ipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r5, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:38:52 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600004552000001", 0x35, 0x1c0}]) 03:38:52 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x8}) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r5, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:38:52 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0x0) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1723.633938] Dev loop4: unable to read RDB block 1 [ 1723.662090] loop4: unable to read partition table 03:38:52 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0x0) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:38:52 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x8}) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r5, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1723.684777] loop4: partition table beyond EOD, truncated [ 1723.690503] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:38:52 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0x0) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:38:52 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x8}) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r5, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1723.817317] Dev loop4: unable to read RDB block 1 [ 1723.822613] loop4: unable to read partition table [ 1723.834981] loop4: partition table beyond EOD, truncated [ 1723.848648] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:38:52 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}, 0x0}], 0x1, 0x0, 0x0) 03:38:52 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(0xffffffffffffffff) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:38:52 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff60000f6ffffff01", 0x35, 0x1c0}]) [ 1724.063209] Dev loop4: unable to read RDB block 1 [ 1724.068480] loop4: unable to read partition table [ 1724.077182] loop4: partition table beyond EOD, truncated [ 1724.090605] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:38:53 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:38:53 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x8}) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r5, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:38:53 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000000501", 0x35, 0x1c0}]) 03:38:53 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r3) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r5, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1724.443388] Dev loop4: unable to read RDB block 1 [ 1724.462308] loop4: unable to read partition table [ 1724.482543] loop4: partition table beyond EOD, truncated 03:38:53 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r3) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x8}) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r5, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1724.489654] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:38:53 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r3) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x8}) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r5, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:38:53 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r3) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x8}) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r5, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1724.603487] Dev loop4: unable to read RDB block 1 [ 1724.608957] loop4: unable to read partition table [ 1724.614796] loop4: partition table beyond EOD, truncated [ 1724.620738] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:38:53 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000004801", 0x35, 0x1c0}]) 03:38:53 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r3) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x8}) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r5, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:38:53 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r3) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x8}) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r5, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:38:53 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}, 0x0}], 0x1, 0x0, 0x0) 03:38:53 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1724.876204] Dev loop4: unable to read RDB block 1 [ 1724.881122] loop4: unable to read partition table [ 1724.921182] loop4: partition table beyond EOD, truncated [ 1724.927805] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1725.023452] Dev loop4: unable to read RDB block 1 [ 1725.028367] loop4: unable to read partition table [ 1725.034810] loop4: partition table beyond EOD, truncated [ 1725.040460] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:38:54 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:38:54 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r3) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x8}) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r5, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:38:54 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff60000fcfdffff01", 0x35, 0x1c0}]) 03:38:54 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r3) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x8}) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r5, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1725.363539] Dev loop4: unable to read RDB block 1 [ 1725.379579] loop4: unable to read partition table 03:38:54 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r3) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x8}) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r5, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1725.413921] loop4: partition table beyond EOD, truncated [ 1725.436195] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:38:54 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff60000fffffdfc01", 0x35, 0x1c0}]) 03:38:54 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r3) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x8}) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r5, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:38:54 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r3) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x8}) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r5, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1725.603633] Dev loop4: unable to read RDB block 1 [ 1725.609208] loop4: unable to read partition table [ 1725.617832] loop4: partition table beyond EOD, truncated [ 1725.623757] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:38:54 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, 0x0) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:38:54 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r3) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x8}) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) r5 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r5, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:38:54 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}, 0x0}], 0x1, 0x0, 0x0) [ 1725.733092] Dev loop4: unable to read RDB block 1 [ 1725.744775] loop4: unable to read partition table [ 1725.772859] loop4: partition table beyond EOD, truncated 03:38:54 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) readlink(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)=""/53, 0x35) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x5a6b010000000000, 0x3a000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000000)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r2 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r2, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1725.794954] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:38:55 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:38:55 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000455201", 0x35, 0x1c0}]) 03:38:55 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r3) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x8}) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r5, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:38:55 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1726.236514] Dev loop4: unable to read RDB block 1 [ 1726.241707] loop4: unable to read partition table [ 1726.247581] loop4: partition table beyond EOD, truncated [ 1726.256900] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:38:55 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:38:55 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000006801", 0x35, 0x1c0}]) 03:38:55 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1726.426950] Dev loop4: unable to read RDB block 1 [ 1726.431991] loop4: unable to read partition table [ 1726.442853] loop4: partition table beyond EOD, truncated [ 1726.448809] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:38:55 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r3) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x8}) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:38:55 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, 0x0) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1726.553192] Dev loop4: unable to read RDB block 1 [ 1726.558099] loop4: unable to read partition table [ 1726.572619] loop4: partition table beyond EOD, truncated [ 1726.586006] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:38:55 executing program 5: pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") r2 = socket$inet_udp(0x2, 0x2, 0x0) write$cgroup_type(r1, &(0x7f0000000080)='threaded\x00', 0x9) setsockopt$inet_mtu(r2, 0x0, 0xa, &(0x7f0000000140)=0x2, 0x21f) bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10) splice(r0, 0x0, r2, 0x0, 0x10002, 0x0) 03:38:55 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x2, 0x0, 0x0) 03:38:55 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000007401", 0x35, 0x1c0}]) [ 1726.853064] Dev loop4: unable to read RDB block 1 [ 1726.858229] loop4: unable to read partition table [ 1726.866515] loop4: partition table beyond EOD, truncated [ 1726.872037] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:38:55 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r3) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x8}) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(r0, 0x0, 0x0) recvmmsg(r5, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:38:55 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1726.979340] Dev loop4: unable to read RDB block 1 03:38:56 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r3) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x8}) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(r0, 0x0, 0x0) recvmmsg(r5, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:38:56 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r3) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x8}) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(r0, 0x0, 0x0) recvmmsg(r5, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:38:56 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000006001", 0x35, 0x1c0}]) [ 1727.012959] loop4: unable to read partition table [ 1727.032082] loop4: partition table beyond EOD, truncated [ 1727.048038] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:38:56 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r3) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x8}) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(r0, 0x0, 0x0) recvmmsg(r5, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:38:56 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r3) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x8}) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(r0, 0x0, 0x0) recvmmsg(r5, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1727.244302] Dev loop4: unable to read RDB block 1 [ 1727.249943] loop4: unable to read partition table [ 1727.259103] loop4: partition table beyond EOD, truncated [ 1727.267816] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:38:56 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r3) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x8}) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r5, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1727.394069] Dev loop4: unable to read RDB block 1 [ 1727.399410] loop4: unable to read partition table [ 1727.404874] loop4: partition table beyond EOD, truncated [ 1727.410815] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:38:56 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000500000001", 0x35, 0x1c0}]) 03:38:56 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, 0x0) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:38:56 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x34, 0x0, 0x0) 03:38:56 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r3) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x8}) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r5, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:38:56 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r3) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x8}) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r5, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1727.576684] Dev loop4: unable to read RDB block 1 [ 1727.591139] loop4: unable to read partition table [ 1727.600370] loop4: partition table beyond EOD, truncated [ 1727.607712] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1727.707197] Dev loop4: unable to read RDB block 1 [ 1727.712299] loop4: unable to read partition table [ 1727.722784] loop4: partition table beyond EOD, truncated [ 1727.728468] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:38:56 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:38:56 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r3) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x8}) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(r0, 0x0, 0x0) recvmmsg(r5, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:38:56 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, 0x0) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:38:56 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff60000f5ffffff01", 0x35, 0x1c0}]) 03:38:57 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, 0x0) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1728.043335] Dev loop4: unable to read RDB block 1 03:38:57 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, 0x0) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1728.070021] loop4: unable to read partition table [ 1728.076506] loop4: partition table beyond EOD, truncated [ 1728.082180] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:38:57 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r3) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x8}) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000240)={0x0, 0x76c, 0x7, &(0x7f0000000140)=0x2}) 03:38:57 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r3) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x8}) ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r3, 0x4018aee1, &(0x7f0000000240)={0x0, 0x76c, 0x7, &(0x7f0000000140)=0x2}) [ 1728.217508] Dev loop4: unable to read RDB block 1 [ 1728.225271] loop4: unable to read partition table [ 1728.230599] loop4: partition table beyond EOD, truncated [ 1728.236491] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:38:57 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x0, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:38:57 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0xf00, 0x0, 0x0) 03:38:57 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff60000004c000001", 0x35, 0x1c0}]) 03:38:57 executing program 5: bind$alg(0xffffffffffffffff, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'crc32-pclmul\x00'}, 0x347) r0 = syz_open_dev$vcsa(&(0x7f00000000c0)='/dev/vcsa#\x00', 0x10000, 0x40000) setsockopt$RDS_RECVERR(r0, 0x114, 0x5, &(0x7f0000000240)=0x1, 0x4) ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f00000005c0)=ANY=[@ANYBLOB="00000000000000000000000000000000010000000000000000000bc8012800"]) r1 = getpid() r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/sequencer\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffff9c, 0x84, 0x75, &(0x7f0000000400)={0x0, 0x81}, 0x0) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000380)) sched_setaffinity(0x0, 0x0, 0x0) socket$xdp(0x2c, 0x3, 0x0) fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0) r3 = socket$inet6(0xa, 0x400000000001, 0x0) close(r3) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, 0x0, &(0x7f0000000540)) r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000480)={'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x5002}) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000100)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0xfffffffffffffffe}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) r6 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) getsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f0000000080), &(0x7f0000000340)=0x4) ftruncate(r6, 0x2007fff) syz_open_dev$radio(&(0x7f0000000280)='/dev/radio#\x00', 0x1, 0x2) ioctl$PERF_EVENT_IOC_ID(0xffffffffffffffff, 0x80082407, 0x0) ioctl$TIOCSPGRP(r4, 0x5410, &(0x7f0000000000)=r1) write$P9_RXATTRCREATE(r6, &(0x7f0000000140)={0x7, 0x21, 0x1}, 0x7) write$P9_RSETATTR(r6, &(0x7f0000000040)={0x7}, 0x7) sendfile(r3, r6, &(0x7f0000d83ff8)=0x1a, 0x800000000024) creat(&(0x7f0000000200)='./bus\x00', 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000000)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) [ 1728.516607] Dev loop4: unable to read RDB block 1 [ 1728.521545] loop4: unable to read partition table [ 1728.562710] loop4: partition table beyond EOD, truncated [ 1728.568202] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1728.572793] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=10765 comm=syz-executor5 [ 1728.589756] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=10765 comm=syz-executor5 [ 1728.609148] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=10765 comm=syz-executor5 [ 1728.622325] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=10765 comm=syz-executor5 [ 1728.628989] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 1728.650464] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 03:38:57 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1728.660539] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=10765 comm=syz-executor5 [ 1728.683617] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=10765 comm=syz-executor5 [ 1728.747416] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=10765 comm=syz-executor5 [ 1728.764140] Dev loop4: unable to read RDB block 1 [ 1728.777726] loop4: unable to read partition table [ 1728.816723] loop4: partition table beyond EOD, truncated [ 1728.823195] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=10765 comm=syz-executor5 [ 1728.838014] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=10765 comm=syz-executor5 [ 1728.850469] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=10765 comm=syz-executor5 [ 1728.859586] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:38:57 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:38:57 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600006800000001", 0x35, 0x1c0}]) [ 1728.969930] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready 03:38:58 executing program 5: bind$alg(0xffffffffffffffff, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'crc32-pclmul\x00'}, 0x347) r0 = syz_open_dev$vcsa(&(0x7f00000000c0)='/dev/vcsa#\x00', 0x10000, 0x40000) setsockopt$RDS_RECVERR(r0, 0x114, 0x5, &(0x7f0000000240)=0x1, 0x4) ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f00000005c0)=ANY=[@ANYBLOB="00000000000000000000000000000000010000000000000000000bc8012800"]) r1 = getpid() r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/sequencer\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffff9c, 0x84, 0x75, &(0x7f0000000400)={0x0, 0x81}, 0x0) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000380)) sched_setaffinity(0x0, 0x0, 0x0) socket$xdp(0x2c, 0x3, 0x0) fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0) r3 = socket$inet6(0xa, 0x400000000001, 0x0) close(r3) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, 0x0, &(0x7f0000000540)) r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000480)={'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x5002}) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000100)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0xfffffffffffffffe}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) r6 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) getsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f0000000080), &(0x7f0000000340)=0x4) ftruncate(r6, 0x2007fff) syz_open_dev$radio(&(0x7f0000000280)='/dev/radio#\x00', 0x1, 0x2) ioctl$PERF_EVENT_IOC_ID(0xffffffffffffffff, 0x80082407, 0x0) ioctl$TIOCSPGRP(r4, 0x5410, &(0x7f0000000000)=r1) write$P9_RXATTRCREATE(r6, &(0x7f0000000140)={0x7, 0x21, 0x1}, 0x7) write$P9_RSETATTR(r6, &(0x7f0000000040)={0x7}, 0x7) sendfile(r3, r6, &(0x7f0000d83ff8)=0x1a, 0x800000000024) creat(&(0x7f0000000200)='./bus\x00', 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000000)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) [ 1729.146756] Dev loop4: unable to read RDB block 1 [ 1729.151772] loop4: unable to read partition table [ 1729.162533] loop4: partition table beyond EOD, truncated [ 1729.168977] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:38:58 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1729.222126] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 1729.293349] Dev loop4: unable to read RDB block 1 [ 1729.298549] loop4: unable to read partition table [ 1729.319647] loop4: partition table beyond EOD, truncated 03:38:58 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x8, 0x0, 0x0) [ 1729.347512] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:38:58 executing program 5: bind$alg(0xffffffffffffffff, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'crc32-pclmul\x00'}, 0x347) r0 = syz_open_dev$vcsa(&(0x7f00000000c0)='/dev/vcsa#\x00', 0x10000, 0x40000) setsockopt$RDS_RECVERR(r0, 0x114, 0x5, &(0x7f0000000240)=0x1, 0x4) ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f00000005c0)=ANY=[@ANYBLOB="00000000000000000000000000000000010000000000000000000bc8012800"]) r1 = getpid() r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/sequencer\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffff9c, 0x84, 0x75, &(0x7f0000000400)={0x0, 0x81}, 0x0) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000380)) sched_setaffinity(0x0, 0x0, 0x0) socket$xdp(0x2c, 0x3, 0x0) fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0) r3 = socket$inet6(0xa, 0x400000000001, 0x0) close(r3) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, 0x0, &(0x7f0000000540)) r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000480)={'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x5002}) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000100)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0xfffffffffffffffe}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) r6 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) getsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f0000000080), &(0x7f0000000340)=0x4) ftruncate(r6, 0x2007fff) syz_open_dev$radio(&(0x7f0000000280)='/dev/radio#\x00', 0x1, 0x2) ioctl$PERF_EVENT_IOC_ID(0xffffffffffffffff, 0x80082407, 0x0) ioctl$TIOCSPGRP(r4, 0x5410, &(0x7f0000000000)=r1) write$P9_RXATTRCREATE(r6, &(0x7f0000000140)={0x7, 0x21, 0x1}, 0x7) write$P9_RSETATTR(r6, &(0x7f0000000040)={0x7}, 0x7) sendfile(r3, r6, &(0x7f0000d83ff8)=0x1a, 0x800000000024) creat(&(0x7f0000000200)='./bus\x00', 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000000)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) 03:38:58 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff60000fdffffff01", 0x35, 0x1c0}]) [ 1729.558652] Dev loop4: unable to read RDB block 1 [ 1729.564193] loop4: unable to read partition table [ 1729.570231] loop4: partition table beyond EOD, truncated [ 1729.576851] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:38:58 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1729.664832] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 03:38:58 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000005000001", 0x35, 0x1c0}]) [ 1729.714086] Dev loop4: unable to read RDB block 1 [ 1729.719346] loop4: unable to read partition table [ 1729.734977] loop4: partition table beyond EOD, truncated [ 1729.750780] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:38:58 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:38:58 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1, 0x0, 0x0, 0x8dffffff00000000}}], 0x1, 0x0, 0x0) 03:38:59 executing program 5 (fault-call:0 fault-nth:0): syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:38:59 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1729.973630] Dev loop4: unable to read RDB block 1 [ 1729.980718] loop4: unable to read partition table [ 1729.986577] loop4: partition table beyond EOD, truncated [ 1729.992360] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:38:59 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1730.083610] Dev loop4: unable to read RDB block 1 [ 1730.083646] loop4: unable to read partition table [ 1730.095556] loop4: partition table beyond EOD, truncated [ 1730.101170] hfs: invalid session number or type of track [ 1730.106543] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1730.111751] hfs: can't find a HFS filesystem on dev loop5 03:38:59 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000040000001", 0x35, 0x1c0}]) 03:38:59 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='\nfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:38:59 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x10, 0x0, 0x0) [ 1730.374138] Dev loop4: unable to read RDB block 1 [ 1730.379641] loop4: unable to read partition table [ 1730.391235] loop4: partition table beyond EOD, truncated [ 1730.398477] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:38:59 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='%fs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:38:59 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1730.493924] Dev loop4: unable to read RDB block 1 [ 1730.504576] loop4: unable to read partition table [ 1730.521293] loop4: partition table beyond EOD, truncated [ 1730.546358] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:38:59 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff60000ffffab5601", 0x35, 0x1c0}]) 03:38:59 executing program 3 (fault-call:2 fault-nth:0): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:38:59 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='h\ns\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1730.777072] FAULT_INJECTION: forcing a failure. [ 1730.777072] name failslab, interval 1, probability 0, space 0, times 0 [ 1730.788766] CPU: 0 PID: 10885 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1730.795756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1730.805135] Call Trace: [ 1730.807754] dump_stack+0x1d3/0x2c6 [ 1730.811409] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1730.816624] ? lock_downgrade+0x900/0x900 [ 1730.820844] should_fail.cold.4+0xa/0x17 [ 1730.824923] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1730.830049] ? lock_downgrade+0x900/0x900 [ 1730.834219] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1730.839774] ? proc_fail_nth_write+0x9e/0x210 [ 1730.844286] ? proc_cwd_link+0x1d0/0x1d0 [ 1730.848370] ? find_held_lock+0x36/0x1c0 [ 1730.852488] ? __x64_sys_fanotify_init+0x568/0x940 [ 1730.857456] ? ___might_sleep+0x1ed/0x300 [ 1730.861624] ? arch_local_save_flags+0x40/0x40 [ 1730.866260] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1730.871823] __should_failslab+0x124/0x180 [ 1730.876090] should_failslab+0x9/0x14 [ 1730.879931] __kmalloc+0x2e0/0x770 [ 1730.883487] ? strncpy_from_user+0x510/0x510 [ 1730.887913] ? fput+0x130/0x1a0 [ 1730.891222] ? do_syscall_64+0x9a/0x820 [ 1730.895207] ? __x64_sys_memfd_create+0x142/0x4f0 [ 1730.900059] ? do_syscall_64+0x9a/0x820 [ 1730.904059] __x64_sys_memfd_create+0x142/0x4f0 [ 1730.908741] ? memfd_fcntl+0x1910/0x1910 [ 1730.912828] do_syscall_64+0x1b9/0x820 [ 1730.916727] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1730.916748] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1730.916764] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1730.916785] ? trace_hardirqs_on_caller+0x310/0x310 [ 1730.916807] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1730.927117] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1730.927140] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1730.927177] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1730.927196] RIP: 0033:0x457759 [ 1730.927215] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1730.979160] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1730.986866] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457759 [ 1730.994148] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bc8f6 [ 1731.001432] RBP: 000000000073bf00 R08: 0000000000000000 R09: 00000000fbad8001 [ 1731.008720] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fdbc5c326d4 [ 1731.015992] R13: 00000000004c5ba9 R14: 00000000004da8a8 R15: 0000000000000004 03:39:00 executing program 3 (fault-call:2 fault-nth:1): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:00 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1731.046521] Dev loop4: unable to read RDB block 1 [ 1731.074269] loop4: unable to read partition table [ 1731.091108] loop4: partition table beyond EOD, truncated [ 1731.119320] FAULT_INJECTION: forcing a failure. [ 1731.119320] name failslab, interval 1, probability 0, space 0, times 0 [ 1731.121809] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1731.176361] CPU: 0 PID: 10901 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1731.183331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1731.192708] Call Trace: [ 1731.195328] dump_stack+0x1d3/0x2c6 [ 1731.198983] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1731.204189] should_fail.cold.4+0xa/0x17 [ 1731.208261] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1731.213377] ? graph_lock+0x270/0x270 [ 1731.217175] ? __lock_acquire+0x62f/0x4c20 [ 1731.221414] ? lock_downgrade+0x900/0x900 [ 1731.225552] ? check_preemption_disabled+0x48/0x280 [ 1731.230573] ? find_held_lock+0x36/0x1c0 [ 1731.234629] ? ___might_sleep+0x1ed/0x300 [ 1731.238778] ? expand_files.part.8+0x571/0x9a0 [ 1731.243374] ? arch_local_save_flags+0x40/0x40 [ 1731.247975] ? find_held_lock+0x36/0x1c0 [ 1731.252042] __should_failslab+0x124/0x180 [ 1731.256268] should_failslab+0x9/0x14 [ 1731.260068] kmem_cache_alloc+0x2be/0x730 [ 1731.264238] ? shmem_destroy_callback+0xc0/0xc0 [ 1731.268925] shmem_alloc_inode+0x1b/0x40 [ 1731.272979] alloc_inode+0x63/0x190 [ 1731.276620] new_inode_pseudo+0x71/0x1a0 [ 1731.280702] ? prune_icache_sb+0x1c0/0x1c0 [ 1731.284942] ? _raw_spin_unlock+0x2c/0x50 [ 1731.289086] new_inode+0x1c/0x40 [ 1731.292458] shmem_get_inode+0xf1/0x920 [ 1731.296450] ? shmem_encode_fh+0x340/0x340 [ 1731.300696] ? lock_downgrade+0x900/0x900 [ 1731.304845] ? lock_release+0xa00/0xa00 [ 1731.308829] ? arch_local_save_flags+0x40/0x40 [ 1731.313408] ? usercopy_warn+0x110/0x110 [ 1731.317464] __shmem_file_setup.part.47+0x83/0x2a0 [ 1731.322400] shmem_file_setup+0x65/0x90 [ 1731.326389] __x64_sys_memfd_create+0x2af/0x4f0 [ 1731.331080] ? memfd_fcntl+0x1910/0x1910 [ 1731.335186] do_syscall_64+0x1b9/0x820 [ 1731.339064] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1731.344437] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1731.349366] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1731.354202] ? trace_hardirqs_on_caller+0x310/0x310 [ 1731.359214] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1731.364232] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1731.369267] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1731.374129] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1731.379315] RIP: 0033:0x457759 [ 1731.382504] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1731.401405] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1731.409098] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457759 [ 1731.416354] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bc8f6 03:39:00 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x10, 0x0) [ 1731.423645] RBP: 000000000073bf00 R08: 0000000000000000 R09: 00000000fbad8001 [ 1731.430917] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fdbc5c326d4 [ 1731.438202] R13: 00000000004c5ba9 R14: 00000000004da8a8 R15: 0000000000000004 03:39:00 executing program 3 (fault-call:2 fault-nth:2): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:00 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1731.533154] Dev loop4: unable to read RDB block 1 [ 1731.546058] loop4: unable to read partition table 03:39:00 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='h%s\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1731.575091] loop4: partition table beyond EOD, truncated [ 1731.604428] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1731.612027] FAULT_INJECTION: forcing a failure. [ 1731.612027] name failslab, interval 1, probability 0, space 0, times 0 03:39:00 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff60000e0ff000001", 0x35, 0x1c0}]) [ 1731.647782] CPU: 0 PID: 10926 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1731.654747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1731.664105] Call Trace: [ 1731.666722] dump_stack+0x1d3/0x2c6 [ 1731.670360] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1731.675580] should_fail.cold.4+0xa/0x17 [ 1731.679667] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1731.684780] ? is_bpf_text_address+0xac/0x170 [ 1731.689264] ? lock_downgrade+0x900/0x900 [ 1731.693400] ? check_preemption_disabled+0x48/0x280 [ 1731.698419] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1731.703333] ? kasan_check_read+0x11/0x20 [ 1731.707469] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1731.712747] ? rcu_softirq_qs+0x20/0x20 [ 1731.716715] ? rcu_softirq_qs+0x20/0x20 [ 1731.720689] ? unwind_dump+0x190/0x190 [ 1731.724580] ? is_bpf_text_address+0xd3/0x170 [ 1731.729081] ? kernel_text_address+0x79/0xf0 [ 1731.733480] ? ___might_sleep+0x1ed/0x300 [ 1731.737654] ? arch_local_save_flags+0x40/0x40 [ 1731.742249] __should_failslab+0x124/0x180 [ 1731.746471] should_failslab+0x9/0x14 [ 1731.750264] kmem_cache_alloc+0x2be/0x730 [ 1731.754403] ? __shmem_file_setup.part.47+0x83/0x2a0 [ 1731.759494] ? shmem_file_setup+0x65/0x90 [ 1731.763641] ? __x64_sys_memfd_create+0x2af/0x4f0 [ 1731.768530] ? do_syscall_64+0x1b9/0x820 [ 1731.772588] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1731.777946] selinux_inode_alloc_security+0x107/0x3a0 [ 1731.783157] ? inode_free_rcu+0x20/0x20 [ 1731.787125] ? __put_user_ns+0x60/0x60 [ 1731.791001] ? kasan_check_read+0x11/0x20 [ 1731.795136] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1731.800406] security_inode_alloc+0x73/0xd0 [ 1731.804734] inode_init_always+0x68f/0xd80 [ 1731.808969] ? get_nr_inodes+0x120/0x120 [ 1731.813030] ? rcu_pm_notify+0xc0/0xc0 [ 1731.816930] ? rcu_read_lock_sched_held+0x108/0x120 [ 1731.821948] ? kmem_cache_alloc+0x33a/0x730 [ 1731.826261] ? shmem_alloc_inode+0x1b/0x40 [ 1731.830494] ? shmem_destroy_callback+0xc0/0xc0 [ 1731.835191] alloc_inode+0x80/0x190 [ 1731.838808] new_inode_pseudo+0x71/0x1a0 [ 1731.842869] ? prune_icache_sb+0x1c0/0x1c0 [ 1731.847109] ? _raw_spin_unlock+0x2c/0x50 [ 1731.851247] new_inode+0x1c/0x40 [ 1731.854605] shmem_get_inode+0xf1/0x920 [ 1731.858569] ? shmem_encode_fh+0x340/0x340 [ 1731.862799] ? lock_downgrade+0x900/0x900 [ 1731.866958] ? lock_release+0xa00/0xa00 [ 1731.870922] ? arch_local_save_flags+0x40/0x40 [ 1731.875507] ? usercopy_warn+0x110/0x110 [ 1731.879561] __shmem_file_setup.part.47+0x83/0x2a0 [ 1731.884495] shmem_file_setup+0x65/0x90 [ 1731.888473] __x64_sys_memfd_create+0x2af/0x4f0 [ 1731.893137] ? memfd_fcntl+0x1910/0x1910 [ 1731.897225] do_syscall_64+0x1b9/0x820 [ 1731.901103] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1731.906474] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1731.911414] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1731.916282] ? trace_hardirqs_on_caller+0x310/0x310 [ 1731.921314] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1731.926340] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1731.931368] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1731.936220] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1731.941407] RIP: 0033:0x457759 [ 1731.944603] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1731.963508] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1731.971230] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457759 [ 1731.978497] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bc8f6 [ 1731.985765] RBP: 000000000073bf00 R08: 0000000000000000 R09: 00000000fbad8001 03:39:01 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1731.993038] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fdbc5c326d4 [ 1732.000305] R13: 00000000004c5ba9 R14: 00000000004da8a8 R15: 0000000000000004 03:39:01 executing program 3 (fault-call:2 fault-nth:3): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:01 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, 0x0, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1732.173818] Dev loop4: unable to read RDB block 1 [ 1732.183679] loop4: unable to read partition table [ 1732.194309] FAULT_INJECTION: forcing a failure. [ 1732.194309] name failslab, interval 1, probability 0, space 0, times 0 [ 1732.227216] loop4: partition table beyond EOD, truncated [ 1732.253434] CPU: 1 PID: 10944 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1732.254165] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1732.260383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1732.260391] Call Trace: [ 1732.260417] dump_stack+0x1d3/0x2c6 [ 1732.260459] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1732.260490] should_fail.cold.4+0xa/0x17 [ 1732.288536] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1732.297694] ? is_bpf_text_address+0xac/0x170 [ 1732.302207] ? lock_downgrade+0x900/0x900 [ 1732.302224] ? check_preemption_disabled+0x48/0x280 [ 1732.302244] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1732.302258] ? kasan_check_read+0x11/0x20 [ 1732.302277] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1732.325782] ? rcu_softirq_qs+0x20/0x20 [ 1732.329770] ? rcu_softirq_qs+0x20/0x20 [ 1732.333756] ? unwind_dump+0x190/0x190 [ 1732.337669] ? is_bpf_text_address+0xd3/0x170 [ 1732.342180] ? kernel_text_address+0x79/0xf0 [ 1732.346623] ? ___might_sleep+0x1ed/0x300 [ 1732.350779] ? arch_local_save_flags+0x40/0x40 [ 1732.355386] __should_failslab+0x124/0x180 [ 1732.359637] should_failslab+0x9/0x14 [ 1732.363462] kmem_cache_alloc+0x2be/0x730 [ 1732.367626] ? __shmem_file_setup.part.47+0x83/0x2a0 [ 1732.372752] ? shmem_file_setup+0x65/0x90 [ 1732.376918] ? __x64_sys_memfd_create+0x2af/0x4f0 [ 1732.381774] ? do_syscall_64+0x1b9/0x820 [ 1732.385846] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1732.391235] selinux_inode_alloc_security+0x107/0x3a0 [ 1732.396782] ? inode_free_rcu+0x20/0x20 03:39:01 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x100000000000000, 0x0) 03:39:01 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1732.400767] ? __put_user_ns+0x60/0x60 [ 1732.404675] ? kasan_check_read+0x11/0x20 [ 1732.408841] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1732.414131] ? lock_downgrade+0x900/0x900 [ 1732.418290] security_inode_alloc+0x73/0xd0 [ 1732.422616] inode_init_always+0x68f/0xd80 [ 1732.426862] ? get_nr_inodes+0x120/0x120 [ 1732.430920] ? rcu_pm_notify+0xc0/0xc0 [ 1732.434841] ? rcu_read_lock_sched_held+0x108/0x120 [ 1732.439873] ? kmem_cache_alloc+0x33a/0x730 [ 1732.444218] ? shmem_alloc_inode+0x1b/0x40 [ 1732.448467] ? shmem_destroy_callback+0xc0/0xc0 03:39:01 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) ftruncate(0xffffffffffffffff, 0x1000000) sendfile(r1, 0xffffffffffffffff, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r2 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r2, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1732.453153] alloc_inode+0x80/0x190 [ 1732.456803] new_inode_pseudo+0x71/0x1a0 [ 1732.460882] ? prune_icache_sb+0x1c0/0x1c0 [ 1732.465131] ? _raw_spin_unlock+0x2c/0x50 [ 1732.469295] new_inode+0x1c/0x40 [ 1732.472685] shmem_get_inode+0xf1/0x920 [ 1732.476686] ? shmem_encode_fh+0x340/0x340 [ 1732.480936] ? lock_downgrade+0x900/0x900 [ 1732.485116] ? lock_release+0xa00/0xa00 [ 1732.489097] ? arch_local_save_flags+0x40/0x40 [ 1732.493699] ? usercopy_warn+0x110/0x110 [ 1732.497789] __shmem_file_setup.part.47+0x83/0x2a0 [ 1732.502742] shmem_file_setup+0x65/0x90 [ 1732.506736] __x64_sys_memfd_create+0x2af/0x4f0 [ 1732.511418] ? memfd_fcntl+0x1910/0x1910 [ 1732.515503] do_syscall_64+0x1b9/0x820 [ 1732.519401] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1732.524786] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1732.530199] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1732.535062] ? trace_hardirqs_on_caller+0x310/0x310 [ 1732.540103] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1732.545135] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1732.550221] ? trace_hardirqs_off_thunk+0x1a/0x1c 03:39:01 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1732.555084] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1732.560280] RIP: 0033:0x457759 [ 1732.563482] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1732.582390] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1732.590139] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457759 [ 1732.597458] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bc8f6 [ 1732.604735] RBP: 000000000073bf00 R08: 0000000000000000 R09: 00000000fbad8001 [ 1732.612010] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fdbc5c326d4 [ 1732.619288] R13: 00000000004c5ba9 R14: 00000000004da8a8 R15: 0000000000000004 03:39:01 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='h.s\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:01 executing program 3 (fault-call:2 fault-nth:4): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1732.724284] Dev loop4: unable to read RDB block 1 [ 1732.729531] loop4: unable to read partition table [ 1732.758393] loop4: partition table beyond EOD, truncated [ 1732.767302] FAULT_INJECTION: forcing a failure. [ 1732.767302] name failslab, interval 1, probability 0, space 0, times 0 [ 1732.769018] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1732.785508] CPU: 1 PID: 10977 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1732.792947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1732.802306] Call Trace: [ 1732.804908] dump_stack+0x1d3/0x2c6 [ 1732.808548] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1732.813755] should_fail.cold.4+0xa/0x17 [ 1732.817829] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1732.822937] ? rcu_pm_notify+0xc0/0xc0 [ 1732.826844] ? graph_lock+0x270/0x270 [ 1732.830643] ? memset+0x31/0x40 [ 1732.833939] ? graph_lock+0x270/0x270 [ 1732.837747] ? find_held_lock+0x36/0x1c0 [ 1732.841829] ? ___might_sleep+0x1ed/0x300 [ 1732.845980] ? arch_local_save_flags+0x40/0x40 [ 1732.850570] ? lock_downgrade+0x900/0x900 [ 1732.854730] __should_failslab+0x124/0x180 [ 1732.858972] should_failslab+0x9/0x14 [ 1732.862777] kmem_cache_alloc+0x2be/0x730 [ 1732.866935] __alloc_file+0xa8/0x470 [ 1732.870649] ? file_free_rcu+0xd0/0xd0 [ 1732.874553] ? d_instantiate+0x79/0xa0 [ 1732.878449] ? lock_downgrade+0x900/0x900 [ 1732.882621] ? kasan_check_read+0x11/0x20 [ 1732.886768] ? do_raw_spin_unlock+0xa7/0x330 [ 1732.891183] ? do_raw_spin_trylock+0x270/0x270 [ 1732.895772] alloc_empty_file+0x72/0x170 [ 1732.899867] alloc_file+0x5e/0x4d0 [ 1732.903412] ? _raw_spin_unlock+0x2c/0x50 [ 1732.907569] alloc_file_pseudo+0x261/0x3f0 [ 1732.911827] ? alloc_file+0x4d0/0x4d0 [ 1732.915641] ? usercopy_warn+0x110/0x110 [ 1732.919721] ? kasan_check_write+0x14/0x20 [ 1732.923967] __shmem_file_setup.part.47+0x110/0x2a0 [ 1732.928997] shmem_file_setup+0x65/0x90 [ 1732.932978] __x64_sys_memfd_create+0x2af/0x4f0 [ 1732.937651] ? memfd_fcntl+0x1910/0x1910 [ 1732.941737] do_syscall_64+0x1b9/0x820 [ 1732.945631] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1732.951008] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1732.955943] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1732.960792] ? trace_hardirqs_on_caller+0x310/0x310 [ 1732.965823] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1732.970846] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1732.975871] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1732.980726] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1732.985915] RIP: 0033:0x457759 [ 1732.989125] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1733.008028] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1733.015738] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457759 03:39:02 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(0xffffffffffffffff, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:02 executing program 3 (fault-call:2 fault-nth:5): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1733.023007] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bc8f6 [ 1733.030279] RBP: 000000000073bf00 R08: 0000000000000000 R09: 00000000fbad8001 [ 1733.037546] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fdbc5c326d4 [ 1733.044819] R13: 00000000004c5ba9 R14: 00000000004da8a8 R15: 0000000000000004 03:39:02 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000000009", 0x35, 0x1c0}]) [ 1733.194510] FAULT_INJECTION: forcing a failure. [ 1733.194510] name failslab, interval 1, probability 0, space 0, times 0 [ 1733.212059] CPU: 1 PID: 10986 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1733.219006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1733.228366] Call Trace: [ 1733.230984] dump_stack+0x1d3/0x2c6 [ 1733.234638] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1733.239867] ? is_bpf_text_address+0xd3/0x170 [ 1733.244390] should_fail.cold.4+0xa/0x17 [ 1733.248478] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1733.253609] ? save_stack+0xa9/0xd0 [ 1733.257246] ? save_stack+0x43/0xd0 [ 1733.260904] ? kasan_kmalloc+0xc7/0xe0 [ 1733.264829] ? kasan_slab_alloc+0x12/0x20 [ 1733.268987] ? kmem_cache_alloc+0x12e/0x730 [ 1733.273317] ? __alloc_file+0xa8/0x470 [ 1733.277216] ? alloc_empty_file+0x72/0x170 [ 1733.281472] ? find_held_lock+0x36/0x1c0 [ 1733.285566] ? ___might_sleep+0x1ed/0x300 [ 1733.289727] ? arch_local_save_flags+0x40/0x40 [ 1733.294331] ? check_preemption_disabled+0x48/0x280 [ 1733.299347] __should_failslab+0x124/0x180 [ 1733.303584] should_failslab+0x9/0x14 [ 1733.307402] kmem_cache_alloc+0x2be/0x730 [ 1733.311561] ? rcu_read_lock_sched_held+0x108/0x120 [ 1733.316587] selinux_file_alloc_security+0xb4/0x190 [ 1733.321622] security_file_alloc+0x4c/0xa0 [ 1733.325864] __alloc_file+0x12a/0x470 [ 1733.329688] ? file_free_rcu+0xd0/0xd0 [ 1733.333574] ? d_instantiate+0x79/0xa0 [ 1733.337470] ? lock_downgrade+0x900/0x900 [ 1733.341611] ? kasan_check_read+0x11/0x20 [ 1733.345761] ? do_raw_spin_unlock+0xa7/0x330 [ 1733.350170] ? do_raw_spin_trylock+0x270/0x270 [ 1733.354745] alloc_empty_file+0x72/0x170 [ 1733.358809] alloc_file+0x5e/0x4d0 [ 1733.362350] ? _raw_spin_unlock+0x2c/0x50 [ 1733.366489] alloc_file_pseudo+0x261/0x3f0 [ 1733.370729] ? alloc_file+0x4d0/0x4d0 [ 1733.374534] ? usercopy_warn+0x110/0x110 [ 1733.378587] ? kasan_check_write+0x14/0x20 [ 1733.382834] __shmem_file_setup.part.47+0x110/0x2a0 [ 1733.387869] shmem_file_setup+0x65/0x90 03:39:02 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r1 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r1, 0x1000000) sendfile(0xffffffffffffffff, r1, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(0xffffffffffffffff) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r1, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r2 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r2, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1733.391859] __x64_sys_memfd_create+0x2af/0x4f0 [ 1733.396532] ? memfd_fcntl+0x1910/0x1910 [ 1733.400591] do_syscall_64+0x1b9/0x820 [ 