0x790 [ 700.161235][T21105] ? cap_capable+0x23f/0x280 [ 700.165905][T21105] legacy_get_tree+0xde/0x170 [ 700.170634][T21105] ? iterate_incfs_dir+0x370/0x370 [ 700.175778][T21105] vfs_get_tree+0x85/0x260 [ 700.180189][T21105] do_mount+0x18ab/0x2660 [ 700.184510][T21105] ? copy_mount_string+0x30/0x30 [ 700.189446][T21105] ? page_fault+0x2f/0x40 [ 700.194927][T21105] ? copy_mount_options+0x1e8/0x320 [ 700.200543][T21105] ? copy_mount_options+0x293/0x320 [ 700.206276][T21105] ksys_mount+0xc2/0xf0 [ 700.210684][T21105] __x64_sys_mount+0xb1/0xc0 [ 700.215266][T21105] do_syscall_64+0xcb/0x150 [ 700.219861][T21105] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 700.226006][T21105] RIP: 0033:0x45e219 [ 700.229897][T21105] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 700.249495][T21105] RSP: 002b:00007fa6aaf00c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 700.257894][T21105] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000045e219 [ 700.265888][T21105] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000000000000 [ 700.273853][T21105] RBP: 00007fa6aaf00ca0 R08: 0000000020000580 R09: 0000000000000000 [ 700.281840][T21105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000018 [ 700.289800][T21105] R13: 00007fff6d55824f R14: 00007fa6aaf019c0 R15: 000000000119c034 [ 700.298213][T21105] Kernel Offset: disabled [ 700.302537][T21105] Rebooting in 86400 seconds..