1733.404464] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1733.409829] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1733.414772] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1733.419634] ? trace_hardirqs_on_caller+0x310/0x310 [ 1733.424682] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1733.429713] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1733.434748] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1733.439615] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1733.444815] RIP: 0033:0x457759 [ 1733.448003] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1733.466889] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1733.474582] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457759 [ 1733.481842] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bc8f6 03:39:02 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x1000000000000000, 0x0) [ 1733.489099] RBP: 000000000073bf00 R08: 0000000000000000 R09: 00000000fbad8001 [ 1733.496355] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fdbc5c326d4 [ 1733.503618] R13: 00000000004c5ba9 R14: 00000000004da8a8 R15: 0000000000000004 03:39:02 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='h/s\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:02 executing program 3 (fault-call:2 fault-nth:6): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1733.633478] Dev loop4: unable to read RDB block 1 [ 1733.641374] loop4: unable to read partition table [ 1733.667558] loop4: partition table beyond EOD, truncated [ 1733.673934] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:02 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1733.741653] FAULT_INJECTION: forcing a failure. [ 1733.741653] name failslab, interval 1, probability 0, space 0, times 0 [ 1733.788601] CPU: 0 PID: 11012 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1733.795634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1733.805025] Call Trace: [ 1733.807623] dump_stack+0x1d3/0x2c6 [ 1733.811295] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1733.816512] should_fail.cold.4+0xa/0x17 [ 1733.820582] ? find_held_lock+0x36/0x1c0 [ 1733.824642] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1733.829753] ? lock_downgrade+0x900/0x900 [ 1733.833892] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1733.839419] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1733.844957] ? timespec64_trunc+0xea/0x180 [ 1733.849215] ? inode_init_owner+0x340/0x340 [ 1733.853544] ? find_held_lock+0x36/0x1c0 [ 1733.857605] ? ___might_sleep+0x1ed/0x300 [ 1733.861749] ? arch_local_save_flags+0x40/0x40 [ 1733.866351] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1733.871913] __should_failslab+0x124/0x180 [ 1733.876160] should_failslab+0x9/0x14 [ 1733.879980] kmem_cache_alloc+0x2be/0x730 [ 1733.884144] ? do_sys_ftruncate+0x428/0x550 [ 1733.888480] ? lock_downgrade+0x900/0x900 [ 1733.892647] getname_flags+0xd0/0x590 [ 1733.896464] ? __lock_is_held+0xb5/0x140 [ 1733.900518] getname+0x19/0x20 [ 1733.903715] do_sys_open+0x383/0x700 [ 1733.907421] ? filp_open+0x80/0x80 [ 1733.910953] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1733.916410] ? do_sys_ftruncate+0x449/0x550 [ 1733.920782] __x64_sys_open+0x7e/0xc0 [ 1733.924590] do_syscall_64+0x1b9/0x820 [ 1733.928467] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1733.933842] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1733.938771] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1733.943622] ? trace_hardirqs_on_caller+0x310/0x310 [ 1733.948627] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1733.953648] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1733.958675] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1733.963524] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1733.968713] RIP: 0033:0x411391 [ 1733.971895] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 1733.990790] RSP: 002b:00007fdbc5c31a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 1733.998502] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000411391 [ 1734.005776] RDX: 00007fdbc5c31afa RSI: 0000000000000002 RDI: 00007fdbc5c31af0 [ 1734.013047] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1734.020315] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000005 [ 1734.027584] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:03 executing program 3 (fault-call:2 fault-nth:7): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:03 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfp\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:03 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1734.056314] Dev loop4: unable to read RDB block 1 [ 1734.063247] loop4: unable to read partition table [ 1734.075169] loop4: partition table beyond EOD, truncated [ 1734.080874] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:03 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000000010", 0x35, 0x1c0}]) [ 1734.131317] FAULT_INJECTION: forcing a failure. [ 1734.131317] name failslab, interval 1, probability 0, space 0, times 0 [ 1734.148648] CPU: 0 PID: 11027 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1734.155622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1734.164996] Call Trace: [ 1734.165025] dump_stack+0x1d3/0x2c6 [ 1734.165052] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1734.176448] should_fail.cold.4+0xa/0x17 [ 1734.180526] ? find_held_lock+0x36/0x1c0 [ 1734.184599] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1734.189729] ? lock_downgrade+0x900/0x900 [ 1734.189749] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1734.189771] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1734.189791] ? timespec64_trunc+0xea/0x180 [ 1734.209237] ? inode_init_owner+0x340/0x340 [ 1734.213588] ? find_held_lock+0x36/0x1c0 [ 1734.217699] ? ___might_sleep+0x1ed/0x300 [ 1734.221868] ? arch_local_save_flags+0x40/0x40 [ 1734.226466] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1734.232028] __should_failslab+0x124/0x180 [ 1734.236281] should_failslab+0x9/0x14 [ 1734.240099] kmem_cache_alloc+0x2be/0x730 [ 1734.244264] ? do_sys_ftruncate+0x428/0x550 [ 1734.248604] ? lock_downgrade+0x900/0x900 [ 1734.252771] getname_flags+0xd0/0x590 [ 1734.256591] ? __lock_is_held+0xb5/0x140 [ 1734.260683] getname+0x19/0x20 [ 1734.263893] do_sys_open+0x383/0x700 [ 1734.267630] ? filp_open+0x80/0x80 [ 1734.271206] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1734.276690] ? do_sys_ftruncate+0x449/0x550 [ 1734.281037] __x64_sys_open+0x7e/0xc0 [ 1734.284862] do_syscall_64+0x1b9/0x820 [ 1734.288764] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1734.294146] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1734.299090] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1734.303950] ? trace_hardirqs_on_caller+0x310/0x310 [ 1734.308983] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1734.314014] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1734.319052] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1734.323917] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1734.329114] RIP: 0033:0x411391 [ 1734.332317] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 1734.351228] RSP: 002b:00007fdbc5c31a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 1734.358951] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000411391 [ 1734.366230] RDX: 00007fdbc5c31afa RSI: 0000000000000002 RDI: 00007fdbc5c31af0 [ 1734.373504] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1734.380759] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000005 [ 1734.388014] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:03 executing program 3 (fault-call:2 fault-nth:8): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:03 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x40000000, 0x0) [ 1734.495699] Dev loop4: unable to read RDB block 1 [ 1734.497728] FAULT_INJECTION: forcing a failure. [ 1734.497728] name failslab, interval 1, probability 0, space 0, times 0 [ 1734.500884] loop4: unable to read partition table [ 1734.533397] loop4: partition table beyond EOD, truncated [ 1734.548032] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1734.549816] CPU: 1 PID: 11050 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1734.562259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1734.571619] Call Trace: [ 1734.574208] dump_stack+0x1d3/0x2c6 [ 1734.577829] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1734.583036] should_fail.cold.4+0xa/0x17 [ 1734.587111] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1734.592222] ? find_held_lock+0x36/0x1c0 [ 1734.596283] ? ___might_sleep+0x1ed/0x300 [ 1734.600417] ? arch_local_save_flags+0x40/0x40 [ 1734.604998] __should_failslab+0x124/0x180 [ 1734.609223] should_failslab+0x9/0x14 [ 1734.613024] kmem_cache_alloc+0x2be/0x730 [ 1734.617189] ? graph_lock+0x270/0x270 [ 1734.621015] ? print_usage_bug+0xc0/0xc0 [ 1734.625084] ? mark_held_locks+0x130/0x130 [ 1734.629325] __alloc_file+0xa8/0x470 [ 1734.633041] ? file_free_rcu+0xd0/0xd0 [ 1734.636929] ? find_held_lock+0x36/0x1c0 [ 1734.640996] ? is_bpf_text_address+0xac/0x170 [ 1734.645493] ? lock_downgrade+0x900/0x900 [ 1734.649643] ? check_preemption_disabled+0x48/0x280 [ 1734.654689] alloc_empty_file+0x72/0x170 [ 1734.658759] path_openat+0x170/0x5160 [ 1734.662561] ? rcu_softirq_qs+0x20/0x20 [ 1734.666539] ? unwind_dump+0x190/0x190 [ 1734.670434] ? graph_lock+0x270/0x270 [ 1734.674236] ? path_lookupat.isra.43+0xc00/0xc00 [ 1734.678990] ? unwind_get_return_address+0x61/0xa0 [ 1734.683937] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1734.688956] ? expand_files.part.8+0x571/0x9a0 [ 1734.693530] ? find_held_lock+0x36/0x1c0 [ 1734.697583] ? __alloc_fd+0x347/0x6e0 [ 1734.701374] ? lock_downgrade+0x900/0x900 [ 1734.705505] ? getname+0x19/0x20 [ 1734.708878] ? kasan_check_read+0x11/0x20 [ 1734.713037] ? do_raw_spin_unlock+0xa7/0x330 [ 1734.717445] ? do_raw_spin_trylock+0x270/0x270 [ 1734.722026] ? __lock_is_held+0xb5/0x140 [ 1734.726144] ? __check_object_size+0xb1/0x782 [ 1734.730697] ? _raw_spin_unlock+0x2c/0x50 [ 1734.734853] ? __alloc_fd+0x347/0x6e0 [ 1734.738670] do_filp_open+0x255/0x380 [ 1734.742481] ? may_open_dev+0x100/0x100 [ 1734.746458] ? get_unused_fd_flags+0x122/0x1a0 [ 1734.751031] ? __alloc_fd+0x6e0/0x6e0 [ 1734.754818] ? __lock_is_held+0xb5/0x140 [ 1734.758871] do_sys_open+0x568/0x700 [ 1734.762593] ? filp_open+0x80/0x80 [ 1734.766154] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1734.771609] ? do_sys_ftruncate+0x449/0x550 [ 1734.775940] __x64_sys_open+0x7e/0xc0 [ 1734.779745] do_syscall_64+0x1b9/0x820 [ 1734.783621] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1734.788989] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1734.793912] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1734.798744] ? trace_hardirqs_on_caller+0x310/0x310 [ 1734.803760] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1734.808784] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1734.813820] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1734.818680] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1734.823868] RIP: 0033:0x411391 [ 1734.827071] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 03:39:03 executing program 3 (fault-call:2 fault-nth:9): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1734.845974] RSP: 002b:00007fdbc5c31a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 1734.853694] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000411391 [ 1734.860948] RDX: 00007fdbc5c31afa RSI: 0000000000000002 RDI: 00007fdbc5c31af0 [ 1734.868205] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1734.875478] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000005 [ 1734.882739] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:03 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:03 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfX\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1735.007150] Dev loop4: unable to read RDB block 1 [ 1735.012086] loop4: unable to read partition table [ 1735.021002] FAULT_INJECTION: forcing a failure. [ 1735.021002] name failslab, interval 1, probability 0, space 0, times 0 03:39:04 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1735.063299] loop4: partition table beyond EOD, truncated [ 1735.101950] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:04 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000052450001", 0x35, 0x1c0}]) [ 1735.137310] CPU: 1 PID: 11063 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1735.144287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1735.153651] Call Trace: [ 1735.156278] dump_stack+0x1d3/0x2c6 [ 1735.159930] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1735.165130] ? is_bpf_text_address+0xd3/0x170 [ 1735.169620] should_fail.cold.4+0xa/0x17 [ 1735.173692] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1735.178823] ? save_stack+0xa9/0xd0 [ 1735.182466] ? save_stack+0x43/0xd0 [ 1735.186102] ? kasan_kmalloc+0xc7/0xe0 [ 1735.189998] ? kasan_slab_alloc+0x12/0x20 [ 1735.194159] ? kmem_cache_alloc+0x12e/0x730 [ 1735.198502] ? __alloc_file+0xa8/0x470 [ 1735.202403] ? alloc_empty_file+0x72/0x170 [ 1735.206658] ? find_held_lock+0x36/0x1c0 [ 1735.210760] ? ___might_sleep+0x1ed/0x300 [ 1735.214921] ? arch_local_save_flags+0x40/0x40 [ 1735.219511] ? check_preemption_disabled+0x48/0x280 [ 1735.224538] __should_failslab+0x124/0x180 [ 1735.228787] should_failslab+0x9/0x14 [ 1735.232600] kmem_cache_alloc+0x2be/0x730 [ 1735.236754] ? rcu_read_lock_sched_held+0x108/0x120 [ 1735.241781] selinux_file_alloc_security+0xb4/0x190 [ 1735.246799] security_file_alloc+0x4c/0xa0 [ 1735.251049] __alloc_file+0x12a/0x470 [ 1735.254867] ? file_free_rcu+0xd0/0xd0 [ 1735.258760] ? find_held_lock+0x36/0x1c0 [ 1735.262835] ? is_bpf_text_address+0xac/0x170 [ 1735.267346] ? lock_downgrade+0x900/0x900 [ 1735.271509] ? check_preemption_disabled+0x48/0x280 [ 1735.276545] alloc_empty_file+0x72/0x170 [ 1735.280614] path_openat+0x170/0x5160 [ 1735.284413] ? rcu_softirq_qs+0x20/0x20 [ 1735.288392] ? unwind_dump+0x190/0x190 [ 1735.292291] ? graph_lock+0x270/0x270 [ 1735.296093] ? path_lookupat.isra.43+0xc00/0xc00 [ 1735.300836] ? unwind_get_return_address+0x61/0xa0 [ 1735.305756] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1735.310772] ? expand_files.part.8+0x571/0x9a0 [ 1735.315374] ? find_held_lock+0x36/0x1c0 [ 1735.319467] ? __alloc_fd+0x347/0x6e0 [ 1735.323286] ? lock_downgrade+0x900/0x900 [ 1735.327435] ? getname+0x19/0x20 [ 1735.330791] ? kasan_check_read+0x11/0x20 [ 1735.334931] ? do_raw_spin_unlock+0xa7/0x330 [ 1735.339343] ? do_raw_spin_trylock+0x270/0x270 [ 1735.343938] ? __lock_is_held+0xb5/0x140 [ 1735.348010] ? __check_object_size+0xb1/0x782 [ 1735.352526] ? _raw_spin_unlock+0x2c/0x50 [ 1735.356690] ? __alloc_fd+0x347/0x6e0 [ 1735.360508] do_filp_open+0x255/0x380 [ 1735.364330] ? may_open_dev+0x100/0x100 [ 1735.368338] ? get_unused_fd_flags+0x122/0x1a0 [ 1735.372936] ? __alloc_fd+0x6e0/0x6e0 [ 1735.376752] ? __lock_is_held+0xb5/0x140 [ 1735.380831] do_sys_open+0x568/0x700 [ 1735.384560] ? filp_open+0x80/0x80 03:39:04 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x8000000, 0x0) [ 1735.388118] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1735.393578] ? do_sys_ftruncate+0x449/0x550 [ 1735.397921] __x64_sys_open+0x7e/0xc0 [ 1735.401742] do_syscall_64+0x1b9/0x820 [ 1735.405646] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1735.411029] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1735.415968] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1735.420825] ? trace_hardirqs_on_caller+0x310/0x310 [ 1735.425846] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1735.430877] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1735.435912] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1735.440779] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1735.445981] RIP: 0033:0x411391 [ 1735.449180] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 1735.468195] RSP: 002b:00007fdbc5c31a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 1735.475921] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000411391 03:39:04 executing program 3 (fault-call:2 fault-nth:10): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1735.483196] RDX: 00007fdbc5c31afa RSI: 0000000000000002 RDI: 00007fdbc5c31af0 [ 1735.490463] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1735.497725] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000005 [ 1735.504994] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1735.599228] FAULT_INJECTION: forcing a failure. [ 1735.599228] name failslab, interval 1, probability 0, space 0, times 0 [ 1735.618564] CPU: 1 PID: 11090 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1735.625521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1735.634882] Call Trace: [ 1735.637483] dump_stack+0x1d3/0x2c6 [ 1735.641106] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1735.646303] ? is_bpf_text_address+0xd3/0x170 [ 1735.650822] should_fail.cold.4+0xa/0x17 [ 1735.654891] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1735.660004] ? save_stack+0xa9/0xd0 [ 1735.663646] ? save_stack+0x43/0xd0 [ 1735.667283] ? kasan_kmalloc+0xc7/0xe0 [ 1735.671160] ? kasan_slab_alloc+0x12/0x20 [ 1735.675307] ? kmem_cache_alloc+0x12e/0x730 [ 1735.679624] ? __alloc_file+0xa8/0x470 [ 1735.683499] ? alloc_empty_file+0x72/0x170 [ 1735.687758] ? find_held_lock+0x36/0x1c0 [ 1735.691831] ? ___might_sleep+0x1ed/0x300 03:39:04 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1735.695971] ? arch_local_save_flags+0x40/0x40 [ 1735.700545] ? check_preemption_disabled+0x48/0x280 [ 1735.705574] __should_failslab+0x124/0x180 [ 1735.709826] should_failslab+0x9/0x14 [ 1735.713643] kmem_cache_alloc+0x2be/0x730 [ 1735.717826] ? rcu_read_lock_sched_held+0x108/0x120 [ 1735.722859] selinux_file_alloc_security+0xb4/0x190 [ 1735.727893] security_file_alloc+0x4c/0xa0 [ 1735.732139] __alloc_file+0x12a/0x470 [ 1735.735957] ? file_free_rcu+0xd0/0xd0 [ 1735.739853] ? find_held_lock+0x36/0x1c0 [ 1735.743932] ? is_bpf_text_address+0xac/0x170 [ 1735.748441] ? lock_downgrade+0x900/0x900 [ 1735.752601] ? check_preemption_disabled+0x48/0x280 [ 1735.757609] alloc_empty_file+0x72/0x170 [ 1735.761670] path_openat+0x170/0x5160 [ 1735.765465] ? rcu_softirq_qs+0x20/0x20 [ 1735.769432] ? unwind_dump+0x190/0x190 [ 1735.773315] ? graph_lock+0x270/0x270 [ 1735.777108] ? path_lookupat.isra.43+0xc00/0xc00 [ 1735.781849] ? unwind_get_return_address+0x61/0xa0 [ 1735.786789] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1735.791799] ? expand_files.part.8+0x571/0x9a0 [ 1735.796376] ? find_held_lock+0x36/0x1c0 [ 1735.800432] ? __alloc_fd+0x347/0x6e0 [ 1735.804221] ? lock_downgrade+0x900/0x900 [ 1735.808367] ? getname+0x19/0x20 [ 1735.811749] ? kasan_check_read+0x11/0x20 [ 1735.815911] ? do_raw_spin_unlock+0xa7/0x330 [ 1735.820323] ? do_raw_spin_trylock+0x270/0x270 [ 1735.824892] ? __lock_is_held+0xb5/0x140 [ 1735.828949] ? __check_object_size+0xb1/0x782 [ 1735.833434] ? _raw_spin_unlock+0x2c/0x50 [ 1735.837576] ? __alloc_fd+0x347/0x6e0 [ 1735.841381] do_filp_open+0x255/0x380 [ 1735.845177] ? may_open_dev+0x100/0x100 [ 1735.849164] ? get_unused_fd_flags+0x122/0x1a0 [ 1735.853739] ? __alloc_fd+0x6e0/0x6e0 [ 1735.857542] ? __lock_is_held+0xb5/0x140 [ 1735.861612] do_sys_open+0x568/0x700 [ 1735.865324] ? filp_open+0x80/0x80 [ 1735.868887] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1735.874344] ? do_sys_ftruncate+0x449/0x550 [ 1735.878695] __x64_sys_open+0x7e/0xc0 [ 1735.882505] do_syscall_64+0x1b9/0x820 [ 1735.886385] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1735.891738] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1735.896658] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1735.901502] ? trace_hardirqs_on_caller+0x310/0x310 [ 1735.906508] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1735.911512] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1735.916533] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1735.921393] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1735.926583] RIP: 0033:0x411391 [ 1735.929789] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 03:39:04 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1735.948693] RSP: 002b:00007fdbc5c31a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 1735.956409] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000411391 [ 1735.963691] RDX: 00007fdbc5c31afa RSI: 0000000000000002 RDI: 00007fdbc5c31af0 [ 1735.970954] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1735.978228] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000005 [ 1735.985506] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:05 executing program 3 (fault-call:2 fault-nth:11): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:05 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hf\"\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1736.014086] Dev loop4: unable to read RDB block 1 [ 1736.019748] loop4: unable to read partition table [ 1736.026087] loop4: partition table beyond EOD, truncated [ 1736.032733] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1736.166520] FAULT_INJECTION: forcing a failure. [ 1736.166520] name failslab, interval 1, probability 0, space 0, times 0 [ 1736.183186] CPU: 1 PID: 11102 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1736.190156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1736.199555] Call Trace: [ 1736.199583] dump_stack+0x1d3/0x2c6 [ 1736.199611] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1736.199644] should_fail.cold.4+0xa/0x17 [ 1736.199678] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1736.199717] ? pick_next_task_fair+0xa05/0x1b40 [ 1736.199739] ? rcu_read_lock_sched_held+0x108/0x120 [ 1736.199762] ? __lock_is_held+0xb5/0x140 [ 1736.199781] ? graph_lock+0x270/0x270 [ 1736.199804] ? print_usage_bug+0xc0/0xc0 [ 1736.215256] ? find_held_lock+0x36/0x1c0 [ 1736.215279] ? __lock_is_held+0xb5/0x140 [ 1736.215352] ? kvm_apic_write_nodecode+0x138/0x1a0 [ 1736.215379] ? ___might_sleep+0x1ed/0x300 [ 1736.259237] ? arch_local_save_flags+0x40/0x40 [ 1736.263858] __should_failslab+0x124/0x180 [ 1736.268110] should_failslab+0x9/0x14 [ 1736.271922] kmem_cache_alloc+0x2be/0x730 [ 1736.276093] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 1736.281130] __kernfs_new_node+0x127/0x8d0 [ 1736.285370] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1736.290837] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 1736.295626] ? _raw_spin_unlock_irq+0x60/0x80 [ 1736.300142] ? __schedule+0x150b/0x1ed0 [ 1736.304149] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 1736.309270] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 1736.314372] ? graph_lock+0x270/0x270 [ 1736.318165] ? graph_lock+0x270/0x270 [ 1736.321974] ? enqueue_task_fair+0x24d/0xa50 [ 1736.326394] ? find_held_lock+0x36/0x1c0 [ 1736.330467] kernfs_new_node+0x95/0x120 [ 1736.334433] kernfs_create_dir_ns+0x4d/0x160 [ 1736.338875] internal_create_group+0x5fc/0xd80 [ 1736.343477] ? remove_files.isra.1+0x190/0x190 [ 1736.348058] ? up_write+0x7b/0x220 [ 1736.351589] ? down_write_nested+0x130/0x130 [ 1736.355989] ? down_read+0x120/0x120 [ 1736.359704] sysfs_create_group+0x1f/0x30 [ 1736.363878] lo_ioctl+0x1307/0x1d60 [ 1736.367500] ? lo_rw_aio_complete+0x470/0x470 [ 1736.372004] blkdev_ioctl+0xd8a/0x21b0 [ 1736.375899] ? blkpg_ioctl+0xc10/0xc10 [ 1736.379790] ? avc_ss_reset+0x190/0x190 [ 1736.383769] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1736.388707] ? kasan_check_read+0x11/0x20 [ 1736.392848] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1736.398296] ? rcu_softirq_qs+0x20/0x20 [ 1736.402276] ? ___might_sleep+0x1ed/0x300 [ 1736.406426] ? arch_local_save_flags+0x40/0x40 [ 1736.411029] block_ioctl+0xee/0x130 [ 1736.414681] ? blkdev_fallocate+0x400/0x400 [ 1736.419034] do_vfs_ioctl+0x1de/0x1790 [ 1736.422945] ? ioctl_preallocate+0x300/0x300 [ 1736.427372] ? selinux_file_mprotect+0x620/0x620 [ 1736.432136] ? rcu_read_lock_sched_held+0x108/0x120 [ 1736.437137] ? kmem_cache_free+0x1db/0x290 [ 1736.441367] ? putname+0xf7/0x130 [ 1736.444821] ? do_syscall_64+0x9a/0x820 [ 1736.448815] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1736.454366] ? security_file_ioctl+0x94/0xc0 [ 1736.458794] ksys_ioctl+0xa9/0xd0 [ 1736.462260] __x64_sys_ioctl+0x73/0xb0 [ 1736.466201] do_syscall_64+0x1b9/0x820 [ 1736.470118] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1736.475510] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1736.480447] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1736.485283] ? trace_hardirqs_on_caller+0x310/0x310 [ 1736.490288] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1736.495313] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1736.500329] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1736.505183] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1736.510377] RIP: 0033:0x4575c7 [ 1736.513579] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1736.532477] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1736.540169] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004575c7 [ 1736.547474] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1736.554746] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1736.562002] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1736.569257] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1736.581786] Dev loop4: unable to read RDB block 1 [ 1736.587165] loop4: unable to read partition table [ 1736.600273] hfs: invalid session number or type of track [ 1736.607121] loop4: partition table beyond EOD, truncated 03:39:05 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0xffffff8d, 0x0) [ 1736.621980] hfs: can't find a HFS filesystem on dev loop3 [ 1736.627777] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:05 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff6000000000001fc", 0x35, 0x1c0}]) 03:39:05 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hf*\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:05 executing program 3 (fault-call:2 fault-nth:12): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1736.803601] FAULT_INJECTION: forcing a failure. [ 1736.803601] name failslab, interval 1, probability 0, space 0, times 0 [ 1736.829404] CPU: 0 PID: 11131 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1736.836373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1736.845754] Call Trace: [ 1736.848389] dump_stack+0x1d3/0x2c6 [ 1736.852026] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1736.857216] ? radix_tree_tag_set+0x3d0/0x3d0 [ 1736.861713] should_fail.cold.4+0xa/0x17 [ 1736.865767] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1736.870898] ? kernfs_activate+0x8e/0x2c0 [ 1736.875065] ? graph_lock+0x270/0x270 [ 1736.878871] ? lock_release+0xa00/0xa00 [ 1736.882846] ? arch_local_save_flags+0x40/0x40 [ 1736.887439] ? find_held_lock+0x36/0x1c0 [ 1736.891510] ? __lock_is_held+0xb5/0x140 [ 1736.895586] ? ___might_sleep+0x1ed/0x300 [ 1736.899754] ? arch_local_save_flags+0x40/0x40 [ 1736.904353] ? find_held_lock+0x36/0x1c0 [ 1736.908425] __should_failslab+0x124/0x180 [ 1736.912704] should_failslab+0x9/0x14 [ 1736.916507] kmem_cache_alloc+0x2be/0x730 [ 1736.920658] ? find_held_lock+0x36/0x1c0 [ 1736.924756] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 1736.929794] __kernfs_new_node+0x127/0x8d0 [ 1736.934040] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 1736.938799] ? kasan_check_write+0x14/0x20 [ 1736.943056] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 1736.948016] ? __kernfs_new_node+0x697/0x8d0 [ 1736.952445] ? wait_for_completion+0x8a0/0x8a0 [ 1736.957038] ? graph_lock+0x270/0x270 [ 1736.960845] ? kasan_check_write+0x14/0x20 [ 1736.965103] ? __lock_is_held+0xb5/0x140 [ 1736.969168] ? wait_for_completion+0x8a0/0x8a0 [ 1736.973763] ? mutex_unlock+0xd/0x10 [ 1736.977476] ? kernfs_activate+0x21a/0x2c0 [ 1736.981732] kernfs_new_node+0x95/0x120 [ 1736.985715] __kernfs_create_file+0x5a/0x340 [ 1736.990131] sysfs_add_file_mode_ns+0x222/0x530 [ 1736.994834] internal_create_group+0x3df/0xd80 [ 1736.999444] ? remove_files.isra.1+0x190/0x190 [ 1737.004026] ? up_write+0x7b/0x220 [ 1737.007574] ? down_write_nested+0x130/0x130 [ 1737.011981] ? down_read+0x120/0x120 [ 1737.015719] sysfs_create_group+0x1f/0x30 [ 1737.019905] lo_ioctl+0x1307/0x1d60 [ 1737.023553] ? lo_rw_aio_complete+0x470/0x470 [ 1737.028050] blkdev_ioctl+0xd8a/0x21b0 [ 1737.031943] ? blkpg_ioctl+0xc10/0xc10 [ 1737.035864] ? avc_ss_reset+0x190/0x190 [ 1737.039847] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1737.044775] ? kasan_check_read+0x11/0x20 [ 1737.048924] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1737.054218] ? rcu_softirq_qs+0x20/0x20 [ 1737.058220] ? ___might_sleep+0x1ed/0x300 [ 1737.062375] ? arch_local_save_flags+0x40/0x40 [ 1737.066974] block_ioctl+0xee/0x130 [ 1737.070603] ? blkdev_fallocate+0x400/0x400 [ 1737.074928] do_vfs_ioctl+0x1de/0x1790 [ 1737.078829] ? ioctl_preallocate+0x300/0x300 [ 1737.083244] ? selinux_file_mprotect+0x620/0x620 [ 1737.088006] ? rcu_read_lock_sched_held+0x108/0x120 [ 1737.093024] ? kmem_cache_free+0x1db/0x290 [ 1737.097289] ? putname+0xf7/0x130 [ 1737.100783] ? do_syscall_64+0x9a/0x820 [ 1737.104790] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1737.110342] ? security_file_ioctl+0x94/0xc0 [ 1737.114757] ksys_ioctl+0xa9/0xd0 [ 1737.118216] __x64_sys_ioctl+0x73/0xb0 [ 1737.122109] do_syscall_64+0x1b9/0x820 [ 1737.125998] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1737.131364] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1737.136299] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1737.141147] ? trace_hardirqs_on_caller+0x310/0x310 [ 1737.146167] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1737.151189] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1737.156216] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1737.161073] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1737.166267] RIP: 0033:0x4575c7 [ 1737.169498] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1737.188429] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1737.196138] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004575c7 [ 1737.203401] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1737.210681] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1737.217950] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1737.225221] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1737.245763] hfs: invalid session number or type of track 03:39:06 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, 0x0, 0x0, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:06 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1737.251233] hfs: can't find a HFS filesystem on dev loop3 [ 1737.259934] Dev loop4: unable to read RDB block 1 [ 1737.275994] loop4: unable to read partition table [ 1737.289270] loop4: partition table beyond EOD, truncated [ 1737.296171] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:06 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfc\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:06 executing program 3 (fault-call:2 fault-nth:13): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:06 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0xfffffff0, 0x0) [ 1737.479326] Dev loop4: unable to read RDB block 1 [ 1737.487044] loop4: unable to read partition table [ 1737.503351] loop4: partition table beyond EOD, truncated [ 1737.520807] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:06 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff60000007fffffff", 0x35, 0x1c0}]) [ 1737.592922] FAULT_INJECTION: forcing a failure. [ 1737.592922] name failslab, interval 1, probability 0, space 0, times 0 [ 1737.606813] CPU: 0 PID: 11166 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1737.613777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1737.623133] Call Trace: [ 1737.625732] dump_stack+0x1d3/0x2c6 [ 1737.629391] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1737.634599] should_fail.cold.4+0xa/0x17 [ 1737.638685] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1737.643803] ? lock_release+0xa00/0xa00 [ 1737.647776] ? arch_local_save_flags+0x40/0x40 [ 1737.652371] ? graph_lock+0x270/0x270 [ 1737.656196] ? find_held_lock+0x36/0x1c0 [ 1737.660278] ? __lock_is_held+0xb5/0x140 [ 1737.664344] ? ___might_sleep+0x1ed/0x300 [ 1737.668490] ? arch_local_save_flags+0x40/0x40 [ 1737.673073] ? kernfs_activate+0x21a/0x2c0 [ 1737.677335] __should_failslab+0x124/0x180 [ 1737.681601] should_failslab+0x9/0x14 [ 1737.685408] kmem_cache_alloc+0x2be/0x730 [ 1737.689562] ? lock_downgrade+0x900/0x900 [ 1737.693718] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 1737.698746] __kernfs_new_node+0x127/0x8d0 [ 1737.702989] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 1737.707749] ? graph_lock+0x270/0x270 [ 1737.711580] ? __lock_is_held+0xb5/0x140 [ 1737.715641] ? wait_for_completion+0x8a0/0x8a0 [ 1737.720251] ? mutex_unlock+0xd/0x10 [ 1737.723976] ? kernfs_activate+0x21a/0x2c0 [ 1737.728215] ? kernfs_walk_and_get_ns+0x340/0x340 [ 1737.733062] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1737.738631] ? kernfs_link_sibling+0x1d2/0x3b0 [ 1737.743247] kernfs_new_node+0x95/0x120 [ 1737.747226] __kernfs_create_file+0x5a/0x340 [ 1737.751638] sysfs_add_file_mode_ns+0x222/0x530 [ 1737.756347] internal_create_group+0x3df/0xd80 [ 1737.760951] ? remove_files.isra.1+0x190/0x190 [ 1737.765534] ? up_write+0x7b/0x220 [ 1737.769095] ? down_write_nested+0x130/0x130 [ 1737.773517] ? down_read+0x120/0x120 [ 1737.777248] sysfs_create_group+0x1f/0x30 [ 1737.781402] lo_ioctl+0x1307/0x1d60 [ 1737.785041] ? lo_rw_aio_complete+0x470/0x470 [ 1737.789537] blkdev_ioctl+0xd8a/0x21b0 [ 1737.793435] ? blkpg_ioctl+0xc10/0xc10 [ 1737.797326] ? avc_ss_reset+0x190/0x190 [ 1737.801309] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1737.806241] ? kasan_check_read+0x11/0x20 [ 1737.810437] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1737.815729] ? rcu_softirq_qs+0x20/0x20 [ 1737.819747] ? ___might_sleep+0x1ed/0x300 [ 1737.823915] ? arch_local_save_flags+0x40/0x40 [ 1737.828511] block_ioctl+0xee/0x130 [ 1737.832185] ? blkdev_fallocate+0x400/0x400 [ 1737.836528] do_vfs_ioctl+0x1de/0x1790 [ 1737.840434] ? ioctl_preallocate+0x300/0x300 [ 1737.844846] ? selinux_file_mprotect+0x620/0x620 [ 1737.849623] ? rcu_read_lock_sched_held+0x108/0x120 [ 1737.854642] ? kmem_cache_free+0x1db/0x290 [ 1737.858892] ? putname+0xf7/0x130 [ 1737.862352] ? do_syscall_64+0x9a/0x820 [ 1737.866337] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1737.871878] ? security_file_ioctl+0x94/0xc0 [ 1737.876295] ksys_ioctl+0xa9/0xd0 [ 1737.879754] __x64_sys_ioctl+0x73/0xb0 [ 1737.883648] do_syscall_64+0x1b9/0x820 [ 1737.887551] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1737.892919] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1737.897852] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1737.902709] ? trace_hardirqs_on_caller+0x310/0x310 [ 1737.907728] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1737.912749] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1737.917776] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1737.922632] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1737.927833] RIP: 0033:0x4575c7 [ 1737.931030] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1737.949932] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1737.957655] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004575c7 [ 1737.964949] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1737.972215] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1737.979485] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1737.986752] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:07 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfu\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1738.005693] hfs: invalid session number or type of track [ 1738.011164] hfs: can't find a HFS filesystem on dev loop3 03:39:07 executing program 3 (fault-call:2 fault-nth:14): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1738.133350] Dev loop4: unable to read RDB block 1 [ 1738.138354] loop4: unable to read partition table [ 1738.147621] loop4: partition table beyond EOD, truncated [ 1738.153567] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:07 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r0 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r1 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r1, 0x1000000) sendfile(r0, r1, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r0) ioctl$VIDIOC_S_FREQUENCY(r0, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r1, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(0xffffffffffffffff, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0) r2 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r2, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:07 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040), 0x0, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1738.245958] FAULT_INJECTION: forcing a failure. [ 1738.245958] name failslab, interval 1, probability 0, space 0, times 0 [ 1738.269167] CPU: 0 PID: 11188 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1738.276125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1738.285493] Call Trace: [ 1738.288090] dump_stack+0x1d3/0x2c6 [ 1738.291739] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1738.296948] should_fail.cold.4+0xa/0x17 [ 1738.301018] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1738.306133] ? lock_release+0xa00/0xa00 [ 1738.310137] ? arch_local_save_flags+0x40/0x40 [ 1738.314730] ? graph_lock+0x270/0x270 [ 1738.318558] ? find_held_lock+0x36/0x1c0 [ 1738.322628] ? __lock_is_held+0xb5/0x140 [ 1738.326718] ? ___might_sleep+0x1ed/0x300 [ 1738.330865] ? arch_local_save_flags+0x40/0x40 [ 1738.335447] ? kernfs_activate+0x21a/0x2c0 [ 1738.339705] __should_failslab+0x124/0x180 [ 1738.343949] should_failslab+0x9/0x14 [ 1738.347756] kmem_cache_alloc+0x2be/0x730 [ 1738.351906] ? lock_downgrade+0x900/0x900 [ 1738.356093] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 1738.361113] __kernfs_new_node+0x127/0x8d0 [ 1738.365355] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 1738.370113] ? graph_lock+0x270/0x270 [ 1738.373939] ? __lock_is_held+0xb5/0x140 [ 1738.378033] ? wait_for_completion+0x8a0/0x8a0 [ 1738.382622] ? mutex_unlock+0xd/0x10 [ 1738.386336] ? kernfs_activate+0x21a/0x2c0 [ 1738.390572] ? kernfs_walk_and_get_ns+0x340/0x340 [ 1738.395861] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1738.401414] ? kernfs_link_sibling+0x1d2/0x3b0 [ 1738.406008] kernfs_new_node+0x95/0x120 [ 1738.410007] __kernfs_create_file+0x5a/0x340 [ 1738.414423] sysfs_add_file_mode_ns+0x222/0x530 [ 1738.419104] internal_create_group+0x3df/0xd80 [ 1738.423710] ? remove_files.isra.1+0x190/0x190 [ 1738.428293] ? up_write+0x7b/0x220 [ 1738.431835] ? down_write_nested+0x130/0x130 [ 1738.436247] ? down_read+0x120/0x120 [ 1738.439979] sysfs_create_group+0x1f/0x30 [ 1738.444129] lo_ioctl+0x1307/0x1d60 [ 1738.447764] ? lo_rw_aio_complete+0x470/0x470 [ 1738.452264] blkdev_ioctl+0xd8a/0x21b0 [ 1738.456154] ? blkpg_ioctl+0xc10/0xc10 [ 1738.460048] ? avc_ss_reset+0x190/0x190 [ 1738.464031] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1738.468964] ? kasan_check_read+0x11/0x20 [ 1738.473111] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1738.478391] ? rcu_softirq_qs+0x20/0x20 [ 1738.482391] ? ___might_sleep+0x1ed/0x300 [ 1738.486548] ? arch_local_save_flags+0x40/0x40 [ 1738.491143] block_ioctl+0xee/0x130 [ 1738.494772] ? blkdev_fallocate+0x400/0x400 [ 1738.499098] do_vfs_ioctl+0x1de/0x1790 [ 1738.502999] ? ioctl_preallocate+0x300/0x300 [ 1738.507414] ? selinux_file_mprotect+0x620/0x620 [ 1738.512181] ? rcu_read_lock_sched_held+0x108/0x120 [ 1738.517201] ? kmem_cache_free+0x1db/0x290 [ 1738.521438] ? putname+0xf7/0x130 [ 1738.524898] ? do_syscall_64+0x9a/0x820 [ 1738.528883] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1738.534422] ? security_file_ioctl+0x94/0xc0 [ 1738.538867] ksys_ioctl+0xa9/0xd0 [ 1738.542330] __x64_sys_ioctl+0x73/0xb0 [ 1738.546227] do_syscall_64+0x1b9/0x820 [ 1738.550119] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1738.555488] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1738.560419] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1738.565298] ? trace_hardirqs_on_caller+0x310/0x310 [ 1738.570316] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1738.575352] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1738.580392] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1738.585243] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1738.590429] RIP: 0033:0x4575c7 [ 1738.593622] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1738.612519] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1738.620228] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004575c7 [ 1738.627497] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1738.634766] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1738.642031] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1738.649299] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:07 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x40000, 0x0) 03:39:07 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hf#\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1738.735505] hfs: invalid session number or type of track [ 1738.762482] hfs: can't find a HFS filesystem on dev loop3 03:39:07 executing program 3 (fault-call:2 fault-nth:15): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1738.797778] Dev loop4: unable to read RDB block 1 [ 1738.804778] loop4: unable to read partition table [ 1738.811973] loop4: partition table beyond EOD, truncated [ 1738.817806] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:07 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff60000007a000001", 0x35, 0x1c0}]) [ 1738.949763] FAULT_INJECTION: forcing a failure. [ 1738.949763] name failslab, interval 1, probability 0, space 0, times 0 [ 1738.984837] CPU: 0 PID: 11219 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1738.991788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1739.001152] Call Trace: [ 1739.003751] dump_stack+0x1d3/0x2c6 [ 1739.007377] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1739.012573] should_fail.cold.4+0xa/0x17 [ 1739.016627] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1739.021749] ? lock_release+0xa00/0xa00 [ 1739.025738] ? arch_local_save_flags+0x40/0x40 [ 1739.030364] ? graph_lock+0x270/0x270 [ 1739.034194] ? find_held_lock+0x36/0x1c0 [ 1739.038273] ? __lock_is_held+0xb5/0x140 [ 1739.042357] ? ___might_sleep+0x1ed/0x300 [ 1739.046514] ? arch_local_save_flags+0x40/0x40 [ 1739.051113] ? kernfs_activate+0x21a/0x2c0 [ 1739.055374] __should_failslab+0x124/0x180 [ 1739.059627] should_failslab+0x9/0x14 [ 1739.063463] kmem_cache_alloc+0x2be/0x730 [ 1739.067626] ? lock_downgrade+0x900/0x900 [ 1739.071826] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 1739.076862] __kernfs_new_node+0x127/0x8d0 [ 1739.081128] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 1739.085900] ? graph_lock+0x270/0x270 [ 1739.089731] ? __lock_is_held+0xb5/0x140 [ 1739.093809] ? wait_for_completion+0x8a0/0x8a0 [ 1739.098417] ? mutex_unlock+0xd/0x10 [ 1739.102158] ? kernfs_activate+0x21a/0x2c0 [ 1739.106413] ? kernfs_walk_and_get_ns+0x340/0x340 [ 1739.111273] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1739.116824] ? kernfs_link_sibling+0x1d2/0x3b0 [ 1739.121429] kernfs_new_node+0x95/0x120 [ 1739.125453] __kernfs_create_file+0x5a/0x340 [ 1739.129880] sysfs_add_file_mode_ns+0x222/0x530 [ 1739.134608] internal_create_group+0x3df/0xd80 [ 1739.139218] ? remove_files.isra.1+0x190/0x190 [ 1739.143811] ? up_write+0x7b/0x220 [ 1739.147380] ? down_write_nested+0x130/0x130 [ 1739.151806] ? down_read+0x120/0x120 [ 1739.155549] sysfs_create_group+0x1f/0x30 [ 1739.159717] lo_ioctl+0x1307/0x1d60 [ 1739.163370] ? lo_rw_aio_complete+0x470/0x470 [ 1739.167887] blkdev_ioctl+0xd8a/0x21b0 [ 1739.171810] ? blkpg_ioctl+0xc10/0xc10 [ 1739.175714] ? avc_ss_reset+0x190/0x190 [ 1739.179723] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1739.184671] ? kasan_check_read+0x11/0x20 [ 1739.188849] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1739.194138] ? rcu_softirq_qs+0x20/0x20 [ 1739.198158] ? ___might_sleep+0x1ed/0x300 [ 1739.202320] ? arch_local_save_flags+0x40/0x40 [ 1739.206912] block_ioctl+0xee/0x130 [ 1739.210529] ? blkdev_fallocate+0x400/0x400 [ 1739.214857] do_vfs_ioctl+0x1de/0x1790 [ 1739.218755] ? ioctl_preallocate+0x300/0x300 [ 1739.223166] ? selinux_file_mprotect+0x620/0x620 [ 1739.227941] ? rcu_read_lock_sched_held+0x108/0x120 [ 1739.232961] ? kmem_cache_free+0x1db/0x290 [ 1739.237187] ? putname+0xf7/0x130 [ 1739.240633] ? do_syscall_64+0x9a/0x820 [ 1739.244605] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1739.250133] ? security_file_ioctl+0x94/0xc0 [ 1739.254534] ksys_ioctl+0xa9/0xd0 [ 1739.257977] __x64_sys_ioctl+0x73/0xb0 [ 1739.261852] do_syscall_64+0x1b9/0x820 [ 1739.265736] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1739.271097] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1739.276028] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1739.280860] ? trace_hardirqs_on_caller+0x310/0x310 [ 1739.285874] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1739.290909] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1739.295928] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1739.300767] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1739.305941] RIP: 0033:0x4575c7 [ 1739.309136] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1739.328085] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1739.335803] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004575c7 [ 1739.343074] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1739.350331] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1739.357592] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1739.364863] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1739.374805] hfs: invalid session number or type of track [ 1739.382037] hfs: can't find a HFS filesystem on dev loop3 [ 1739.390752] Dev loop4: unable to read RDB block 1 [ 1739.402327] loop4: unable to read partition table 03:39:08 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfd\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1739.422944] loop4: partition table beyond EOD, truncated [ 1739.429409] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:08 executing program 3 (fault-call:2 fault-nth:16): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:08 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:08 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1739.545264] Dev loop4: unable to read RDB block 1 [ 1739.558957] loop4: unable to read partition table [ 1739.592887] loop4: partition table beyond EOD, truncated [ 1739.601720] FAULT_INJECTION: forcing a failure. [ 1739.601720] name failslab, interval 1, probability 0, space 0, times 0 [ 1739.609390] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1739.646082] CPU: 0 PID: 11247 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1739.653030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1739.662390] Call Trace: [ 1739.664999] dump_stack+0x1d3/0x2c6 [ 1739.668650] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1739.673887] should_fail.cold.4+0xa/0x17 [ 1739.677969] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1739.683092] ? lock_release+0xa00/0xa00 [ 1739.687082] ? arch_local_save_flags+0x40/0x40 [ 1739.691702] ? graph_lock+0x270/0x270 03:39:08 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x800000000000000, 0x0) [ 1739.695542] ? find_held_lock+0x36/0x1c0 [ 1739.699622] ? __lock_is_held+0xb5/0x140 [ 1739.703753] ? ___might_sleep+0x1ed/0x300 [ 1739.707928] ? arch_local_save_flags+0x40/0x40 [ 1739.712528] ? kernfs_activate+0x21a/0x2c0 [ 1739.716793] __should_failslab+0x124/0x180 [ 1739.721044] should_failslab+0x9/0x14 [ 1739.724864] kmem_cache_alloc+0x2be/0x730 [ 1739.729028] ? lock_downgrade+0x900/0x900 [ 1739.733192] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 1739.738211] __kernfs_new_node+0x127/0x8d0 [ 1739.742461] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 1739.747229] ? graph_lock+0x270/0x270 [ 1739.751040] ? __lock_is_held+0xb5/0x140 [ 1739.755098] ? wait_for_completion+0x8a0/0x8a0 [ 1739.759684] ? mutex_unlock+0xd/0x10 [ 1739.763388] ? kernfs_activate+0x21a/0x2c0 [ 1739.767610] ? kernfs_walk_and_get_ns+0x340/0x340 [ 1739.772443] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1739.778007] ? kernfs_link_sibling+0x1d2/0x3b0 [ 1739.782616] kernfs_new_node+0x95/0x120 [ 1739.786634] __kernfs_create_file+0x5a/0x340 [ 1739.791083] sysfs_add_file_mode_ns+0x222/0x530 [ 1739.795763] internal_create_group+0x3df/0xd80 [ 1739.800343] ? remove_files.isra.1+0x190/0x190 [ 1739.804910] ? up_write+0x7b/0x220 [ 1739.808451] ? down_write_nested+0x130/0x130 [ 1739.812869] ? down_read+0x120/0x120 [ 1739.816589] sysfs_create_group+0x1f/0x30 [ 1739.820737] lo_ioctl+0x1307/0x1d60 [ 1739.824381] ? lo_rw_aio_complete+0x470/0x470 [ 1739.828892] blkdev_ioctl+0xd8a/0x21b0 [ 1739.832782] ? blkpg_ioctl+0xc10/0xc10 [ 1739.836660] ? avc_ss_reset+0x190/0x190 [ 1739.840639] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1739.845571] ? kasan_check_read+0x11/0x20 [ 1739.849734] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1739.855019] ? rcu_softirq_qs+0x20/0x20 [ 1739.859006] ? ___might_sleep+0x1ed/0x300 [ 1739.863160] ? arch_local_save_flags+0x40/0x40 [ 1739.867781] block_ioctl+0xee/0x130 [ 1739.871408] ? blkdev_fallocate+0x400/0x400 [ 1739.875734] do_vfs_ioctl+0x1de/0x1790 [ 1739.879638] ? ioctl_preallocate+0x300/0x300 [ 1739.884029] ? selinux_file_mprotect+0x620/0x620 [ 1739.888791] ? rcu_read_lock_sched_held+0x108/0x120 [ 1739.893818] ? kmem_cache_free+0x1db/0x290 [ 1739.898065] ? putname+0xf7/0x130 [ 1739.901523] ? do_syscall_64+0x9a/0x820 [ 1739.905507] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1739.911066] ? security_file_ioctl+0x94/0xc0 [ 1739.915514] ksys_ioctl+0xa9/0xd0 [ 1739.918976] __x64_sys_ioctl+0x73/0xb0 [ 1739.922866] do_syscall_64+0x1b9/0x820 [ 1739.926756] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1739.932121] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1739.937039] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1739.941904] ? trace_hardirqs_on_caller+0x310/0x310 [ 1739.946916] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1739.951937] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1739.956971] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1739.961836] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1739.967027] RIP: 0033:0x4575c7 [ 1739.970234] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1739.989155] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 03:39:09 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff6000000e0ff0001", 0x35, 0x1c0}]) [ 1739.996848] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004575c7 [ 1740.004101] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1740.011366] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1740.018636] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1740.025898] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1740.109517] hfs: invalid session number or type of track [ 1740.127044] hfs: can't find a HFS filesystem on dev loop3 03:39:09 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfo\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:09 executing program 3 (fault-call:2 fault-nth:17): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1740.263694] Dev loop4: unable to read RDB block 1 [ 1740.272763] loop4: unable to read partition table [ 1740.278147] FAULT_INJECTION: forcing a failure. [ 1740.278147] name failslab, interval 1, probability 0, space 0, times 0 [ 1740.290488] CPU: 0 PID: 11278 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1740.297432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1740.300421] loop4: partition table beyond EOD, truncated [ 1740.306787] Call Trace: [ 1740.306813] dump_stack+0x1d3/0x2c6 [ 1740.306838] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1740.306871] should_fail.cold.4+0xa/0x17 [ 1740.306896] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1740.306922] ? lock_release+0xa00/0xa00 [ 1740.316621] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1740.318561] ? arch_local_save_flags+0x40/0x40 [ 1740.318589] ? graph_lock+0x270/0x270 [ 1740.318632] ? find_held_lock+0x36/0x1c0 [ 1740.318653] ? __lock_is_held+0xb5/0x140 [ 1740.318699] ? ___might_sleep+0x1ed/0x300 [ 1740.364843] ? arch_local_save_flags+0x40/0x40 [ 1740.369485] ? kernfs_activate+0x21a/0x2c0 [ 1740.373760] __should_failslab+0x124/0x180 [ 1740.378000] should_failslab+0x9/0x14 [ 1740.381801] kmem_cache_alloc+0x2be/0x730 [ 1740.385953] ? lock_downgrade+0x900/0x900 [ 1740.390095] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 1740.395340] __kernfs_new_node+0x127/0x8d0 [ 1740.399566] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 1740.404313] ? graph_lock+0x270/0x270 [ 1740.408114] ? __lock_is_held+0xb5/0x140 [ 1740.412165] ? wait_for_completion+0x8a0/0x8a0 [ 1740.416773] ? mutex_unlock+0xd/0x10 [ 1740.420513] ? kernfs_activate+0x21a/0x2c0 [ 1740.424765] ? kernfs_walk_and_get_ns+0x340/0x340 [ 1740.429601] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1740.435141] ? kernfs_link_sibling+0x1d2/0x3b0 [ 1740.439741] kernfs_new_node+0x95/0x120 [ 1740.443730] __kernfs_create_file+0x5a/0x340 [ 1740.448142] sysfs_add_file_mode_ns+0x222/0x530 [ 1740.452833] internal_create_group+0x3df/0xd80 [ 1740.457443] ? remove_files.isra.1+0x190/0x190 [ 1740.462038] ? up_write+0x7b/0x220 [ 1740.465578] ? down_write_nested+0x130/0x130 [ 1740.469980] ? down_read+0x120/0x120 [ 1740.473736] sysfs_create_group+0x1f/0x30 [ 1740.477890] lo_ioctl+0x1307/0x1d60 [ 1740.481526] ? lo_rw_aio_complete+0x470/0x470 [ 1740.486008] blkdev_ioctl+0xd8a/0x21b0 [ 1740.489882] ? blkpg_ioctl+0xc10/0xc10 [ 1740.493788] ? avc_ss_reset+0x190/0x190 [ 1740.497780] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1740.502703] ? kasan_check_read+0x11/0x20 [ 1740.506849] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1740.512151] ? rcu_softirq_qs+0x20/0x20 [ 1740.516140] ? ___might_sleep+0x1ed/0x300 [ 1740.520285] ? arch_local_save_flags+0x40/0x40 [ 1740.524885] block_ioctl+0xee/0x130 [ 1740.528649] ? blkdev_fallocate+0x400/0x400 [ 1740.533002] do_vfs_ioctl+0x1de/0x1790 [ 1740.536914] ? ioctl_preallocate+0x300/0x300 [ 1740.541338] ? selinux_file_mprotect+0x620/0x620 [ 1740.546132] ? rcu_read_lock_sched_held+0x108/0x120 [ 1740.551134] ? kmem_cache_free+0x1db/0x290 [ 1740.555372] ? putname+0xf7/0x130 [ 1740.558816] ? do_syscall_64+0x9a/0x820 [ 1740.562810] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1740.568357] ? security_file_ioctl+0x94/0xc0 [ 1740.572770] ksys_ioctl+0xa9/0xd0 [ 1740.576210] __x64_sys_ioctl+0x73/0xb0 [ 1740.580085] do_syscall_64+0x1b9/0x820 [ 1740.583971] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1740.589334] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1740.594256] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1740.599100] ? trace_hardirqs_on_caller+0x310/0x310 [ 1740.604114] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1740.609125] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1740.614145] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1740.618977] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1740.624161] RIP: 0033:0x4575c7 [ 1740.627359] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1740.646256] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1740.653955] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004575c7 03:39:09 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000200001", 0x35, 0x1c0}]) 03:39:09 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1740.661209] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1740.668474] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1740.675744] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1740.683023] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:09 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:09 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x3f00000000000000, 0x0) [ 1740.763239] hfs: invalid session number or type of track [ 1740.783492] hfs: can't find a HFS filesystem on dev loop3 [ 1740.823562] Dev loop4: unable to read RDB block 1 [ 1740.842615] loop4: unable to read partition table 03:39:09 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfx\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1740.863780] loop4: partition table beyond EOD, truncated [ 1740.879901] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:09 executing program 3 (fault-call:2 fault-nth:18): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1741.003500] Dev loop4: unable to read RDB block 1 [ 1741.008810] FAULT_INJECTION: forcing a failure. [ 1741.008810] name failslab, interval 1, probability 0, space 0, times 0 [ 1741.009839] loop4: unable to read partition table [ 1741.021092] CPU: 1 PID: 11315 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1741.032194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1741.041550] Call Trace: [ 1741.044159] dump_stack+0x1d3/0x2c6 [ 1741.046792] loop4: partition table beyond EOD, truncated [ 1741.047812] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1741.047832] ? is_bpf_text_address+0xd3/0x170 [ 1741.047857] should_fail.cold.4+0xa/0x17 [ 1741.047879] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1741.053939] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1741.058520] ? graph_lock+0x270/0x270 [ 1741.058550] ? save_stack+0x43/0xd0 [ 1741.058564] ? kasan_kmalloc+0xc7/0xe0 [ 1741.058580] ? kmem_cache_alloc_trace+0x152/0x750 [ 1741.058598] ? kobject_uevent_env+0x2f3/0x101e [ 1741.100141] ? kobject_uevent+0x1f/0x24 [ 1741.104118] ? lo_ioctl+0x1385/0x1d60 [ 1741.107933] ? find_held_lock+0x36/0x1c0 [ 1741.112001] ? __lock_is_held+0xb5/0x140 [ 1741.116089] ? ___might_sleep+0x1ed/0x300 [ 1741.120238] ? arch_local_save_flags+0x40/0x40 [ 1741.124841] __should_failslab+0x124/0x180 [ 1741.129082] should_failslab+0x9/0x14 [ 1741.132904] __kmalloc+0x2e0/0x770 [ 1741.136451] ? kobject_uevent_env+0x2f3/0x101e [ 1741.141038] ? rcu_read_lock_sched_held+0x108/0x120 [ 1741.146059] ? kobject_get_path+0xc2/0x1b0 [ 1741.150296] ? kmem_cache_alloc_trace+0x353/0x750 [ 1741.155140] kobject_get_path+0xc2/0x1b0 [ 1741.159206] kobject_uevent_env+0x314/0x101e [ 1741.163624] kobject_uevent+0x1f/0x24 [ 1741.167438] lo_ioctl+0x1385/0x1d60 [ 1741.171077] ? lo_rw_aio_complete+0x470/0x470 [ 1741.175582] blkdev_ioctl+0xd8a/0x21b0 [ 1741.179472] ? blkpg_ioctl+0xc10/0xc10 [ 1741.183361] ? avc_ss_reset+0x190/0x190 [ 1741.187342] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1741.192271] ? kasan_check_read+0x11/0x20 [ 1741.196423] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1741.201707] ? rcu_softirq_qs+0x20/0x20 [ 1741.205726] ? ___might_sleep+0x1ed/0x300 [ 1741.209876] ? arch_local_save_flags+0x40/0x40 [ 1741.214472] block_ioctl+0xee/0x130 [ 1741.218104] ? blkdev_fallocate+0x400/0x400 [ 1741.222431] do_vfs_ioctl+0x1de/0x1790 [ 1741.226328] ? ioctl_preallocate+0x300/0x300 [ 1741.230745] ? selinux_file_mprotect+0x620/0x620 [ 1741.235507] ? rcu_read_lock_sched_held+0x108/0x120 [ 1741.240524] ? kmem_cache_free+0x1db/0x290 [ 1741.244769] ? putname+0xf7/0x130 [ 1741.248229] ? do_syscall_64+0x9a/0x820 [ 1741.252216] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1741.257757] ? security_file_ioctl+0x94/0xc0 [ 1741.262170] ksys_ioctl+0xa9/0xd0 [ 1741.265638] __x64_sys_ioctl+0x73/0xb0 [ 1741.269549] do_syscall_64+0x1b9/0x820 [ 1741.273439] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1741.278812] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1741.283743] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1741.288597] ? trace_hardirqs_on_caller+0x310/0x310 [ 1741.293617] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1741.298642] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1741.303685] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1741.308542] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1741.313734] RIP: 0033:0x4575c7 [ 1741.316928] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1741.335831] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1741.343541] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004575c7 [ 1741.350807] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1741.358088] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1741.365369] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1741.372647] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:10 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000070001", 0x35, 0x1c0}]) [ 1741.424695] hfs: invalid session number or type of track [ 1741.431123] hfs: can't find a HFS filesystem on dev loop3 03:39:10 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hf.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:10 executing program 3 (fault-call:2 fault-nth:19): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1741.582916] Dev loop4: unable to read RDB block 1 [ 1741.587848] loop4: unable to read partition table [ 1741.602238] loop4: partition table beyond EOD, truncated [ 1741.651544] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1741.674980] FAULT_INJECTION: forcing a failure. [ 1741.674980] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1741.686802] CPU: 0 PID: 11337 Comm: syz-executor3 Not tainted 4.20.0 #167 03:39:10 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x8dffffff00000000, 0x0) 03:39:10 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1741.693736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1741.703100] Call Trace: [ 1741.705750] dump_stack+0x1d3/0x2c6 [ 1741.709405] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1741.714631] ? up+0xea/0x1c0 [ 1741.717703] ? lock_downgrade+0x900/0x900 [ 1741.721883] should_fail.cold.4+0xa/0x17 [ 1741.725953] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1741.725976] ? mark_held_locks+0xc7/0x130 [ 1741.725991] ? lock_downgrade+0x900/0x900 [ 1741.726017] ? mark_held_locks+0x130/0x130 [ 1741.743621] ? vprintk_emit+0x39c/0x990 [ 1741.747611] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1741.753086] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1741.758645] ? llist_add_batch+0x106/0x170 [ 1741.762918] ? check_preemption_disabled+0x48/0x280 [ 1741.767963] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1741.773510] ? should_fail+0x22d/0xd01 [ 1741.777439] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1741.782994] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1741.788112] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1741.793693] ? wake_up_klogd+0x11a/0x180 [ 1741.797777] __alloc_pages_nodemask+0x366/0xea0 [ 1741.802477] ? __down_trylock_console_sem+0x155/0x200 [ 1741.807715] ? __alloc_pages_slowpath+0x2df0/0x2df0 [ 1741.812731] ? vprintk_emit+0x297/0x990 [ 1741.816720] ? find_held_lock+0x36/0x1c0 [ 1741.820789] ? ___might_sleep+0x1ed/0x300 [ 1741.824924] ? trace_hardirqs_off+0xb8/0x310 [ 1741.829340] cache_grow_begin+0x91/0x8c0 [ 1741.833394] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1741.838943] ? check_preemption_disabled+0x48/0x280 [ 1741.843982] kmem_cache_alloc_trace+0x67e/0x750 [ 1741.848692] kobject_uevent_env+0x2f3/0x101e [ 1741.853123] kobject_uevent+0x1f/0x24 [ 1741.856929] lo_ioctl+0x1385/0x1d60 [ 1741.860573] ? lo_rw_aio_complete+0x470/0x470 [ 1741.865058] blkdev_ioctl+0xd8a/0x21b0 [ 1741.868938] ? blkpg_ioctl+0xc10/0xc10 [ 1741.872815] ? avc_ss_reset+0x190/0x190 [ 1741.876779] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1741.881700] ? kasan_check_read+0x11/0x20 [ 1741.885834] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1741.891100] ? rcu_softirq_qs+0x20/0x20 [ 1741.895079] ? ___might_sleep+0x1ed/0x300 [ 1741.899232] ? arch_local_save_flags+0x40/0x40 [ 1741.903823] block_ioctl+0xee/0x130 [ 1741.907437] ? blkdev_fallocate+0x400/0x400 [ 1741.911759] do_vfs_ioctl+0x1de/0x1790 [ 1741.915691] ? ioctl_preallocate+0x300/0x300 [ 1741.920090] ? selinux_file_mprotect+0x620/0x620 [ 1741.924839] ? rcu_read_lock_sched_held+0x108/0x120 [ 1741.929841] ? kmem_cache_free+0x1db/0x290 [ 1741.934079] ? putname+0xf7/0x130 [ 1741.937559] ? do_syscall_64+0x9a/0x820 [ 1741.941541] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1741.947081] ? security_file_ioctl+0x94/0xc0 [ 1741.951478] ksys_ioctl+0xa9/0xd0 [ 1741.954919] __x64_sys_ioctl+0x73/0xb0 [ 1741.958795] do_syscall_64+0x1b9/0x820 [ 1741.962683] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1741.968068] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1741.973008] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1741.977839] ? trace_hardirqs_on_caller+0x310/0x310 [ 1741.982884] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1741.987904] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1741.992913] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1741.997758] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1742.002948] RIP: 0033:0x4575c7 [ 1742.006136] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1742.025027] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1742.032738] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004575c7 [ 1742.039993] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 03:39:11 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1742.047247] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1742.054516] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1742.061772] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1742.072345] hfs: invalid session number or type of track [ 1742.082584] hfs: can't find a HFS filesystem on dev loop3 03:39:11 executing program 3 (fault-call:2 fault-nth:20): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:11 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hf+\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1742.163659] Dev loop4: unable to read RDB block 1 [ 1742.169922] loop4: unable to read partition table [ 1742.181929] loop4: partition table beyond EOD, truncated [ 1742.235832] FAULT_INJECTION: forcing a failure. [ 1742.235832] name failslab, interval 1, probability 0, space 0, times 0 [ 1742.244297] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1742.257015] CPU: 0 PID: 11360 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1742.263959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1742.273314] Call Trace: [ 1742.275922] dump_stack+0x1d3/0x2c6 [ 1742.279578] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1742.284808] ? is_bpf_text_address+0xd3/0x170 [ 1742.289333] should_fail.cold.4+0xa/0x17 [ 1742.293448] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1742.298572] ? graph_lock+0x270/0x270 [ 1742.302377] ? save_stack+0x43/0xd0 [ 1742.306035] ? kasan_kmalloc+0xc7/0xe0 [ 1742.309926] ? kmem_cache_alloc_trace+0x152/0x750 [ 1742.314767] ? kobject_uevent_env+0x2f3/0x101e [ 1742.319344] ? kobject_uevent+0x1f/0x24 [ 1742.323314] ? lo_ioctl+0x1385/0x1d60 [ 1742.327139] ? find_held_lock+0x36/0x1c0 [ 1742.331209] ? __lock_is_held+0xb5/0x140 [ 1742.335282] ? ___might_sleep+0x1ed/0x300 [ 1742.339436] ? arch_local_save_flags+0x40/0x40 [ 1742.344048] __should_failslab+0x124/0x180 [ 1742.348285] should_failslab+0x9/0x14 [ 1742.352087] __kmalloc+0x2e0/0x770 [ 1742.355629] ? kobject_uevent_env+0x2f3/0x101e [ 1742.360242] ? rcu_read_lock_sched_held+0x108/0x120 [ 1742.365273] ? kobject_get_path+0xc2/0x1b0 [ 1742.369506] ? kmem_cache_alloc_trace+0x353/0x750 [ 1742.374369] kobject_get_path+0xc2/0x1b0 [ 1742.378459] kobject_uevent_env+0x314/0x101e [ 1742.382884] kobject_uevent+0x1f/0x24 [ 1742.386694] lo_ioctl+0x1385/0x1d60 [ 1742.390415] ? lo_rw_aio_complete+0x470/0x470 [ 1742.395428] blkdev_ioctl+0xd8a/0x21b0 [ 1742.399319] ? blkpg_ioctl+0xc10/0xc10 [ 1742.403209] ? avc_ss_reset+0x190/0x190 [ 1742.407188] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1742.411947] ? lockdep_hardirqs_on+0x421/0x5c0 [ 1742.416530] ? retint_kernel+0x2d/0x2d [ 1742.420423] ? trace_hardirqs_on_caller+0xc0/0x310 [ 1742.425360] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1742.430121] ? trace_hardirqs_off+0x310/0x310 [ 1742.434628] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1742.439388] ? ___might_sleep+0x1ed/0x300 [ 1742.443541] ? arch_local_save_flags+0x40/0x40 [ 1742.448123] ? retint_kernel+0x2d/0x2d [ 1742.452033] block_ioctl+0xee/0x130 [ 1742.455662] ? blkdev_fallocate+0x400/0x400 [ 1742.460003] do_vfs_ioctl+0x1de/0x1790 [ 1742.463903] ? ioctl_preallocate+0x300/0x300 [ 1742.468317] ? selinux_file_mprotect+0x620/0x620 [ 1742.473082] ? rcu_read_lock_sched_held+0x108/0x120 [ 1742.478102] ? kmem_cache_free+0x1db/0x290 [ 1742.482338] ? putname+0xf7/0x130 [ 1742.485799] ? do_syscall_64+0x9a/0x820 [ 1742.489782] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1742.495319] ? security_file_ioctl+0x94/0xc0 [ 1742.499736] ksys_ioctl+0xa9/0xd0 [ 1742.503198] __x64_sys_ioctl+0x73/0xb0 [ 1742.507089] do_syscall_64+0x1b9/0x820 [ 1742.510975] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1742.516359] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1742.521289] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1742.526263] ? trace_hardirqs_on_caller+0x310/0x310 [ 1742.531295] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1742.536316] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1742.541339] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1742.546190] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1742.551391] RIP: 0033:0x4575c7 [ 1742.554589] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1742.573486] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1742.581189] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004575c7 [ 1742.588458] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1742.595723] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1742.603002] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1742.610265] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1742.625781] hfs: invalid session number or type of track 03:39:11 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:11 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0xf0ffffff, 0x0) [ 1742.638283] hfs: can't find a HFS filesystem on dev loop3 03:39:11 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000074f40c5f", 0x35, 0x1c0}]) 03:39:11 executing program 3 (fault-call:2 fault-nth:21): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:11 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfi\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1742.870256] FAULT_INJECTION: forcing a failure. [ 1742.870256] name failslab, interval 1, probability 0, space 0, times 0 [ 1742.889434] CPU: 1 PID: 11386 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1742.896380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1742.905744] Call Trace: [ 1742.908351] dump_stack+0x1d3/0x2c6 [ 1742.912052] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1742.917248] ? is_bpf_text_address+0xd3/0x170 [ 1742.921754] should_fail.cold.4+0xa/0x17 [ 1742.925838] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1742.930969] ? graph_lock+0x270/0x270 [ 1742.934780] ? save_stack+0x43/0xd0 [ 1742.938435] ? kasan_kmalloc+0xc7/0xe0 [ 1742.942333] ? kmem_cache_alloc_trace+0x152/0x750 [ 1742.947195] ? kobject_uevent_env+0x2f3/0x101e [ 1742.951810] ? kobject_uevent+0x1f/0x24 [ 1742.955782] ? lo_ioctl+0x1385/0x1d60 [ 1742.959586] ? find_held_lock+0x36/0x1c0 [ 1742.963652] ? __lock_is_held+0xb5/0x140 [ 1742.967745] ? ___might_sleep+0x1ed/0x300 [ 1742.971900] ? arch_local_save_flags+0x40/0x40 [ 1742.976516] __should_failslab+0x124/0x180 [ 1742.980766] should_failslab+0x9/0x14 [ 1742.984579] __kmalloc+0x2e0/0x770 [ 1742.988136] ? kobject_uevent_env+0x2f3/0x101e [ 1742.992741] ? rcu_read_lock_sched_held+0x108/0x120 [ 1742.992756] ? kobject_get_path+0xc2/0x1b0 [ 1742.992773] ? kmem_cache_alloc_trace+0x353/0x750 [ 1742.992792] kobject_get_path+0xc2/0x1b0 [ 1742.992812] kobject_uevent_env+0x314/0x101e [ 1742.992839] kobject_uevent+0x1f/0x24 03:39:12 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1742.992853] lo_ioctl+0x1385/0x1d60 [ 1742.992875] ? lo_rw_aio_complete+0x470/0x470 [ 1742.992906] blkdev_ioctl+0xd8a/0x21b0 [ 1742.992925] ? blkpg_ioctl+0xc10/0xc10 [ 1743.002169] ? avc_ss_reset+0x190/0x190 [ 1743.002197] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1743.002211] ? kasan_check_read+0x11/0x20 [ 1743.002228] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1743.002244] ? rcu_softirq_qs+0x20/0x20 [ 1743.002279] ? ___might_sleep+0x1ed/0x300 [ 1743.061568] ? arch_local_save_flags+0x40/0x40 [ 1743.066212] block_ioctl+0xee/0x130 [ 1743.069880] ? blkdev_fallocate+0x400/0x400 [ 1743.074222] do_vfs_ioctl+0x1de/0x1790 [ 1743.078135] ? ioctl_preallocate+0x300/0x300 [ 1743.082581] ? selinux_file_mprotect+0x620/0x620 [ 1743.087340] ? rcu_read_lock_sched_held+0x108/0x120 [ 1743.092342] ? kmem_cache_free+0x1db/0x290 [ 1743.096590] ? putname+0xf7/0x130 [ 1743.100055] ? do_syscall_64+0x9a/0x820 [ 1743.104040] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1743.109578] ? security_file_ioctl+0x94/0xc0 [ 1743.113993] ksys_ioctl+0xa9/0xd0 [ 1743.117473] __x64_sys_ioctl+0x73/0xb0 [ 1743.121411] do_syscall_64+0x1b9/0x820 [ 1743.125311] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1743.130696] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1743.135659] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1743.140546] ? trace_hardirqs_on_caller+0x310/0x310 [ 1743.145574] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1743.150598] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1743.155622] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1743.160504] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1743.165712] RIP: 0033:0x4575c7 [ 1743.168908] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1743.187826] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1743.195553] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004575c7 [ 1743.202819] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1743.210088] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1743.217355] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1743.224626] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1743.244727] hfs: invalid session number or type of track [ 1743.250257] hfs: can't find a HFS filesystem on dev loop3 [ 1743.258293] Dev loop4: unable to read RDB block 1 [ 1743.263467] loop4: unable to read partition table [ 1743.268460] loop4: partition table beyond EOD, truncated [ 1743.286268] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:12 executing program 3 (fault-call:2 fault-nth:22): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:12 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hf%\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:12 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff60000000000000f", 0x35, 0x1c0}]) [ 1743.363527] Dev loop4: unable to read RDB block 1 [ 1743.377336] loop4: unable to read partition table [ 1743.383206] loop4: partition table beyond EOD, truncated [ 1743.389039] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1743.469743] FAULT_INJECTION: forcing a failure. [ 1743.469743] name failslab, interval 1, probability 0, space 0, times 0 [ 1743.494721] CPU: 0 PID: 11411 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1743.501697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1743.511059] Call Trace: [ 1743.513659] dump_stack+0x1d3/0x2c6 [ 1743.517312] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1743.522510] ? lock_downgrade+0x900/0x900 [ 1743.526694] should_fail.cold.4+0xa/0x17 [ 1743.530774] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1743.535903] ? rcu_softirq_qs+0x20/0x20 [ 1743.539890] ? unwind_dump+0x190/0x190 [ 1743.543821] ? is_bpf_text_address+0xd3/0x170 [ 1743.548329] ? graph_lock+0x270/0x270 [ 1743.552169] ? __kernel_text_address+0xd/0x40 [ 1743.556690] ? unwind_get_return_address+0x61/0xa0 [ 1743.561888] ? find_held_lock+0x36/0x1c0 [ 1743.565974] ? __lock_is_held+0xb5/0x140 [ 1743.565990] ? bch_flash_dev_store+0x158/0x500 [ 1743.566025] ? ___might_sleep+0x1ed/0x300 [ 1743.566045] ? kobject_uevent+0x1f/0x24 [ 1743.566064] ? arch_local_save_flags+0x40/0x40 [ 1743.587392] ? do_vfs_ioctl+0x1de/0x1790 [ 1743.591474] ? ksys_ioctl+0xa9/0xd0 [ 1743.595124] ? __x64_sys_ioctl+0x73/0xb0 [ 1743.599193] ? do_syscall_64+0x1b9/0x820 [ 1743.603271] __should_failslab+0x124/0x180 [ 1743.607516] should_failslab+0x9/0x14 [ 1743.611343] kmem_cache_alloc+0x2be/0x730 [ 1743.615516] skb_clone+0x1bb/0x500 03:39:12 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:12 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x10000000000000, 0x0) [ 1743.619072] ? skb_split+0x11e0/0x11e0 [ 1743.622970] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1743.628003] ? netlink_trim+0x1b4/0x380 [ 1743.631994] ? netlink_skb_destructor+0x210/0x210 [ 1743.636863] netlink_broadcast_filtered+0x110f/0x1680 [ 1743.642092] ? __netlink_sendskb+0xd0/0xd0 [ 1743.646333] ? kasan_check_read+0x11/0x20 [ 1743.650468] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1743.655751] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1743.661285] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 1743.666722] ? refcount_add_not_zero_checked+0x330/0x330 [ 1743.672163] ? netlink_has_listeners+0x2cb/0x4a0 [ 1743.676925] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1743.681947] netlink_broadcast+0x3a/0x50 [ 1743.686030] kobject_uevent_env+0xa83/0x101e [ 1743.690476] kobject_uevent+0x1f/0x24 [ 1743.694285] lo_ioctl+0x1385/0x1d60 [ 1743.697918] ? lo_rw_aio_complete+0x470/0x470 [ 1743.702410] blkdev_ioctl+0xd8a/0x21b0 [ 1743.706307] ? blkpg_ioctl+0xc10/0xc10 [ 1743.710199] ? avc_ss_reset+0x190/0x190 [ 1743.714172] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1743.719098] ? kasan_check_read+0x11/0x20 [ 1743.723232] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1743.728507] ? rcu_softirq_qs+0x20/0x20 [ 1743.732504] ? ___might_sleep+0x1ed/0x300 [ 1743.736655] ? arch_local_save_flags+0x40/0x40 [ 1743.741284] block_ioctl+0xee/0x130 [ 1743.744927] ? blkdev_fallocate+0x400/0x400 [ 1743.749261] do_vfs_ioctl+0x1de/0x1790 [ 1743.753151] ? ioctl_preallocate+0x300/0x300 [ 1743.757548] ? selinux_file_mprotect+0x620/0x620 [ 1743.762297] ? rcu_read_lock_sched_held+0x108/0x120 [ 1743.767313] ? kmem_cache_free+0x1db/0x290 [ 1743.771592] ? putname+0xf7/0x130 [ 1743.775057] ? do_syscall_64+0x9a/0x820 [ 1743.779029] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1743.784553] ? security_file_ioctl+0x94/0xc0 [ 1743.788965] ksys_ioctl+0xa9/0xd0 [ 1743.792424] __x64_sys_ioctl+0x73/0xb0 [ 1743.796312] do_syscall_64+0x1b9/0x820 [ 1743.800199] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1743.805564] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1743.810490] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1743.815326] ? trace_hardirqs_on_caller+0x310/0x310 [ 1743.820339] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1743.825342] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1743.830345] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1743.835211] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1743.840434] RIP: 0033:0x4575c7 [ 1743.843631] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1743.862546] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1743.870242] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004575c7 [ 1743.877507] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1743.884774] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1743.892029] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1743.899291] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1743.916044] hfs: invalid session number or type of track [ 1743.921531] hfs: can't find a HFS filesystem on dev loop3 03:39:13 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, 0x0, 0x0, 0x0, 0x0) [ 1743.996306] Dev loop4: unable to read RDB block 1 03:39:13 executing program 3 (fault-call:2 fault-nth:23): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1744.023707] loop4: unable to read partition table [ 1744.033192] loop4: partition table beyond EOD, truncated [ 1744.052494] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:13 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfl\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1744.177132] FAULT_INJECTION: forcing a failure. [ 1744.177132] name failslab, interval 1, probability 0, space 0, times 0 [ 1744.188923] CPU: 0 PID: 11443 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1744.195862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1744.205216] Call Trace: [ 1744.207835] dump_stack+0x1d3/0x2c6 [ 1744.211571] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1744.216823] ? lock_downgrade+0x900/0x900 [ 1744.220991] should_fail.cold.4+0xa/0x17 [ 1744.225064] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1744.230177] ? rcu_softirq_qs+0x20/0x20 [ 1744.234158] ? unwind_dump+0x190/0x190 [ 1744.238066] ? is_bpf_text_address+0xd3/0x170 [ 1744.242574] ? graph_lock+0x270/0x270 [ 1744.246386] ? __kernel_text_address+0xd/0x40 [ 1744.250891] ? unwind_get_return_address+0x61/0xa0 [ 1744.255870] ? find_held_lock+0x36/0x1c0 [ 1744.259945] ? __lock_is_held+0xb5/0x140 [ 1744.264029] ? ___might_sleep+0x1ed/0x300 [ 1744.268187] ? kobject_uevent+0x1f/0x24 [ 1744.272169] ? arch_local_save_flags+0x40/0x40 [ 1744.276769] ? do_vfs_ioctl+0x1de/0x1790 [ 1744.280838] ? ksys_ioctl+0xa9/0xd0 [ 1744.284470] ? __x64_sys_ioctl+0x73/0xb0 [ 1744.288539] ? do_syscall_64+0x1b9/0x820 [ 1744.292637] __should_failslab+0x124/0x180 [ 1744.296913] should_failslab+0x9/0x14 [ 1744.300728] kmem_cache_alloc+0x2be/0x730 [ 1744.304901] skb_clone+0x1bb/0x500 [ 1744.308456] ? skb_split+0x11e0/0x11e0 [ 1744.312365] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1744.317393] ? netlink_trim+0x1b4/0x380 [ 1744.321380] ? netlink_skb_destructor+0x210/0x210 [ 1744.326241] netlink_broadcast_filtered+0x110f/0x1680 [ 1744.331447] ? __netlink_sendskb+0xd0/0xd0 [ 1744.335710] ? kasan_check_read+0x11/0x20 [ 1744.339870] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1744.345160] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1744.350715] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 1744.356176] ? refcount_add_not_zero_checked+0x330/0x330 [ 1744.361640] ? netlink_has_listeners+0x2cb/0x4a0 [ 1744.366420] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1744.371468] netlink_broadcast+0x3a/0x50 [ 1744.375540] kobject_uevent_env+0xa83/0x101e [ 1744.379996] kobject_uevent+0x1f/0x24 [ 1744.383806] lo_ioctl+0x1385/0x1d60 [ 1744.387469] ? lo_rw_aio_complete+0x470/0x470 [ 1744.391976] blkdev_ioctl+0xd8a/0x21b0 [ 1744.396039] ? blkpg_ioctl+0xc10/0xc10 [ 1744.399939] ? avc_ss_reset+0x190/0x190 [ 1744.403941] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1744.408872] ? kasan_check_read+0x11/0x20 [ 1744.413025] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1744.418311] ? rcu_softirq_qs+0x20/0x20 [ 1744.422317] ? ___might_sleep+0x1ed/0x300 [ 1744.426473] ? arch_local_save_flags+0x40/0x40 [ 1744.431077] block_ioctl+0xee/0x130 [ 1744.434722] ? blkdev_fallocate+0x400/0x400 [ 1744.439055] do_vfs_ioctl+0x1de/0x1790 [ 1744.442956] ? ioctl_preallocate+0x300/0x300 [ 1744.447379] ? selinux_file_mprotect+0x620/0x620 [ 1744.452149] ? rcu_read_lock_sched_held+0x108/0x120 [ 1744.457174] ? kmem_cache_free+0x1db/0x290 [ 1744.461419] ? putname+0xf7/0x130 [ 1744.464886] ? do_syscall_64+0x9a/0x820 [ 1744.468874] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1744.474416] ? security_file_ioctl+0x94/0xc0 [ 1744.478838] ksys_ioctl+0xa9/0xd0 [ 1744.482377] __x64_sys_ioctl+0x73/0xb0 [ 1744.487096] do_syscall_64+0x1b9/0x820 [ 1744.490994] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1744.496369] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1744.501311] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1744.506166] ? trace_hardirqs_on_caller+0x310/0x310 [ 1744.511223] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1744.516245] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1744.521278] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1744.526140] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1744.531469] RIP: 0033:0x4575c7 [ 1744.534701] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1744.553607] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1744.561323] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004575c7 [ 1744.568609] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 03:39:13 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0xeffdffff, 0x0) [ 1744.575880] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1744.583152] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1744.590427] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1744.606874] Dev loop4: unable to read RDB block 1 [ 1744.611748] hfs: invalid session number or type of track [ 1744.611757] hfs: can't find a HFS filesystem on dev loop3 [ 1744.652854] loop4: unable to read partition table [ 1744.663379] loop4: partition table beyond EOD, truncated [ 1744.669792] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:13 executing program 3 (fault-call:2 fault-nth:24): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:13 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:13 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff6000000ffe00001", 0x35, 0x1c0}]) 03:39:13 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hf\n\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1744.859237] FAULT_INJECTION: forcing a failure. [ 1744.859237] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1744.871077] CPU: 0 PID: 11457 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1744.871088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1744.871094] Call Trace: [ 1744.871124] dump_stack+0x1d3/0x2c6 [ 1744.893598] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1744.898813] should_fail.cold.4+0xa/0x17 [ 1744.902893] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1744.908022] ? kobject_uevent_env+0xf76/0x101e [ 1744.912611] ? wait_for_completion+0x8a0/0x8a0 [ 1744.917213] ? mark_held_locks+0x130/0x130 [ 1744.921456] ? kobject_uevent_env+0x100d/0x101e [ 1744.926171] ? mutex_unlock+0xd/0x10 [ 1744.929896] ? lo_ioctl+0xe6/0x1d60 [ 1744.933543] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1744.939091] ? should_fail+0x22d/0xd01 [ 1744.942992] ? blkdev_ioctl+0x1f5/0x21b0 [ 1744.947100] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1744.952228] ? blkpg_ioctl+0xc10/0xc10 [ 1744.956136] __alloc_pages_nodemask+0x366/0xea0 [ 1744.960809] ? kasan_check_read+0x11/0x20 [ 1744.964991] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1744.970284] ? __alloc_pages_slowpath+0x2df0/0x2df0 [ 1744.975320] ? find_held_lock+0x36/0x1c0 [ 1744.979410] ? ___might_sleep+0x1ed/0x300 [ 1744.983573] ? trace_hardirqs_off+0xb8/0x310 [ 1744.988001] cache_grow_begin+0x91/0x8c0 [ 1744.992083] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1744.997627] ? check_preemption_disabled+0x48/0x280 [ 1745.002696] kmem_cache_alloc+0x665/0x730 [ 1745.006867] ? selinux_file_mprotect+0x620/0x620 [ 1745.011640] getname_flags+0xd0/0x590 [ 1745.015479] do_mkdirat+0xc5/0x310 [ 1745.019036] ? __ia32_sys_mknod+0xb0/0xb0 [ 1745.023189] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1745.028572] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1745.034034] ? ksys_ioctl+0x81/0xd0 [ 1745.037689] __x64_sys_mkdir+0x5c/0x80 [ 1745.041590] do_syscall_64+0x1b9/0x820 [ 1745.045486] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1745.050889] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1745.055849] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1745.060727] ? trace_hardirqs_on_caller+0x310/0x310 [ 1745.065783] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1745.070812] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1745.075848] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1745.080733] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1745.085930] RIP: 0033:0x456b77 [ 1745.089131] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1745.108032] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1745.115755] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000456b77 [ 1745.123036] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000080 [ 1745.130311] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1745.137586] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1745.144862] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1745.154813] hfs: invalid session number or type of track [ 1745.161816] hfs: can't find a HFS filesystem on dev loop3 [ 1745.175611] Dev loop4: unable to read RDB block 1 [ 1745.180475] loop4: unable to read partition table [ 1745.193885] loop4: partition table beyond EOD, truncated 03:39:14 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00), 0x0, 0x0, 0x0) 03:39:14 executing program 3 (fault-call:2 fault-nth:25): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1745.207340] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:14 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff6000000e0000001", 0x35, 0x1c0}]) [ 1745.318131] FAULT_INJECTION: forcing a failure. [ 1745.318131] name failslab, interval 1, probability 0, space 0, times 0 [ 1745.353372] CPU: 1 PID: 11479 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1745.360311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1745.369656] Call Trace: [ 1745.372297] dump_stack+0x1d3/0x2c6 [ 1745.375958] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1745.381166] should_fail.cold.4+0xa/0x17 [ 1745.385245] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1745.390355] ? lockdep_hardirqs_on+0x421/0x5c0 [ 1745.394957] ? trace_hardirqs_on+0xbd/0x310 [ 1745.399290] ? kasan_check_read+0x11/0x20 [ 1745.403449] ? __debug_object_init+0x57d/0x1290 [ 1745.408133] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1745.413612] ? do_raw_spin_trylock+0x270/0x270 [ 1745.418216] ? graph_lock+0x270/0x270 [ 1745.422037] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 1745.427154] ? __debug_object_init+0x57d/0x1290 [ 1745.431841] ? vfs_mkdir+0x42e/0x6b0 [ 1745.435579] ? do_mkdirat+0x27a/0x310 [ 1745.439385] ? __x64_sys_mkdir+0x5c/0x80 [ 1745.443457] ? do_syscall_64+0x1b9/0x820 [ 1745.447529] ? __lock_is_held+0xb5/0x140 [ 1745.451598] ? debug_object_free+0x690/0x690 [ 1745.456032] ? ___might_sleep+0x1ed/0x300 [ 1745.460195] ? arch_local_save_flags+0x40/0x40 [ 1745.464816] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1745.470363] ? check_preemption_disabled+0x48/0x280 [ 1745.475430] __should_failslab+0x124/0x180 [ 1745.479687] should_failslab+0x9/0x14 [ 1745.483505] kmem_cache_alloc+0x2be/0x730 [ 1745.487685] selinux_inode_alloc_security+0x107/0x3a0 [ 1745.492884] ? inode_free_rcu+0x20/0x20 [ 1745.496875] ? __put_user_ns+0x60/0x60 [ 1745.500790] ? lockdep_init_map+0x9/0x10 [ 1745.504919] ? ext4_alloc_inode+0x6ef/0x880 [ 1745.509257] security_inode_alloc+0x73/0xd0 [ 1745.513591] inode_init_always+0x68f/0xd80 [ 1745.517839] ? __lock_acquire+0x62f/0x4c20 [ 1745.522084] ? get_nr_inodes+0x120/0x120 [ 1745.526161] ? print_usage_bug+0xc0/0xc0 [ 1745.530241] ? __lock_acquire+0x62f/0x4c20 [ 1745.534489] ? mark_held_locks+0x130/0x130 [ 1745.538737] ? graph_lock+0x270/0x270 [ 1745.542557] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1745.548106] alloc_inode+0x80/0x190 [ 1745.551748] new_inode_pseudo+0x71/0x1a0 [ 1745.555838] ? prune_icache_sb+0x1c0/0x1c0 [ 1745.560137] new_inode+0x1c/0x40 [ 1745.563514] __ext4_new_inode+0x507/0x63b0 [ 1745.567773] ? mark_held_locks+0x130/0x130 [ 1745.572018] ? ext4_free_inode+0x1a10/0x1a10 [ 1745.576443] ? find_held_lock+0x36/0x1c0 [ 1745.580529] ? find_held_lock+0x36/0x1c0 [ 1745.584605] ? graph_lock+0x270/0x270 [ 1745.588424] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1745.593970] ? check_preemption_disabled+0x48/0x280 [ 1745.599006] ? find_held_lock+0x36/0x1c0 [ 1745.603086] ? lock_downgrade+0x900/0x900 [ 1745.607241] ? check_preemption_disabled+0x48/0x280 [ 1745.612266] ? rcu_read_unlock_special+0x1d0/0x1d0 03:39:14 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0xfffffdef, 0x0) [ 1745.617215] ? kasan_check_read+0x11/0x20 [ 1745.621391] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1745.626693] ? rcu_softirq_qs+0x20/0x20 [ 1745.630704] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1745.636257] ? avc_has_perm+0x55f/0x7e0 [ 1745.640249] ? avc_has_perm_noaudit+0x630/0x630 [ 1745.644941] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1745.650529] ? __dquot_initialize+0x629/0xdd0 [ 1745.655050] ? dquot_get_next_dqblk+0x180/0x180 [ 1745.659790] ext4_mkdir+0x2e1/0xe60 [ 1745.663441] ? ext4_init_dot_dotdot+0x510/0x510 [ 1745.668128] ? selinux_inode_mkdir+0x22/0x30 [ 1745.672564] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1745.678129] ? security_inode_mkdir+0xe8/0x120 [ 1745.682726] vfs_mkdir+0x42e/0x6b0 [ 1745.686282] do_mkdirat+0x27a/0x310 [ 1745.689929] ? __ia32_sys_mknod+0xb0/0xb0 [ 1745.694087] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1745.699463] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1745.704926] ? ksys_ioctl+0x81/0xd0 [ 1745.708563] __x64_sys_mkdir+0x5c/0x80 [ 1745.712477] do_syscall_64+0x1b9/0x820 [ 1745.716375] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1745.721767] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1745.726714] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1745.731571] ? trace_hardirqs_on_caller+0x310/0x310 [ 1745.736613] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1745.741645] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1745.746695] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1745.751559] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1745.756757] RIP: 0033:0x456b77 [ 1745.759957] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1745.778864] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1745.786689] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000456b77 [ 1745.793968] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000080 [ 1745.801245] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1745.808523] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1745.815798] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:14 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:14 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hf,\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:14 executing program 3 (fault-call:2 fault-nth:26): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1745.904062] Dev loop4: unable to read RDB block 1 [ 1745.913822] loop4: unable to read partition table [ 1745.922766] loop4: partition table beyond EOD, truncated [ 1745.942172] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1745.996282] FAULT_INJECTION: forcing a failure. [ 1745.996282] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1746.008102] CPU: 0 PID: 11500 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1746.015033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1746.024388] Call Trace: [ 1746.026988] dump_stack+0x1d3/0x2c6 [ 1746.030662] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1746.035907] should_fail.cold.4+0xa/0x17 [ 1746.039984] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1746.045108] ? kobject_uevent_env+0xf76/0x101e [ 1746.049716] ? wait_for_completion+0x8a0/0x8a0 [ 1746.054320] ? mark_held_locks+0x130/0x130 [ 1746.058566] ? kobject_uevent_env+0x100d/0x101e [ 1746.063261] ? mutex_unlock+0xd/0x10 [ 1746.066981] ? lo_ioctl+0xe6/0x1d60 [ 1746.070628] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1746.076184] ? should_fail+0x22d/0xd01 [ 1746.080080] ? blkdev_ioctl+0x1f5/0x21b0 [ 1746.084151] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1746.089258] ? blkpg_ioctl+0xc10/0xc10 [ 1746.093171] __alloc_pages_nodemask+0x366/0xea0 [ 1746.097842] ? kasan_check_read+0x11/0x20 [ 1746.101998] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1746.107285] ? __alloc_pages_slowpath+0x2df0/0x2df0 [ 1746.112316] ? find_held_lock+0x36/0x1c0 [ 1746.116420] ? ___might_sleep+0x1ed/0x300 [ 1746.120596] ? trace_hardirqs_off+0xb8/0x310 [ 1746.125021] cache_grow_begin+0x91/0x8c0 [ 1746.129089] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1746.134639] ? check_preemption_disabled+0x48/0x280 [ 1746.139701] kmem_cache_alloc+0x665/0x730 [ 1746.143862] ? selinux_file_mprotect+0x620/0x620 [ 1746.148654] getname_flags+0xd0/0x590 [ 1746.152500] do_mkdirat+0xc5/0x310 [ 1746.156050] ? __ia32_sys_mknod+0xb0/0xb0 [ 1746.160205] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1746.165579] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1746.171041] ? ksys_ioctl+0x81/0xd0 [ 1746.174691] __x64_sys_mkdir+0x5c/0x80 [ 1746.178591] do_syscall_64+0x1b9/0x820 [ 1746.182485] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1746.187889] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1746.192838] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1746.197705] ? trace_hardirqs_on_caller+0x310/0x310 [ 1746.202734] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1746.207760] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1746.212804] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1746.217657] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1746.222876] RIP: 0033:0x456b77 [ 1746.226094] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1746.245014] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1746.252725] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000456b77 [ 1746.260025] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000080 [ 1746.267296] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1746.274565] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1746.281835] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1746.303138] hfs: invalid session number or type of track [ 1746.308648] hfs: can't find a HFS filesystem on dev loop3 03:39:15 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1746.376154] Dev loop4: unable to read RDB block 1 [ 1746.381584] loop4: unable to read partition table [ 1746.415655] loop4: partition table beyond EOD, truncated 03:39:15 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hf-\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:15 executing program 3 (fault-call:2 fault-nth:27): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:15 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0xf0ffffff00000000, 0x0) [ 1746.447229] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1746.540142] FAULT_INJECTION: forcing a failure. [ 1746.540142] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1746.551972] CPU: 0 PID: 11517 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1746.558936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1746.568295] Call Trace: [ 1746.570896] dump_stack+0x1d3/0x2c6 [ 1746.574543] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1746.579756] should_fail.cold.4+0xa/0x17 [ 1746.583835] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1746.588952] ? graph_lock+0x270/0x270 [ 1746.592780] ? lock_downgrade+0x900/0x900 [ 1746.596937] ? check_preemption_disabled+0x48/0x280 [ 1746.601971] ? kasan_check_read+0x11/0x20 [ 1746.606132] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1746.611423] ? find_held_lock+0x36/0x1c0 [ 1746.615497] ? graph_lock+0x270/0x270 [ 1746.619318] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 1746.624170] ? lock_downgrade+0x900/0x900 [ 1746.628325] ? check_preemption_disabled+0x48/0x280 [ 1746.633365] ? rcu_read_unlock+0x16/0x60 [ 1746.637445] __alloc_pages_nodemask+0x366/0xea0 [ 1746.642152] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1746.647086] ? kasan_check_read+0x11/0x20 [ 1746.651251] ? __alloc_pages_slowpath+0x2df0/0x2df0 [ 1746.656302] ? __lock_is_held+0xb5/0x140 [ 1746.660414] ? ___might_sleep+0x1ed/0x300 [ 1746.664576] ? trace_hardirqs_off+0xb8/0x310 [ 1746.669001] cache_grow_begin+0x91/0x8c0 [ 1746.673103] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1746.678706] ? check_preemption_disabled+0x48/0x280 [ 1746.683768] kmem_cache_alloc+0x665/0x730 [ 1746.687927] ? print_usage_bug+0xc0/0xc0 [ 1746.692005] ? ratelimit_state_init+0xb0/0xb0 [ 1746.696514] ext4_alloc_inode+0xc7/0x880 [ 1746.700599] ? ratelimit_state_init+0xb0/0xb0 [ 1746.705120] ? __lock_acquire+0x62f/0x4c20 [ 1746.709389] ? print_usage_bug+0xc0/0xc0 [ 1746.713478] ? __lock_acquire+0x62f/0x4c20 [ 1746.717735] ? mark_held_locks+0x130/0x130 [ 1746.721987] ? graph_lock+0x270/0x270 [ 1746.725803] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1746.731348] ? ratelimit_state_init+0xb0/0xb0 [ 1746.735859] alloc_inode+0x63/0x190 [ 1746.739496] new_inode_pseudo+0x71/0x1a0 [ 1746.743562] ? prune_icache_sb+0x1c0/0x1c0 [ 1746.747819] new_inode+0x1c/0x40 [ 1746.751193] __ext4_new_inode+0x507/0x63b0 [ 1746.755451] ? mark_held_locks+0x130/0x130 [ 1746.759711] ? ext4_free_inode+0x1a10/0x1a10 [ 1746.764132] ? find_held_lock+0x36/0x1c0 [ 1746.768223] ? find_held_lock+0x36/0x1c0 [ 1746.772310] ? graph_lock+0x270/0x270 [ 1746.776139] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1746.781701] ? check_preemption_disabled+0x48/0x280 [ 1746.786754] ? find_held_lock+0x36/0x1c0 [ 1746.790843] ? lock_downgrade+0x900/0x900 [ 1746.795000] ? check_preemption_disabled+0x48/0x280 [ 1746.800032] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1746.804969] ? kasan_check_read+0x11/0x20 [ 1746.809132] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1746.814437] ? rcu_softirq_qs+0x20/0x20 [ 1746.818435] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1746.823986] ? avc_has_perm+0x55f/0x7e0 [ 1746.827985] ? avc_has_perm_noaudit+0x630/0x630 [ 1746.832686] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1746.838239] ? __dquot_initialize+0x629/0xdd0 [ 1746.842767] ? dquot_get_next_dqblk+0x180/0x180 [ 1746.847478] ext4_mkdir+0x2e1/0xe60 [ 1746.851161] ? ext4_init_dot_dotdot+0x510/0x510 [ 1746.855876] ? selinux_inode_mkdir+0x22/0x30 [ 1746.860309] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1746.865857] ? security_inode_mkdir+0xe8/0x120 [ 1746.870447] vfs_mkdir+0x42e/0x6b0 [ 1746.874031] do_mkdirat+0x27a/0x310 [ 1746.877694] ? __ia32_sys_mknod+0xb0/0xb0 [ 1746.881869] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1746.887309] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1746.892814] ? ksys_ioctl+0x81/0xd0 [ 1746.896484] __x64_sys_mkdir+0x5c/0x80 [ 1746.900377] do_syscall_64+0x1b9/0x820 [ 1746.904270] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1746.909661] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1746.914640] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1746.919526] ? trace_hardirqs_on_caller+0x310/0x310 [ 1746.924550] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1746.929581] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1746.934610] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1746.939469] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1746.944663] RIP: 0033:0x456b77 [ 1746.947881] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1746.966794] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1746.974511] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000456b77 [ 1746.981816] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000080 03:39:15 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000001000", 0x35, 0x1c0}]) [ 1746.989090] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1746.996359] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1747.003635] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1747.015871] hfs: invalid session number or type of track [ 1747.036314] hfs: can't find a HFS filesystem on dev loop3 03:39:16 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1747.101414] Dev loop4: unable to read RDB block 1 03:39:16 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hf0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:16 executing program 3 (fault-call:2 fault-nth:28): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1747.126885] loop4: unable to read partition table [ 1747.141601] loop4: partition table beyond EOD, truncated [ 1747.171616] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:16 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1747.244375] FAULT_INJECTION: forcing a failure. [ 1747.244375] name failslab, interval 1, probability 0, space 0, times 0 [ 1747.266643] CPU: 1 PID: 11533 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1747.273593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1747.282954] Call Trace: [ 1747.285561] dump_stack+0x1d3/0x2c6 [ 1747.289215] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1747.294446] should_fail.cold.4+0xa/0x17 [ 1747.298520] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1747.303632] ? lockdep_hardirqs_on+0x421/0x5c0 [ 1747.308242] ? trace_hardirqs_on+0xbd/0x310 [ 1747.312578] ? kasan_check_read+0x11/0x20 [ 1747.316738] ? __debug_object_init+0x57d/0x1290 [ 1747.321419] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1747.326886] ? do_raw_spin_trylock+0x270/0x270 [ 1747.331496] ? graph_lock+0x270/0x270 [ 1747.335309] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 1747.340421] ? __debug_object_init+0x57d/0x1290 [ 1747.345102] ? vfs_mkdir+0x42e/0x6b0 [ 1747.348840] ? do_mkdirat+0x27a/0x310 [ 1747.352680] ? __x64_sys_mkdir+0x5c/0x80 [ 1747.356755] ? do_syscall_64+0x1b9/0x820 [ 1747.360831] ? __lock_is_held+0xb5/0x140 [ 1747.364903] ? debug_object_free+0x690/0x690 [ 1747.369361] ? ___might_sleep+0x1ed/0x300 [ 1747.373515] ? arch_local_save_flags+0x40/0x40 [ 1747.378110] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1747.383679] ? check_preemption_disabled+0x48/0x280 [ 1747.388725] __should_failslab+0x124/0x180 [ 1747.392972] should_failslab+0x9/0x14 [ 1747.396804] kmem_cache_alloc+0x2be/0x730 [ 1747.400988] selinux_inode_alloc_security+0x107/0x3a0 [ 1747.406218] ? inode_free_rcu+0x20/0x20 [ 1747.410208] ? __put_user_ns+0x60/0x60 [ 1747.414112] ? lockdep_init_map+0x9/0x10 [ 1747.418190] ? ext4_alloc_inode+0x6ef/0x880 [ 1747.422525] security_inode_alloc+0x73/0xd0 [ 1747.426863] inode_init_always+0x68f/0xd80 [ 1747.431122] ? __lock_acquire+0x62f/0x4c20 [ 1747.435364] ? get_nr_inodes+0x120/0x120 [ 1747.439442] ? print_usage_bug+0xc0/0xc0 [ 1747.443519] ? __lock_acquire+0x62f/0x4c20 [ 1747.447763] ? mark_held_locks+0x130/0x130 [ 1747.452007] ? graph_lock+0x270/0x270 [ 1747.455822] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1747.461369] alloc_inode+0x80/0x190 [ 1747.465029] new_inode_pseudo+0x71/0x1a0 [ 1747.469102] ? prune_icache_sb+0x1c0/0x1c0 [ 1747.473353] new_inode+0x1c/0x40 [ 1747.476736] __ext4_new_inode+0x507/0x63b0 [ 1747.480994] ? mark_held_locks+0x130/0x130 [ 1747.485294] ? ext4_free_inode+0x1a10/0x1a10 [ 1747.489719] ? find_held_lock+0x36/0x1c0 [ 1747.493809] ? find_held_lock+0x36/0x1c0 [ 1747.497897] ? graph_lock+0x270/0x270 [ 1747.501731] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1747.507282] ? check_preemption_disabled+0x48/0x280 [ 1747.512347] ? find_held_lock+0x36/0x1c0 [ 1747.516438] ? lock_downgrade+0x900/0x900 [ 1747.520609] ? check_preemption_disabled+0x48/0x280 [ 1747.525656] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1747.530601] ? kasan_check_read+0x11/0x20 [ 1747.534785] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1747.540083] ? rcu_softirq_qs+0x20/0x20 [ 1747.544079] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1747.549646] ? avc_has_perm+0x55f/0x7e0 [ 1747.553663] ? avc_has_perm_noaudit+0x630/0x630 [ 1747.558364] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1747.563928] ? __dquot_initialize+0x629/0xdd0 [ 1747.568447] ? dquot_get_next_dqblk+0x180/0x180 [ 1747.573139] ext4_mkdir+0x2e1/0xe60 [ 1747.576789] ? ext4_init_dot_dotdot+0x510/0x510 [ 1747.581478] ? selinux_inode_mkdir+0x22/0x30 [ 1747.585915] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1747.591468] ? security_inode_mkdir+0xe8/0x120 [ 1747.596080] vfs_mkdir+0x42e/0x6b0 [ 1747.599640] do_mkdirat+0x27a/0x310 [ 1747.603291] ? __ia32_sys_mknod+0xb0/0xb0 [ 1747.607455] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1747.612828] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1747.618289] ? ksys_ioctl+0x81/0xd0 [ 1747.621932] __x64_sys_mkdir+0x5c/0x80 [ 1747.625836] do_syscall_64+0x1b9/0x820 [ 1747.629763] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1747.635140] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1747.640121] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1747.644976] ? trace_hardirqs_on_caller+0x310/0x310 [ 1747.650033] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1747.655059] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1747.660093] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1747.664968] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1747.670188] RIP: 0033:0x456b77 [ 1747.673389] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:39:16 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0xf00000000000000, 0x0) [ 1747.692294] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1747.700026] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000456b77 [ 1747.707300] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000080 [ 1747.714576] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1747.721849] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1747.729138] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1747.745230] Dev loop4: unable to read RDB block 1 [ 1747.755995] loop4: unable to read partition table [ 1747.768000] loop4: partition table beyond EOD, truncated [ 1747.780742] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:16 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000000007", 0x35, 0x1c0}]) 03:39:16 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:16 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:16 executing program 3 (fault-call:2 fault-nth:29): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1748.023373] Dev loop4: unable to read RDB block 1 [ 1748.029578] loop4: unable to read partition table [ 1748.031684] hfs: invalid session number or type of track [ 1748.043800] loop4: partition table beyond EOD, truncated [ 1748.044250] hfs: can't find a HFS filesystem on dev loop5 [ 1748.073589] FAULT_INJECTION: forcing a failure. [ 1748.073589] name failslab, interval 1, probability 0, space 0, times 0 [ 1748.085428] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1748.094611] CPU: 1 PID: 11556 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1748.101551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1748.110904] Call Trace: [ 1748.111015] dump_stack+0x1d3/0x2c6 [ 1748.111039] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1748.111057] ? __lock_is_held+0xb5/0x140 [ 1748.111082] should_fail.cold.4+0xa/0x17 [ 1748.126560] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1748.126588] ? kasan_check_write+0x14/0x20 [ 1748.126604] ? __brelse+0x104/0x180 [ 1748.126621] ? graph_lock+0x270/0x270 [ 1748.126639] ? print_usage_bug+0xc0/0xc0 [ 1748.126657] ? __ext4_handle_dirty_metadata+0x1e0/0x5a0 [ 1748.126689] ? kasan_check_write+0x14/0x20 [ 1748.126707] ? ext4_mark_iloc_dirty+0x199a/0x2f30 [ 1748.126727] ? __lock_is_held+0xb5/0x140 [ 1748.170068] ? ___might_sleep+0x1ed/0x300 [ 1748.174232] ? arch_local_save_flags+0x40/0x40 [ 1748.178841] __should_failslab+0x124/0x180 [ 1748.183089] should_failslab+0x9/0x14 [ 1748.186903] __kmalloc+0x2e0/0x770 [ 1748.190459] ? ext4_find_extent+0x757/0x9b0 [ 1748.194810] ext4_find_extent+0x757/0x9b0 [ 1748.198986] ext4_ext_map_blocks+0x2ad/0x6180 [ 1748.203498] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1748.209062] ? graph_lock+0x270/0x270 [ 1748.212894] ? ext4_ext_release+0x10/0x10 [ 1748.217060] ? __brelse+0x104/0x180 03:39:17 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1748.220763] ? block_commit_write+0x30/0x30 [ 1748.225103] ? find_held_lock+0x36/0x1c0 [ 1748.229187] ? graph_lock+0x270/0x270 [ 1748.233001] ? graph_lock+0x270/0x270 [ 1748.236817] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1748.242368] ? check_preemption_disabled+0x48/0x280 [ 1748.247413] ? lock_acquire+0x1ed/0x520 [ 1748.251402] ? ext4_map_blocks+0x487/0x1b60 [ 1748.255748] ? lock_release+0xa00/0xa00 [ 1748.259757] ? arch_local_save_flags+0x40/0x40 [ 1748.264358] ? ext4_es_cache_extent+0x6a0/0x6a0 [ 1748.269049] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1748.274607] ? down_read+0x8d/0x120 [ 1748.278243] ? ext4_map_blocks+0x487/0x1b60 [ 1748.282580] ? __down_interruptible+0x700/0x700 [ 1748.287268] ext4_map_blocks+0xe35/0x1b60 [ 1748.291439] ? ext4_issue_zeroout+0x160/0x160 [ 1748.295962] ext4_getblk+0x10e/0x630 [ 1748.299700] ? ext4_iomap_begin+0x1390/0x1390 [ 1748.304220] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1748.309771] ? __dquot_initialize+0x629/0xdd0 [ 1748.314280] ext4_bread+0x95/0x2b0 [ 1748.317837] ? ext4_getblk+0x630/0x630 [ 1748.321737] ? dquot_get_next_dqblk+0x180/0x180 [ 1748.326444] ext4_append+0x14e/0x370 [ 1748.330199] ext4_mkdir+0x532/0xe60 [ 1748.333863] ? ext4_init_dot_dotdot+0x510/0x510 [ 1748.338547] ? selinux_inode_mkdir+0x22/0x30 [ 1748.342965] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1748.348516] ? security_inode_mkdir+0xe8/0x120 [ 1748.353114] vfs_mkdir+0x42e/0x6b0 [ 1748.356707] do_mkdirat+0x27a/0x310 [ 1748.360363] ? __ia32_sys_mknod+0xb0/0xb0 [ 1748.364523] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1748.369900] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1748.375364] ? ksys_ioctl+0x81/0xd0 [ 1748.379006] __x64_sys_mkdir+0x5c/0x80 [ 1748.382926] do_syscall_64+0x1b9/0x820 [ 1748.386824] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1748.392207] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1748.397261] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1748.402118] ? trace_hardirqs_on_caller+0x310/0x310 [ 1748.407144] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1748.412188] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1748.417228] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1748.422095] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1748.427289] RIP: 0033:0x456b77 [ 1748.430489] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1748.449399] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1748.457114] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000456b77 [ 1748.464389] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000080 [ 1748.471677] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1748.478952] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1748.486245] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1748.511683] hfs: invalid session number or type of track 03:39:17 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1748.522880] hfs: can't find a HFS filesystem on dev loop3 [ 1748.534101] hfs: invalid session number or type of track [ 1748.540776] hfs: can't find a HFS filesystem on dev loop5 [ 1748.583893] Dev loop4: unable to read RDB block 1 [ 1748.598052] hfs: invalid session number or type of track 03:39:17 executing program 3 (fault-call:2 fault-nth:30): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:17 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x40000000000, 0x0) [ 1748.633550] hfs: can't find a HFS filesystem on dev loop5 [ 1748.639421] loop4: unable to read partition table [ 1748.662079] loop4: partition table beyond EOD, truncated [ 1748.670807] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:17 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x0, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:17 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:17 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000048000001", 0x35, 0x1c0}]) [ 1748.767786] FAULT_INJECTION: forcing a failure. [ 1748.767786] name failslab, interval 1, probability 0, space 0, times 0 [ 1748.812697] CPU: 0 PID: 11574 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1748.819642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1748.829012] Call Trace: [ 1748.831632] dump_stack+0x1d3/0x2c6 [ 1748.835293] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1748.840499] ? __lock_is_held+0xb5/0x140 [ 1748.844620] should_fail.cold.4+0xa/0x17 [ 1748.848707] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1748.853836] ? kasan_check_write+0x14/0x20 [ 1748.858079] ? __brelse+0x104/0x180 [ 1748.861732] ? graph_lock+0x270/0x270 [ 1748.865547] ? print_usage_bug+0xc0/0xc0 [ 1748.869620] ? __ext4_handle_dirty_metadata+0x1e0/0x5a0 [ 1748.875000] ? kasan_check_write+0x14/0x20 [ 1748.879242] ? ext4_mark_iloc_dirty+0x199a/0x2f30 [ 1748.884102] ? __lock_is_held+0xb5/0x140 [ 1748.888187] ? ___might_sleep+0x1ed/0x300 [ 1748.892348] ? arch_local_save_flags+0x40/0x40 [ 1748.896955] __should_failslab+0x124/0x180 [ 1748.901201] should_failslab+0x9/0x14 [ 1748.905012] __kmalloc+0x2e0/0x770 [ 1748.908574] ? ext4_find_extent+0x757/0x9b0 [ 1748.912916] ext4_find_extent+0x757/0x9b0 [ 1748.917083] ext4_ext_map_blocks+0x2ad/0x6180 [ 1748.921592] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1748.927169] ? graph_lock+0x270/0x270 [ 1748.931000] ? ext4_ext_release+0x10/0x10 [ 1748.935154] ? __brelse+0x104/0x180 [ 1748.938788] ? block_commit_write+0x30/0x30 [ 1748.943129] ? find_held_lock+0x36/0x1c0 [ 1748.947204] ? graph_lock+0x270/0x270 [ 1748.951021] ? graph_lock+0x270/0x270 [ 1748.954837] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1748.960384] ? check_preemption_disabled+0x48/0x280 [ 1748.965428] ? lock_acquire+0x1ed/0x520 [ 1748.969430] ? ext4_map_blocks+0x487/0x1b60 [ 1748.973772] ? lock_release+0xa00/0xa00 [ 1748.977754] ? arch_local_save_flags+0x40/0x40 [ 1748.982346] ? ext4_es_cache_extent+0x6a0/0x6a0 [ 1748.987033] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1748.992592] ? down_read+0x8d/0x120 [ 1748.996229] ? ext4_map_blocks+0x487/0x1b60 [ 1749.000561] ? __down_interruptible+0x700/0x700 [ 1749.005266] ext4_map_blocks+0xe35/0x1b60 [ 1749.009465] ? ext4_issue_zeroout+0x160/0x160 [ 1749.013997] ext4_getblk+0x10e/0x630 [ 1749.017726] ? ext4_iomap_begin+0x1390/0x1390 [ 1749.022236] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1749.027787] ? __dquot_initialize+0x629/0xdd0 [ 1749.032295] ext4_bread+0x95/0x2b0 [ 1749.035847] ? ext4_getblk+0x630/0x630 [ 1749.039742] ? dquot_get_next_dqblk+0x180/0x180 [ 1749.044432] ext4_append+0x14e/0x370 [ 1749.048190] ext4_mkdir+0x532/0xe60 [ 1749.051836] ? ext4_init_dot_dotdot+0x510/0x510 [ 1749.056519] ? selinux_inode_mkdir+0x22/0x30 [ 1749.060939] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1749.066486] ? security_inode_mkdir+0xe8/0x120 [ 1749.071079] vfs_mkdir+0x42e/0x6b0 [ 1749.074634] do_mkdirat+0x27a/0x310 [ 1749.078290] ? __ia32_sys_mknod+0xb0/0xb0 [ 1749.082446] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1749.087818] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1749.093288] ? ksys_ioctl+0x81/0xd0 [ 1749.096943] __x64_sys_mkdir+0x5c/0x80 [ 1749.100855] do_syscall_64+0x1b9/0x820 [ 1749.104770] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1749.110141] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1749.115079] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1749.119935] ? trace_hardirqs_on_caller+0x310/0x310 [ 1749.124960] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1749.129989] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1749.135031] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1749.139885] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1749.145076] RIP: 0033:0x456b77 [ 1749.148276] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1749.167182] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1749.174899] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000456b77 [ 1749.182173] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000080 [ 1749.189451] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1749.196740] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1749.204017] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1749.248263] hfs: invalid session number or type of track [ 1749.277271] hfs: can't find a HFS filesystem on dev loop5 [ 1749.293873] hfs: invalid session number or type of track [ 1749.299651] hfs: can't find a HFS filesystem on dev loop3 [ 1749.375292] Dev loop4: unable to read RDB block 1 [ 1749.387157] hfs: invalid session number or type of track [ 1749.395061] loop4: unable to read partition table [ 1749.415084] hfs: can't find a HFS filesystem on dev loop5 03:39:18 executing program 3 (fault-call:2 fault-nth:31): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:18 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1749.429731] loop4: partition table beyond EOD, truncated [ 1749.442820] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:18 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1749.501830] FAULT_INJECTION: forcing a failure. [ 1749.501830] name failslab, interval 1, probability 0, space 0, times 0 [ 1749.522944] CPU: 1 PID: 11589 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1749.529895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1749.539249] Call Trace: [ 1749.539278] dump_stack+0x1d3/0x2c6 [ 1749.539304] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1749.539325] ? graph_lock+0x270/0x270 [ 1749.539349] ? __mark_inode_dirty+0xfc4/0x1510 [ 1749.550729] should_fail.cold.4+0xa/0x17 [ 1749.550750] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1749.550768] ? __lock_is_held+0xb5/0x140 [ 1749.550795] ? graph_lock+0x270/0x270 [ 1749.550817] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1749.581704] ? __mark_inode_dirty+0x4b2/0x1510 [ 1749.586276] ? __inode_attach_wb+0x13f0/0x13f0 [ 1749.590867] ? __lock_is_held+0xb5/0x140 [ 1749.594924] ? rcu_softirq_qs+0x20/0x20 [ 1749.598932] ? ___might_sleep+0x1ed/0x300 [ 1749.603097] ? inode_add_bytes+0xd3/0xf0 [ 1749.607192] ? arch_local_save_flags+0x40/0x40 [ 1749.611804] ? __dquot_alloc_space+0x4b9/0x8c0 [ 1749.616402] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 1749.621452] __should_failslab+0x124/0x180 [ 1749.625702] should_failslab+0x9/0x14 [ 1749.629516] kmem_cache_alloc+0x2be/0x730 [ 1749.633692] ext4_mb_new_blocks+0x787/0x4840 [ 1749.638137] ? find_held_lock+0x36/0x1c0 [ 1749.642223] ? ext4_discard_preallocations+0x13c0/0x13c0 [ 1749.647713] ? rcu_read_unlock_special+0x1d0/0x1d0 03:39:18 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x100000, 0x0) [ 1749.652649] ? kasan_check_read+0x11/0x20 [ 1749.656830] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1749.662144] ? rcu_softirq_qs+0x20/0x20 [ 1749.666135] ? rcu_softirq_qs+0x20/0x20 [ 1749.670117] ? unwind_dump+0x190/0x190 [ 1749.674044] ? is_bpf_text_address+0xd3/0x170 [ 1749.678549] ? kernel_text_address+0x79/0xf0 [ 1749.678567] ? __kernel_text_address+0xd/0x40 [ 1749.678585] ? unwind_get_return_address+0x61/0xa0 [ 1749.678605] ? __save_stack_trace+0x8d/0xf0 [ 1749.678634] ? save_stack+0xa9/0xd0 [ 1749.678651] ? save_stack+0x43/0xd0 [ 1749.692467] ? kasan_kmalloc+0xc7/0xe0 [ 1749.692482] ? __kmalloc+0x15b/0x770 [ 1749.692499] ? ext4_find_extent+0x757/0x9b0 [ 1749.692515] ? ext4_ext_map_blocks+0x2ad/0x6180 [ 1749.692529] ? ext4_map_blocks+0x8f7/0x1b60 [ 1749.692543] ? ext4_getblk+0x10e/0x630 [ 1749.692556] ? ext4_bread+0x95/0x2b0 [ 1749.692572] ? ext4_append+0x14e/0x370 [ 1749.692584] ? ext4_mkdir+0x532/0xe60 [ 1749.692598] ? vfs_mkdir+0x42e/0x6b0 [ 1749.692611] ? do_mkdirat+0x27a/0x310 [ 1749.692625] ? __x64_sys_mkdir+0x5c/0x80 [ 1749.692641] ? do_syscall_64+0x1b9/0x820 [ 1749.692661] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1749.736535] ? save_stack+0xa9/0xd0 [ 1749.736573] ? graph_lock+0x270/0x270 [ 1749.736597] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1749.736616] ? check_preemption_disabled+0x48/0x280 [ 1749.736642] ? __lock_is_held+0xb5/0x140 [ 1749.736682] ? rcu_read_lock_sched_held+0x108/0x120 [ 1749.752022] ? __kmalloc+0x5fa/0x770 [ 1749.752045] ? ext4_find_extent+0x757/0x9b0 [ 1749.752066] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1749.752085] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1749.752102] ? ext4_inode_to_goal_block+0x2e3/0x3f0 [ 1749.752128] ext4_ext_map_blocks+0x2eef/0x6180 [ 1749.752163] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1749.822808] ? ext4_ext_release+0x10/0x10 [ 1749.826966] ? __brelse+0x104/0x180 [ 1749.830601] ? block_commit_write+0x30/0x30 [ 1749.834940] ? find_held_lock+0x36/0x1c0 [ 1749.839035] ? graph_lock+0x270/0x270 [ 1749.842847] ? graph_lock+0x270/0x270 [ 1749.846665] ? graph_lock+0x270/0x270 [ 1749.850491] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1749.856074] ? lock_acquire+0x1ed/0x520 [ 1749.860075] ? ext4_map_blocks+0x88f/0x1b60 [ 1749.864415] ? lock_release+0xa00/0xa00 [ 1749.868416] ? arch_local_save_flags+0x40/0x40 [ 1749.873008] ? ext4_es_cache_extent+0x6a0/0x6a0 [ 1749.877712] ? down_write+0x8a/0x130 [ 1749.881435] ? ext4_map_blocks+0x88f/0x1b60 [ 1749.885781] ? down_read+0x120/0x120 [ 1749.889513] ext4_map_blocks+0x8f7/0x1b60 [ 1749.893690] ? ext4_issue_zeroout+0x160/0x160 [ 1749.898242] ext4_getblk+0x10e/0x630 [ 1749.901969] ? ext4_iomap_begin+0x1390/0x1390 [ 1749.906492] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1749.912042] ? __dquot_initialize+0x629/0xdd0 [ 1749.916554] ext4_bread+0x95/0x2b0 [ 1749.920131] ? ext4_getblk+0x630/0x630 [ 1749.924062] ? dquot_get_next_dqblk+0x180/0x180 [ 1749.928749] ext4_append+0x14e/0x370 [ 1749.932513] ext4_mkdir+0x532/0xe60 [ 1749.936161] ? ext4_init_dot_dotdot+0x510/0x510 [ 1749.940850] ? selinux_inode_mkdir+0x22/0x30 [ 1749.945284] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1749.950833] ? security_inode_mkdir+0xe8/0x120 [ 1749.955430] vfs_mkdir+0x42e/0x6b0 [ 1749.958985] do_mkdirat+0x27a/0x310 [ 1749.962623] ? __ia32_sys_mknod+0xb0/0xb0 [ 1749.966783] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1749.972197] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1749.977661] ? ksys_ioctl+0x81/0xd0 [ 1749.981314] __x64_sys_mkdir+0x5c/0x80 [ 1749.985219] do_syscall_64+0x1b9/0x820 [ 1749.989119] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1749.994516] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1749.999473] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1750.004333] ? trace_hardirqs_on_caller+0x310/0x310 [ 1750.009361] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1750.014401] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1750.019435] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1750.024299] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1750.029493] RIP: 0033:0x456b77 [ 1750.032708] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:39:19 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x0, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:19 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000004000001", 0x35, 0x1c0}]) [ 1750.051621] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1750.059335] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000456b77 [ 1750.066608] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000080 [ 1750.073888] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1750.081160] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1750.088440] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:19 executing program 3 (fault-call:2 fault-nth:32): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1750.161169] hfs: invalid session number or type of track [ 1750.173800] hfs: can't find a HFS filesystem on dev loop5 [ 1750.179825] Dev loop4: unable to read RDB block 1 [ 1750.193525] loop4: unable to read partition table [ 1750.210913] loop4: partition table beyond EOD, truncated [ 1750.235982] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1750.255449] hfs: invalid session number or type of track [ 1750.265708] hfs: can't find a HFS filesystem on dev loop5 [ 1750.293973] FAULT_INJECTION: forcing a failure. [ 1750.293973] name failslab, interval 1, probability 0, space 0, times 0 [ 1750.305750] CPU: 0 PID: 11612 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1750.312701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1750.322059] Call Trace: [ 1750.324665] dump_stack+0x1d3/0x2c6 [ 1750.328328] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1750.333530] ? __lock_acquire+0x62f/0x4c20 [ 1750.337778] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1750.343335] should_fail.cold.4+0xa/0x17 [ 1750.347412] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1750.352527] ? mark_held_locks+0x130/0x130 [ 1750.356802] ? mark_held_locks+0x130/0x130 [ 1750.361049] ? find_held_lock+0x36/0x1c0 [ 1750.365129] ? is_bpf_text_address+0xac/0x170 [ 1750.369639] ? lock_downgrade+0x900/0x900 [ 1750.373879] ? check_preemption_disabled+0x48/0x280 [ 1750.378910] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1750.383855] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1750.389142] ? rcu_softirq_qs+0x20/0x20 [ 1750.393126] ? unwind_dump+0x190/0x190 [ 1750.397524] ? graph_lock+0x270/0x270 [ 1750.401348] __should_failslab+0x124/0x180 [ 1750.405608] should_failslab+0x9/0x14 [ 1750.409419] kmem_cache_alloc+0x47/0x730 [ 1750.413496] ? __es_tree_search.isra.12+0x1ba/0x220 [ 1750.418521] ? find_held_lock+0x36/0x1c0 [ 1750.422599] __es_insert_extent+0x30c/0x1120 [ 1750.427040] ? ext4_es_free_extent+0x790/0x790 [ 1750.431630] ? kasan_check_read+0x11/0x20 [ 1750.435805] ? do_raw_write_lock+0x14f/0x310 [ 1750.440224] ? do_raw_read_unlock+0x70/0x70 [ 1750.444559] ? __lock_is_held+0xb5/0x140 [ 1750.448646] ext4_es_insert_extent+0x357/0xbd0 [ 1750.453261] ? ext4_es_scan_clu+0x50/0x50 [ 1750.457424] ? __lock_is_held+0xb5/0x140 [ 1750.461514] ? rcu_read_lock_sched_held+0x108/0x120 [ 1750.466568] ext4_ext_put_gap_in_cache+0x15f/0x1f0 [ 1750.471506] ? ext4_rereserve_cluster+0x240/0x240 [ 1750.476362] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1750.481918] ext4_ext_map_blocks+0x2545/0x6180 [ 1750.486513] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1750.492100] ? graph_lock+0x270/0x270 [ 1750.495913] ? ext4_ext_release+0x10/0x10 [ 1750.500070] ? __brelse+0x104/0x180 [ 1750.503720] ? block_commit_write+0x30/0x30 [ 1750.508061] ? find_held_lock+0x36/0x1c0 [ 1750.512141] ? graph_lock+0x270/0x270 [ 1750.515957] ? graph_lock+0x270/0x270 [ 1750.519781] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1750.525328] ? check_preemption_disabled+0x48/0x280 [ 1750.530513] ? lock_acquire+0x1ed/0x520 [ 1750.534498] ? ext4_map_blocks+0x487/0x1b60 [ 1750.538850] ? lock_release+0xa00/0xa00 [ 1750.542836] ? arch_local_save_flags+0x40/0x40 [ 1750.547429] ? ext4_es_cache_extent+0x6a0/0x6a0 [ 1750.552117] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1750.557694] ? down_read+0x8d/0x120 [ 1750.561336] ? ext4_map_blocks+0x487/0x1b60 [ 1750.565686] ? __down_interruptible+0x700/0x700 [ 1750.570382] ext4_map_blocks+0xe35/0x1b60 [ 1750.574551] ? ext4_issue_zeroout+0x160/0x160 [ 1750.579071] ext4_getblk+0x10e/0x630 [ 1750.582800] ? ext4_iomap_begin+0x1390/0x1390 [ 1750.587313] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 03:39:19 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x10000000, 0x0) [ 1750.592876] ? __dquot_initialize+0x629/0xdd0 [ 1750.597389] ext4_bread+0x95/0x2b0 [ 1750.600943] ? ext4_getblk+0x630/0x630 [ 1750.604844] ? dquot_get_next_dqblk+0x180/0x180 [ 1750.609534] ext4_append+0x14e/0x370 [ 1750.613271] ext4_mkdir+0x532/0xe60 [ 1750.616942] ? ext4_init_dot_dotdot+0x510/0x510 [ 1750.621659] ? selinux_inode_mkdir+0x22/0x30 [ 1750.626098] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1750.631650] ? security_inode_mkdir+0xe8/0x120 [ 1750.636258] vfs_mkdir+0x42e/0x6b0 [ 1750.639811] do_mkdirat+0x27a/0x310 [ 1750.643455] ? __ia32_sys_mknod+0xb0/0xb0 [ 1750.647614] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1750.653010] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1750.658472] ? ksys_ioctl+0x81/0xd0 [ 1750.662112] __x64_sys_mkdir+0x5c/0x80 [ 1750.666009] do_syscall_64+0x1b9/0x820 [ 1750.669924] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1750.675301] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1750.680243] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1750.685117] ? trace_hardirqs_on_caller+0x310/0x310 [ 1750.690160] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1750.695186] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1750.700215] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1750.705081] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1750.710274] RIP: 0033:0x456b77 [ 1750.713475] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1750.732379] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1750.740113] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000456b77 [ 1750.747401] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000080 [ 1750.754695] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1750.761972] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1750.769248] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1750.790092] Dev loop4: unable to read RDB block 1 03:39:19 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:19 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1750.794114] hfs: invalid session number or type of track [ 1750.801686] hfs: can't find a HFS filesystem on dev loop3 [ 1750.809947] loop4: unable to read partition table [ 1750.828414] loop4: partition table beyond EOD, truncated 03:39:19 executing program 3 (fault-call:2 fault-nth:33): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1750.852511] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:19 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x0, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:19 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000074000001", 0x35, 0x1c0}]) [ 1750.940777] hfs: invalid session number or type of track [ 1750.953974] hfs: can't find a HFS filesystem on dev loop5 [ 1750.968287] FAULT_INJECTION: forcing a failure. [ 1750.968287] name failslab, interval 1, probability 0, space 0, times 0 [ 1750.995654] CPU: 1 PID: 11627 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1751.002636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1751.012006] Call Trace: [ 1751.014613] dump_stack+0x1d3/0x2c6 [ 1751.018263] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1751.023505] ? graph_lock+0x270/0x270 [ 1751.027331] ? __mark_inode_dirty+0xfc4/0x1510 [ 1751.031931] should_fail.cold.4+0xa/0x17 [ 1751.036012] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1751.041125] ? __lock_is_held+0xb5/0x140 [ 1751.045228] ? graph_lock+0x270/0x270 [ 1751.049041] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1751.054585] ? __mark_inode_dirty+0x4b2/0x1510 [ 1751.059189] ? __inode_attach_wb+0x13f0/0x13f0 [ 1751.063791] ? __lock_is_held+0xb5/0x140 [ 1751.067916] ? ___might_sleep+0x1ed/0x300 [ 1751.072080] ? inode_add_bytes+0xd3/0xf0 [ 1751.076156] ? arch_local_save_flags+0x40/0x40 [ 1751.080763] ? __dquot_alloc_space+0x4b9/0x8c0 [ 1751.085358] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 1751.090391] __should_failslab+0x124/0x180 [ 1751.094638] should_failslab+0x9/0x14 [ 1751.098465] kmem_cache_alloc+0x2be/0x730 [ 1751.102643] ext4_mb_new_blocks+0x787/0x4840 [ 1751.107090] ? find_held_lock+0x36/0x1c0 [ 1751.111185] ? ext4_discard_preallocations+0x13c0/0x13c0 [ 1751.116656] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1751.121604] ? kasan_check_read+0x11/0x20 [ 1751.125760] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1751.131049] ? rcu_softirq_qs+0x20/0x20 [ 1751.135037] ? rcu_softirq_qs+0x20/0x20 [ 1751.139019] ? unwind_dump+0x190/0x190 [ 1751.142923] ? is_bpf_text_address+0xd3/0x170 [ 1751.147449] ? kernel_text_address+0x79/0xf0 [ 1751.151874] ? __kernel_text_address+0xd/0x40 [ 1751.156379] ? unwind_get_return_address+0x61/0xa0 [ 1751.161326] ? __save_stack_trace+0x8d/0xf0 [ 1751.165695] ? save_stack+0xa9/0xd0 [ 1751.169335] ? save_stack+0x43/0xd0 [ 1751.172970] ? kasan_kmalloc+0xc7/0xe0 [ 1751.176865] ? __kmalloc+0x15b/0x770 [ 1751.180590] ? ext4_find_extent+0x757/0x9b0 [ 1751.184920] ? ext4_ext_map_blocks+0x2ad/0x6180 [ 1751.189598] ? ext4_map_blocks+0x8f7/0x1b60 [ 1751.193929] ? ext4_getblk+0x10e/0x630 [ 1751.197840] ? ext4_bread+0x95/0x2b0 [ 1751.201567] ? ext4_append+0x14e/0x370 [ 1751.205461] ? ext4_mkdir+0x532/0xe60 [ 1751.209291] ? vfs_mkdir+0x42e/0x6b0 [ 1751.213011] ? do_mkdirat+0x27a/0x310 [ 1751.216817] ? __x64_sys_mkdir+0x5c/0x80 [ 1751.220894] ? do_syscall_64+0x1b9/0x820 [ 1751.224964] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1751.230344] ? __sched_text_start+0x8/0x8 [ 1751.234528] ? graph_lock+0x270/0x270 [ 1751.238353] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1751.243903] ? check_preemption_disabled+0x48/0x280 [ 1751.248950] ? __lock_is_held+0xb5/0x140 [ 1751.253080] ? rcu_read_lock_sched_held+0x108/0x120 [ 1751.258106] ? __kmalloc+0x5fa/0x770 [ 1751.261837] ? ext4_find_extent+0x757/0x9b0 [ 1751.266177] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1751.271767] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1751.277319] ? ext4_inode_to_goal_block+0x2e3/0x3f0 [ 1751.282359] ext4_ext_map_blocks+0x2eef/0x6180 [ 1751.286955] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1751.292522] ? ext4_ext_release+0x10/0x10 [ 1751.296687] ? __brelse+0x104/0x180 [ 1751.300324] ? block_commit_write+0x30/0x30 [ 1751.304663] ? find_held_lock+0x36/0x1c0 [ 1751.308755] ? graph_lock+0x270/0x270 [ 1751.312569] ? graph_lock+0x270/0x270 [ 1751.316389] ? graph_lock+0x270/0x270 [ 1751.320239] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1751.325823] ? lock_acquire+0x1ed/0x520 [ 1751.329820] ? ext4_map_blocks+0x88f/0x1b60 [ 1751.334174] ? lock_release+0xa00/0xa00 [ 1751.338164] ? arch_local_save_flags+0x40/0x40 [ 1751.342796] ? ext4_es_cache_extent+0x6a0/0x6a0 [ 1751.347489] ? down_write+0x8a/0x130 [ 1751.351223] ? ext4_map_blocks+0x88f/0x1b60 [ 1751.355559] ? down_read+0x120/0x120 [ 1751.359300] ext4_map_blocks+0x8f7/0x1b60 [ 1751.363485] ? ext4_issue_zeroout+0x160/0x160 [ 1751.368032] ext4_getblk+0x10e/0x630 [ 1751.371762] ? ext4_iomap_begin+0x1390/0x1390 [ 1751.376273] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1751.381856] ? __dquot_initialize+0x629/0xdd0 [ 1751.386383] ext4_bread+0x95/0x2b0 [ 1751.389939] ? ext4_getblk+0x630/0x630 [ 1751.393835] ? dquot_get_next_dqblk+0x180/0x180 [ 1751.398530] ext4_append+0x14e/0x370 [ 1751.402263] ext4_mkdir+0x532/0xe60 [ 1751.405917] ? ext4_init_dot_dotdot+0x510/0x510 [ 1751.410612] ? selinux_inode_mkdir+0x22/0x30 [ 1751.415031] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1751.420583] ? security_inode_mkdir+0xe8/0x120 [ 1751.425213] vfs_mkdir+0x42e/0x6b0 [ 1751.428768] do_mkdirat+0x27a/0x310 [ 1751.432413] ? __ia32_sys_mknod+0xb0/0xb0 [ 1751.436574] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1751.441954] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1751.447422] ? ksys_ioctl+0x81/0xd0 [ 1751.451065] __x64_sys_mkdir+0x5c/0x80 [ 1751.454966] do_syscall_64+0x1b9/0x820 [ 1751.458865] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1751.464245] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1751.469196] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1751.474058] ? trace_hardirqs_on_caller+0x310/0x310 [ 1751.479089] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1751.484125] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1751.489163] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1751.494032] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1751.499230] RIP: 0033:0x456b77 [ 1751.502433] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1751.521342] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1751.529063] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000456b77 [ 1751.536336] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000080 [ 1751.543608] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1751.550914] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1751.558200] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:20 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x4000, 0x0) 03:39:20 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1751.595211] hfs: invalid session number or type of track [ 1751.600695] hfs: can't find a HFS filesystem on dev loop5 03:39:20 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1751.734867] Dev loop4: unable to read RDB block 1 03:39:20 executing program 3 (fault-call:2 fault-nth:34): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1751.755056] loop4: unable to read partition table [ 1751.780894] loop4: partition table beyond EOD, truncated 03:39:20 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x0, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1751.821559] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1751.856952] FAULT_INJECTION: forcing a failure. [ 1751.856952] name failslab, interval 1, probability 0, space 0, times 0 [ 1751.872996] hfs: invalid session number or type of track [ 1751.878463] hfs: can't find a HFS filesystem on dev loop5 [ 1751.892750] CPU: 0 PID: 11658 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1751.899738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1751.909093] Call Trace: [ 1751.911717] dump_stack+0x1d3/0x2c6 [ 1751.915371] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1751.920582] ? lock_downgrade+0x900/0x900 [ 1751.924776] should_fail.cold.4+0xa/0x17 [ 1751.928863] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1751.934002] ? find_held_lock+0x36/0x1c0 [ 1751.938093] ? mntput_no_expire+0x1ba/0xc00 [ 1751.942429] ? lock_downgrade+0x900/0x900 [ 1751.946621] ? check_preemption_disabled+0x48/0x280 [ 1751.951657] ? find_held_lock+0x36/0x1c0 [ 1751.955789] ? ___might_sleep+0x1ed/0x300 [ 1751.959945] ? arch_local_save_flags+0x40/0x40 [ 1751.964570] ? dput.part.25+0x26d/0x790 [ 1751.968584] __should_failslab+0x124/0x180 [ 1751.972831] should_failslab+0x9/0x14 [ 1751.976662] __kmalloc_track_caller+0x2d1/0x760 [ 1751.981355] ? strncpy_from_user+0x510/0x510 [ 1751.985772] ? strndup_user+0x77/0xd0 [ 1751.989594] memdup_user+0x2c/0xa0 [ 1751.993144] strndup_user+0x77/0xd0 [ 1751.996783] ksys_mount+0x3c/0x140 [ 1752.000339] __x64_sys_mount+0xbe/0x150 [ 1752.004329] do_syscall_64+0x1b9/0x820 [ 1752.008224] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1752.013610] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1752.018578] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1752.023460] ? trace_hardirqs_on_caller+0x310/0x310 [ 1752.028487] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1752.033514] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1752.038544] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1752.043413] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1752.048607] RIP: 0033:0x45a1ca [ 1752.051812] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1752.070721] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1752.078433] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1752.085714] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1752.092990] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1752.100280] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1752.107556] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1752.147093] hfs: invalid session number or type of track [ 1752.162747] hfs: can't find a HFS filesystem on dev loop5 [ 1752.184502] Dev loop4: unable to read RDB block 1 [ 1752.191901] loop4: unable to read partition table 03:39:21 executing program 3 (fault-call:2 fault-nth:35): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:21 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1752.202711] loop4: partition table beyond EOD, truncated [ 1752.208344] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1752.283913] FAULT_INJECTION: forcing a failure. [ 1752.283913] name failslab, interval 1, probability 0, space 0, times 0 [ 1752.295284] CPU: 0 PID: 11669 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1752.302226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1752.311585] Call Trace: [ 1752.314189] dump_stack+0x1d3/0x2c6 [ 1752.317836] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1752.323040] ? print_usage_bug+0xc0/0xc0 [ 1752.327125] ? ext4_bread+0x95/0x2b0 [ 1752.330855] should_fail.cold.4+0xa/0x17 [ 1752.334923] ? do_raw_spin_unlock+0xa7/0x330 [ 1752.339343] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1752.344499] ? mark_held_locks+0x130/0x130 [ 1752.348750] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1752.354308] ? check_preemption_disabled+0x48/0x280 [ 1752.359342] ? __lock_is_held+0xb5/0x140 [ 1752.363427] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1752.368992] ? ext4_ext_map_blocks+0xf14/0x6180 [ 1752.373734] __should_failslab+0x124/0x180 [ 1752.378027] should_failslab+0x9/0x14 [ 1752.381841] kmem_cache_alloc+0x47/0x730 [ 1752.385913] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1752.390950] ? ext4_es_can_be_merged+0x23d/0x2a0 [ 1752.396229] ? __es_tree_search.isra.12+0x1ba/0x220 [ 1752.401259] __es_insert_extent+0x30c/0x1120 [ 1752.405715] ? ext4_es_free_extent+0x790/0x790 [ 1752.410306] ? do_raw_write_lock+0x14f/0x310 [ 1752.414727] ? do_raw_read_unlock+0x70/0x70 [ 1752.419053] ? __lock_is_held+0xb5/0x140 [ 1752.423138] ext4_es_insert_extent+0x357/0xbd0 [ 1752.427735] ? ext4_es_scan_clu+0x50/0x50 [ 1752.431933] ? down_write+0x8a/0x130 [ 1752.435652] ? ext4_map_blocks+0x88f/0x1b60 [ 1752.439994] ? down_read+0x120/0x120 [ 1752.443728] ext4_map_blocks+0xb0c/0x1b60 [ 1752.447895] ? ext4_issue_zeroout+0x160/0x160 [ 1752.452412] ext4_getblk+0x10e/0x630 [ 1752.456156] ? ext4_iomap_begin+0x1390/0x1390 [ 1752.460663] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1752.466226] ? __dquot_initialize+0x629/0xdd0 [ 1752.470746] ext4_bread+0x95/0x2b0 [ 1752.474292] ? ext4_getblk+0x630/0x630 [ 1752.478179] ? dquot_get_next_dqblk+0x180/0x180 [ 1752.482879] ext4_append+0x14e/0x370 [ 1752.486602] ext4_mkdir+0x532/0xe60 [ 1752.490247] ? ext4_init_dot_dotdot+0x510/0x510 [ 1752.494931] ? selinux_inode_mkdir+0x22/0x30 [ 1752.499352] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1752.504904] ? security_inode_mkdir+0xe8/0x120 [ 1752.509505] vfs_mkdir+0x42e/0x6b0 [ 1752.513064] do_mkdirat+0x27a/0x310 [ 1752.516713] ? __ia32_sys_mknod+0xb0/0xb0 [ 1752.520867] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1752.526375] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1752.531832] ? ksys_ioctl+0x81/0xd0 [ 1752.535472] __x64_sys_mkdir+0x5c/0x80 [ 1752.539368] do_syscall_64+0x1b9/0x820 [ 1752.543260] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1752.548634] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1752.553581] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1752.558435] ? trace_hardirqs_on_caller+0x310/0x310 [ 1752.563465] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1752.568493] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1752.573525] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1752.578397] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1752.583605] RIP: 0033:0x456b77 [ 1752.586799] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1752.605708] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1752.613421] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000456b77 [ 1752.620718] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000080 [ 1752.627992] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a 03:39:21 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff6000000003f0001", 0x35, 0x1c0}]) [ 1752.635279] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1752.642552] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1752.656436] hfs: invalid session number or type of track [ 1752.679050] hfs: can't find a HFS filesystem on dev loop3 03:39:21 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040), 0x0, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:21 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1752.687509] hfs: invalid session number or type of track [ 1752.717784] hfs: can't find a HFS filesystem on dev loop5 03:39:21 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x4000000000000000, 0x0) [ 1752.783985] Dev loop4: unable to read RDB block 1 [ 1752.803026] hfs: invalid session number or type of track [ 1752.808505] hfs: can't find a HFS filesystem on dev loop5 [ 1752.809257] loop4: unable to read partition table [ 1752.842582] loop4: partition table beyond EOD, truncated [ 1752.858506] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:21 executing program 3 (fault-call:2 fault-nth:36): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:21 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\xc0', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1752.935570] FAULT_INJECTION: forcing a failure. [ 1752.935570] name failslab, interval 1, probability 0, space 0, times 0 [ 1752.947538] CPU: 0 PID: 11694 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1752.953554] Dev loop4: unable to read RDB block 1 [ 1752.954482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1752.954489] Call Trace: [ 1752.954517] dump_stack+0x1d3/0x2c6 [ 1752.954545] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1752.954574] ? __kernel_text_address+0xd/0x40 [ 1752.959583] loop4: unable to read partition table [ 1752.968757] ? unwind_get_return_address+0x61/0xa0 [ 1752.968780] should_fail.cold.4+0xa/0x17 [ 1752.968801] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1752.968825] ? save_stack+0x43/0xd0 [ 1752.968839] ? kasan_kmalloc+0xc7/0xe0 [ 1752.968856] ? __kmalloc_track_caller+0x157/0x760 [ 1752.968874] ? memdup_user+0x2c/0xa0 [ 1752.988367] loop4: partition table beyond EOD, truncated [ 1752.989712] ? do_syscall_64+0x1b9/0x820 [ 1752.989729] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1752.989758] ? find_held_lock+0x36/0x1c0 [ 1752.989794] ? ___might_sleep+0x1ed/0x300 [ 1753.002889] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1753.007482] ? arch_local_save_flags+0x40/0x40 [ 1753.007502] ? lock_release+0xa00/0xa00 [ 1753.007516] ? arch_local_save_flags+0x40/0x40 [ 1753.007542] __should_failslab+0x124/0x180 [ 1753.007563] should_failslab+0x9/0x14 [ 1753.071516] __kmalloc_track_caller+0x2d1/0x760 [ 1753.076219] ? strncpy_from_user+0x510/0x510 [ 1753.080667] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1753.086233] ? strndup_user+0x77/0xd0 [ 1753.090049] memdup_user+0x2c/0xa0 [ 1753.093599] strndup_user+0x77/0xd0 [ 1753.097237] ksys_mount+0x73/0x140 [ 1753.100792] __x64_sys_mount+0xbe/0x150 [ 1753.104802] do_syscall_64+0x1b9/0x820 [ 1753.108714] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1753.114093] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1753.119031] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1753.123890] ? trace_hardirqs_on_caller+0x310/0x310 [ 1753.128928] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1753.133972] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1753.139037] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1753.143899] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1753.149095] RIP: 0033:0x45a1ca [ 1753.152298] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1753.171205] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1753.178916] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1753.186189] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1753.193464] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1753.200736] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1753.208011] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:22 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000480001", 0x35, 0x1c0}]) 03:39:22 executing program 3 (fault-call:2 fault-nth:37): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1753.390606] FAULT_INJECTION: forcing a failure. [ 1753.390606] name failslab, interval 1, probability 0, space 0, times 0 [ 1753.407797] CPU: 0 PID: 11705 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1753.414740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1753.424118] Call Trace: [ 1753.426730] dump_stack+0x1d3/0x2c6 [ 1753.430380] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1753.435596] should_fail.cold.4+0xa/0x17 [ 1753.439685] ? check_preemption_disabled+0x48/0x280 [ 1753.444728] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1753.449845] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1753.454792] ? print_usage_bug+0xc0/0xc0 [ 1753.458868] ? rcu_softirq_qs+0x20/0x20 [ 1753.462851] ? unwind_dump+0x190/0x190 [ 1753.466796] ? graph_lock+0x270/0x270 [ 1753.470604] ? is_bpf_text_address+0xd3/0x170 [ 1753.475125] ? find_held_lock+0x36/0x1c0 [ 1753.479213] ? ___might_sleep+0x1ed/0x300 [ 1753.483375] ? arch_local_save_flags+0x40/0x40 [ 1753.487970] ? lock_downgrade+0x900/0x900 [ 1753.492129] ? check_preemption_disabled+0x48/0x280 [ 1753.497167] __should_failslab+0x124/0x180 [ 1753.501418] should_failslab+0x9/0x14 [ 1753.505234] kmem_cache_alloc+0x2be/0x730 [ 1753.509408] alloc_vfsmnt+0xe9/0x990 [ 1753.513133] ? m_stop+0x20/0x20 [ 1753.516444] ? avc_has_extended_perms+0x15a0/0x15a0 [ 1753.521472] ? graph_lock+0x270/0x270 [ 1753.525302] ? find_held_lock+0x36/0x1c0 [ 1753.529383] ? __get_fs_type+0x97/0xc0 [ 1753.533311] ? lock_downgrade+0x900/0x900 [ 1753.537489] ? lock_release+0xa00/0xa00 [ 1753.541479] ? selinux_mount+0x1dc/0x3c0 [ 1753.545560] vfs_kern_mount.part.35+0x90/0x4f0 [ 1753.550151] ? may_umount+0xb0/0xb0 [ 1753.553793] ? _raw_read_unlock+0x2c/0x50 [ 1753.557952] ? __get_fs_type+0x97/0xc0 [ 1753.561872] do_mount+0x581/0x31f0 [ 1753.565423] ? check_preemption_disabled+0x48/0x280 [ 1753.570457] ? copy_mount_string+0x40/0x40 [ 1753.574723] ? copy_mount_options+0x5f/0x430 [ 1753.579174] ? rcu_read_lock_sched_held+0x108/0x120 [ 1753.584222] ? kmem_cache_alloc_trace+0x353/0x750 [ 1753.589092] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1753.594641] ? _copy_from_user+0xdf/0x150 [ 1753.598817] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1753.604363] ? copy_mount_options+0x315/0x430 [ 1753.608874] ksys_mount+0x12d/0x140 [ 1753.612514] __x64_sys_mount+0xbe/0x150 [ 1753.616507] do_syscall_64+0x1b9/0x820 [ 1753.620403] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1753.625809] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1753.630750] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1753.635609] ? trace_hardirqs_on_caller+0x310/0x310 [ 1753.640636] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1753.645704] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1753.650738] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1753.655602] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1753.660798] RIP: 0033:0x45a1ca [ 1753.664000] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1753.682907] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 03:39:22 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x05', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1753.690626] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1753.697899] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1753.705171] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1753.712443] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1753.719718] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1753.752650] Dev loop4: unable to read RDB block 1 [ 1753.766814] loop4: unable to read partition table 03:39:22 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:22 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(0x0, 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:22 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0xeffdffff00000000, 0x0) [ 1753.799338] loop4: partition table beyond EOD, truncated [ 1753.807984] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:22 executing program 3 (fault-call:2 fault-nth:38): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:22 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1753.914412] Dev loop4: unable to read RDB block 1 [ 1753.920700] loop4: unable to read partition table [ 1753.927447] FAULT_INJECTION: forcing a failure. [ 1753.927447] name failslab, interval 1, probability 0, space 0, times 0 [ 1753.942308] loop4: partition table beyond EOD, truncated [ 1753.959450] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1753.969102] CPU: 1 PID: 11722 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1753.976052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1753.985417] Call Trace: [ 1753.988022] dump_stack+0x1d3/0x2c6 [ 1753.991705] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1753.996934] should_fail.cold.4+0xa/0x17 [ 1754.001003] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1754.006112] ? is_bpf_text_address+0xac/0x170 [ 1754.010612] ? lock_downgrade+0x900/0x900 [ 1754.014783] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1754.019711] ? kasan_check_read+0x11/0x20 [ 1754.023866] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1754.029147] ? rcu_softirq_qs+0x20/0x20 [ 1754.033128] ? rcu_softirq_qs+0x20/0x20 [ 1754.037116] ? unwind_dump+0x190/0x190 [ 1754.041022] ? find_held_lock+0x36/0x1c0 [ 1754.045111] ? quirks_show+0x468/0x590 [ 1754.049014] ? ___might_sleep+0x1ed/0x300 [ 1754.053170] ? arch_local_save_flags+0x40/0x40 [ 1754.057776] __should_failslab+0x124/0x180 [ 1754.062018] should_failslab+0x9/0x14 [ 1754.065838] kmem_cache_alloc+0x2be/0x730 [ 1754.070014] getname_flags+0xd0/0x590 [ 1754.073824] user_path_at_empty+0x2d/0x50 [ 1754.077994] do_mount+0x177/0x31f0 [ 1754.081534] ? check_preemption_disabled+0x48/0x280 [ 1754.086558] ? copy_mount_string+0x40/0x40 [ 1754.090794] ? rcu_pm_notify+0xc0/0xc0 [ 1754.094712] ? copy_mount_options+0x5f/0x430 [ 1754.099131] ? rcu_read_lock_sched_held+0x108/0x120 [ 1754.104154] ? kmem_cache_alloc_trace+0x353/0x750 [ 1754.109018] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1754.114557] ? copy_mount_options+0x315/0x430 [ 1754.119058] ksys_mount+0x12d/0x140 [ 1754.122718] __x64_sys_mount+0xbe/0x150 [ 1754.126711] do_syscall_64+0x1b9/0x820 [ 1754.130606] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1754.135974] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1754.140908] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1754.145757] ? trace_hardirqs_on_caller+0x310/0x310 [ 1754.150776] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1754.155798] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1754.160826] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1754.165690] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1754.170881] RIP: 0033:0x45a1ca [ 1754.174076] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1754.192976] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1754.200689] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1754.207962] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1754.215228] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1754.222499] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1754.229771] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:23 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:23 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x82', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:23 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000680001", 0x35, 0x1c0}]) 03:39:23 executing program 3 (fault-call:2 fault-nth:39): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1754.461438] FAULT_INJECTION: forcing a failure. [ 1754.461438] name failslab, interval 1, probability 0, space 0, times 0 [ 1754.485477] CPU: 1 PID: 11738 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1754.492438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1754.501801] Call Trace: [ 1754.504413] dump_stack+0x1d3/0x2c6 [ 1754.508066] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1754.513285] should_fail.cold.4+0xa/0x17 [ 1754.517368] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1754.522499] ? find_held_lock+0x36/0x1c0 [ 1754.527126] ? find_held_lock+0x36/0x1c0 [ 1754.531295] ? nft_rhash_deactivate+0x9c8/0xb40 [ 1754.535991] ? ___might_sleep+0x1ed/0x300 [ 1754.540150] ? arch_local_save_flags+0x40/0x40 [ 1754.544747] ? kfree+0x1fa/0x230 [ 1754.548142] ? ida_alloc_range+0x953/0xc80 [ 1754.552397] __should_failslab+0x124/0x180 [ 1754.556659] should_failslab+0x9/0x14 [ 1754.560488] __kmalloc_track_caller+0x2d1/0x760 [ 1754.565175] ? kstrdup_const+0x66/0x80 [ 1754.569115] kstrdup+0x39/0x70 [ 1754.572328] kstrdup_const+0x66/0x80 [ 1754.576085] alloc_vfsmnt+0x186/0x990 [ 1754.579930] ? m_stop+0x20/0x20 [ 1754.583220] ? avc_has_extended_perms+0x15a0/0x15a0 [ 1754.588249] ? graph_lock+0x270/0x270 [ 1754.588281] ? find_held_lock+0x36/0x1c0 [ 1754.596146] ? __get_fs_type+0x97/0xc0 [ 1754.600054] ? lock_downgrade+0x900/0x900 [ 1754.604225] ? lock_release+0xa00/0xa00 [ 1754.608214] ? selinux_mount+0x1dc/0x3c0 [ 1754.612296] vfs_kern_mount.part.35+0x90/0x4f0 [ 1754.616894] ? may_umount+0xb0/0xb0 [ 1754.620535] ? _raw_read_unlock+0x2c/0x50 [ 1754.624703] ? __get_fs_type+0x97/0xc0 [ 1754.628616] do_mount+0x581/0x31f0 [ 1754.632190] ? check_preemption_disabled+0x48/0x280 [ 1754.637238] ? copy_mount_string+0x40/0x40 [ 1754.641488] ? copy_mount_options+0x5f/0x430 [ 1754.645909] ? rcu_read_lock_sched_held+0x108/0x120 [ 1754.650938] ? kmem_cache_alloc_trace+0x353/0x750 [ 1754.655798] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1754.661349] ? _copy_from_user+0xdf/0x150 [ 1754.665512] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1754.671068] ? copy_mount_options+0x315/0x430 [ 1754.675583] ksys_mount+0x12d/0x140 [ 1754.679221] __x64_sys_mount+0xbe/0x150 [ 1754.683212] do_syscall_64+0x1b9/0x820 [ 1754.687110] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1754.692488] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1754.697430] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1754.702286] ? trace_hardirqs_on_caller+0x310/0x310 [ 1754.707314] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1754.712348] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1754.717450] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1754.722326] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1754.727536] RIP: 0033:0x45a1ca [ 1754.730748] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1754.749660] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1754.757387] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1754.764666] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1754.771954] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1754.779230] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1754.786505] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1754.803822] Dev loop4: unable to read RDB block 1 [ 1754.817530] loop4: unable to read partition table 03:39:23 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(0x0, 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:23 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x8dffffff, 0x0) 03:39:23 executing program 3 (fault-call:2 fault-nth:40): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1754.841024] loop4: partition table beyond EOD, truncated [ 1754.860044] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:23 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs`', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:23 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1754.973052] Dev loop4: unable to read RDB block 1 [ 1754.977956] loop4: unable to read partition table [ 1754.984848] FAULT_INJECTION: forcing a failure. [ 1754.984848] name failslab, interval 1, probability 0, space 0, times 0 [ 1754.996793] loop4: partition table beyond EOD, truncated [ 1755.002267] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1755.003015] CPU: 0 PID: 11755 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1755.016701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1755.026053] Call Trace: [ 1755.026078] dump_stack+0x1d3/0x2c6 [ 1755.026101] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1755.026130] should_fail.cold.4+0xa/0x17 [ 1755.026151] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1755.026166] ? is_bpf_text_address+0xac/0x170 [ 1755.026185] ? lock_downgrade+0x900/0x900 [ 1755.026207] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1755.026227] ? kasan_check_read+0x11/0x20 [ 1755.046826] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1755.046843] ? rcu_softirq_qs+0x20/0x20 [ 1755.046860] ? rcu_softirq_qs+0x20/0x20 [ 1755.046875] ? unwind_dump+0x190/0x190 [ 1755.046897] ? find_held_lock+0x36/0x1c0 [ 1755.047013] ? ehci_irq+0x758/0x990 [ 1755.047039] ? ___might_sleep+0x1ed/0x300 [ 1755.055665] ? arch_local_save_flags+0x40/0x40 [ 1755.055723] __should_failslab+0x124/0x180 [ 1755.055755] should_failslab+0x9/0x14 [ 1755.055773] kmem_cache_alloc+0x2be/0x730 [ 1755.055800] getname_flags+0xd0/0x590 [ 1755.055822] user_path_at_empty+0x2d/0x50 [ 1755.055841] do_mount+0x177/0x31f0 [ 1755.055858] ? check_preemption_disabled+0x48/0x280 [ 1755.055879] ? copy_mount_string+0x40/0x40 [ 1755.131328] ? rcu_pm_notify+0xc0/0xc0 [ 1755.135254] ? copy_mount_options+0x5f/0x430 [ 1755.139688] ? rcu_read_lock_sched_held+0x108/0x120 [ 1755.144726] ? kmem_cache_alloc_trace+0x353/0x750 [ 1755.149589] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1755.155148] ? _copy_from_user+0xdf/0x150 [ 1755.159312] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1755.164863] ? copy_mount_options+0x315/0x430 [ 1755.169370] ksys_mount+0x12d/0x140 [ 1755.173003] __x64_sys_mount+0xbe/0x150 [ 1755.177000] do_syscall_64+0x1b9/0x820 [ 1755.180888] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1755.186287] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1755.191223] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1755.196076] ? trace_hardirqs_on_caller+0x310/0x310 [ 1755.201093] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1755.206115] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1755.211167] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1755.216017] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1755.221207] RIP: 0033:0x45a1ca [ 1755.224403] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1755.243303] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1755.251010] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1755.258275] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1755.265560] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 03:39:24 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, 0x0, &(0x7f0000000100)) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1755.272825] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1755.280103] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:24 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff6000000ee000000", 0x35, 0x1c0}]) 03:39:24 executing program 3 (fault-call:2 fault-nth:41): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:24 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1755.513853] Dev loop4: unable to read RDB block 1 [ 1755.520091] loop4: unable to read partition table [ 1755.533387] loop4: partition table beyond EOD, truncated [ 1755.549255] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1755.573837] FAULT_INJECTION: forcing a failure. [ 1755.573837] name failslab, interval 1, probability 0, space 0, times 0 [ 1755.586272] CPU: 1 PID: 11775 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1755.593215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1755.602572] Call Trace: [ 1755.605188] dump_stack+0x1d3/0x2c6 [ 1755.608840] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1755.614051] should_fail.cold.4+0xa/0x17 [ 1755.618126] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1755.623255] ? is_bpf_text_address+0xac/0x170 [ 1755.627770] ? lock_downgrade+0x900/0x900 [ 1755.631934] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1755.636870] ? kasan_check_read+0x11/0x20 [ 1755.641032] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1755.646320] ? rcu_softirq_qs+0x20/0x20 [ 1755.650305] ? rcu_softirq_qs+0x20/0x20 [ 1755.654291] ? unwind_dump+0x190/0x190 [ 1755.658202] ? find_held_lock+0x36/0x1c0 [ 1755.662323] ? ___might_sleep+0x1ed/0x300 [ 1755.666484] ? arch_local_save_flags+0x40/0x40 [ 1755.671104] __should_failslab+0x124/0x180 [ 1755.675347] should_failslab+0x9/0x14 [ 1755.679165] kmem_cache_alloc+0x2be/0x730 [ 1755.683327] ? find_held_lock+0x36/0x1c0 [ 1755.687404] getname_flags+0xd0/0x590 [ 1755.691221] user_path_at_empty+0x2d/0x50 [ 1755.695391] do_mount+0x177/0x31f0 [ 1755.698972] ? check_preemption_disabled+0x48/0x280 [ 1755.704008] ? copy_mount_string+0x40/0x40 [ 1755.708253] ? rcu_pm_notify+0xc0/0xc0 [ 1755.712161] ? copy_mount_options+0x5f/0x430 [ 1755.716593] ? rcu_read_lock_sched_held+0x108/0x120 [ 1755.721622] ? kmem_cache_alloc_trace+0x353/0x750 [ 1755.726483] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1755.732035] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1755.737577] ? copy_mount_options+0x315/0x430 [ 1755.742090] ksys_mount+0x12d/0x140 [ 1755.745734] __x64_sys_mount+0xbe/0x150 [ 1755.749734] do_syscall_64+0x1b9/0x820 [ 1755.753631] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1755.759004] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1755.759020] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1755.759042] ? trace_hardirqs_on_caller+0x310/0x310 [ 1755.773805] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1755.778837] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1755.783871] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1755.788736] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1755.793930] RIP: 0033:0x45a1ca [ 1755.796064] hfs: invalid session number or type of track [ 1755.797133] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 03:39:24 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0xf000000, 0x0) [ 1755.797142] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1755.797158] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1755.797193] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1755.821647] hfs: can't find a HFS filesystem on dev loop5 [ 1755.829316] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1755.829326] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1755.829335] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:24 executing program 3 (fault-call:2 fault-nth:42): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1755.931302] hfs: invalid session number or type of track [ 1755.938146] Dev loop4: unable to read RDB block 1 [ 1755.953234] loop4: unable to read partition table [ 1755.958263] hfs: can't find a HFS filesystem on dev loop5 [ 1755.964113] loop4: partition table beyond EOD, truncated [ 1755.978844] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:25 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:25 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff6000000000003b9", 0x35, 0x1c0}]) 03:39:25 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:25 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), 0x0) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1756.203465] hfs: invalid session number or type of track [ 1756.219093] hfs: can't find a HFS filesystem on dev loop5 [ 1756.231248] FAULT_INJECTION: forcing a failure. [ 1756.231248] name failslab, interval 1, probability 0, space 0, times 0 [ 1756.264465] hfs: invalid session number or type of track [ 1756.270121] hfs: can't find a HFS filesystem on dev loop5 [ 1756.277245] Dev loop4: unable to read RDB block 1 [ 1756.287712] loop4: unable to read partition table [ 1756.293037] CPU: 0 PID: 11790 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1756.299968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1756.309329] Call Trace: [ 1756.311924] dump_stack+0x1d3/0x2c6 [ 1756.315561] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1756.320774] should_fail.cold.4+0xa/0x17 [ 1756.324847] ? check_preemption_disabled+0x48/0x280 [ 1756.329875] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1756.334993] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1756.339935] ? print_usage_bug+0xc0/0xc0 [ 1756.344012] ? rcu_softirq_qs+0x20/0x20 [ 1756.348011] ? unwind_dump+0x190/0x190 [ 1756.351919] ? graph_lock+0x270/0x270 [ 1756.355754] ? is_bpf_text_address+0xd3/0x170 [ 1756.360266] ? find_held_lock+0x36/0x1c0 [ 1756.364352] ? ___might_sleep+0x1ed/0x300 [ 1756.368513] ? arch_local_save_flags+0x40/0x40 [ 1756.373105] ? lock_downgrade+0x900/0x900 [ 1756.377264] ? check_preemption_disabled+0x48/0x280 [ 1756.382325] __should_failslab+0x124/0x180 [ 1756.386578] should_failslab+0x9/0x14 [ 1756.390388] kmem_cache_alloc+0x2be/0x730 [ 1756.395018] alloc_vfsmnt+0xe9/0x990 [ 1756.398747] ? m_stop+0x20/0x20 [ 1756.402037] ? avc_has_extended_perms+0x15a0/0x15a0 [ 1756.407071] ? graph_lock+0x270/0x270 [ 1756.410919] ? find_held_lock+0x36/0x1c0 [ 1756.415000] ? __get_fs_type+0x97/0xc0 [ 1756.418901] ? lock_downgrade+0x900/0x900 [ 1756.423060] ? lock_release+0xa00/0xa00 [ 1756.427049] ? selinux_mount+0x1dc/0x3c0 [ 1756.431144] vfs_kern_mount.part.35+0x90/0x4f0 [ 1756.435738] ? may_umount+0xb0/0xb0 [ 1756.439372] ? _raw_read_unlock+0x2c/0x50 [ 1756.443548] ? __get_fs_type+0x97/0xc0 [ 1756.447452] do_mount+0x581/0x31f0 [ 1756.451008] ? check_preemption_disabled+0x48/0x280 [ 1756.456058] ? copy_mount_string+0x40/0x40 [ 1756.460316] ? copy_mount_options+0x5f/0x430 [ 1756.464733] ? rcu_read_lock_sched_held+0x108/0x120 [ 1756.469777] ? kmem_cache_alloc_trace+0x353/0x750 [ 1756.474639] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1756.480192] ? copy_mount_options+0x315/0x430 [ 1756.484714] ksys_mount+0x12d/0x140 [ 1756.488357] __x64_sys_mount+0xbe/0x150 [ 1756.492362] do_syscall_64+0x1b9/0x820 [ 1756.496258] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1756.501633] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1756.506580] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1756.511435] ? trace_hardirqs_on_caller+0x310/0x310 [ 1756.516465] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1756.521495] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1756.526657] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1756.531531] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1756.536722] RIP: 0033:0x45a1ca [ 1756.539941] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1756.558860] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1756.566578] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1756.573858] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1756.581134] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1756.588408] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1756.595699] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1756.605856] loop4: partition table beyond EOD, truncated [ 1756.611652] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:25 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x04', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:25 executing program 3 (fault-call:2 fault-nth:43): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:25 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0xf00, 0x0) [ 1756.723227] Dev loop4: unable to read RDB block 1 [ 1756.728141] loop4: unable to read partition table [ 1756.752546] loop4: partition table beyond EOD, truncated [ 1756.762485] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:25 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff60000000000001f", 0x35, 0x1c0}]) [ 1756.824713] FAULT_INJECTION: forcing a failure. [ 1756.824713] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1756.846798] CPU: 1 PID: 11812 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1756.853745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1756.863131] Call Trace: [ 1756.865737] dump_stack+0x1d3/0x2c6 [ 1756.869385] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1756.874587] ? rcu_pm_notify+0xc0/0xc0 [ 1756.878496] should_fail.cold.4+0xa/0x17 [ 1756.882585] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1756.887763] ? graph_lock+0x270/0x270 [ 1756.891576] ? pcpu_balance_workfn+0x1700/0x1700 [ 1756.896345] ? find_held_lock+0x36/0x1c0 [ 1756.900431] ? ___might_sleep+0x1ed/0x300 [ 1756.904591] ? lock_release+0xa00/0xa00 [ 1756.908588] ? arch_local_save_flags+0x40/0x40 [ 1756.913220] ? __might_sleep+0x95/0x190 [ 1756.917224] __alloc_pages_nodemask+0x366/0xea0 [ 1756.921939] ? __alloc_pages_slowpath+0x2df0/0x2df0 [ 1756.926969] ? avc_has_extended_perms+0x15a0/0x15a0 [ 1756.932001] ? graph_lock+0x270/0x270 [ 1756.935829] ? find_held_lock+0x36/0x1c0 [ 1756.939913] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1756.945463] alloc_pages_current+0x10c/0x210 [ 1756.949886] get_zeroed_page+0x14/0x50 [ 1756.953809] mount_fs+0x20e/0x31d [ 1756.957281] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1756.961874] ? may_umount+0xb0/0xb0 [ 1756.965511] ? _raw_read_unlock+0x2c/0x50 [ 1756.969719] ? __get_fs_type+0x97/0xc0 [ 1756.973651] do_mount+0x581/0x31f0 [ 1756.977223] ? check_preemption_disabled+0x48/0x280 [ 1756.982267] ? copy_mount_string+0x40/0x40 [ 1756.986524] ? copy_mount_options+0x5f/0x430 [ 1756.990947] ? rcu_read_lock_sched_held+0x108/0x120 [ 1756.995971] ? kmem_cache_alloc_trace+0x353/0x750 [ 1757.000831] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1757.006381] ? _copy_from_user+0xdf/0x150 [ 1757.010547] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1757.016093] ? copy_mount_options+0x315/0x430 [ 1757.020600] ksys_mount+0x12d/0x140 [ 1757.024236] __x64_sys_mount+0xbe/0x150 [ 1757.028230] do_syscall_64+0x1b9/0x820 [ 1757.032127] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1757.037505] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1757.042447] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1757.047303] ? trace_hardirqs_on_caller+0x310/0x310 [ 1757.052327] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1757.057385] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1757.062419] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1757.067298] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1757.072498] RIP: 0033:0x45a1ca [ 1757.075708] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1757.094653] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1757.102379] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1757.109657] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1757.116943] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1757.124216] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1757.131487] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:26 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(0x0, 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:26 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:26 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1757.243926] Dev loop4: unable to read RDB block 1 [ 1757.248869] loop4: unable to read partition table 03:39:26 executing program 3 (fault-call:2 fault-nth:44): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:26 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x0) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1757.285401] loop4: partition table beyond EOD, truncated [ 1757.301321] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1757.313075] hfs: invalid session number or type of track [ 1757.335237] hfs: can't find a HFS filesystem on dev loop5 [ 1757.394437] hfs: invalid session number or type of track [ 1757.411636] hfs: can't find a HFS filesystem on dev loop5 [ 1757.425120] Dev loop4: unable to read RDB block 1 [ 1757.436355] loop4: unable to read partition table 03:39:26 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1757.446299] loop4: partition table beyond EOD, truncated [ 1757.452222] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1757.468396] FAULT_INJECTION: forcing a failure. [ 1757.468396] name failslab, interval 1, probability 0, space 0, times 0 [ 1757.504993] CPU: 0 PID: 11837 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1757.511955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1757.521314] Call Trace: [ 1757.523918] dump_stack+0x1d3/0x2c6 [ 1757.527571] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1757.532793] ? mark_held_locks+0x130/0x130 [ 1757.537053] should_fail.cold.4+0xa/0x17 [ 1757.541128] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1757.546246] ? kernel_text_address+0x79/0xf0 [ 1757.550667] ? __kernel_text_address+0xd/0x40 03:39:26 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000000025", 0x35, 0x1c0}]) [ 1757.555203] ? __save_stack_trace+0x8d/0xf0 [ 1757.559545] ? graph_lock+0x270/0x270 [ 1757.563368] ? find_held_lock+0x36/0x1c0 [ 1757.567452] ? __lock_is_held+0xb5/0x140 [ 1757.571592] ? dummy_pcm_pointer+0xb8/0xd0 [ 1757.575856] ? ___might_sleep+0x1ed/0x300 [ 1757.580018] ? arch_local_save_flags+0x40/0x40 [ 1757.584632] __should_failslab+0x124/0x180 [ 1757.588923] should_failslab+0x9/0x14 [ 1757.592777] kmem_cache_alloc_trace+0x2d7/0x750 [ 1757.597456] ? kasan_check_write+0x14/0x20 [ 1757.601712] ? __init_rwsem+0x1cc/0x2a0 [ 1757.605739] selinux_sb_alloc_security+0x9b/0x2f0 [ 1757.610608] ? selinux_inode_alloc_security+0x3a0/0x3a0 [ 1757.616005] ? down_write_nested+0x8e/0x130 [ 1757.620334] ? sget_userns+0x2c5/0xed0 [ 1757.624231] ? _down_write_nest_lock+0x130/0x130 [ 1757.628998] security_sb_alloc+0x4c/0xa0 [ 1757.633074] sget_userns+0x2cd/0xed0 [ 1757.636810] ? kill_litter_super+0x60/0x60 [ 1757.641064] ? ns_test_super+0x50/0x50 [ 1757.644979] ? destroy_unused_super.part.10+0x110/0x110 [ 1757.650354] ? selinux_ipv4_output+0x50/0x50 [ 1757.654783] ? blkdev_get+0xc8/0xb50 [ 1757.658529] ? selinux_capable+0x36/0x40 [ 1757.662604] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1757.668149] ? security_capable+0x99/0xc0 [ 1757.672314] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1757.677862] ? ns_capable_common+0x13f/0x170 [ 1757.682281] ? kill_litter_super+0x60/0x60 [ 1757.686520] sget+0x10b/0x150 [ 1757.689686] ? ns_test_super+0x50/0x50 [ 1757.693592] mount_bdev+0x111/0x3e0 [ 1757.697277] ? hfs_show_options+0x710/0x710 [ 1757.701610] hfs_mount+0x34/0x40 [ 1757.704990] mount_fs+0xae/0x31d [ 1757.708392] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1757.712998] ? may_umount+0xb0/0xb0 [ 1757.716651] ? _raw_read_unlock+0x2c/0x50 [ 1757.720823] ? __get_fs_type+0x97/0xc0 [ 1757.724728] do_mount+0x581/0x31f0 [ 1757.728279] ? check_preemption_disabled+0x48/0x280 [ 1757.733310] ? copy_mount_string+0x40/0x40 [ 1757.737578] ? copy_mount_options+0x5f/0x430 [ 1757.742013] ? rcu_read_lock_sched_held+0x108/0x120 [ 1757.747041] ? kmem_cache_alloc_trace+0x353/0x750 [ 1757.751903] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1757.757444] ? _copy_from_user+0xdf/0x150 [ 1757.761607] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1757.767180] ? copy_mount_options+0x315/0x430 [ 1757.771716] ksys_mount+0x12d/0x140 [ 1757.775361] __x64_sys_mount+0xbe/0x150 [ 1757.779378] do_syscall_64+0x1b9/0x820 [ 1757.783286] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1757.788694] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1757.793636] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1757.798520] ? trace_hardirqs_on_caller+0x310/0x310 [ 1757.803548] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1757.808580] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1757.813631] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1757.818489] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1757.823695] RIP: 0033:0x45a1ca [ 1757.826903] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1757.845806] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1757.853519] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1757.860809] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1757.868081] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1757.875351] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1757.882626] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:26 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x3f00, 0x0) [ 1757.921628] hfs: invalid session number or type of track [ 1757.927902] hfs: can't find a HFS filesystem on dev loop5 03:39:26 executing program 3 (fault-call:2 fault-nth:45): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1757.982136] hfs: invalid session number or type of track [ 1757.990783] hfs: can't find a HFS filesystem on dev loop5 [ 1758.039907] FAULT_INJECTION: forcing a failure. [ 1758.039907] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1758.051734] CPU: 1 PID: 11854 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1758.058667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1758.068040] Call Trace: [ 1758.070651] dump_stack+0x1d3/0x2c6 [ 1758.074308] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1758.079512] ? graph_lock+0x270/0x270 [ 1758.083333] should_fail.cold.4+0xa/0x17 [ 1758.087431] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1758.092547] ? find_held_lock+0x36/0x1c0 [ 1758.096641] ? mark_held_locks+0x130/0x130 [ 1758.100899] ? lockdep_hardirqs_on+0x421/0x5c0 [ 1758.105496] ? trace_hardirqs_on+0xbd/0x310 [ 1758.109830] ? kasan_check_read+0x11/0x20 [ 1758.113992] ? debug_check_no_obj_freed+0x305/0x58d [ 1758.119023] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1758.124490] ? find_held_lock+0x36/0x1c0 [ 1758.128585] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1758.134133] ? check_preemption_disabled+0x48/0x280 [ 1758.139166] ? free_unref_page+0x6e0/0x960 [ 1758.143423] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1758.148970] ? should_fail+0x22d/0xd01 [ 1758.152876] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1758.157990] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1758.163462] __alloc_pages_nodemask+0x366/0xea0 [ 1758.168145] ? __alloc_pages_slowpath+0x2df0/0x2df0 [ 1758.173198] ? mark_free_pages+0x3c0/0x3c0 [ 1758.177476] ? find_held_lock+0x36/0x1c0 [ 1758.181563] ? ___might_sleep+0x1ed/0x300 [ 1758.185727] ? trace_hardirqs_off+0xb8/0x310 [ 1758.190152] cache_grow_begin+0x91/0x8c0 [ 1758.194229] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1758.199774] ? check_preemption_disabled+0x48/0x280 [ 1758.204803] kmem_cache_alloc+0x665/0x730 [ 1758.208967] ? free_pages+0x44/0x50 [ 1758.212608] getname_kernel+0x54/0x370 [ 1758.216508] kern_path+0x1e/0x40 [ 1758.219893] lookup_bdev+0x10c/0x250 [ 1758.223617] ? blkdev_open+0x280/0x280 [ 1758.227524] ? find_held_lock+0x36/0x1c0 [ 1758.231604] blkdev_get_by_path+0x1f/0xe0 [ 1758.235766] mount_bdev+0x5d/0x3e0 [ 1758.239317] ? hfs_show_options+0x710/0x710 [ 1758.243650] hfs_mount+0x34/0x40 [ 1758.247040] mount_fs+0xae/0x31d [ 1758.250424] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1758.255036] ? may_umount+0xb0/0xb0 [ 1758.258685] ? _raw_read_unlock+0x2c/0x50 [ 1758.262859] ? __get_fs_type+0x97/0xc0 [ 1758.266768] do_mount+0x581/0x31f0 [ 1758.270320] ? check_preemption_disabled+0x48/0x280 [ 1758.275351] ? copy_mount_string+0x40/0x40 [ 1758.279607] ? copy_mount_options+0x5f/0x430 [ 1758.284030] ? rcu_read_lock_sched_held+0x108/0x120 [ 1758.289061] ? kmem_cache_alloc_trace+0x353/0x750 [ 1758.293921] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1758.299467] ? _copy_from_user+0xdf/0x150 [ 1758.303635] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1758.309199] ? copy_mount_options+0x315/0x430 [ 1758.313723] ksys_mount+0x12d/0x140 [ 1758.317362] __x64_sys_mount+0xbe/0x150 [ 1758.321351] do_syscall_64+0x1b9/0x820 [ 1758.325249] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1758.330630] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1758.335566] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1758.340416] ? trace_hardirqs_on_caller+0x310/0x310 [ 1758.345441] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1758.350473] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1758.355512] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1758.360389] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1758.365587] RIP: 0033:0x45a1ca [ 1758.368791] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1758.387706] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1758.395590] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1758.402871] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1758.410143] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1758.417421] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1758.424704] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:27 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000080)="0a5c1f023c126285719070") r1 = syz_open_dev$sndctrl(&(0x7f0000006000)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 'syz1\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1d\np\xb4\xd6)\xf5\x1a\x00', 0x0, 0x0, [], [0x2, 0x1, 0x1, 0x2]}) [ 1758.446154] Dev loop4: unable to read RDB block 1 [ 1758.461430] loop4: unable to read partition table [ 1758.469363] hfs: invalid session number or type of track [ 1758.480823] loop4: partition table beyond EOD, truncated 03:39:27 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:27 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x0) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1758.495092] hfs: can't find a HFS filesystem on dev loop3 [ 1758.509365] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:27 executing program 3 (fault-call:2 fault-nth:46): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:27 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000200)="0a5c1f023c126285719070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000000)=0x2, 0x4) setsockopt$packet_tx_ring(r1, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) ppoll(&(0x7f00000067c0)=[{r1}], 0x1, &(0x7f00000082c0)={0x0, 0x989680}, 0x0, 0x0) [ 1758.589863] hfs: invalid session number or type of track [ 1758.604380] Dev loop4: unable to read RDB block 1 [ 1758.609540] loop4: unable to read partition table [ 1758.612588] hfs: can't find a HFS filesystem on dev loop5 [ 1758.644008] loop4: partition table beyond EOD, truncated [ 1758.655938] FAULT_INJECTION: forcing a failure. [ 1758.655938] name failslab, interval 1, probability 0, space 0, times 0 [ 1758.659654] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1758.693926] hfs: invalid session number or type of track [ 1758.705337] CPU: 0 PID: 11867 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1758.712262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1758.721605] Call Trace: [ 1758.722507] hfs: can't find a HFS filesystem on dev loop5 [ 1758.724218] dump_stack+0x1d3/0x2c6 [ 1758.724246] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1758.724266] ? check_preemption_disabled+0x48/0x280 [ 1758.724294] should_fail.cold.4+0xa/0x17 [ 1758.724329] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1758.752778] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1758.758232] ? mark_free_pages+0x3c0/0x3c0 [ 1758.762469] ? find_held_lock+0x36/0x1c0 [ 1758.766540] ? ___might_sleep+0x1ed/0x300 [ 1758.770687] ? arch_local_save_flags+0x40/0x40 [ 1758.775267] __should_failslab+0x124/0x180 [ 1758.779507] should_failslab+0x9/0x14 [ 1758.783322] kmem_cache_alloc+0x2be/0x730 [ 1758.787490] ? free_pages+0x44/0x50 [ 1758.791125] getname_kernel+0x54/0x370 [ 1758.795025] kern_path+0x1e/0x40 [ 1758.798433] lookup_bdev+0x10c/0x250 [ 1758.802149] ? blkdev_open+0x280/0x280 [ 1758.806053] ? find_held_lock+0x36/0x1c0 [ 1758.810133] blkdev_get_by_path+0x1f/0xe0 [ 1758.814307] mount_bdev+0x5d/0x3e0 [ 1758.817855] ? hfs_show_options+0x710/0x710 [ 1758.822173] hfs_mount+0x34/0x40 [ 1758.825548] mount_fs+0xae/0x31d [ 1758.828949] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1758.833533] ? may_umount+0xb0/0xb0 [ 1758.837187] ? _raw_read_unlock+0x2c/0x50 [ 1758.841352] ? __get_fs_type+0x97/0xc0 [ 1758.845291] do_mount+0x581/0x31f0 [ 1758.848831] ? check_preemption_disabled+0x48/0x280 [ 1758.853850] ? copy_mount_string+0x40/0x40 [ 1758.858108] ? copy_mount_options+0x5f/0x430 [ 1758.862530] ? rcu_read_lock_sched_held+0x108/0x120 [ 1758.867551] ? kmem_cache_alloc_trace+0x353/0x750 [ 1758.872407] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1758.877954] ? _copy_from_user+0xdf/0x150 [ 1758.882112] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1758.887656] ? copy_mount_options+0x315/0x430 [ 1758.892193] ksys_mount+0x12d/0x140 [ 1758.895830] __x64_sys_mount+0xbe/0x150 [ 1758.899795] do_syscall_64+0x1b9/0x820 [ 1758.903668] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1758.909040] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1758.913957] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1758.918790] ? trace_hardirqs_on_caller+0x310/0x310 [ 1758.923797] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1758.928821] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1758.933844] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1758.938708] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1758.943893] RIP: 0033:0x45a1ca [ 1758.947124] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1758.966028] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1758.973738] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1758.980993] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1758.988248] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 03:39:28 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x8, 0x0) 03:39:28 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000005000001", 0x35, 0x1c0}]) [ 1758.995548] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1759.002817] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:28 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:28 executing program 3 (fault-call:2 fault-nth:47): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1759.169735] Dev loop4: unable to read RDB block 1 [ 1759.176420] loop4: unable to read partition table [ 1759.191449] loop4: partition table beyond EOD, truncated [ 1759.193359] FAULT_INJECTION: forcing a failure. [ 1759.193359] name failslab, interval 1, probability 0, space 0, times 0 [ 1759.200178] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1759.235469] hfs: invalid session number or type of track [ 1759.241206] hfs: can't find a HFS filesystem on dev loop5 [ 1759.251333] CPU: 0 PID: 11883 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1759.258292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1759.267655] Call Trace: [ 1759.270271] dump_stack+0x1d3/0x2c6 [ 1759.273929] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1759.273947] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1759.273972] should_fail.cold.4+0xa/0x17 [ 1759.273991] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1759.274015] ? kernel_text_address+0x79/0xf0 [ 1759.284499] ? unwind_get_return_address+0x61/0xa0 [ 1759.284519] ? __save_stack_trace+0x8d/0xf0 [ 1759.284538] ? graph_lock+0x270/0x270 [ 1759.284565] ? find_held_lock+0x36/0x1c0 [ 1759.284587] ? __lock_is_held+0xb5/0x140 [ 1759.284614] ? ___might_sleep+0x1ed/0x300 [ 1759.284629] ? arch_local_save_flags+0x40/0x40 [ 1759.284648] ? check_preemption_disabled+0x48/0x280 [ 1759.333081] __should_failslab+0x124/0x180 [ 1759.337327] should_failslab+0x9/0x14 [ 1759.341142] kmem_cache_alloc_trace+0x2d7/0x750 [ 1759.345822] ? __kmalloc_node+0x3c/0x70 [ 1759.349809] ? __kmalloc_node+0x3c/0x70 [ 1759.353795] ? rcu_read_lock_sched_held+0x108/0x120 [ 1759.358829] __memcg_init_list_lru_node+0x185/0x2d0 [ 1759.363865] ? kvfree_rcu+0x20/0x20 [ 1759.367507] ? __kmalloc_node+0x50/0x70 [ 1759.371499] __list_lru_init+0x4d6/0x840 [ 1759.375574] ? list_lru_destroy+0x500/0x500 [ 1759.379911] ? up_write+0x7b/0x220 [ 1759.383462] ? down_write_nested+0x130/0x130 [ 1759.387886] ? down_read+0x120/0x120 [ 1759.391622] ? init_wait_entry+0x1c0/0x1c0 [ 1759.395919] ? prealloc_shrinker+0x172/0x340 [ 1759.400350] sget_userns+0x975/0xed0 [ 1759.404072] ? kill_litter_super+0x60/0x60 [ 1759.408324] ? ns_test_super+0x50/0x50 [ 1759.412237] ? destroy_unused_super.part.10+0x110/0x110 [ 1759.417615] ? selinux_ipv4_output+0x50/0x50 [ 1759.422046] ? blkdev_get+0xc8/0xb50 [ 1759.425777] ? selinux_capable+0x36/0x40 [ 1759.429854] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1759.435413] ? security_capable+0x99/0xc0 [ 1759.439593] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1759.445135] ? ns_capable_common+0x13f/0x170 [ 1759.449580] ? kill_litter_super+0x60/0x60 [ 1759.453863] sget+0x10b/0x150 [ 1759.456979] ? ns_test_super+0x50/0x50 [ 1759.460886] mount_bdev+0x111/0x3e0 [ 1759.464521] ? hfs_show_options+0x710/0x710 [ 1759.468856] hfs_mount+0x34/0x40 [ 1759.472242] mount_fs+0xae/0x31d [ 1759.475642] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1759.480272] ? may_umount+0xb0/0xb0 [ 1759.483910] ? _raw_read_unlock+0x2c/0x50 [ 1759.488074] ? __get_fs_type+0x97/0xc0 [ 1759.491990] do_mount+0x581/0x31f0 [ 1759.495568] ? check_preemption_disabled+0x48/0x280 [ 1759.500614] ? copy_mount_string+0x40/0x40 [ 1759.504894] ? copy_mount_options+0x5f/0x430 [ 1759.509323] ? rcu_read_lock_sched_held+0x108/0x120 [ 1759.514359] ? kmem_cache_alloc_trace+0x353/0x750 [ 1759.519237] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1759.524791] ? _copy_from_user+0xdf/0x150 [ 1759.528958] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1759.534510] ? copy_mount_options+0x315/0x430 [ 1759.539034] ksys_mount+0x12d/0x140 [ 1759.542696] __x64_sys_mount+0xbe/0x150 [ 1759.546704] do_syscall_64+0x1b9/0x820 [ 1759.550605] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1759.555981] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1759.560929] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1759.565786] ? trace_hardirqs_on_caller+0x310/0x310 [ 1759.570817] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1759.575846] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1759.580881] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1759.585746] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1759.590940] RIP: 0033:0x45a1ca [ 1759.594145] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1759.613049] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1759.620777] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1759.628052] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 03:39:28 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/mcfilter\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) 03:39:28 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(0xffffffffffffffff, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1759.635330] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1759.642607] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1759.649879] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:28 executing program 3 (fault-call:2 fault-nth:48): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1759.718081] hfs: invalid session number or type of track [ 1759.729280] hfs: can't find a HFS filesystem on dev loop5 [ 1759.783312] Dev loop4: unable to read RDB block 1 [ 1759.783346] loop4: unable to read partition table [ 1759.815554] loop4: partition table beyond EOD, truncated [ 1759.836432] FAULT_INJECTION: forcing a failure. [ 1759.836432] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1759.845953] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1759.848287] CPU: 1 PID: 11895 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1759.848297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1759.848308] Call Trace: [ 1759.874497] dump_stack+0x1d3/0x2c6 [ 1759.878143] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1759.883344] ? graph_lock+0x270/0x270 [ 1759.887189] should_fail.cold.4+0xa/0x17 [ 1759.891267] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1759.896382] ? find_held_lock+0x36/0x1c0 [ 1759.900496] ? mark_held_locks+0x130/0x130 [ 1759.904740] ? lockdep_hardirqs_on+0x421/0x5c0 [ 1759.909329] ? trace_hardirqs_on+0xbd/0x310 [ 1759.913690] ? kasan_check_read+0x11/0x20 [ 1759.917845] ? debug_check_no_obj_freed+0x305/0x58d [ 1759.922886] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1759.928342] ? find_held_lock+0x36/0x1c0 [ 1759.932412] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1759.937961] ? check_preemption_disabled+0x48/0x280 [ 1759.943001] ? free_unref_page+0x6e0/0x960 [ 1759.947253] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1759.952798] ? should_fail+0x22d/0xd01 [ 1759.956747] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1759.961870] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1759.967329] __alloc_pages_nodemask+0x366/0xea0 [ 1759.972002] ? __alloc_pages_slowpath+0x2df0/0x2df0 [ 1759.977019] ? mark_free_pages+0x3c0/0x3c0 [ 1759.981279] ? find_held_lock+0x36/0x1c0 [ 1759.985362] ? ___might_sleep+0x1ed/0x300 [ 1759.989520] ? trace_hardirqs_off+0xb8/0x310 [ 1759.993942] cache_grow_begin+0x91/0x8c0 [ 1759.998011] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1760.003553] ? check_preemption_disabled+0x48/0x280 [ 1760.008576] kmem_cache_alloc+0x665/0x730 [ 1760.012732] ? free_pages+0x44/0x50 [ 1760.016370] getname_kernel+0x54/0x370 [ 1760.020261] kern_path+0x1e/0x40 [ 1760.023632] lookup_bdev+0x10c/0x250 [ 1760.027350] ? blkdev_open+0x280/0x280 [ 1760.031244] ? find_held_lock+0x36/0x1c0 [ 1760.035325] blkdev_get_by_path+0x1f/0xe0 [ 1760.039493] mount_bdev+0x5d/0x3e0 [ 1760.043035] ? hfs_show_options+0x710/0x710 [ 1760.047371] hfs_mount+0x34/0x40 [ 1760.050739] mount_fs+0xae/0x31d [ 1760.054118] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1760.058709] ? may_umount+0xb0/0xb0 [ 1760.062354] ? _raw_read_unlock+0x2c/0x50 [ 1760.066508] ? __get_fs_type+0x97/0xc0 [ 1760.070427] do_mount+0x581/0x31f0 [ 1760.073964] ? check_preemption_disabled+0x48/0x280 [ 1760.079026] ? copy_mount_string+0x40/0x40 [ 1760.083275] ? copy_mount_options+0x5f/0x430 [ 1760.087696] ? rcu_read_lock_sched_held+0x108/0x120 [ 1760.092720] ? kmem_cache_alloc_trace+0x353/0x750 [ 1760.097564] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1760.103107] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1760.108644] ? copy_mount_options+0x315/0x430 [ 1760.113151] ksys_mount+0x12d/0x140 [ 1760.116803] __x64_sys_mount+0xbe/0x150 [ 1760.120781] do_syscall_64+0x1b9/0x820 [ 1760.124666] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1760.130042] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1760.134972] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1760.139821] ? trace_hardirqs_on_caller+0x310/0x310 [ 1760.144839] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1760.149861] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1760.154885] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1760.159737] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1760.164925] RIP: 0033:0x45a1ca [ 1760.168120] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 03:39:29 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:29 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(0xffffffffffffffff, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1760.187021] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1760.194730] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1760.201997] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1760.209283] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1760.216549] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1760.223853] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1760.266230] hfs: invalid session number or type of track [ 1760.279607] hfs: can't find a HFS filesystem on dev loop3 [ 1760.304990] hfs: invalid session number or type of track 03:39:29 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff60000000eea0001", 0x35, 0x1c0}]) 03:39:29 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x3f000000, 0x0) [ 1760.325525] hfs: can't find a HFS filesystem on dev loop5 03:39:29 executing program 3 (fault-call:2 fault-nth:49): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:29 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(0xffffffffffffffff, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1760.425970] hfs: invalid session number or type of track [ 1760.453931] hfs: can't find a HFS filesystem on dev loop5 [ 1760.463566] Dev loop4: unable to read RDB block 1 [ 1760.480399] loop4: unable to read partition table [ 1760.497149] loop4: partition table beyond EOD, truncated [ 1760.510755] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1760.523793] FAULT_INJECTION: forcing a failure. 03:39:29 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0']) [ 1760.523793] name failslab, interval 1, probability 0, space 0, times 0 [ 1760.552573] CPU: 1 PID: 11911 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1760.559558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1760.568920] Call Trace: [ 1760.571526] dump_stack+0x1d3/0x2c6 [ 1760.575201] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1760.580414] should_fail.cold.4+0xa/0x17 [ 1760.584489] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1760.589617] ? graph_lock+0x270/0x270 [ 1760.593424] ? save_stack+0xa9/0xd0 [ 1760.597064] ? save_stack+0x43/0xd0 [ 1760.600742] ? kasan_kmalloc+0xc7/0xe0 [ 1760.604642] ? __kmalloc+0x15b/0x770 [ 1760.608383] ? find_held_lock+0x36/0x1c0 [ 1760.612460] ? __lock_is_held+0xb5/0x140 [ 1760.616546] ? ___might_sleep+0x1ed/0x300 [ 1760.620717] ? arch_local_save_flags+0x40/0x40 [ 1760.625324] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1760.630898] ? check_preemption_disabled+0x48/0x280 [ 1760.635930] __should_failslab+0x124/0x180 [ 1760.640194] should_failslab+0x9/0x14 [ 1760.644008] kmem_cache_alloc_node_trace+0x270/0x740 [ 1760.649140] __kmalloc_node+0x3c/0x70 [ 1760.652971] kvmalloc_node+0x65/0xf0 [ 1760.656702] __list_lru_init+0x5d9/0x840 [ 1760.660801] ? list_lru_destroy+0x500/0x500 [ 1760.665155] ? up_write+0x7b/0x220 [ 1760.668713] ? down_write_nested+0x130/0x130 [ 1760.673140] ? down_read+0x120/0x120 [ 1760.676867] ? init_wait_entry+0x1c0/0x1c0 [ 1760.681115] ? prealloc_shrinker+0x172/0x340 [ 1760.685580] sget_userns+0x975/0xed0 [ 1760.689319] ? kill_litter_super+0x60/0x60 [ 1760.693585] ? ns_test_super+0x50/0x50 [ 1760.697479] ? destroy_unused_super.part.10+0x110/0x110 [ 1760.702853] ? selinux_ipv4_output+0x50/0x50 [ 1760.707291] ? blkdev_get+0xc8/0xb50 [ 1760.711021] ? selinux_capable+0x36/0x40 [ 1760.715097] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1760.720656] ? security_capable+0x99/0xc0 [ 1760.724845] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1760.730405] ? ns_capable_common+0x13f/0x170 [ 1760.734830] ? kill_litter_super+0x60/0x60 [ 1760.739079] sget+0x10b/0x150 [ 1760.742201] ? ns_test_super+0x50/0x50 [ 1760.742223] mount_bdev+0x111/0x3e0 [ 1760.742238] ? hfs_show_options+0x710/0x710 [ 1760.742257] hfs_mount+0x34/0x40 [ 1760.749793] mount_fs+0xae/0x31d [ 1760.749815] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1760.749831] ? may_umount+0xb0/0xb0 [ 1760.749848] ? _raw_read_unlock+0x2c/0x50 [ 1760.766486] hfs: invalid session number or type of track [ 1760.769067] ? __get_fs_type+0x97/0xc0 [ 1760.769088] do_mount+0x581/0x31f0 [ 1760.769104] ? check_preemption_disabled+0x48/0x280 [ 1760.769124] ? copy_mount_string+0x40/0x40 [ 1760.781540] hfs: can't find a HFS filesystem on dev loop1 [ 1760.782596] ? copy_mount_options+0x5f/0x430 [ 1760.782614] ? rcu_read_lock_sched_held+0x108/0x120 [ 1760.782633] ? kmem_cache_alloc_trace+0x353/0x750 [ 1760.782653] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1760.782666] ? _copy_from_user+0xdf/0x150 [ 1760.782696] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1760.782715] ? copy_mount_options+0x315/0x430 [ 1760.834907] ksys_mount+0x12d/0x140 [ 1760.838547] __x64_sys_mount+0xbe/0x150 [ 1760.838568] do_syscall_64+0x1b9/0x820 [ 1760.838583] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1760.838601] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1760.838619] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1760.846467] ? trace_hardirqs_on_caller+0x310/0x310 [ 1760.846486] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1760.846505] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1760.846533] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1760.881529] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1760.886722] RIP: 0033:0x45a1ca 03:39:29 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x0) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:29 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x03', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1760.889926] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1760.908829] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1760.916542] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1760.923855] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1760.931128] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1760.938407] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1760.945689] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1760.998745] hfs: invalid session number or type of track [ 1761.005750] Dev loop4: unable to read RDB block 1 [ 1761.011223] loop4: unable to read partition table [ 1761.016448] loop4: partition table beyond EOD, truncated [ 1761.020466] hfs: can't find a HFS filesystem on dev loop1 03:39:30 executing program 3 (fault-call:2 fault-nth:50): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:30 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x0) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:30 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c1f023c126285719070") r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0) r2 = openat$cgroup_ro(r1, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) mmap(&(0x7f0000e59000/0x2000)=nil, 0x2000, 0x0, 0x2011, r2, 0x0) [ 1761.042965] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:30 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000600001", 0x35, 0x1c0}]) [ 1761.138019] FAULT_INJECTION: forcing a failure. [ 1761.138019] name failslab, interval 1, probability 0, space 0, times 0 03:39:30 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1761.175918] audit: type=1400 audit(2000000370.160:109): avc: denied { map } for pid=11935 comm="syz-executor1" path="/syzcgroup/unified/syz1/cpu.stat" dev="cgroup2" ino=56 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1 [ 1761.181612] CPU: 0 PID: 11933 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1761.209152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1761.218508] Call Trace: [ 1761.221114] dump_stack+0x1d3/0x2c6 [ 1761.224760] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1761.229970] ? mark_held_locks+0x130/0x130 [ 1761.234236] should_fail.cold.4+0xa/0x17 03:39:30 executing program 1: r0 = socket(0x10, 0x80002, 0x0) ioctl(r0, 0x801000008912, &(0x7f0000000040)="00dc1f123c123f3188b070") r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'veth1_to_bridge\x00'}) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="000080000c000000000000000800010073667100480002000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000"], 0x1}}, 0x0) 03:39:30 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0xf, 0x0) [ 1761.238312] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1761.243422] ? kernel_text_address+0x79/0xf0 [ 1761.247832] ? __kernel_text_address+0xd/0x40 [ 1761.252354] ? __save_stack_trace+0x8d/0xf0 [ 1761.256718] ? graph_lock+0x270/0x270 [ 1761.260541] ? find_held_lock+0x36/0x1c0 [ 1761.264630] ? __lock_is_held+0xb5/0x140 [ 1761.268745] ? ___might_sleep+0x1ed/0x300 [ 1761.272902] ? arch_local_save_flags+0x40/0x40 [ 1761.277519] __should_failslab+0x124/0x180 [ 1761.281772] should_failslab+0x9/0x14 [ 1761.285588] kmem_cache_alloc_trace+0x2d7/0x750 [ 1761.290285] ? kasan_check_write+0x14/0x20 [ 1761.294539] ? __init_rwsem+0x1cc/0x2a0 [ 1761.298548] selinux_sb_alloc_security+0x9b/0x2f0 [ 1761.303404] ? selinux_inode_alloc_security+0x3a0/0x3a0 [ 1761.308786] ? down_write_nested+0x8e/0x130 [ 1761.313113] ? sget_userns+0x2c5/0xed0 [ 1761.317026] ? _down_write_nest_lock+0x130/0x130 [ 1761.321799] security_sb_alloc+0x4c/0xa0 [ 1761.325872] sget_userns+0x2cd/0xed0 [ 1761.329615] ? kill_litter_super+0x60/0x60 [ 1761.333871] ? ns_test_super+0x50/0x50 03:39:30 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = dup(r0) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x61) read(r0, &(0x7f00000000c0)=""/11, 0xb) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) r2 = syz_open_pts(r0, 0x0) ioctl$sock_TIOCOUTQ(r1, 0x5411, &(0x7f0000000140)) ioctl$TCSETS(r2, 0x5402, &(0x7f0000000040)) [ 1761.337773] ? destroy_unused_super.part.10+0x110/0x110 [ 1761.343149] ? selinux_ipv4_output+0x50/0x50 [ 1761.347581] ? blkdev_get+0xc8/0xb50 [ 1761.351330] ? selinux_capable+0x36/0x40 [ 1761.355409] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1761.360961] ? security_capable+0x99/0xc0 [ 1761.365122] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1761.370669] ? ns_capable_common+0x13f/0x170 [ 1761.375107] ? kill_litter_super+0x60/0x60 [ 1761.379369] sget+0x10b/0x150 [ 1761.382487] ? ns_test_super+0x50/0x50 [ 1761.386387] mount_bdev+0x111/0x3e0 [ 1761.390029] ? hfs_show_options+0x710/0x710 [ 1761.394352] hfs_mount+0x34/0x40 [ 1761.397711] mount_fs+0xae/0x31d [ 1761.401066] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1761.405636] ? may_umount+0xb0/0xb0 [ 1761.409279] ? _raw_read_unlock+0x2c/0x50 [ 1761.413415] ? __get_fs_type+0x97/0xc0 [ 1761.417292] do_mount+0x581/0x31f0 [ 1761.420835] ? check_preemption_disabled+0x48/0x280 [ 1761.425881] ? copy_mount_string+0x40/0x40 [ 1761.430137] ? copy_mount_options+0x5f/0x430 [ 1761.434556] ? rcu_read_lock_sched_held+0x108/0x120 [ 1761.439577] ? kmem_cache_alloc_trace+0x353/0x750 [ 1761.444411] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1761.449938] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1761.455461] ? copy_mount_options+0x315/0x430 [ 1761.459959] ksys_mount+0x12d/0x140 [ 1761.463593] __x64_sys_mount+0xbe/0x150 [ 1761.467570] do_syscall_64+0x1b9/0x820 [ 1761.471462] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1761.476824] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1761.481751] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1761.486581] ? trace_hardirqs_on_caller+0x310/0x310 [ 1761.491618] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1761.496708] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1761.501730] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1761.506585] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1761.511762] RIP: 0033:0x45a1ca [ 1761.514950] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 03:39:30 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x0) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1761.533862] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1761.541556] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1761.548809] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1761.556075] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1761.563345] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1761.570605] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:30 executing program 1: syz_execute_func(&(0x7f00000002c0)="3666440f50f564ff0941c3c4e2c9975842c4c27d794e0066420fe2e33e0f1110c442019dccd3196f") clone(0x200, 0x0, 0x0, 0x0, 0x0) mknod(&(0x7f0000f80000)='./file0\x00', 0x1042, 0x0) execve(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) read(r0, &(0x7f0000000540)=""/11, 0x7a3) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000200)) r1 = creat(&(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x109) dup2(r0, r1) execve(&(0x7f00000000c0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0) open$dir(&(0x7f00000001c0)='./file0\x00', 0x841, 0x0) clone(0x3102001ff6, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000000)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0) ioctl$EVIOCSABS20(r1, 0x401845e0, 0x0) [ 1761.599097] hfs: invalid session number or type of track 03:39:30 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(0xffffffffffffffff, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:30 executing program 3 (fault-call:2 fault-nth:51): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1761.631353] hfs: can't find a HFS filesystem on dev loop5 [ 1761.703268] Dev loop4: unable to read RDB block 1 [ 1761.703301] loop4: unable to read partition table [ 1761.725213] loop4: partition table beyond EOD, truncated [ 1761.743292] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:30 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, 0xffffffffffffffff, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1761.751658] hfs: invalid session number or type of track [ 1761.759486] FAULT_INJECTION: forcing a failure. [ 1761.759486] name failslab, interval 1, probability 0, space 0, times 0 [ 1761.766267] hfs: can't find a HFS filesystem on dev loop5 [ 1761.797704] CPU: 1 PID: 11964 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1761.804655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1761.814027] Call Trace: [ 1761.816635] dump_stack+0x1d3/0x2c6 [ 1761.820296] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1761.825538] ? __kernel_text_address+0xd/0x40 [ 1761.830061] ? unwind_get_return_address+0x61/0xa0 [ 1761.835006] should_fail.cold.4+0xa/0x17 [ 1761.839078] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1761.844211] ? save_stack+0x43/0xd0 [ 1761.847852] ? kasan_kmalloc+0xc7/0xe0 [ 1761.851773] ? kmem_cache_alloc_trace+0x152/0x750 [ 1761.856628] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 1761.861825] ? __list_lru_init+0x4d6/0x840 [ 1761.866070] ? graph_lock+0x270/0x270 [ 1761.869879] ? hfs_mount+0x34/0x40 [ 1761.873452] ? mount_fs+0xae/0x31d [ 1761.876999] ? vfs_kern_mount.part.35+0xdc/0x4f0 [ 1761.881805] ? do_mount+0x581/0x31f0 [ 1761.885539] ? ksys_mount+0x12d/0x140 [ 1761.889344] ? __x64_sys_mount+0xbe/0x150 [ 1761.893501] ? do_syscall_64+0x1b9/0x820 [ 1761.897577] ? find_held_lock+0x36/0x1c0 [ 1761.901657] ? __lock_is_held+0xb5/0x140 [ 1761.905762] ? ___might_sleep+0x1ed/0x300 [ 1761.909918] ? arch_local_save_flags+0x40/0x40 [ 1761.914531] __should_failslab+0x124/0x180 [ 1761.918801] should_failslab+0x9/0x14 [ 1761.922627] kmem_cache_alloc_trace+0x2d7/0x750 [ 1761.927302] ? __kmalloc_node+0x3c/0x70 [ 1761.931285] ? __kmalloc_node+0x3c/0x70 [ 1761.935269] ? rcu_read_lock_sched_held+0x108/0x120 [ 1761.940317] __memcg_init_list_lru_node+0x185/0x2d0 [ 1761.945345] ? kvfree_rcu+0x20/0x20 [ 1761.948986] ? __kmalloc_node+0x50/0x70 [ 1761.952977] __list_lru_init+0x4d6/0x840 [ 1761.957087] ? list_lru_destroy+0x500/0x500 [ 1761.961421] ? up_write+0x7b/0x220 [ 1761.964967] ? down_write_nested+0x130/0x130 [ 1761.969381] ? down_read+0x120/0x120 [ 1761.973102] ? init_wait_entry+0x1c0/0x1c0 [ 1761.977348] ? prealloc_shrinker+0x172/0x340 [ 1761.981781] sget_userns+0x975/0xed0 [ 1761.985502] ? kill_litter_super+0x60/0x60 [ 1761.989751] ? ns_test_super+0x50/0x50 [ 1761.993649] ? destroy_unused_super.part.10+0x110/0x110 [ 1761.999040] ? selinux_ipv4_output+0x50/0x50 [ 1762.003471] ? blkdev_get+0xc8/0xb50 [ 1762.007211] ? selinux_capable+0x36/0x40 [ 1762.011291] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1762.016849] ? security_capable+0x99/0xc0 [ 1762.021008] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1762.026553] ? ns_capable_common+0x13f/0x170 [ 1762.030986] ? kill_litter_super+0x60/0x60 [ 1762.035228] sget+0x10b/0x150 [ 1762.038343] ? ns_test_super+0x50/0x50 [ 1762.042250] mount_bdev+0x111/0x3e0 [ 1762.045889] ? hfs_show_options+0x710/0x710 [ 1762.050240] hfs_mount+0x34/0x40 [ 1762.053618] mount_fs+0xae/0x31d [ 1762.057002] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1762.061596] ? may_umount+0xb0/0xb0 [ 1762.065244] ? _raw_read_unlock+0x2c/0x50 [ 1762.069407] ? __get_fs_type+0x97/0xc0 [ 1762.073316] do_mount+0x581/0x31f0 [ 1762.076871] ? check_preemption_disabled+0x48/0x280 [ 1762.081917] ? copy_mount_string+0x40/0x40 [ 1762.086211] ? copy_mount_options+0x5f/0x430 [ 1762.090649] ? rcu_read_lock_sched_held+0x108/0x120 [ 1762.095709] ? kmem_cache_alloc_trace+0x353/0x750 [ 1762.100599] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1762.106144] ? _copy_from_user+0xdf/0x150 [ 1762.110311] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1762.115860] ? copy_mount_options+0x315/0x430 [ 1762.120372] ksys_mount+0x12d/0x140 [ 1762.124008] __x64_sys_mount+0xbe/0x150 [ 1762.128014] do_syscall_64+0x1b9/0x820 [ 1762.131941] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1762.137321] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1762.142277] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1762.147135] ? trace_hardirqs_on_caller+0x310/0x310 [ 1762.152162] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1762.157204] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1762.162235] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1762.167122] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1762.172330] RIP: 0033:0x45a1ca [ 1762.175532] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 03:39:31 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, 0x0, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1762.194442] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1762.202158] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1762.209443] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1762.216722] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1762.223996] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1762.231291] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:31 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1762.293359] Dev loop4: unable to read RDB block 1 [ 1762.311955] loop4: unable to read partition table [ 1762.336872] loop4: partition table beyond EOD, truncated [ 1762.342347] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:31 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000000040", 0x35, 0x1c0}]) 03:39:31 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x1000000, 0x0) [ 1762.415215] hfs: invalid session number or type of track [ 1762.420792] hfs: can't find a HFS filesystem on dev loop5 03:39:31 executing program 3 (fault-call:2 fault-nth:52): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1762.515871] hfs: invalid session number or type of track [ 1762.521349] hfs: can't find a HFS filesystem on dev loop5 [ 1762.576167] FAULT_INJECTION: forcing a failure. [ 1762.576167] name failslab, interval 1, probability 0, space 0, times 0 [ 1762.587785] Dev loop4: unable to read RDB block 1 [ 1762.599301] loop4: unable to read partition table [ 1762.599383] CPU: 1 PID: 11999 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1762.611168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1762.619956] loop4: partition table beyond EOD, truncated [ 1762.620531] Call Trace: [ 1762.628572] dump_stack+0x1d3/0x2c6 [ 1762.632219] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1762.637434] should_fail.cold.4+0xa/0x17 [ 1762.641515] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1762.643091] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1762.646657] ? graph_lock+0x270/0x270 [ 1762.646671] ? save_stack+0xa9/0xd0 [ 1762.646696] ? save_stack+0x43/0xd0 [ 1762.646709] ? kasan_kmalloc+0xc7/0xe0 [ 1762.646728] ? __kmalloc+0x15b/0x770 [ 1762.672628] ? find_held_lock+0x36/0x1c0 [ 1762.676715] ? __lock_is_held+0xb5/0x140 [ 1762.680802] ? ___might_sleep+0x1ed/0x300 [ 1762.684962] ? arch_local_save_flags+0x40/0x40 [ 1762.689555] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1762.695101] ? check_preemption_disabled+0x48/0x280 [ 1762.700141] __should_failslab+0x124/0x180 [ 1762.704391] should_failslab+0x9/0x14 [ 1762.708211] kmem_cache_alloc_node_trace+0x270/0x740 [ 1762.713339] __kmalloc_node+0x3c/0x70 [ 1762.717151] kvmalloc_node+0x65/0xf0 [ 1762.720890] __list_lru_init+0x5d9/0x840 [ 1762.724979] ? list_lru_destroy+0x500/0x500 [ 1762.729313] ? up_write+0x7b/0x220 [ 1762.732858] ? down_write_nested+0x130/0x130 [ 1762.737282] ? down_read+0x120/0x120 [ 1762.741007] ? init_wait_entry+0x1c0/0x1c0 [ 1762.745273] ? prealloc_shrinker+0x172/0x340 [ 1762.749731] sget_userns+0x975/0xed0 [ 1762.753454] ? kill_litter_super+0x60/0x60 [ 1762.757745] ? ns_test_super+0x50/0x50 [ 1762.761644] ? destroy_unused_super.part.10+0x110/0x110 [ 1762.767028] ? selinux_ipv4_output+0x50/0x50 [ 1762.771469] ? blkdev_get+0xc8/0xb50 [ 1762.775205] ? selinux_capable+0x36/0x40 [ 1762.779280] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1762.784828] ? security_capable+0x99/0xc0 [ 1762.789007] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1762.794567] ? ns_capable_common+0x13f/0x170 [ 1762.798989] ? kill_litter_super+0x60/0x60 [ 1762.803237] sget+0x10b/0x150 [ 1762.806353] ? ns_test_super+0x50/0x50 [ 1762.810261] mount_bdev+0x111/0x3e0 [ 1762.813898] ? hfs_show_options+0x710/0x710 [ 1762.818233] hfs_mount+0x34/0x40 [ 1762.821616] mount_fs+0xae/0x31d [ 1762.825005] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1762.829599] ? may_umount+0xb0/0xb0 [ 1762.833235] ? _raw_read_unlock+0x2c/0x50 [ 1762.837397] ? __get_fs_type+0x97/0xc0 [ 1762.841299] do_mount+0x581/0x31f0 [ 1762.844852] ? check_preemption_disabled+0x48/0x280 [ 1762.849882] ? copy_mount_string+0x40/0x40 [ 1762.854144] ? copy_mount_options+0x5f/0x430 [ 1762.858565] ? rcu_read_lock_sched_held+0x108/0x120 [ 1762.863590] ? kmem_cache_alloc_trace+0x353/0x750 [ 1762.868453] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1762.874012] ? _copy_from_user+0xdf/0x150 [ 1762.878171] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1762.883725] ? copy_mount_options+0x315/0x430 [ 1762.888241] ksys_mount+0x12d/0x140 [ 1762.891884] __x64_sys_mount+0xbe/0x150 [ 1762.895873] do_syscall_64+0x1b9/0x820 [ 1762.899769] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1762.905149] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1762.910095] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1762.914949] ? trace_hardirqs_on_caller+0x310/0x310 [ 1762.919976] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1762.925007] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1762.930044] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1762.934905] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1762.940102] RIP: 0033:0x45a1ca [ 1762.943322] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1762.962240] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1762.969955] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca 03:39:32 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:32 executing program 1: r0 = open(&(0x7f0000000200)='./file0\x00', 0x14104a, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000974fee)='/dev/input/event#\x00', 0x0, 0x101002) write$evdev(r0, &(0x7f0000000080)=[{}], 0x18) sendfile(r1, r0, &(0x7f0000000000), 0x100008001) [ 1762.977238] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1762.984512] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1762.991824] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1762.999097] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1763.060895] hfs: invalid session number or type of track [ 1763.066728] hfs: can't find a HFS filesystem on dev loop5 03:39:32 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0), 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:32 executing program 3 (fault-call:2 fault-nth:53): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1763.113987] Dev loop4: unable to read RDB block 1 [ 1763.122926] loop4: unable to read partition table [ 1763.130345] hfs: invalid session number or type of track [ 1763.138777] loop4: partition table beyond EOD, truncated [ 1763.144057] hfs: can't find a HFS filesystem on dev loop5 [ 1763.156255] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:32 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000000051", 0x35, 0x1c0}]) [ 1763.238863] FAULT_INJECTION: forcing a failure. [ 1763.238863] name failslab, interval 1, probability 0, space 0, times 0 [ 1763.256809] CPU: 1 PID: 12013 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1763.263754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1763.273109] Call Trace: [ 1763.273135] dump_stack+0x1d3/0x2c6 [ 1763.273162] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1763.273197] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1763.273223] should_fail.cold.4+0xa/0x17 [ 1763.279431] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1763.279461] ? graph_lock+0x270/0x270 [ 1763.279481] ? graph_lock+0x270/0x270 [ 1763.306955] ? radix_tree_iter_tag_clear+0x90/0x90 [ 1763.311933] ? find_held_lock+0x36/0x1c0 [ 1763.316018] ? __lock_is_held+0xb5/0x140 [ 1763.320101] ? ___might_sleep+0x1ed/0x300 [ 1763.324259] ? arch_local_save_flags+0x40/0x40 [ 1763.328868] ? arch_local_save_flags+0x40/0x40 [ 1763.333477] __should_failslab+0x124/0x180 [ 1763.337733] should_failslab+0x9/0x14 [ 1763.341572] __kmalloc+0x2e0/0x770 [ 1763.345132] ? __list_lru_init+0x151/0x840 [ 1763.349385] __list_lru_init+0x151/0x840 [ 1763.353460] ? list_lru_destroy+0x500/0x500 [ 1763.357792] ? up_write+0x7b/0x220 [ 1763.361435] ? down_write_nested+0x130/0x130 [ 1763.365853] ? down_read+0x120/0x120 [ 1763.369579] ? init_wait_entry+0x1c0/0x1c0 [ 1763.373824] ? prealloc_shrinker+0x172/0x340 [ 1763.378281] sget_userns+0x975/0xed0 [ 1763.382022] ? kill_litter_super+0x60/0x60 [ 1763.386271] ? ns_test_super+0x50/0x50 [ 1763.390170] ? destroy_unused_super.part.10+0x110/0x110 [ 1763.395554] ? selinux_ipv4_output+0x50/0x50 [ 1763.399999] ? blkdev_get+0xc8/0xb50 [ 1763.403727] ? selinux_capable+0x36/0x40 [ 1763.407806] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1763.413348] ? security_capable+0x99/0xc0 [ 1763.417526] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1763.423104] ? ns_capable_common+0x13f/0x170 [ 1763.427525] ? kill_litter_super+0x60/0x60 [ 1763.431769] sget+0x10b/0x150 [ 1763.434888] ? ns_test_super+0x50/0x50 [ 1763.438790] mount_bdev+0x111/0x3e0 [ 1763.442424] ? hfs_show_options+0x710/0x710 [ 1763.446755] hfs_mount+0x34/0x40 [ 1763.450130] mount_fs+0xae/0x31d [ 1763.453509] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1763.458103] ? may_umount+0xb0/0xb0 [ 1763.461741] ? _raw_read_unlock+0x2c/0x50 [ 1763.465920] ? __get_fs_type+0x97/0xc0 [ 1763.469827] do_mount+0x581/0x31f0 [ 1763.473393] ? check_preemption_disabled+0x48/0x280 [ 1763.478425] ? copy_mount_string+0x40/0x40 [ 1763.482693] ? copy_mount_options+0x5f/0x430 03:39:32 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYRESDEC], &(0x7f0000000100)=""/4096, 0x14, 0x1000, 0x1}, 0x20) [ 1763.487117] ? rcu_read_lock_sched_held+0x108/0x120 [ 1763.492144] ? kmem_cache_alloc_trace+0x353/0x750 [ 1763.496999] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1763.502557] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1763.508107] ? copy_mount_options+0x315/0x430 [ 1763.512633] ksys_mount+0x12d/0x140 [ 1763.516270] __x64_sys_mount+0xbe/0x150 [ 1763.520259] do_syscall_64+0x1b9/0x820 [ 1763.524193] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1763.529574] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1763.534515] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1763.539371] ? trace_hardirqs_on_caller+0x310/0x310 [ 1763.544402] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1763.549432] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1763.554468] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1763.559355] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1763.564566] RIP: 0033:0x45a1ca [ 1763.567781] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 03:39:32 executing program 1: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pivot_root(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00') 03:39:32 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1763.586692] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1763.594409] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1763.601694] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1763.608977] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1763.616251] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1763.623526] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:32 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x400481, 0x0) connect$unix(r2, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e24}, 0x6e) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:39:32 executing program 1: socketpair(0x1, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000240)={0x0, 0x7ffb, 0x80000000000400c}, 0xffffffffffffffa5) socketpair$unix(0x1, 0x100000000000001, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0x2, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0xffffff4d}], 0x1, &(0x7f00000001c0)=""/17, 0xffda}, 0x0) sendmsg(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100), 0x3b, &(0x7f0000000000)}, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000480)='/gro<#\xfbW\xe6\xc6\x0f\x1fKE\xb7M\x99\x9a\x9a\x8c,\xe1[&\xe5\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ}\xb7\xf3\xfe\xf6\xe0.+\xe3\x89\xde\x139E\xa3\x85\xbd\x81\xe9\xbd\xee\xee\x03\x00\x00\x00\x00\x00\x00\x00[T\aE\xdfK\x1d\xeeH;\x15v$\xc5\xbcq\x9a\t\x9ej5\t\x00\x00\x009\x8c4', 0x2761, 0x0) [ 1763.688473] hfs: invalid session number or type of track [ 1763.707284] hfs: can't find a HFS filesystem on dev loop5 03:39:32 executing program 3 (fault-call:2 fault-nth:54): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1763.746967] Dev loop4: unable to read RDB block 1 [ 1763.757523] loop4: unable to read partition table [ 1763.763733] hfs: invalid session number or type of track [ 1763.769198] hfs: can't find a HFS filesystem on dev loop5 03:39:32 executing program 1: r0 = socket(0x11, 0x2, 0x0) write$P9_RUNLINKAT(r0, 0x0, 0x0) [ 1763.794041] loop4: partition table beyond EOD, truncated [ 1763.809525] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1763.866065] FAULT_INJECTION: forcing a failure. [ 1763.866065] name failslab, interval 1, probability 0, space 0, times 0 [ 1763.878218] CPU: 0 PID: 12037 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1763.885173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1763.885180] Call Trace: [ 1763.885206] dump_stack+0x1d3/0x2c6 [ 1763.885232] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1763.885289] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1763.885313] should_fail.cold.4+0xa/0x17 [ 1763.906034] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1763.906083] ? graph_lock+0x270/0x270 [ 1763.906117] ? graph_lock+0x270/0x270 [ 1763.928418] ? radix_tree_iter_tag_clear+0x90/0x90 [ 1763.933374] ? find_held_lock+0x36/0x1c0 [ 1763.937447] ? __lock_is_held+0xb5/0x140 [ 1763.941519] ? ___might_sleep+0x1ed/0x300 [ 1763.945689] ? arch_local_save_flags+0x40/0x40 [ 1763.950284] ? arch_local_save_flags+0x40/0x40 [ 1763.954885] __should_failslab+0x124/0x180 [ 1763.959131] should_failslab+0x9/0x14 [ 1763.962938] __kmalloc+0x2e0/0x770 [ 1763.966491] ? __list_lru_init+0x151/0x840 [ 1763.970755] __list_lru_init+0x151/0x840 [ 1763.974830] ? list_lru_destroy+0x500/0x500 [ 1763.979161] ? up_write+0x7b/0x220 [ 1763.982738] ? down_write_nested+0x130/0x130 [ 1763.987154] ? down_read+0x120/0x120 [ 1763.990870] ? init_wait_entry+0x1c0/0x1c0 [ 1763.995128] ? prealloc_shrinker+0x172/0x340 [ 1763.999553] sget_userns+0x975/0xed0 [ 1764.003274] ? kill_litter_super+0x60/0x60 [ 1764.007519] ? ns_test_super+0x50/0x50 [ 1764.011418] ? destroy_unused_super.part.10+0x110/0x110 [ 1764.016793] ? selinux_ipv4_output+0x50/0x50 [ 1764.021218] ? blkdev_get+0xc8/0xb50 [ 1764.024958] ? selinux_capable+0x36/0x40 [ 1764.029031] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1764.034575] ? security_capable+0x99/0xc0 [ 1764.038739] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1764.044299] ? ns_capable_common+0x13f/0x170 [ 1764.048750] ? kill_litter_super+0x60/0x60 [ 1764.053021] sget+0x10b/0x150 [ 1764.056145] ? ns_test_super+0x50/0x50 [ 1764.060043] mount_bdev+0x111/0x3e0 [ 1764.063696] ? hfs_show_options+0x710/0x710 [ 1764.068028] hfs_mount+0x34/0x40 [ 1764.071406] mount_fs+0xae/0x31d [ 1764.074787] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1764.079379] ? may_umount+0xb0/0xb0 [ 1764.083039] ? _raw_read_unlock+0x2c/0x50 [ 1764.087197] ? __get_fs_type+0x97/0xc0 [ 1764.091094] do_mount+0x581/0x31f0 [ 1764.094637] ? check_preemption_disabled+0x48/0x280 [ 1764.099690] ? copy_mount_string+0x40/0x40 [ 1764.103946] ? copy_mount_options+0x5f/0x430 [ 1764.108374] ? rcu_read_lock_sched_held+0x108/0x120 [ 1764.113418] ? kmem_cache_alloc_trace+0x353/0x750 [ 1764.118272] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1764.123827] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1764.129364] ? copy_mount_options+0x315/0x430 [ 1764.133873] ksys_mount+0x12d/0x140 [ 1764.137512] __x64_sys_mount+0xbe/0x150 [ 1764.141498] do_syscall_64+0x1b9/0x820 [ 1764.145389] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1764.150764] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1764.155714] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1764.160581] ? trace_hardirqs_on_caller+0x310/0x310 [ 1764.165609] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1764.170631] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1764.175661] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1764.180526] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1764.185718] RIP: 0033:0x45a1ca [ 1764.188920] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1764.207827] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 03:39:33 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\xff', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:33 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0x0) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1764.215542] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1764.222817] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1764.230087] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1764.237355] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1764.244639] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:33 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:39:33 executing program 3 (fault-call:2 fault-nth:55): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1764.295566] Dev loop4: unable to read RDB block 1 [ 1764.309011] loop4: unable to read partition table [ 1764.327913] loop4: partition table beyond EOD, truncated [ 1764.370120] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:33 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff60000000000000a", 0x35, 0x1c0}]) 03:39:33 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0x0) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1764.437772] FAULT_INJECTION: forcing a failure. [ 1764.437772] name failslab, interval 1, probability 0, space 0, times 0 [ 1764.478532] CPU: 0 PID: 12052 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1764.485478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1764.494834] Call Trace: [ 1764.497444] dump_stack+0x1d3/0x2c6 [ 1764.501100] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1764.506323] ? __kernel_text_address+0xd/0x40 [ 1764.510842] ? unwind_get_return_address+0x61/0xa0 [ 1764.515786] should_fail.cold.4+0xa/0x17 [ 1764.519864] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1764.525020] ? save_stack+0x43/0xd0 [ 1764.528803] ? kasan_kmalloc+0xc7/0xe0 [ 1764.532719] ? kmem_cache_alloc_trace+0x152/0x750 [ 1764.537594] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 1764.542791] ? __list_lru_init+0x4d6/0x840 [ 1764.547041] ? graph_lock+0x270/0x270 [ 1764.550892] ? hfs_mount+0x34/0x40 [ 1764.554451] ? mount_fs+0xae/0x31d [ 1764.558001] ? vfs_kern_mount.part.35+0xdc/0x4f0 [ 1764.562763] ? do_mount+0x581/0x31f0 [ 1764.566478] ? ksys_mount+0x12d/0x140 [ 1764.570285] ? __x64_sys_mount+0xbe/0x150 [ 1764.574442] ? do_syscall_64+0x1b9/0x820 [ 1764.578520] ? find_held_lock+0x36/0x1c0 [ 1764.582606] ? __lock_is_held+0xb5/0x140 [ 1764.586721] ? ___might_sleep+0x1ed/0x300 [ 1764.590885] ? arch_local_save_flags+0x40/0x40 [ 1764.595507] __should_failslab+0x124/0x180 [ 1764.599751] should_failslab+0x9/0x14 [ 1764.603579] kmem_cache_alloc_trace+0x2d7/0x750 [ 1764.608256] ? __kmalloc_node+0x3c/0x70 [ 1764.612241] ? __kmalloc_node+0x3c/0x70 [ 1764.616229] ? rcu_read_lock_sched_held+0x108/0x120 [ 1764.621263] __memcg_init_list_lru_node+0x185/0x2d0 [ 1764.626290] ? kvfree_rcu+0x20/0x20 [ 1764.629927] ? __kmalloc_node+0x50/0x70 [ 1764.633925] __list_lru_init+0x4d6/0x840 [ 1764.638001] ? list_lru_destroy+0x500/0x500 [ 1764.642340] ? up_write+0x7b/0x220 [ 1764.645890] ? down_write_nested+0x130/0x130 [ 1764.650322] ? down_read+0x120/0x120 [ 1764.654063] ? init_wait_entry+0x1c0/0x1c0 [ 1764.658306] ? prealloc_shrinker+0x172/0x340 [ 1764.662739] sget_userns+0x975/0xed0 [ 1764.666472] ? kill_litter_super+0x60/0x60 [ 1764.670764] ? ns_test_super+0x50/0x50 [ 1764.674660] ? destroy_unused_super.part.10+0x110/0x110 [ 1764.680047] ? selinux_ipv4_output+0x50/0x50 [ 1764.684493] ? blkdev_get+0xc8/0xb50 [ 1764.688219] ? selinux_capable+0x36/0x40 [ 1764.692293] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1764.697841] ? security_capable+0x99/0xc0 [ 1764.702003] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1764.707550] ? ns_capable_common+0x13f/0x170 [ 1764.711969] ? kill_litter_super+0x60/0x60 [ 1764.716212] sget+0x10b/0x150 [ 1764.719325] ? ns_test_super+0x50/0x50 [ 1764.723245] mount_bdev+0x111/0x3e0 [ 1764.726878] ? hfs_show_options+0x710/0x710 [ 1764.731207] hfs_mount+0x34/0x40 [ 1764.734590] mount_fs+0xae/0x31d [ 1764.737969] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1764.742576] ? may_umount+0xb0/0xb0 [ 1764.746213] ? _raw_read_unlock+0x2c/0x50 [ 1764.750367] ? __get_fs_type+0x97/0xc0 [ 1764.754266] do_mount+0x581/0x31f0 [ 1764.757833] ? check_preemption_disabled+0x48/0x280 [ 1764.762863] ? copy_mount_string+0x40/0x40 [ 1764.767131] ? copy_mount_options+0x5f/0x430 [ 1764.771553] ? rcu_read_lock_sched_held+0x108/0x120 [ 1764.776575] ? kmem_cache_alloc_trace+0x353/0x750 [ 1764.781454] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1764.787006] ? copy_mount_options+0x315/0x430 [ 1764.791514] ksys_mount+0x12d/0x140 [ 1764.795156] __x64_sys_mount+0xbe/0x150 [ 1764.799161] do_syscall_64+0x1b9/0x820 [ 1764.803055] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1764.808432] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1764.813371] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1764.818239] ? trace_hardirqs_on_caller+0x310/0x310 [ 1764.823278] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1764.828309] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1764.833352] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1764.838207] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1764.843403] RIP: 0033:0x45a1ca [ 1764.846599] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1764.865501] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1764.873213] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca 03:39:33 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:39:33 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) openat$ion(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ion\x00', 0x101000, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) fsetxattr$security_ima(r0, &(0x7f0000000100)='security.ima\x00', &(0x7f0000000140)=@md5={0x1, "841ae6bf1a3a50bd753aaef4771e7367"}, 0x11, 0x1) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1764.880489] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1764.887762] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1764.895035] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1764.902306] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:33 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0x0) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:34 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:34 executing program 3 (fault-call:2 fault-nth:56): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:34 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1765.023373] Dev loop4: unable to read RDB block 1 [ 1765.028379] loop4: unable to read partition table [ 1765.048359] loop4: partition table beyond EOD, truncated [ 1765.064103] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1765.115163] FAULT_INJECTION: forcing a failure. [ 1765.115163] name failslab, interval 1, probability 0, space 0, times 0 [ 1765.128340] CPU: 0 PID: 12072 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1765.135280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1765.135288] Call Trace: [ 1765.135317] dump_stack+0x1d3/0x2c6 [ 1765.135345] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1765.135368] ? __kernel_text_address+0xd/0x40 [ 1765.135391] ? unwind_get_return_address+0x61/0xa0 [ 1765.135418] should_fail.cold.4+0xa/0x17 [ 1765.135440] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1765.135466] ? save_stack+0x43/0xd0 [ 1765.135481] ? kasan_kmalloc+0xc7/0xe0 [ 1765.135500] ? kmem_cache_alloc_trace+0x152/0x750 [ 1765.135520] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 1765.135554] ? __list_lru_init+0x4d6/0x840 [ 1765.154812] hfs: invalid session number or type of track [ 1765.156297] ? graph_lock+0x270/0x270 [ 1765.156310] ? hfs_mount+0x34/0x40 [ 1765.156332] ? mount_fs+0xae/0x31d [ 1765.173690] hfs: can't find a HFS filesystem on dev loop5 [ 1765.174881] ? vfs_kern_mount.part.35+0xdc/0x4f0 [ 1765.174896] ? do_mount+0x581/0x31f0 [ 1765.174909] ? ksys_mount+0x12d/0x140 [ 1765.174922] ? __x64_sys_mount+0xbe/0x150 [ 1765.174943] ? do_syscall_64+0x1b9/0x820 [ 1765.187277] ? find_held_lock+0x36/0x1c0 [ 1765.187316] ? __lock_is_held+0xb5/0x140 [ 1765.187342] ? ___might_sleep+0x1ed/0x300 [ 1765.196743] ? arch_local_save_flags+0x40/0x40 [ 1765.196773] __should_failslab+0x124/0x180 [ 1765.196790] should_failslab+0x9/0x14 [ 1765.196810] kmem_cache_alloc_trace+0x2d7/0x750 [ 1765.206035] ? __kmalloc_node+0x3c/0x70 [ 1765.206052] ? __kmalloc_node+0x3c/0x70 [ 1765.206071] ? rcu_read_lock_sched_held+0x108/0x120 [ 1765.206094] __memcg_init_list_lru_node+0x185/0x2d0 [ 1765.206113] ? kvfree_rcu+0x20/0x20 [ 1765.290224] ? __kmalloc_node+0x50/0x70 [ 1765.294211] __list_lru_init+0x4d6/0x840 [ 1765.298283] ? list_lru_destroy+0x500/0x500 [ 1765.302632] ? up_write+0x7b/0x220 [ 1765.306184] ? down_write_nested+0x130/0x130 [ 1765.310599] ? down_read+0x120/0x120 [ 1765.314323] ? init_wait_entry+0x1c0/0x1c0 [ 1765.318566] ? prealloc_shrinker+0x172/0x340 [ 1765.323022] sget_userns+0x975/0xed0 [ 1765.326792] ? kill_litter_super+0x60/0x60 [ 1765.331034] ? ns_test_super+0x50/0x50 [ 1765.334976] ? destroy_unused_super.part.10+0x110/0x110 [ 1765.340382] ? selinux_ipv4_output+0x50/0x50 [ 1765.344812] ? blkdev_get+0xc8/0xb50 [ 1765.348544] ? selinux_capable+0x36/0x40 [ 1765.352623] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1765.358168] ? security_capable+0x99/0xc0 [ 1765.362330] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1765.367876] ? ns_capable_common+0x13f/0x170 [ 1765.372297] ? kill_litter_super+0x60/0x60 [ 1765.376538] sget+0x10b/0x150 [ 1765.379652] ? ns_test_super+0x50/0x50 [ 1765.383584] mount_bdev+0x111/0x3e0 [ 1765.387218] ? hfs_show_options+0x710/0x710 [ 1765.391564] hfs_mount+0x34/0x40 [ 1765.394940] mount_fs+0xae/0x31d [ 1765.398321] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1765.402918] ? may_umount+0xb0/0xb0 [ 1765.406554] ? _raw_read_unlock+0x2c/0x50 [ 1765.410722] ? __get_fs_type+0x97/0xc0 [ 1765.414639] do_mount+0x581/0x31f0 [ 1765.418208] ? check_preemption_disabled+0x48/0x280 [ 1765.423239] ? copy_mount_string+0x40/0x40 [ 1765.427529] ? copy_mount_options+0x5f/0x430 [ 1765.431945] ? rcu_read_lock_sched_held+0x108/0x120 [ 1765.436974] ? kmem_cache_alloc_trace+0x353/0x750 [ 1765.441836] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1765.447394] ? _copy_from_user+0xdf/0x150 [ 1765.451574] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1765.457135] ? copy_mount_options+0x315/0x430 [ 1765.461645] ksys_mount+0x12d/0x140 [ 1765.465296] __x64_sys_mount+0xbe/0x150 [ 1765.469288] do_syscall_64+0x1b9/0x820 [ 1765.473185] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1765.478566] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1765.483501] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1765.488379] ? trace_hardirqs_on_caller+0x310/0x310 [ 1765.493399] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1765.498425] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1765.503479] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1765.508356] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1765.513553] RIP: 0033:0x45a1ca [ 1765.516760] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1765.535663] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1765.543398] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1765.550672] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1765.557962] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 03:39:34 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:39:34 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(0xffffffffffffffff) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1765.565269] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1765.572543] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1765.620295] hfs: invalid session number or type of track [ 1765.630843] hfs: can't find a HFS filesystem on dev loop5 [ 1765.637491] Dev loop4: unable to read RDB block 1 [ 1765.644846] loop4: unable to read partition table [ 1765.664179] loop4: partition table beyond EOD, truncated 03:39:34 executing program 3 (fault-call:2 fault-nth:57): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:34 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={0xffffffffffffffff, &(0x7f0000000000), 0x0}, 0x18) [ 1765.691808] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:34 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000000036", 0x35, 0x1c0}]) 03:39:34 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1765.788591] FAULT_INJECTION: forcing a failure. [ 1765.788591] name failslab, interval 1, probability 0, space 0, times 0 [ 1765.827325] CPU: 0 PID: 12088 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1765.834294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1765.843656] Call Trace: [ 1765.846276] dump_stack+0x1d3/0x2c6 [ 1765.849940] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1765.855161] ? __kernel_text_address+0xd/0x40 [ 1765.859669] ? unwind_get_return_address+0x61/0xa0 [ 1765.864631] should_fail.cold.4+0xa/0x17 [ 1765.868714] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1765.873859] ? save_stack+0x43/0xd0 [ 1765.873872] ? kasan_kmalloc+0xc7/0xe0 [ 1765.873887] ? kmem_cache_alloc_trace+0x152/0x750 [ 1765.873902] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 1765.873915] ? __list_lru_init+0x4d6/0x840 [ 1765.873933] ? graph_lock+0x270/0x270 [ 1765.894512] hfs: invalid session number or type of track [ 1765.895667] ? hfs_mount+0x34/0x40 [ 1765.895696] ? mount_fs+0xae/0x31d [ 1765.895716] ? vfs_kern_mount.part.35+0xdc/0x4f0 [ 1765.899609] hfs: can't find a HFS filesystem on dev loop5 [ 1765.904966] ? do_mount+0x581/0x31f0 [ 1765.904980] ? ksys_mount+0x12d/0x140 [ 1765.904993] ? __x64_sys_mount+0xbe/0x150 [ 1765.905010] ? do_syscall_64+0x1b9/0x820 [ 1765.905032] ? find_held_lock+0x36/0x1c0 [ 1765.905052] ? __lock_is_held+0xb5/0x140 [ 1765.946792] ? usa90_indat_callback+0x738/0xdb0 [ 1765.951486] ? ___might_sleep+0x1ed/0x300 [ 1765.955647] ? arch_local_save_flags+0x40/0x40 [ 1765.960260] __should_failslab+0x124/0x180 [ 1765.964506] should_failslab+0x9/0x14 [ 1765.968345] kmem_cache_alloc_trace+0x2d7/0x750 [ 1765.973042] ? __kmalloc_node+0x3c/0x70 [ 1765.977022] ? __kmalloc_node+0x3c/0x70 [ 1765.981025] ? rcu_read_lock_sched_held+0x108/0x120 [ 1765.986078] __memcg_init_list_lru_node+0x185/0x2d0 [ 1765.991103] ? kvfree_rcu+0x20/0x20 [ 1765.994745] ? __kmalloc_node+0x50/0x70 [ 1765.998738] __list_lru_init+0x4d6/0x840 [ 1766.002818] ? list_lru_destroy+0x500/0x500 [ 1766.007175] ? up_write+0x7b/0x220 [ 1766.010723] ? down_write_nested+0x130/0x130 [ 1766.015136] ? down_read+0x120/0x120 [ 1766.018860] ? init_wait_entry+0x1c0/0x1c0 [ 1766.023117] ? prealloc_shrinker+0x172/0x340 [ 1766.027544] sget_userns+0x975/0xed0 [ 1766.031262] ? kill_litter_super+0x60/0x60 [ 1766.035513] ? ns_test_super+0x50/0x50 [ 1766.039407] ? destroy_unused_super.part.10+0x110/0x110 [ 1766.044782] ? selinux_ipv4_output+0x50/0x50 [ 1766.049208] ? blkdev_get+0xc8/0xb50 [ 1766.052953] ? selinux_capable+0x36/0x40 [ 1766.057041] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1766.062586] ? security_capable+0x99/0xc0 [ 1766.066756] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1766.072321] ? ns_capable_common+0x13f/0x170 [ 1766.076740] ? kill_litter_super+0x60/0x60 [ 1766.080982] sget+0x10b/0x150 [ 1766.084094] ? ns_test_super+0x50/0x50 [ 1766.087997] mount_bdev+0x111/0x3e0 [ 1766.091630] ? hfs_show_options+0x710/0x710 [ 1766.095977] hfs_mount+0x34/0x40 [ 1766.099368] mount_fs+0xae/0x31d [ 1766.102749] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1766.107341] ? may_umount+0xb0/0xb0 [ 1766.110979] ? _raw_read_unlock+0x2c/0x50 [ 1766.115135] ? __get_fs_type+0x97/0xc0 [ 1766.119035] do_mount+0x581/0x31f0 [ 1766.122604] ? check_preemption_disabled+0x48/0x280 [ 1766.127631] ? copy_mount_string+0x40/0x40 [ 1766.131884] ? copy_mount_options+0x5f/0x430 [ 1766.136306] ? rcu_read_lock_sched_held+0x108/0x120 [ 1766.141332] ? kmem_cache_alloc_trace+0x353/0x750 [ 1766.146249] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1766.151805] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1766.157353] ? copy_mount_options+0x315/0x430 [ 1766.161863] ksys_mount+0x12d/0x140 [ 1766.165501] __x64_sys_mount+0xbe/0x150 [ 1766.169499] do_syscall_64+0x1b9/0x820 [ 1766.173394] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1766.178768] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1766.183723] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1766.188580] ? trace_hardirqs_on_caller+0x310/0x310 [ 1766.193610] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1766.198640] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1766.203717] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1766.208580] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1766.213793] RIP: 0033:0x45a1ca [ 1766.217032] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 03:39:35 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) ioctl$KVM_S390_UCAS_UNMAP(r0, 0x4018ae51, &(0x7f0000000080)={0x90f, 0x6, 0x7fff}) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:39:35 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={0xffffffffffffffff, &(0x7f0000000000), 0x0}, 0x18) [ 1766.235937] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1766.243654] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1766.250938] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1766.258229] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1766.265501] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1766.272776] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:35 executing program 3 (fault-call:2 fault-nth:58): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1766.319307] hfs: invalid session number or type of track [ 1766.342488] hfs: can't find a HFS filesystem on dev loop5 03:39:35 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={0xffffffffffffffff, &(0x7f0000000000), 0x0}, 0x18) 03:39:35 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1766.443939] Dev loop4: unable to read RDB block 1 [ 1766.448926] loop4: unable to read partition table [ 1766.462672] loop4: partition table beyond EOD, truncated [ 1766.469630] FAULT_INJECTION: forcing a failure. [ 1766.469630] name failslab, interval 1, probability 0, space 0, times 0 [ 1766.472833] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1766.492544] CPU: 1 PID: 12107 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1766.499482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1766.508833] Call Trace: [ 1766.508858] dump_stack+0x1d3/0x2c6 [ 1766.508882] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1766.508903] ? __kernel_text_address+0xd/0x40 [ 1766.508922] ? unwind_get_return_address+0x61/0xa0 [ 1766.508943] should_fail.cold.4+0xa/0x17 [ 1766.515147] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1766.515171] ? save_stack+0x43/0xd0 [ 1766.515191] ? kasan_kmalloc+0xc7/0xe0 [ 1766.515213] ? kmem_cache_alloc_trace+0x152/0x750 [ 1766.551736] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 1766.556936] ? __list_lru_init+0x4d6/0x840 [ 1766.561194] ? graph_lock+0x270/0x270 [ 1766.565020] ? hfs_mount+0x34/0x40 [ 1766.568567] ? mount_fs+0xae/0x31d [ 1766.572126] ? vfs_kern_mount.part.35+0xdc/0x4f0 [ 1766.576937] ? do_mount+0x581/0x31f0 [ 1766.580653] ? ksys_mount+0x12d/0x140 [ 1766.584500] ? __x64_sys_mount+0xbe/0x150 [ 1766.588692] ? do_syscall_64+0x1b9/0x820 [ 1766.592764] ? find_held_lock+0x36/0x1c0 [ 1766.596842] ? __lock_is_held+0xb5/0x140 [ 1766.600929] ? ___might_sleep+0x1ed/0x300 [ 1766.605088] ? arch_local_save_flags+0x40/0x40 [ 1766.605118] __should_failslab+0x124/0x180 [ 1766.605136] should_failslab+0x9/0x14 [ 1766.605157] kmem_cache_alloc_trace+0x2d7/0x750 [ 1766.613955] ? __kmalloc_node+0x3c/0x70 [ 1766.613971] ? __kmalloc_node+0x3c/0x70 [ 1766.613991] ? rcu_read_lock_sched_held+0x108/0x120 [ 1766.614013] __memcg_init_list_lru_node+0x185/0x2d0 [ 1766.614037] ? kvfree_rcu+0x20/0x20 03:39:35 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r0, &(0x7f0000000000), 0x0}, 0x18) 03:39:35 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1766.644052] ? __kmalloc_node+0x50/0x70 [ 1766.648047] __list_lru_init+0x4d6/0x840 [ 1766.652126] ? list_lru_destroy+0x500/0x500 [ 1766.656462] ? up_write+0x7b/0x220 [ 1766.660012] ? down_write_nested+0x130/0x130 [ 1766.664432] ? down_read+0x120/0x120 [ 1766.668161] ? init_wait_entry+0x1c0/0x1c0 [ 1766.672413] ? prealloc_shrinker+0x172/0x340 [ 1766.676842] sget_userns+0x975/0xed0 [ 1766.680568] ? kill_litter_super+0x60/0x60 [ 1766.684820] ? ns_test_super+0x50/0x50 [ 1766.688725] ? destroy_unused_super.part.10+0x110/0x110 [ 1766.694105] ? selinux_ipv4_output+0x50/0x50 [ 1766.698537] ? blkdev_get+0xc8/0xb50 [ 1766.702267] ? selinux_capable+0x36/0x40 [ 1766.706341] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1766.711887] ? security_capable+0x99/0xc0 [ 1766.716052] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1766.721603] ? ns_capable_common+0x13f/0x170 [ 1766.726028] ? kill_litter_super+0x60/0x60 [ 1766.730270] sget+0x10b/0x150 [ 1766.733418] ? ns_test_super+0x50/0x50 [ 1766.737326] mount_bdev+0x111/0x3e0 [ 1766.740958] ? hfs_show_options+0x710/0x710 [ 1766.745325] hfs_mount+0x34/0x40 [ 1766.748723] mount_fs+0xae/0x31d [ 1766.752111] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1766.756711] ? may_umount+0xb0/0xb0 [ 1766.760349] ? _raw_read_unlock+0x2c/0x50 [ 1766.764527] ? __get_fs_type+0x97/0xc0 [ 1766.768429] do_mount+0x581/0x31f0 [ 1766.771982] ? check_preemption_disabled+0x48/0x280 [ 1766.777013] ? copy_mount_string+0x40/0x40 [ 1766.781287] ? copy_mount_options+0x5f/0x430 [ 1766.785717] ? rcu_read_lock_sched_held+0x108/0x120 [ 1766.790746] ? kmem_cache_alloc_trace+0x353/0x750 [ 1766.795603] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1766.801161] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1766.806746] ? copy_mount_options+0x315/0x430 [ 1766.811270] ksys_mount+0x12d/0x140 [ 1766.814909] __x64_sys_mount+0xbe/0x150 [ 1766.818923] do_syscall_64+0x1b9/0x820 [ 1766.822817] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1766.828217] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1766.833207] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1766.838079] ? trace_hardirqs_on_caller+0x310/0x310 [ 1766.843110] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1766.848138] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1766.853169] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1766.858033] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1766.863233] RIP: 0033:0x45a1ca [ 1766.866437] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1766.885344] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1766.893078] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1766.900356] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1766.907632] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1766.914907] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1766.922178] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1766.963039] hfs: invalid session number or type of track [ 1766.975436] hfs: can't find a HFS filesystem on dev loop5 03:39:36 executing program 3 (fault-call:2 fault-nth:59): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:36 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r0, &(0x7f0000000000), 0x0}, 0x18) [ 1767.034561] Dev loop4: unable to read RDB block 1 [ 1767.039730] loop4: unable to read partition table [ 1767.045857] hfs: invalid session number or type of track [ 1767.061268] hfs: can't find a HFS filesystem on dev loop5 [ 1767.061663] loop4: partition table beyond EOD, truncated [ 1767.073301] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:36 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000023000001", 0x35, 0x1c0}]) 03:39:36 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:36 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1767.162944] FAULT_INJECTION: forcing a failure. [ 1767.162944] name failslab, interval 1, probability 0, space 0, times 0 [ 1767.200711] CPU: 0 PID: 12122 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1767.207721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1767.217079] Call Trace: [ 1767.219698] dump_stack+0x1d3/0x2c6 [ 1767.223374] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1767.228584] ? __kernel_text_address+0xd/0x40 [ 1767.233097] ? unwind_get_return_address+0x61/0xa0 [ 1767.238045] should_fail.cold.4+0xa/0x17 [ 1767.242121] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1767.247242] ? save_stack+0x43/0xd0 [ 1767.250883] ? kasan_kmalloc+0xc7/0xe0 [ 1767.254783] ? kmem_cache_alloc_trace+0x152/0x750 [ 1767.259639] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 1767.264843] ? __list_lru_init+0x4d6/0x840 [ 1767.269114] ? graph_lock+0x270/0x270 [ 1767.272919] ? hfs_mount+0x34/0x40 [ 1767.276477] ? mount_fs+0xae/0x31d [ 1767.280039] ? vfs_kern_mount.part.35+0xdc/0x4f0 [ 1767.284803] ? do_mount+0x581/0x31f0 [ 1767.288525] ? ksys_mount+0x12d/0x140 [ 1767.292335] ? __x64_sys_mount+0xbe/0x150 [ 1767.296492] ? do_syscall_64+0x1b9/0x820 [ 1767.300591] ? find_held_lock+0x36/0x1c0 [ 1767.304714] ? __lock_is_held+0xb5/0x140 [ 1767.308805] ? ___might_sleep+0x1ed/0x300 [ 1767.312971] ? arch_local_save_flags+0x40/0x40 [ 1767.317595] __should_failslab+0x124/0x180 [ 1767.321842] should_failslab+0x9/0x14 [ 1767.325665] kmem_cache_alloc_trace+0x2d7/0x750 [ 1767.330556] ? __kmalloc_node+0x3c/0x70 [ 1767.334542] ? __kmalloc_node+0x3c/0x70 [ 1767.338533] ? rcu_read_lock_sched_held+0x108/0x120 [ 1767.343569] __memcg_init_list_lru_node+0x185/0x2d0 [ 1767.348606] ? kvfree_rcu+0x20/0x20 [ 1767.352248] ? __kmalloc_node+0x50/0x70 [ 1767.356246] __list_lru_init+0x4d6/0x840 [ 1767.360335] ? list_lru_destroy+0x500/0x500 [ 1767.364670] ? up_write+0x7b/0x220 [ 1767.368238] ? down_write_nested+0x130/0x130 [ 1767.372654] ? down_read+0x120/0x120 [ 1767.376403] ? init_wait_entry+0x1c0/0x1c0 [ 1767.380650] ? prealloc_shrinker+0x172/0x340 [ 1767.385095] sget_userns+0x975/0xed0 [ 1767.388816] ? kill_litter_super+0x60/0x60 [ 1767.393065] ? ns_test_super+0x50/0x50 [ 1767.396965] ? destroy_unused_super.part.10+0x110/0x110 [ 1767.402341] ? selinux_ipv4_output+0x50/0x50 [ 1767.406773] ? blkdev_get+0xc8/0xb50 [ 1767.410506] ? selinux_capable+0x36/0x40 [ 1767.414584] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1767.420133] ? security_capable+0x99/0xc0 [ 1767.424295] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1767.429840] ? ns_capable_common+0x13f/0x170 [ 1767.434273] ? kill_litter_super+0x60/0x60 [ 1767.438520] sget+0x10b/0x150 [ 1767.441641] ? ns_test_super+0x50/0x50 [ 1767.445551] mount_bdev+0x111/0x3e0 [ 1767.449208] ? hfs_show_options+0x710/0x710 [ 1767.453572] hfs_mount+0x34/0x40 [ 1767.456950] mount_fs+0xae/0x31d [ 1767.460330] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1767.464923] ? may_umount+0xb0/0xb0 [ 1767.468560] ? _raw_read_unlock+0x2c/0x50 [ 1767.472732] ? __get_fs_type+0x97/0xc0 [ 1767.476637] do_mount+0x581/0x31f0 [ 1767.480205] ? check_preemption_disabled+0x48/0x280 [ 1767.485237] ? copy_mount_string+0x40/0x40 [ 1767.489493] ? copy_mount_options+0x5f/0x430 [ 1767.493918] ? rcu_read_lock_sched_held+0x108/0x120 [ 1767.498948] ? kmem_cache_alloc_trace+0x353/0x750 [ 1767.503811] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1767.509359] ? _copy_from_user+0xdf/0x150 [ 1767.513522] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1767.519069] ? copy_mount_options+0x315/0x430 [ 1767.523579] ksys_mount+0x12d/0x140 [ 1767.527221] __x64_sys_mount+0xbe/0x150 [ 1767.531215] do_syscall_64+0x1b9/0x820 [ 1767.535118] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1767.540494] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1767.545434] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1767.550294] ? trace_hardirqs_on_caller+0x310/0x310 [ 1767.555323] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1767.560357] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1767.565394] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1767.570254] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1767.575450] RIP: 0033:0x45a1ca [ 1767.578658] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1767.597575] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1767.605292] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca 03:39:36 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r0, &(0x7f0000000000), 0x0}, 0x18) [ 1767.612567] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1767.619838] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1767.627112] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1767.634387] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1767.698248] hfs: invalid session number or type of track [ 1767.712822] hfs: can't find a HFS filesystem on dev loop5 03:39:36 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rfkill\x00', 0xc0000, 0x0) sendto$x25(r2, &(0x7f0000000200)="382f8731f29683db9af42f94b453c091e5c980666f1af821f41ee77087cecd931095b3a776fd3c2941a09d86ea1e59ad077b78780f0df268e5dd35a95305821e021ef10f9c49b349a0a4a0e65446b2c5be83c661646f1c2093c280eb0d6f58f6076844585c553e703c278420ce2c3d2da33cff30cfa4ffffb5dd4040527125a1c94b306aacbe774d13fa9d7f02eb0a9fed1fe9f8", 0x94, 0x40000, &(0x7f0000000100)={0x9, @remote={[], 0x0}}, 0x12) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000002c0)='TIPC\x00') sendmsg$TIPC_CMD_GET_NETID(r2, &(0x7f0000000380)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, r3, 0x102, 0x70bd2d, 0x25dfdbfe, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x14) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f00000003c0)={0x8}) 03:39:36 executing program 3 (fault-call:2 fault-nth:60): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:36 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, 0x0) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:36 executing program 1: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r0, &(0x7f0000000000), 0x0}, 0x18) [ 1767.743918] loop4: [POWERTEC] [ 1767.759942] hfs: invalid session number or type of track [ 1767.773607] hfs: can't find a HFS filesystem on dev loop5 [ 1767.875749] loop4: [POWERTEC] 03:39:36 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1767.926255] FAULT_INJECTION: forcing a failure. [ 1767.926255] name failslab, interval 1, probability 0, space 0, times 0 [ 1767.953385] CPU: 0 PID: 12141 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1767.960335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1767.969731] Call Trace: [ 1767.972353] dump_stack+0x1d3/0x2c6 [ 1767.976005] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1767.981214] ? __kernel_text_address+0xd/0x40 [ 1767.985728] ? unwind_get_return_address+0x61/0xa0 [ 1767.990700] should_fail.cold.4+0xa/0x17 [ 1767.994784] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1767.999909] ? save_stack+0x43/0xd0 [ 1767.999923] ? kasan_kmalloc+0xc7/0xe0 [ 1767.999944] ? kmem_cache_alloc_trace+0x152/0x750 [ 1768.007469] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 1768.017508] ? __list_lru_init+0x4d6/0x840 [ 1768.021756] ? graph_lock+0x270/0x270 [ 1768.025564] ? hfs_mount+0x34/0x40 [ 1768.029115] ? mount_fs+0xae/0x31d [ 1768.032662] ? vfs_kern_mount.part.35+0xdc/0x4f0 [ 1768.037440] ? do_mount+0x581/0x31f0 [ 1768.041178] ? ksys_mount+0x12d/0x140 [ 1768.044991] ? __x64_sys_mount+0xbe/0x150 [ 1768.049183] ? do_syscall_64+0x1b9/0x820 [ 1768.053286] ? find_held_lock+0x36/0x1c0 [ 1768.057380] ? __lock_is_held+0xb5/0x140 [ 1768.061468] ? ___might_sleep+0x1ed/0x300 [ 1768.065642] ? arch_local_save_flags+0x40/0x40 [ 1768.070262] __should_failslab+0x124/0x180 [ 1768.074508] should_failslab+0x9/0x14 [ 1768.078323] kmem_cache_alloc_trace+0x2d7/0x750 [ 1768.083005] ? __kmalloc_node+0x3c/0x70 [ 1768.087003] ? __kmalloc_node+0x3c/0x70 [ 1768.090996] ? rcu_read_lock_sched_held+0x108/0x120 [ 1768.096083] __memcg_init_list_lru_node+0x185/0x2d0 [ 1768.101156] ? kvfree_rcu+0x20/0x20 [ 1768.104795] ? __kmalloc_node+0x50/0x70 [ 1768.108792] __list_lru_init+0x4d6/0x840 [ 1768.112872] ? list_lru_destroy+0x500/0x500 [ 1768.117210] ? up_write+0x7b/0x220 [ 1768.117229] ? down_write_nested+0x130/0x130 [ 1768.117246] ? down_read+0x120/0x120 [ 1768.117262] ? init_wait_entry+0x1c0/0x1c0 [ 1768.117282] ? prealloc_shrinker+0x172/0x340 [ 1768.125229] sget_userns+0x975/0xed0 [ 1768.125244] ? kill_litter_super+0x60/0x60 [ 1768.125268] ? ns_test_super+0x50/0x50 [ 1768.149424] ? destroy_unused_super.part.10+0x110/0x110 [ 1768.154807] ? selinux_ipv4_output+0x50/0x50 [ 1768.159240] ? blkdev_get+0xc8/0xb50 [ 1768.162984] ? selinux_capable+0x36/0x40 [ 1768.167060] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1768.172608] ? security_capable+0x99/0xc0 [ 1768.176790] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1768.182363] ? ns_capable_common+0x13f/0x170 [ 1768.186785] ? kill_litter_super+0x60/0x60 [ 1768.191029] sget+0x10b/0x150 [ 1768.194143] ? ns_test_super+0x50/0x50 [ 1768.198042] mount_bdev+0x111/0x3e0 [ 1768.201695] ? hfs_show_options+0x710/0x710 [ 1768.206029] hfs_mount+0x34/0x40 [ 1768.209410] mount_fs+0xae/0x31d [ 1768.212823] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1768.217423] ? may_umount+0xb0/0xb0 [ 1768.221062] ? _raw_read_unlock+0x2c/0x50 [ 1768.225240] ? __get_fs_type+0x97/0xc0 [ 1768.229195] do_mount+0x581/0x31f0 [ 1768.232744] ? check_preemption_disabled+0x48/0x280 [ 1768.232768] ? copy_mount_string+0x40/0x40 [ 1768.232795] ? copy_mount_options+0x5f/0x430 [ 1768.232815] ? rcu_read_lock_sched_held+0x108/0x120 [ 1768.232836] ? kmem_cache_alloc_trace+0x353/0x750 [ 1768.246496] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1768.246512] ? copy_mount_options+0x315/0x430 [ 1768.246532] ksys_mount+0x12d/0x140 [ 1768.270008] __x64_sys_mount+0xbe/0x150 [ 1768.274000] do_syscall_64+0x1b9/0x820 [ 1768.277905] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1768.283280] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1768.288231] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1768.293109] ? trace_hardirqs_on_caller+0x310/0x310 [ 1768.298173] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1768.303220] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1768.308257] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1768.313135] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1768.318379] RIP: 0033:0x45a1ca 03:39:36 executing program 1: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r0, &(0x7f0000000000), 0x0}, 0x18) 03:39:37 executing program 1: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r0, &(0x7f0000000000), 0x0}, 0x18) 03:39:37 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r0, &(0x7f0000000000), 0x0}, 0x18) 03:39:37 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000000081", 0x35, 0x1c0}]) 03:39:37 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r0, &(0x7f0000000000), 0x0}, 0x18) [ 1768.321617] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1768.340871] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1768.348588] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1768.348599] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1768.348609] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1768.348619] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1768.348628] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:37 executing program 3 (fault-call:2 fault-nth:61): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1768.478244] hfs: invalid session number or type of track [ 1768.491629] hfs: can't find a HFS filesystem on dev loop5 [ 1768.501015] FAULT_INJECTION: forcing a failure. [ 1768.501015] name failslab, interval 1, probability 0, space 0, times 0 [ 1768.513936] CPU: 0 PID: 12170 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1768.520881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1768.530352] Call Trace: [ 1768.532958] dump_stack+0x1d3/0x2c6 [ 1768.536608] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1768.541818] ? __kernel_text_address+0xd/0x40 [ 1768.546330] ? unwind_get_return_address+0x61/0xa0 [ 1768.551273] should_fail.cold.4+0xa/0x17 [ 1768.555355] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1768.560477] ? save_stack+0x43/0xd0 [ 1768.564109] ? kasan_kmalloc+0xc7/0xe0 [ 1768.568005] ? kmem_cache_alloc_trace+0x152/0x750 [ 1768.572857] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 1768.578058] ? __list_lru_init+0x4d6/0x840 [ 1768.582303] ? graph_lock+0x270/0x270 [ 1768.586111] ? hfs_mount+0x34/0x40 [ 1768.589684] ? mount_fs+0xae/0x31d [ 1768.593242] ? vfs_kern_mount.part.35+0xdc/0x4f0 [ 1768.598008] ? do_mount+0x581/0x31f0 [ 1768.601728] ? ksys_mount+0x12d/0x140 [ 1768.605552] ? __x64_sys_mount+0xbe/0x150 [ 1768.609718] ? do_syscall_64+0x1b9/0x820 [ 1768.613792] ? find_held_lock+0x36/0x1c0 [ 1768.617867] ? __lock_is_held+0xb5/0x140 [ 1768.622013] ? drm_atomic_check_only+0x1068/0x2270 [ 1768.626973] ? ___might_sleep+0x1ed/0x300 [ 1768.631127] ? arch_local_save_flags+0x40/0x40 [ 1768.635733] __should_failslab+0x124/0x180 [ 1768.639980] should_failslab+0x9/0x14 [ 1768.643801] kmem_cache_alloc_trace+0x2d7/0x750 [ 1768.648488] ? __kmalloc_node+0x3c/0x70 [ 1768.652471] ? __kmalloc_node+0x3c/0x70 [ 1768.656453] ? rcu_read_lock_sched_held+0x108/0x120 [ 1768.661489] __memcg_init_list_lru_node+0x185/0x2d0 [ 1768.666513] ? kvfree_rcu+0x20/0x20 [ 1768.670152] ? __kmalloc_node+0x50/0x70 [ 1768.674142] __list_lru_init+0x4d6/0x840 [ 1768.678217] ? list_lru_destroy+0x500/0x500 [ 1768.682552] ? up_write+0x7b/0x220 [ 1768.686110] ? down_write_nested+0x130/0x130 [ 1768.690527] ? down_read+0x120/0x120 [ 1768.694253] ? init_wait_entry+0x1c0/0x1c0 [ 1768.698494] ? prealloc_shrinker+0x172/0x340 [ 1768.702921] sget_userns+0x975/0xed0 [ 1768.706645] ? kill_litter_super+0x60/0x60 [ 1768.710915] ? ns_test_super+0x50/0x50 [ 1768.714812] ? destroy_unused_super.part.10+0x110/0x110 [ 1768.720188] ? selinux_ipv4_output+0x50/0x50 [ 1768.724626] ? blkdev_get+0xc8/0xb50 [ 1768.728407] ? selinux_capable+0x36/0x40 [ 1768.732486] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1768.738032] ? security_capable+0x99/0xc0 [ 1768.742198] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1768.747748] ? ns_capable_common+0x13f/0x170 [ 1768.752186] ? kill_litter_super+0x60/0x60 [ 1768.756445] sget+0x10b/0x150 [ 1768.759562] ? ns_test_super+0x50/0x50 [ 1768.763479] mount_bdev+0x111/0x3e0 [ 1768.767112] ? hfs_show_options+0x710/0x710 [ 1768.771444] hfs_mount+0x34/0x40 [ 1768.774830] mount_fs+0xae/0x31d [ 1768.778216] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1768.782816] ? may_umount+0xb0/0xb0 [ 1768.786455] ? _raw_read_unlock+0x2c/0x50 [ 1768.790617] ? __get_fs_type+0x97/0xc0 [ 1768.794524] do_mount+0x581/0x31f0 [ 1768.798077] ? check_preemption_disabled+0x48/0x280 [ 1768.803105] ? copy_mount_string+0x40/0x40 [ 1768.807360] ? copy_mount_options+0x5f/0x430 [ 1768.811802] ? rcu_read_lock_sched_held+0x108/0x120 [ 1768.816827] ? kmem_cache_alloc_trace+0x353/0x750 [ 1768.821702] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1768.827260] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1768.832807] ? copy_mount_options+0x315/0x430 [ 1768.837319] ksys_mount+0x12d/0x140 [ 1768.840965] __x64_sys_mount+0xbe/0x150 [ 1768.844954] do_syscall_64+0x1b9/0x820 [ 1768.848858] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1768.854240] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1768.859177] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1768.864031] ? trace_hardirqs_on_caller+0x310/0x310 [ 1768.869059] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1768.874090] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1768.879122] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1768.883986] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1768.889183] RIP: 0033:0x45a1ca [ 1768.892381] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1768.911294] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1768.919024] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca 03:39:37 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r0, &(0x7f0000000000), 0x0}, 0x18) [ 1768.926299] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1768.933571] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1768.940850] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1768.948127] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1768.976958] Dev loop4: unable to read RDB block 1 [ 1768.982092] loop4: unable to read partition table [ 1769.005179] hfs: invalid session number or type of track [ 1769.014364] loop4: partition table beyond EOD, truncated 03:39:38 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x0, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:38 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x7, 0x100) ioctl$SNDRV_CTL_IOCTL_PVERSION(r1, 0x80045500, &(0x7f0000000100)) r2 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r2, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r2, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:39:38 executing program 3 (fault-call:2 fault-nth:62): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1769.037121] hfs: can't find a HFS filesystem on dev loop5 [ 1769.049658] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:38 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:38 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1769.183529] Dev loop4: unable to read RDB block 1 [ 1769.191053] loop4: unable to read partition table [ 1769.215188] loop4: partition table beyond EOD, truncated [ 1769.225988] hfs: invalid session number or type of track [ 1769.232577] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1769.247379] FAULT_INJECTION: forcing a failure. [ 1769.247379] name failslab, interval 1, probability 0, space 0, times 0 [ 1769.273242] hfs: can't find a HFS filesystem on dev loop5 [ 1769.298623] CPU: 0 PID: 12186 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1769.307432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1769.316789] Call Trace: [ 1769.319401] dump_stack+0x1d3/0x2c6 [ 1769.323049] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1769.328253] ? __kernel_text_address+0xd/0x40 [ 1769.332756] ? unwind_get_return_address+0x61/0xa0 [ 1769.337716] should_fail.cold.4+0xa/0x17 [ 1769.341789] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1769.346907] ? save_stack+0x43/0xd0 [ 1769.350543] ? kasan_kmalloc+0xc7/0xe0 [ 1769.354436] ? kmem_cache_alloc_trace+0x152/0x750 [ 1769.359291] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 1769.364489] ? __list_lru_init+0x4d6/0x840 [ 1769.368738] ? graph_lock+0x270/0x270 [ 1769.372546] ? hfs_mount+0x34/0x40 [ 1769.376089] ? mount_fs+0xae/0x31d [ 1769.379635] ? vfs_kern_mount.part.35+0xdc/0x4f0 [ 1769.384393] ? do_mount+0x581/0x31f0 [ 1769.388114] ? ksys_mount+0x12d/0x140 [ 1769.391917] ? __x64_sys_mount+0xbe/0x150 [ 1769.396072] ? do_syscall_64+0x1b9/0x820 [ 1769.400147] ? find_held_lock+0x36/0x1c0 [ 1769.404229] ? __lock_is_held+0xb5/0x140 [ 1769.408294] ? snapshot_compat_ioctl+0x428/0x4f0 [ 1769.413090] ? ___might_sleep+0x1ed/0x300 [ 1769.417250] ? arch_local_save_flags+0x40/0x40 [ 1769.421856] __should_failslab+0x124/0x180 [ 1769.426110] should_failslab+0x9/0x14 [ 1769.429919] kmem_cache_alloc_trace+0x2d7/0x750 [ 1769.434601] ? __kmalloc_node+0x3c/0x70 [ 1769.438586] ? __kmalloc_node+0x3c/0x70 [ 1769.442570] ? rcu_read_lock_sched_held+0x108/0x120 [ 1769.447608] __memcg_init_list_lru_node+0x185/0x2d0 [ 1769.452632] ? kvfree_rcu+0x20/0x20 [ 1769.456266] ? __kmalloc_node+0x50/0x70 [ 1769.460253] __list_lru_init+0x4d6/0x840 [ 1769.464330] ? list_lru_destroy+0x500/0x500 [ 1769.468666] ? up_write+0x7b/0x220 [ 1769.472229] ? down_write_nested+0x130/0x130 [ 1769.476648] ? down_read+0x120/0x120 [ 1769.480380] ? init_wait_entry+0x1c0/0x1c0 [ 1769.484617] ? prealloc_shrinker+0x172/0x340 [ 1769.489063] sget_userns+0x975/0xed0 [ 1769.492785] ? kill_litter_super+0x60/0x60 [ 1769.497030] ? ns_test_super+0x50/0x50 [ 1769.500931] ? destroy_unused_super.part.10+0x110/0x110 [ 1769.506305] ? selinux_ipv4_output+0x50/0x50 [ 1769.510734] ? blkdev_get+0xc8/0xb50 [ 1769.514464] ? selinux_capable+0x36/0x40 [ 1769.518540] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1769.524085] ? security_capable+0x99/0xc0 [ 1769.528263] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1769.533816] ? ns_capable_common+0x13f/0x170 [ 1769.538242] ? kill_litter_super+0x60/0x60 [ 1769.542489] sget+0x10b/0x150 [ 1769.545602] ? ns_test_super+0x50/0x50 [ 1769.549498] mount_bdev+0x111/0x3e0 [ 1769.553132] ? hfs_show_options+0x710/0x710 [ 1769.557466] hfs_mount+0x34/0x40 [ 1769.560851] mount_fs+0xae/0x31d [ 1769.564238] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1769.568833] ? may_umount+0xb0/0xb0 [ 1769.572473] ? _raw_read_unlock+0x2c/0x50 [ 1769.576632] ? __get_fs_type+0x97/0xc0 [ 1769.580532] do_mount+0x581/0x31f0 [ 1769.584074] ? retint_kernel+0x1b/0x2d [ 1769.587970] ? trace_hardirqs_on+0x310/0x310 [ 1769.592394] ? copy_mount_string+0x40/0x40 [ 1769.596644] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1769.601451] ? retint_kernel+0x2d/0x2d [ 1769.605360] ? copy_mount_options+0x228/0x430 [ 1769.609872] ? __sanitizer_cov_trace_pc+0x4/0x50 [ 1769.614639] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1769.620207] ? copy_mount_options+0x315/0x430 [ 1769.624732] ksys_mount+0x12d/0x140 [ 1769.628377] __x64_sys_mount+0xbe/0x150 [ 1769.632366] do_syscall_64+0x1b9/0x820 [ 1769.636279] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1769.641656] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1769.646604] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1769.651464] ? trace_hardirqs_on_caller+0x310/0x310 [ 1769.656495] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1769.661526] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1769.666557] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1769.671415] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1769.676610] RIP: 0033:0x45a1ca [ 1769.679817] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 03:39:38 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000050001", 0x35, 0x1c0}]) 03:39:38 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1769.698727] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1769.706450] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1769.713744] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1769.721020] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1769.728294] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1769.735569] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:38 executing program 3 (fault-call:2 fault-nth:63): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1769.809930] hfs: invalid session number or type of track [ 1769.824321] hfs: can't find a HFS filesystem on dev loop5 03:39:38 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:39:38 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x02', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1769.873653] Dev loop4: unable to read RDB block 1 [ 1769.883582] loop4: unable to read partition table [ 1769.888590] loop4: partition table beyond EOD, truncated 03:39:38 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1769.925820] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1769.952871] FAULT_INJECTION: forcing a failure. [ 1769.952871] name failslab, interval 1, probability 0, space 0, times 0 [ 1769.996098] CPU: 1 PID: 12200 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1770.003088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1770.012447] Call Trace: [ 1770.015057] dump_stack+0x1d3/0x2c6 [ 1770.018727] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1770.023936] ? __kernel_text_address+0xd/0x40 [ 1770.028532] ? unwind_get_return_address+0x61/0xa0 [ 1770.033478] should_fail.cold.4+0xa/0x17 [ 1770.037554] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1770.042674] ? save_stack+0x43/0xd0 [ 1770.046319] ? kasan_kmalloc+0xc7/0xe0 [ 1770.050221] ? kmem_cache_alloc_trace+0x152/0x750 [ 1770.055077] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 1770.060275] ? __list_lru_init+0x4d6/0x840 [ 1770.064521] ? graph_lock+0x270/0x270 [ 1770.068328] ? hfs_mount+0x34/0x40 [ 1770.071875] ? mount_fs+0xae/0x31d [ 1770.075427] ? vfs_kern_mount.part.35+0xdc/0x4f0 [ 1770.080195] ? do_mount+0x581/0x31f0 [ 1770.083916] ? ksys_mount+0x12d/0x140 [ 1770.087732] ? __x64_sys_mount+0xbe/0x150 [ 1770.091891] ? do_syscall_64+0x1b9/0x820 [ 1770.095973] ? find_held_lock+0x36/0x1c0 [ 1770.100052] ? __lock_is_held+0xb5/0x140 [ 1770.104140] ? ___might_sleep+0x1ed/0x300 [ 1770.108308] ? arch_local_save_flags+0x40/0x40 [ 1770.112917] __should_failslab+0x124/0x180 [ 1770.117165] should_failslab+0x9/0x14 [ 1770.120987] kmem_cache_alloc_trace+0x2d7/0x750 [ 1770.125666] ? __kmalloc_node+0x3c/0x70 [ 1770.129666] ? __kmalloc_node+0x3c/0x70 [ 1770.133667] ? rcu_read_lock_sched_held+0x108/0x120 [ 1770.138733] __memcg_init_list_lru_node+0x185/0x2d0 [ 1770.143767] ? kvfree_rcu+0x20/0x20 [ 1770.147415] ? __kmalloc_node+0x50/0x70 [ 1770.151406] __list_lru_init+0x4d6/0x840 [ 1770.155482] ? list_lru_destroy+0x500/0x500 [ 1770.159819] ? up_write+0x7b/0x220 [ 1770.159837] ? down_write_nested+0x130/0x130 [ 1770.159854] ? down_read+0x120/0x120 [ 1770.159871] ? init_wait_entry+0x1c0/0x1c0 [ 1770.159887] ? prealloc_shrinker+0x172/0x340 [ 1770.159912] sget_userns+0x975/0xed0 [ 1770.168247] ? kill_litter_super+0x60/0x60 [ 1770.168269] ? ns_test_super+0x50/0x50 [ 1770.168287] ? destroy_unused_super.part.10+0x110/0x110 [ 1770.168317] ? selinux_ipv4_output+0x50/0x50 [ 1770.168346] ? blkdev_get+0xc8/0xb50 [ 1770.168368] ? selinux_capable+0x36/0x40 [ 1770.210015] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1770.215564] ? security_capable+0x99/0xc0 [ 1770.219749] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1770.225331] ? ns_capable_common+0x13f/0x170 [ 1770.229769] ? kill_litter_super+0x60/0x60 [ 1770.234020] sget+0x10b/0x150 [ 1770.237140] ? ns_test_super+0x50/0x50 [ 1770.241082] mount_bdev+0x111/0x3e0 [ 1770.244725] ? hfs_show_options+0x710/0x710 [ 1770.249064] hfs_mount+0x34/0x40 [ 1770.252447] mount_fs+0xae/0x31d [ 1770.255829] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1770.260425] ? may_umount+0xb0/0xb0 [ 1770.264067] ? _raw_read_unlock+0x2c/0x50 [ 1770.268229] ? __get_fs_type+0x97/0xc0 [ 1770.272132] do_mount+0x581/0x31f0 [ 1770.275695] ? check_preemption_disabled+0x48/0x280 [ 1770.280731] ? copy_mount_string+0x40/0x40 [ 1770.284989] ? copy_mount_options+0x5f/0x430 [ 1770.289412] ? rcu_read_lock_sched_held+0x108/0x120 [ 1770.294443] ? kmem_cache_alloc_trace+0x353/0x750 [ 1770.299307] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1770.304866] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1770.310416] ? copy_mount_options+0x315/0x430 [ 1770.314931] ksys_mount+0x12d/0x140 [ 1770.318580] __x64_sys_mount+0xbe/0x150 [ 1770.322597] do_syscall_64+0x1b9/0x820 [ 1770.326489] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1770.331865] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1770.336805] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1770.341685] ? trace_hardirqs_on_caller+0x310/0x310 [ 1770.346738] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1770.351771] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1770.356806] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1770.361663] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1770.366869] RIP: 0033:0x45a1ca [ 1770.370069] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1770.388980] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 03:39:39 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:39:39 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) openat$urandom(0xffffffffffffff9c, &(0x7f0000000080)='/dev/urandom\x00', 0x0, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1770.396847] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1770.404125] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1770.411407] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1770.418693] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1770.425974] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:39 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:39:39 executing program 3 (fault-call:2 fault-nth:64): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1770.543778] Dev loop4: unable to read RDB block 1 [ 1770.548724] loop4: unable to read partition table [ 1770.574619] loop4: partition table beyond EOD, truncated 03:39:39 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1770.592650] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1770.607293] FAULT_INJECTION: forcing a failure. [ 1770.607293] name failslab, interval 1, probability 0, space 0, times 0 [ 1770.644748] CPU: 0 PID: 12225 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1770.651724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1770.661083] Call Trace: [ 1770.663705] dump_stack+0x1d3/0x2c6 [ 1770.667361] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1770.672583] should_fail.cold.4+0xa/0x17 [ 1770.676664] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1770.681838] ? graph_lock+0x270/0x270 [ 1770.685646] ? save_stack+0xa9/0xd0 [ 1770.689300] ? save_stack+0x43/0xd0 [ 1770.692933] ? kasan_kmalloc+0xc7/0xe0 [ 1770.696830] ? __kmalloc+0x15b/0x770 [ 1770.700560] ? find_held_lock+0x36/0x1c0 [ 1770.704637] ? __lock_is_held+0xb5/0x140 [ 1770.708739] ? ___might_sleep+0x1ed/0x300 [ 1770.712899] ? arch_local_save_flags+0x40/0x40 [ 1770.717491] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1770.723040] ? check_preemption_disabled+0x48/0x280 [ 1770.728077] __should_failslab+0x124/0x180 [ 1770.732325] should_failslab+0x9/0x14 [ 1770.736135] kmem_cache_alloc_node_trace+0x270/0x740 [ 1770.741280] __kmalloc_node+0x3c/0x70 [ 1770.745097] kvmalloc_node+0x65/0xf0 [ 1770.748830] __list_lru_init+0x5d9/0x840 [ 1770.752906] ? list_lru_destroy+0x500/0x500 [ 1770.757244] ? up_write+0x7b/0x220 [ 1770.760806] ? down_read+0x120/0x120 [ 1770.764535] ? prealloc_shrinker+0x172/0x340 [ 1770.768964] sget_userns+0x9a5/0xed0 [ 1770.772701] ? kill_litter_super+0x60/0x60 [ 1770.776968] ? ns_test_super+0x50/0x50 [ 1770.780868] ? destroy_unused_super.part.10+0x110/0x110 [ 1770.786248] ? selinux_ipv4_output+0x50/0x50 [ 1770.790695] ? blkdev_get+0xc8/0xb50 [ 1770.794430] ? selinux_capable+0x36/0x40 [ 1770.798522] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1770.804069] ? security_capable+0x99/0xc0 [ 1770.808237] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1770.813789] ? ns_capable_common+0x13f/0x170 [ 1770.818210] ? kill_litter_super+0x60/0x60 [ 1770.822457] sget+0x10b/0x150 [ 1770.825576] ? ns_test_super+0x50/0x50 [ 1770.829478] mount_bdev+0x111/0x3e0 [ 1770.833121] ? hfs_show_options+0x710/0x710 [ 1770.837468] hfs_mount+0x34/0x40 [ 1770.840850] mount_fs+0xae/0x31d [ 1770.844239] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1770.848835] ? may_umount+0xb0/0xb0 [ 1770.852470] ? _raw_read_unlock+0x2c/0x50 [ 1770.856629] ? __get_fs_type+0x97/0xc0 [ 1770.860529] do_mount+0x581/0x31f0 [ 1770.864083] ? check_preemption_disabled+0x48/0x280 [ 1770.869127] ? copy_mount_string+0x40/0x40 [ 1770.873381] ? copy_mount_options+0x5f/0x430 [ 1770.877803] ? rcu_read_lock_sched_held+0x108/0x120 [ 1770.882835] ? kmem_cache_alloc_trace+0x353/0x750 [ 1770.887713] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1770.893275] ? _copy_from_user+0xdf/0x150 [ 1770.897436] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1770.902983] ? copy_mount_options+0x315/0x430 [ 1770.907495] ksys_mount+0x12d/0x140 [ 1770.911133] __x64_sys_mount+0xbe/0x150 [ 1770.915153] do_syscall_64+0x1b9/0x820 [ 1770.919056] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1770.924436] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1770.929375] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1770.934233] ? trace_hardirqs_on_caller+0x310/0x310 [ 1770.939265] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1770.944297] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1770.949333] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1770.954200] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1770.959394] RIP: 0033:0x45a1ca [ 1770.962601] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1770.981504] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1770.989224] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca 03:39:40 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1770.996498] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1771.003774] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1771.011045] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1771.018323] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:40 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff60000000000003c", 0x35, 0x1c0}]) 03:39:40 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1771.059282] hfs: invalid session number or type of track [ 1771.078601] hfs: can't find a HFS filesystem on dev loop5 03:39:40 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:39:40 executing program 3 (fault-call:2 fault-nth:65): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1771.139119] hfs: invalid session number or type of track [ 1771.157673] hfs: can't find a HFS filesystem on dev loop5 03:39:40 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1771.203923] Dev loop4: unable to read RDB block 1 [ 1771.209605] loop4: unable to read partition table [ 1771.219929] loop4: partition table beyond EOD, truncated [ 1771.233952] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1771.251525] FAULT_INJECTION: forcing a failure. [ 1771.251525] name failslab, interval 1, probability 0, space 0, times 0 [ 1771.267817] CPU: 1 PID: 12243 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1771.274777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1771.284133] Call Trace: [ 1771.286742] dump_stack+0x1d3/0x2c6 [ 1771.290430] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1771.295635] ? __kernel_text_address+0xd/0x40 [ 1771.300145] ? unwind_get_return_address+0x61/0xa0 [ 1771.305092] should_fail.cold.4+0xa/0x17 [ 1771.309170] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1771.314298] ? save_stack+0x43/0xd0 [ 1771.317933] ? kasan_kmalloc+0xc7/0xe0 [ 1771.321831] ? kmem_cache_alloc_trace+0x152/0x750 [ 1771.326698] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 1771.331897] ? __list_lru_init+0x4d6/0x840 [ 1771.336145] ? graph_lock+0x270/0x270 [ 1771.339950] ? hfs_mount+0x34/0x40 [ 1771.343498] ? mount_fs+0xae/0x31d [ 1771.347043] ? vfs_kern_mount.part.35+0xdc/0x4f0 [ 1771.351809] ? do_mount+0x581/0x31f0 [ 1771.355532] ? ksys_mount+0x12d/0x140 [ 1771.359342] ? __x64_sys_mount+0xbe/0x150 [ 1771.363500] ? do_syscall_64+0x1b9/0x820 [ 1771.367581] ? find_held_lock+0x36/0x1c0 [ 1771.371661] ? __lock_is_held+0xb5/0x140 [ 1771.375758] ? ___might_sleep+0x1ed/0x300 [ 1771.379930] ? arch_local_save_flags+0x40/0x40 [ 1771.384538] __should_failslab+0x124/0x180 [ 1771.388783] should_failslab+0x9/0x14 [ 1771.392597] kmem_cache_alloc_trace+0x2d7/0x750 [ 1771.397277] ? __kmalloc_node+0x3c/0x70 [ 1771.401265] ? __kmalloc_node+0x3c/0x70 [ 1771.405287] ? rcu_read_lock_sched_held+0x108/0x120 [ 1771.410320] __memcg_init_list_lru_node+0x185/0x2d0 [ 1771.415344] ? kvfree_rcu+0x20/0x20 [ 1771.418981] ? __kmalloc_node+0x50/0x70 [ 1771.422972] __list_lru_init+0x4d6/0x840 [ 1771.427053] ? list_lru_destroy+0x500/0x500 [ 1771.431388] ? up_write+0x7b/0x220 [ 1771.434942] ? down_read+0x120/0x120 [ 1771.438668] ? init_wait_entry+0x1c0/0x1c0 [ 1771.442942] ? prealloc_shrinker+0x172/0x340 [ 1771.447371] sget_userns+0x9a5/0xed0 [ 1771.451096] ? kill_litter_super+0x60/0x60 [ 1771.455351] ? ns_test_super+0x50/0x50 [ 1771.459244] ? destroy_unused_super.part.10+0x110/0x110 [ 1771.464618] ? selinux_ipv4_output+0x50/0x50 [ 1771.469052] ? blkdev_get+0xc8/0xb50 [ 1771.472801] ? selinux_capable+0x36/0x40 [ 1771.476895] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1771.482454] ? security_capable+0x99/0xc0 [ 1771.486634] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1771.492208] ? ns_capable_common+0x13f/0x170 [ 1771.496628] ? kill_litter_super+0x60/0x60 [ 1771.500874] sget+0x10b/0x150 [ 1771.503989] ? ns_test_super+0x50/0x50 [ 1771.507890] mount_bdev+0x111/0x3e0 [ 1771.511527] ? hfs_show_options+0x710/0x710 [ 1771.515861] hfs_mount+0x34/0x40 [ 1771.519241] mount_fs+0xae/0x31d [ 1771.522722] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1771.527328] ? may_umount+0xb0/0xb0 [ 1771.530961] ? _raw_read_unlock+0x2c/0x50 [ 1771.535122] ? __get_fs_type+0x97/0xc0 [ 1771.539053] do_mount+0x581/0x31f0 [ 1771.542617] ? check_preemption_disabled+0x48/0x280 [ 1771.547661] ? copy_mount_string+0x40/0x40 03:39:40 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1771.551927] ? copy_mount_options+0x5f/0x430 [ 1771.556348] ? rcu_read_lock_sched_held+0x108/0x120 [ 1771.561377] ? kmem_cache_alloc_trace+0x353/0x750 [ 1771.566234] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1771.571773] ? _copy_from_user+0xdf/0x150 [ 1771.575937] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1771.581480] ? copy_mount_options+0x315/0x430 [ 1771.585993] ksys_mount+0x12d/0x140 [ 1771.589647] __x64_sys_mount+0xbe/0x150 [ 1771.593649] do_syscall_64+0x1b9/0x820 [ 1771.597555] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1771.602934] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1771.607873] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1771.612747] ? trace_hardirqs_on_caller+0x310/0x310 [ 1771.617776] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1771.622817] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1771.627852] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1771.632719] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1771.637917] RIP: 0033:0x45a1ca 03:39:40 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000200)={{{@in=@multicast1, @in6=@mcast1}}, {{@in=@remote}, 0x0, @in6=@initdev}}, &(0x7f0000000140)=0xe8) r2 = syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0x3, 0x2) bind$x25(r2, &(0x7f0000000100)={0x9, @remote={[], 0x3}}, 0x12) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1771.641124] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1771.660035] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1771.667765] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1771.675039] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1771.682313] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1771.689589] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1771.696865] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:40 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1771.761184] hfs: invalid session number or type of track [ 1771.772706] hfs: can't find a HFS filesystem on dev loop5 [ 1771.803415] Dev loop4: unable to read RDB block 1 [ 1771.808642] loop4: unable to read partition table [ 1771.819922] loop4: partition table beyond EOD, truncated 03:39:40 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:40 executing program 3 (fault-call:2 fault-nth:66): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:40 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c12") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1771.852720] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1771.861229] hfs: invalid session number or type of track [ 1771.888862] hfs: can't find a HFS filesystem on dev loop5 03:39:40 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff60000006c000001", 0x35, 0x1c0}]) 03:39:41 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x7f', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1771.978854] FAULT_INJECTION: forcing a failure. [ 1771.978854] name failslab, interval 1, probability 0, space 0, times 0 [ 1772.027492] CPU: 0 PID: 12261 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1772.034464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1772.043823] Call Trace: [ 1772.046427] dump_stack+0x1d3/0x2c6 [ 1772.050074] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1772.055291] ? __kernel_text_address+0xd/0x40 [ 1772.059806] ? unwind_get_return_address+0x61/0xa0 [ 1772.064757] should_fail.cold.4+0xa/0x17 [ 1772.068836] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1772.073954] ? save_stack+0x43/0xd0 03:39:41 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0xffffffffffffff86, &(0x7f00000000c0)}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1, 0x0, 0x1db}}], 0x1, 0x0, 0x0) [ 1772.077592] ? kasan_kmalloc+0xc7/0xe0 [ 1772.081501] ? kmem_cache_alloc_trace+0x152/0x750 [ 1772.086371] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 1772.091574] ? __list_lru_init+0x4d6/0x840 [ 1772.095826] ? graph_lock+0x270/0x270 [ 1772.099633] ? hfs_mount+0x34/0x40 [ 1772.103201] ? mount_fs+0xae/0x31d [ 1772.106756] ? vfs_kern_mount.part.35+0xdc/0x4f0 [ 1772.111525] ? do_mount+0x581/0x31f0 [ 1772.115223] ? ksys_mount+0x12d/0x140 [ 1772.119023] ? __x64_sys_mount+0xbe/0x150 [ 1772.123173] ? do_syscall_64+0x1b9/0x820 03:39:41 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c12") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1772.127253] ? find_held_lock+0x36/0x1c0 [ 1772.131334] ? __lock_is_held+0xb5/0x140 [ 1772.135402] ? drm_do_get_edid+0x288/0x690 [ 1772.139655] ? ___might_sleep+0x1ed/0x300 [ 1772.143821] ? arch_local_save_flags+0x40/0x40 [ 1772.148428] __should_failslab+0x124/0x180 [ 1772.152696] should_failslab+0x9/0x14 [ 1772.156545] kmem_cache_alloc_trace+0x2d7/0x750 [ 1772.161231] ? __kmalloc_node+0x3c/0x70 [ 1772.165225] ? __kmalloc_node+0x3c/0x70 [ 1772.169217] ? rcu_read_lock_sched_held+0x108/0x120 03:39:41 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c12") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1772.174255] __memcg_init_list_lru_node+0x185/0x2d0 [ 1772.179287] ? kvfree_rcu+0x20/0x20 [ 1772.182926] ? __kmalloc_node+0x50/0x70 [ 1772.186920] __list_lru_init+0x4d6/0x840 [ 1772.191002] ? list_lru_destroy+0x500/0x500 [ 1772.195340] ? up_write+0x7b/0x220 [ 1772.198889] ? down_read+0x120/0x120 [ 1772.202616] ? init_wait_entry+0x1c0/0x1c0 [ 1772.206861] ? prealloc_shrinker+0x172/0x340 [ 1772.211293] sget_userns+0x9a5/0xed0 [ 1772.215021] ? kill_litter_super+0x60/0x60 [ 1772.219273] ? ns_test_super+0x50/0x50 [ 1772.223176] ? destroy_unused_super.part.10+0x110/0x110 03:39:41 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c12628571") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1772.228555] ? selinux_ipv4_output+0x50/0x50 [ 1772.232989] ? blkdev_get+0xc8/0xb50 [ 1772.236734] ? selinux_capable+0x36/0x40 [ 1772.240810] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1772.246360] ? security_capable+0x99/0xc0 [ 1772.250525] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1772.256076] ? ns_capable_common+0x13f/0x170 [ 1772.260494] ? kill_litter_super+0x60/0x60 [ 1772.264753] sget+0x10b/0x150 [ 1772.267869] ? ns_test_super+0x50/0x50 [ 1772.271777] mount_bdev+0x111/0x3e0 03:39:41 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c12628571") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1772.275413] ? hfs_show_options+0x710/0x710 [ 1772.279749] hfs_mount+0x34/0x40 [ 1772.283135] mount_fs+0xae/0x31d [ 1772.286522] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1772.291118] ? may_umount+0xb0/0xb0 [ 1772.294761] ? _raw_read_unlock+0x2c/0x50 [ 1772.298922] ? __get_fs_type+0x97/0xc0 [ 1772.302829] do_mount+0x581/0x31f0 [ 1772.306378] ? check_preemption_disabled+0x48/0x280 [ 1772.311403] ? copy_mount_string+0x40/0x40 [ 1772.315703] ? copy_mount_options+0x5f/0x430 [ 1772.320130] ? rcu_read_lock_sched_held+0x108/0x120 03:39:41 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c12628571") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1772.325160] ? kmem_cache_alloc_trace+0x353/0x750 [ 1772.330020] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1772.335565] ? _copy_from_user+0xdf/0x150 [ 1772.339737] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1772.345289] ? copy_mount_options+0x315/0x430 [ 1772.349828] ksys_mount+0x12d/0x140 [ 1772.353483] __x64_sys_mount+0xbe/0x150 [ 1772.357480] do_syscall_64+0x1b9/0x820 [ 1772.361376] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1772.366773] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1772.371735] ? trace_hardirqs_off_thunk+0x1a/0x1c 03:39:41 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c1262857190") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1772.376780] ? trace_hardirqs_on_caller+0x310/0x310 [ 1772.381817] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1772.386847] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1772.391889] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1772.397200] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1772.402401] RIP: 0033:0x45a1ca [ 1772.405607] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1772.424514] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1772.432231] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1772.439510] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1772.446789] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1772.454080] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1772.461399] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1772.539801] Dev loop4: unable to read RDB block 1 [ 1772.553320] loop4: unable to read partition table [ 1772.572555] loop4: partition table beyond EOD, truncated [ 1772.578125] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:41 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:41 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c1262857190") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:39:41 executing program 3 (fault-call:2 fault-nth:67): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1772.723796] Dev loop4: unable to read RDB block 1 [ 1772.729032] loop4: unable to read partition table [ 1772.736158] loop4: partition table beyond EOD, truncated [ 1772.741976] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:41 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000002000001", 0x35, 0x1c0}]) 03:39:41 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1772.857041] FAULT_INJECTION: forcing a failure. [ 1772.857041] name failslab, interval 1, probability 0, space 0, times 0 [ 1772.878467] hfs: invalid session number or type of track [ 1772.884700] hfs: can't find a HFS filesystem on dev loop5 [ 1772.909395] CPU: 1 PID: 12300 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1772.916339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1772.925697] Call Trace: [ 1772.925726] dump_stack+0x1d3/0x2c6 [ 1772.925753] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1772.925778] ? __kernel_text_address+0xd/0x40 [ 1772.925803] ? unwind_get_return_address+0x61/0xa0 [ 1772.946609] should_fail.cold.4+0xa/0x17 [ 1772.950696] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1772.955824] ? save_stack+0x43/0xd0 [ 1772.959460] ? kasan_kmalloc+0xc7/0xe0 [ 1772.963357] ? kmem_cache_alloc_trace+0x152/0x750 [ 1772.968220] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 1772.973417] ? __list_lru_init+0x4d6/0x840 [ 1772.977665] ? graph_lock+0x270/0x270 [ 1772.981484] ? hfs_mount+0x34/0x40 [ 1772.985032] ? mount_fs+0xae/0x31d [ 1772.988579] ? vfs_kern_mount.part.35+0xdc/0x4f0 [ 1772.993343] ? do_mount+0x581/0x31f0 [ 1772.997068] ? ksys_mount+0x12d/0x140 [ 1773.000881] ? __x64_sys_mount+0xbe/0x150 [ 1773.005043] ? do_syscall_64+0x1b9/0x820 [ 1773.009128] ? find_held_lock+0x36/0x1c0 [ 1773.013208] ? __lock_is_held+0xb5/0x140 [ 1773.017294] ? ___might_sleep+0x1ed/0x300 [ 1773.021453] ? arch_local_save_flags+0x40/0x40 [ 1773.026055] __should_failslab+0x124/0x180 [ 1773.030308] should_failslab+0x9/0x14 [ 1773.034126] kmem_cache_alloc_trace+0x2d7/0x750 [ 1773.038806] ? __kmalloc_node+0x3c/0x70 [ 1773.042791] ? __kmalloc_node+0x3c/0x70 [ 1773.046787] ? rcu_read_lock_sched_held+0x108/0x120 [ 1773.051825] __memcg_init_list_lru_node+0x185/0x2d0 03:39:42 executing program 0: bind$alg(0xffffffffffffffff, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0) r0 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r0, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r0, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r0, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:39:42 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c1262857190") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1773.056857] ? kvfree_rcu+0x20/0x20 [ 1773.060500] ? __kmalloc_node+0x50/0x70 [ 1773.064494] __list_lru_init+0x4d6/0x840 [ 1773.068570] ? list_lru_destroy+0x500/0x500 [ 1773.072909] ? up_write+0x7b/0x220 [ 1773.076471] ? down_read+0x120/0x120 [ 1773.080202] ? init_wait_entry+0x1c0/0x1c0 [ 1773.084463] ? prealloc_shrinker+0x172/0x340 [ 1773.088894] sget_userns+0x9a5/0xed0 [ 1773.092620] ? kill_litter_super+0x60/0x60 [ 1773.096878] ? ns_test_super+0x50/0x50 [ 1773.100782] ? destroy_unused_super.part.10+0x110/0x110 [ 1773.106156] ? selinux_ipv4_output+0x50/0x50 03:39:42 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000240)='/selinux/status\x00', 0x0, 0x0) bind$vsock_dgram(r1, &(0x7f0000000200)={0x28, 0x0, 0xffffffff, @my=0x1}, 0x10) r2 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) r3 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) setsockopt$inet6_IPV6_ADDRFORM(r3, 0x29, 0x1, &(0x7f0000000100), 0x4) write$binfmt_script(r2, &(0x7f00000003c0)=ANY=[], 0xffffffffffffffe4) recvmmsg(r2, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) getsockopt$inet6_mreq(r1, 0x29, 0x10000015, &(0x7f0000000140)={@mcast1, 0x0}, &(0x7f0000000300)=0xfffffffffffffe11) connect$can_bcm(r1, &(0x7f00000002c0)={0x1d, r4}, 0x10) [ 1773.110591] ? blkdev_get+0xc8/0xb50 [ 1773.114328] ? selinux_capable+0x36/0x40 [ 1773.118408] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1773.123954] ? security_capable+0x99/0xc0 [ 1773.128120] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1773.133693] ? ns_capable_common+0x13f/0x170 [ 1773.138127] ? kill_litter_super+0x60/0x60 [ 1773.142409] sget+0x10b/0x150 [ 1773.145528] ? ns_test_super+0x50/0x50 [ 1773.149436] mount_bdev+0x111/0x3e0 [ 1773.153104] ? hfs_show_options+0x710/0x710 [ 1773.157454] hfs_mount+0x34/0x40 [ 1773.160832] mount_fs+0xae/0x31d [ 1773.164226] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1773.168828] ? may_umount+0xb0/0xb0 [ 1773.172460] ? _raw_read_unlock+0x2c/0x50 [ 1773.176618] ? __get_fs_type+0x97/0xc0 [ 1773.180526] do_mount+0x581/0x31f0 [ 1773.184099] ? check_preemption_disabled+0x48/0x280 [ 1773.189146] ? copy_mount_string+0x40/0x40 [ 1773.193424] ? copy_mount_options+0x5f/0x430 [ 1773.197862] ? rcu_read_lock_sched_held+0x108/0x120 [ 1773.202892] ? kmem_cache_alloc_trace+0x353/0x750 [ 1773.207760] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1773.213310] ? _copy_from_user+0xdf/0x150 [ 1773.217479] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1773.223026] ? copy_mount_options+0x315/0x430 [ 1773.227536] ksys_mount+0x12d/0x140 [ 1773.231205] __x64_sys_mount+0xbe/0x150 [ 1773.235201] do_syscall_64+0x1b9/0x820 [ 1773.239099] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1773.244490] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1773.249428] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1773.254318] ? trace_hardirqs_on_caller+0x310/0x310 03:39:42 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000080)="0a5c1f023c126285719070") mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x40031, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0xbcda34450b800b7a, 0x40000000000a132, 0xffffffffffffffff, 0x0) r2 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) getsockopt$llc_int(r2, 0x10c, 0x3, &(0x7f00000002c0), &(0x7f0000002600)=0x4) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r3, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1773.259350] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1773.264385] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1773.269417] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1773.274297] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1773.279508] RIP: 0033:0x45a1ca [ 1773.282717] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1773.301631] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1773.309349] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1773.316626] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1773.323903] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1773.331183] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1773.338482] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:42 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1773.361693] hfs: invalid session number or type of track [ 1773.372819] hfs: can't find a HFS filesystem on dev loop5 [ 1773.397863] Dev loop4: unable to read RDB block 1 [ 1773.403418] loop4: unable to read partition table 03:39:42 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="23000000560081aee4f80b00000f00fe078bc36f16000072fd670c87594d0063dac37b", 0x23}], 0x1}, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1773.408734] loop4: partition table beyond EOD, truncated 03:39:42 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1773.444832] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1773.531694] hfs: invalid session number or type of track [ 1773.537933] hfs: can't find a HFS filesystem on dev loop5 03:39:42 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, 0x0, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:42 executing program 3 (fault-call:2 fault-nth:68): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:42 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1773.593898] Dev loop4: unable to read RDB block 1 [ 1773.599298] loop4: unable to read partition table [ 1773.614817] hfs: invalid session number or type of track [ 1773.622129] hfs: can't find a HFS filesystem on dev loop5 [ 1773.635466] loop4: partition table beyond EOD, truncated [ 1773.648644] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:42 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000055000001", 0x35, 0x1c0}]) 03:39:42 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1773.713495] FAULT_INJECTION: forcing a failure. [ 1773.713495] name failslab, interval 1, probability 0, space 0, times 0 03:39:42 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1773.755190] CPU: 0 PID: 12338 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1773.762150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1773.771526] Call Trace: [ 1773.774135] dump_stack+0x1d3/0x2c6 [ 1773.777784] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1773.782992] ? __kernel_text_address+0xd/0x40 [ 1773.787495] ? unwind_get_return_address+0x61/0xa0 [ 1773.787519] should_fail.cold.4+0xa/0x17 [ 1773.787540] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1773.787565] ? save_stack+0x43/0xd0 [ 1773.787584] ? kasan_kmalloc+0xc7/0xe0 [ 1773.796498] hfs: invalid session number or type of track [ 1773.796567] ? kmem_cache_alloc_trace+0x152/0x750 [ 1773.803613] hfs: can't find a HFS filesystem on dev loop5 [ 1773.805296] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 1773.805312] ? __list_lru_init+0x4d6/0x840 [ 1773.805332] ? graph_lock+0x270/0x270 [ 1773.805346] ? hfs_mount+0x34/0x40 [ 1773.805360] ? mount_fs+0xae/0x31d [ 1773.805379] ? vfs_kern_mount.part.35+0xdc/0x4f0 [ 1773.850024] ? do_mount+0x581/0x31f0 [ 1773.853737] ? ksys_mount+0x12d/0x140 [ 1773.857531] ? __x64_sys_mount+0xbe/0x150 [ 1773.861696] ? do_syscall_64+0x1b9/0x820 [ 1773.865757] ? find_held_lock+0x36/0x1c0 [ 1773.869816] ? __lock_is_held+0xb5/0x140 [ 1773.873885] ? ___might_sleep+0x1ed/0x300 [ 1773.878021] ? arch_local_save_flags+0x40/0x40 [ 1773.882601] __should_failslab+0x124/0x180 [ 1773.886837] should_failslab+0x9/0x14 [ 1773.890642] kmem_cache_alloc_trace+0x2d7/0x750 [ 1773.895297] ? __kmalloc_node+0x3c/0x70 [ 1773.899283] ? __kmalloc_node+0x3c/0x70 [ 1773.903267] ? rcu_read_lock_sched_held+0x108/0x120 [ 1773.908299] __memcg_init_list_lru_node+0x185/0x2d0 [ 1773.913309] ? kvfree_rcu+0x20/0x20 [ 1773.916939] ? __kmalloc_node+0x50/0x70 [ 1773.920933] __list_lru_init+0x4d6/0x840 [ 1773.925001] ? list_lru_destroy+0x500/0x500 [ 1773.929325] ? up_write+0x7b/0x220 [ 1773.932870] ? down_read+0x120/0x120 [ 1773.936585] ? init_wait_entry+0x1c0/0x1c0 [ 1773.940829] ? prealloc_shrinker+0x172/0x340 [ 1773.945251] sget_userns+0x9a5/0xed0 [ 1773.948980] ? kill_litter_super+0x60/0x60 [ 1773.953235] ? ns_test_super+0x50/0x50 [ 1773.957123] ? destroy_unused_super.part.10+0x110/0x110 [ 1773.962502] ? selinux_ipv4_output+0x50/0x50 [ 1773.966922] ? blkdev_get+0xc8/0xb50 [ 1773.970625] ? selinux_capable+0x36/0x40 [ 1773.974706] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1773.980258] ? security_capable+0x99/0xc0 [ 1773.984396] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1773.989929] ? ns_capable_common+0x13f/0x170 [ 1773.994340] ? kill_litter_super+0x60/0x60 [ 1773.998578] sget+0x10b/0x150 [ 1774.001674] ? ns_test_super+0x50/0x50 [ 1774.005567] mount_bdev+0x111/0x3e0 [ 1774.009194] ? hfs_show_options+0x710/0x710 [ 1774.013567] hfs_mount+0x34/0x40 [ 1774.016932] mount_fs+0xae/0x31d [ 1774.020304] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1774.024879] ? may_umount+0xb0/0xb0 [ 1774.028506] ? _raw_read_unlock+0x2c/0x50 [ 1774.032644] ? __get_fs_type+0x97/0xc0 [ 1774.036521] do_mount+0x581/0x31f0 [ 1774.040051] ? check_preemption_disabled+0x48/0x280 [ 1774.045079] ? copy_mount_string+0x40/0x40 [ 1774.049337] ? copy_mount_options+0x5f/0x430 [ 1774.053736] ? rcu_read_lock_sched_held+0x108/0x120 [ 1774.058753] ? kmem_cache_alloc_trace+0x353/0x750 [ 1774.063627] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1774.069167] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1774.074701] ? copy_mount_options+0x315/0x430 [ 1774.079187] ksys_mount+0x12d/0x140 [ 1774.082814] __x64_sys_mount+0xbe/0x150 [ 1774.086815] do_syscall_64+0x1b9/0x820 [ 1774.090727] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1774.096101] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1774.101057] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1774.105916] ? trace_hardirqs_on_caller+0x310/0x310 [ 1774.110944] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1774.115974] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1774.120996] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1774.125850] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1774.131051] RIP: 0033:0x45a1ca [ 1774.134244] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1774.153130] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1774.160854] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1774.168120] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1774.175376] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1774.182641] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1774.189905] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:43 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x0, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1774.243693] hfs: invalid session number or type of track [ 1774.249170] hfs: can't find a HFS filesystem on dev loop5 03:39:43 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:43 executing program 0: r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x24141, 0x0) ioctl$sock_netrom_SIOCDELRT(r0, 0x890c, &(0x7f0000000080)={0x1, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={'nr', 0x0}, 0x3, 'syz0\x00', @null, 0x80000000, 0x8, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0) r2 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040), 0x2ef, 0x1) write$binfmt_script(r2, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r2, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:39:43 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x0, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1774.318993] Dev loop4: unable to read RDB block 1 [ 1774.324559] loop4: unable to read partition table [ 1774.329842] loop4: partition table beyond EOD, truncated [ 1774.337030] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:43 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x0, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:39:43 executing program 3 (fault-call:2 fault-nth:69): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1774.406532] hfs: invalid session number or type of track [ 1774.428550] hfs: can't find a HFS filesystem on dev loop5 [ 1774.453348] Dev loop4: unable to read RDB block 1 [ 1774.458542] loop4: unable to read partition table [ 1774.467560] loop4: partition table beyond EOD, truncated [ 1774.483372] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1774.499133] hfs: invalid session number or type of track 03:39:43 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(0xffffffffffffffff, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:43 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x0, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:39:43 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x0, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1774.509760] hfs: can't find a HFS filesystem on dev loop5 03:39:43 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000000003", 0x35, 0x1c0}]) 03:39:43 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x8c', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1774.607360] FAULT_INJECTION: forcing a failure. [ 1774.607360] name failslab, interval 1, probability 0, space 0, times 0 [ 1774.623484] CPU: 0 PID: 12371 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1774.630432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1774.639787] Call Trace: [ 1774.639816] dump_stack+0x1d3/0x2c6 [ 1774.639849] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1774.651247] ? __kernel_text_address+0xd/0x40 [ 1774.655767] ? unwind_get_return_address+0x61/0xa0 [ 1774.660731] should_fail.cold.4+0xa/0x17 [ 1774.664809] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1774.669929] ? save_stack+0x43/0xd0 [ 1774.673570] ? kasan_kmalloc+0xc7/0xe0 [ 1774.677467] ? kmem_cache_alloc_trace+0x152/0x750 [ 1774.682328] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 1774.687532] ? __list_lru_init+0x4d6/0x840 [ 1774.691782] ? graph_lock+0x270/0x270 [ 1774.695594] ? hfs_mount+0x34/0x40 [ 1774.699147] ? mount_fs+0xae/0x31d [ 1774.702710] ? vfs_kern_mount.part.35+0xdc/0x4f0 [ 1774.707476] ? do_mount+0x581/0x31f0 [ 1774.711201] ? ksys_mount+0x12d/0x140 [ 1774.715006] ? __x64_sys_mount+0xbe/0x150 [ 1774.719174] ? do_syscall_64+0x1b9/0x820 [ 1774.723254] ? find_held_lock+0x36/0x1c0 [ 1774.727332] ? __lock_is_held+0xb5/0x140 [ 1774.727361] ? ___might_sleep+0x1ed/0x300 [ 1774.727377] ? arch_local_save_flags+0x40/0x40 [ 1774.727404] __should_failslab+0x124/0x180 [ 1774.735598] should_failslab+0x9/0x14 [ 1774.735617] kmem_cache_alloc_trace+0x2d7/0x750 [ 1774.735634] ? __kmalloc_node+0x3c/0x70 [ 1774.735651] ? __kmalloc_node+0x3c/0x70 [ 1774.735671] ? rcu_read_lock_sched_held+0x108/0x120 [ 1774.735713] __memcg_init_list_lru_node+0x185/0x2d0 [ 1774.735733] ? kvfree_rcu+0x20/0x20 [ 1774.774613] ? __kmalloc_node+0x50/0x70 [ 1774.778608] __list_lru_init+0x4d6/0x840 [ 1774.782698] ? list_lru_destroy+0x500/0x500 [ 1774.787012] ? up_write+0x7b/0x220 [ 1774.790566] ? down_read+0x120/0x120 [ 1774.794298] ? init_wait_entry+0x1c0/0x1c0 [ 1774.798536] ? prealloc_shrinker+0x172/0x340 [ 1774.802961] sget_userns+0x9a5/0xed0 [ 1774.806676] ? kill_litter_super+0x60/0x60 [ 1774.810932] ? ns_test_super+0x50/0x50 [ 1774.814820] ? destroy_unused_super.part.10+0x110/0x110 [ 1774.820187] ? selinux_ipv4_output+0x50/0x50 [ 1774.824595] ? blkdev_get+0xc8/0xb50 [ 1774.828312] ? selinux_capable+0x36/0x40 [ 1774.832390] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1774.837941] ? security_capable+0x99/0xc0 [ 1774.842105] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1774.847654] ? ns_capable_common+0x13f/0x170 [ 1774.852089] ? kill_litter_super+0x60/0x60 [ 1774.856336] sget+0x10b/0x150 [ 1774.859439] ? ns_test_super+0x50/0x50 [ 1774.863331] mount_bdev+0x111/0x3e0 [ 1774.866954] ? hfs_show_options+0x710/0x710 [ 1774.871286] hfs_mount+0x34/0x40 [ 1774.874670] mount_fs+0xae/0x31d [ 1774.878073] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1774.882670] ? may_umount+0xb0/0xb0 [ 1774.886306] ? _raw_read_unlock+0x2c/0x50 [ 1774.890450] ? __get_fs_type+0x97/0xc0 [ 1774.894337] do_mount+0x581/0x31f0 [ 1774.897876] ? check_preemption_disabled+0x48/0x280 [ 1774.902903] ? copy_mount_string+0x40/0x40 [ 1774.907162] ? copy_mount_options+0x5f/0x430 [ 1774.911589] ? rcu_read_lock_sched_held+0x108/0x120 [ 1774.916622] ? kmem_cache_alloc_trace+0x353/0x750 [ 1774.921481] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1774.927565] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1774.933105] ? copy_mount_options+0x315/0x430 [ 1774.937592] ksys_mount+0x12d/0x140 [ 1774.941208] __x64_sys_mount+0xbe/0x150 [ 1774.945178] do_syscall_64+0x1b9/0x820 [ 1774.949065] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1774.954418] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1774.959348] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1774.964195] ? trace_hardirqs_on_caller+0x310/0x310 [ 1774.969210] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1774.974234] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1774.979239] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1774.984112] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1774.989309] RIP: 0033:0x45a1ca 03:39:44 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x0, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1774.992501] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1775.011390] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1775.019091] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1775.026365] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1775.033635] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1775.040912] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1775.048168] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1775.108623] Dev loop4: unable to read RDB block 1 [ 1775.119733] loop4: unable to read partition table [ 1775.134858] loop4: partition table beyond EOD, truncated [ 1775.147183] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:44 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x0, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:39:44 executing program 0: bind$alg(0xffffffffffffffff, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0xffffffffffffffa9) r0 = accept$alg(0xffffffffffffffff, 0x0, 0x0) r1 = accept4$netrom(0xffffffffffffff9c, &(0x7f0000000200)={{0x3, @default}, [@remote, @bcast, @rose, @rose, @bcast, @remote, @default, @rose]}, &(0x7f0000000280)=0x48, 0x80000) setsockopt$netrom_NETROM_T1(r1, 0x103, 0x1, &(0x7f0000000300)=0x20, 0x4) sendmmsg$alg(r0, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r0, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r0, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={0x0, @in6={{0xa, 0x4e20, 0x1f, @mcast1, 0x1000}}, 0x2, 0x2, 0x4, 0x5}, &(0x7f00000002c0)=0x98) setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r2, 0x84, 0x79, &(0x7f0000000440)={r4, 0x214, 0x3}, 0x8) ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r3, 0xc0505405, &(0x7f0000000100)={{0x2, 0x0, 0x9, 0x0, 0x8}, 0x9, 0xd7a, 0x80000000}) [ 1775.253722] Dev loop4: unable to read RDB block 1 [ 1775.259106] loop4: unable to read partition table [ 1775.283854] loop4: partition table beyond EOD, truncated 03:39:44 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x0, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:39:44 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-control\x00', 0x200100, 0x0) ioctl$TIOCSBRK(r2, 0x5427) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1775.301743] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:44 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x02', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:44 executing program 3 (fault-call:2 fault-nth:70): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:44 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:44 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000000063", 0x35, 0x1c0}]) 03:39:44 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x0, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1775.524155] Dev loop4: unable to read RDB block 1 [ 1775.539290] loop4: unable to read partition table 03:39:44 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1775.565965] loop4: partition table beyond EOD, truncated [ 1775.577128] FAULT_INJECTION: forcing a failure. [ 1775.577128] name failslab, interval 1, probability 0, space 0, times 0 [ 1775.579882] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1775.618230] CPU: 0 PID: 12419 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1775.625212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1775.634572] Call Trace: [ 1775.637182] dump_stack+0x1d3/0x2c6 [ 1775.640837] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1775.646050] ? __kernel_text_address+0xd/0x40 [ 1775.650556] ? unwind_get_return_address+0x61/0xa0 [ 1775.655503] should_fail.cold.4+0xa/0x17 [ 1775.659581] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1775.664715] ? save_stack+0x43/0xd0 [ 1775.668356] ? kasan_kmalloc+0xc7/0xe0 [ 1775.672258] ? kmem_cache_alloc_trace+0x152/0x750 [ 1775.677109] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 1775.682310] ? __list_lru_init+0x4d6/0x840 [ 1775.686558] ? graph_lock+0x270/0x270 [ 1775.690369] ? hfs_mount+0x34/0x40 [ 1775.693923] ? mount_fs+0xae/0x31d [ 1775.697472] ? vfs_kern_mount.part.35+0xdc/0x4f0 [ 1775.702235] ? do_mount+0x581/0x31f0 [ 1775.705954] ? ksys_mount+0x12d/0x140 [ 1775.709765] ? __x64_sys_mount+0xbe/0x150 [ 1775.713921] ? do_syscall_64+0x1b9/0x820 [ 1775.718000] ? find_held_lock+0x36/0x1c0 [ 1775.722079] ? __lock_is_held+0xb5/0x140 [ 1775.726831] ? trace_event_raw_event_cfg80211_bss_evt+0x378/0x420 [ 1775.733089] ? ___might_sleep+0x1ed/0x300 [ 1775.737250] ? arch_local_save_flags+0x40/0x40 [ 1775.741858] __should_failslab+0x124/0x180 [ 1775.746108] should_failslab+0x9/0x14 [ 1775.749923] kmem_cache_alloc_trace+0x2d7/0x750 [ 1775.754609] ? __kmalloc_node+0x3c/0x70 [ 1775.758597] ? __kmalloc_node+0x3c/0x70 [ 1775.762585] ? rcu_read_lock_sched_held+0x108/0x120 [ 1775.767620] __memcg_init_list_lru_node+0x185/0x2d0 [ 1775.772651] ? kvfree_rcu+0x20/0x20 [ 1775.776307] ? __kmalloc_node+0x50/0x70 [ 1775.780297] __list_lru_init+0x4d6/0x840 [ 1775.784374] ? list_lru_destroy+0x500/0x500 [ 1775.788729] ? up_write+0x7b/0x220 [ 1775.792282] ? down_read+0x120/0x120 [ 1775.796009] ? init_wait_entry+0x1c0/0x1c0 [ 1775.800253] ? prealloc_shrinker+0x172/0x340 [ 1775.804698] sget_userns+0x9a5/0xed0 [ 1775.808422] ? kill_litter_super+0x60/0x60 [ 1775.812673] ? ns_test_super+0x50/0x50 [ 1775.816590] ? destroy_unused_super.part.10+0x110/0x110 [ 1775.821969] ? selinux_ipv4_output+0x50/0x50 [ 1775.826399] ? blkdev_get+0xc8/0xb50 [ 1775.830126] ? selinux_capable+0x36/0x40 [ 1775.834206] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1775.839750] ? security_capable+0x99/0xc0 [ 1775.843914] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1775.849463] ? ns_capable_common+0x13f/0x170 [ 1775.853890] ? kill_litter_super+0x60/0x60 [ 1775.858136] sget+0x10b/0x150 [ 1775.861252] ? ns_test_super+0x50/0x50 [ 1775.865153] mount_bdev+0x111/0x3e0 [ 1775.868792] ? hfs_show_options+0x710/0x710 [ 1775.873126] hfs_mount+0x34/0x40 [ 1775.876503] mount_fs+0xae/0x31d [ 1775.879889] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1775.884489] ? may_umount+0xb0/0xb0 [ 1775.888125] ? _raw_read_unlock+0x2c/0x50 [ 1775.892286] ? __get_fs_type+0x97/0xc0 [ 1775.896187] do_mount+0x581/0x31f0 [ 1775.899743] ? check_preemption_disabled+0x48/0x280 [ 1775.904794] ? copy_mount_string+0x40/0x40 [ 1775.909051] ? copy_mount_options+0x5f/0x430 [ 1775.913471] ? rcu_read_lock_sched_held+0x108/0x120 [ 1775.918501] ? kmem_cache_alloc_trace+0x353/0x750 [ 1775.923362] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1775.928910] ? _copy_from_user+0xdf/0x150 [ 1775.933077] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1775.938621] ? copy_mount_options+0x315/0x430 [ 1775.943135] ksys_mount+0x12d/0x140 [ 1775.946778] __x64_sys_mount+0xbe/0x150 [ 1775.950771] do_syscall_64+0x1b9/0x820 [ 1775.954696] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1775.960073] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1775.965008] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1775.969866] ? trace_hardirqs_on_caller+0x310/0x310 [ 1775.974895] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1775.979924] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1775.984956] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1775.989815] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1775.995009] RIP: 0033:0x45a1ca [ 1775.998212] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 03:39:45 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:45 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1776.017118] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1776.024837] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1776.032110] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1776.039386] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1776.046659] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1776.053949] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1776.134471] Dev loop4: unable to read RDB block 1 [ 1776.147905] loop4: unable to read partition table [ 1776.156754] hfs: invalid session number or type of track [ 1776.171110] loop4: partition table beyond EOD, truncated 03:39:45 executing program 3 (fault-call:2 fault-nth:71): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:45 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:39:45 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) r2 = syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x7, 0x10000) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000280)={0x0, 0x0}, &(0x7f00000002c0)=0xc) getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@initdev, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in6=@remote}}, &(0x7f0000000440)=0xe8) getgroups(0x6, &(0x7f0000000480)=[0x0, 0xee00, 0xee00, 0xee00, 0xee00, 0x0]) r6 = getgid() r7 = getgid() fstat(r2, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000000540), &(0x7f0000000580), &(0x7f00000005c0)=0x0) r10 = getgid() stat(&(0x7f0000000600)='./file0\x00', &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f00000006c0)='./file0\x00', &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) lsetxattr$system_posix_acl(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000780)={{}, {0x1, 0x1}, [{0x2, 0x1, r3}, {0x2, 0x5, r4}], {0x4, 0x4}, [{0x8, 0x5, r5}, {0x8, 0x2, r6}, {0x8, 0x1, r7}, {0x8, 0x7, r8}, {0x8, 0x3, r9}, {0x8, 0x7, r10}, {0x8, 0x5, r11}, {0x8, 0x2, r12}], {}, {0x20, 0x4}}, 0x74, 0x3) getpeername$netlink(r2, &(0x7f0000000100), &(0x7f0000000140)=0xc) [ 1776.185350] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1776.196771] hfs: can't find a HFS filesystem on dev loop5 03:39:45 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000068000001", 0x35, 0x1c0}]) [ 1776.266122] hfs: invalid session number or type of track [ 1776.289164] hfs: can't find a HFS filesystem on dev loop5 03:39:45 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:45 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0) 03:39:45 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1776.384742] hfs: invalid session number or type of track [ 1776.390295] hfs: can't find a HFS filesystem on dev loop3 03:39:45 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0) [ 1776.452672] FAULT_INJECTION: forcing a failure. [ 1776.452672] name failslab, interval 1, probability 0, space 0, times 0 [ 1776.480478] CPU: 0 PID: 12437 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1776.487433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1776.496787] Call Trace: [ 1776.499399] dump_stack+0x1d3/0x2c6 [ 1776.503045] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1776.508254] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1776.513810] should_fail.cold.4+0xa/0x17 [ 1776.517891] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1776.523010] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1776.528573] ? wake_up_klogd+0x11a/0x180 [ 1776.532648] ? console_device+0xc0/0xc0 [ 1776.536663] ? __down_trylock_console_sem+0x155/0x200 [ 1776.541893] ? graph_lock+0x270/0x270 [ 1776.545715] ? vprintk_emit+0x297/0x990 [ 1776.549766] ? find_held_lock+0x36/0x1c0 [ 1776.553850] ? __lock_is_held+0xb5/0x140 [ 1776.557937] ? ___might_sleep+0x1ed/0x300 [ 1776.562114] ? arch_local_save_flags+0x40/0x40 [ 1776.566720] ? vprintk_default+0x28/0x30 [ 1776.570798] __should_failslab+0x124/0x180 [ 1776.575050] should_failslab+0x9/0x14 [ 1776.578867] kmem_cache_alloc_trace+0x2d7/0x750 [ 1776.583556] kobject_uevent_env+0x2f3/0x101e [ 1776.587992] kobject_uevent+0x1f/0x24 [ 1776.591869] loop_clr_fd+0x607/0xcf0 [ 1776.595609] ? loop_attr_do_show_backing_file+0x1a0/0x1a0 [ 1776.601170] lo_ioctl+0x875/0x1d60 [ 1776.604738] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1776.610323] ? avc_has_extended_perms+0xab2/0x15a0 [ 1776.615275] ? lo_rw_aio_complete+0x470/0x470 [ 1776.619784] blkdev_ioctl+0xd8a/0x21b0 [ 1776.623704] ? blkpg_ioctl+0xc10/0xc10 [ 1776.627608] ? avc_ss_reset+0x190/0x190 [ 1776.631595] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1776.636531] ? kasan_check_read+0x11/0x20 [ 1776.640706] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1776.645993] ? rcu_softirq_qs+0x20/0x20 [ 1776.650005] ? ___might_sleep+0x1ed/0x300 [ 1776.654165] ? kasan_slab_free+0xe/0x10 [ 1776.658150] ? arch_local_save_flags+0x40/0x40 [ 1776.662743] ? do_syscall_64+0x1b9/0x820 [ 1776.666816] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1776.672201] block_ioctl+0xee/0x130 [ 1776.675840] ? blkdev_fallocate+0x400/0x400 [ 1776.680172] do_vfs_ioctl+0x1de/0x1790 [ 1776.684076] ? ioctl_preallocate+0x300/0x300 [ 1776.688500] ? selinux_file_mprotect+0x620/0x620 [ 1776.693275] ? trace_hardirqs_on+0xbd/0x310 [ 1776.697608] ? ksys_mount+0xa3/0x140 [ 1776.701353] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1776.706816] ? do_syscall_64+0x9a/0x820 [ 1776.710813] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1776.716362] ? security_file_ioctl+0x94/0xc0 [ 1776.720784] ksys_ioctl+0xa9/0xd0 [ 1776.724252] __x64_sys_ioctl+0x73/0xb0 [ 1776.728151] do_syscall_64+0x1b9/0x820 [ 1776.732047] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1776.737421] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1776.742357] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1776.747209] ? trace_hardirqs_on_caller+0x310/0x310 [ 1776.752236] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1776.757263] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1776.762296] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1776.767163] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1776.772361] RIP: 0033:0x4575c7 [ 1776.775563] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1776.794559] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1776.802278] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 00000000004575c7 [ 1776.809556] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000006 [ 1776.816831] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1776.824106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1776.831382] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:45 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0) [ 1776.863179] Dev loop4: unable to read RDB block 1 [ 1776.870739] loop4: unable to read partition table [ 1776.886899] hfs: invalid session number or type of track [ 1776.895127] loop4: partition table beyond EOD, truncated 03:39:45 executing program 3 (fault-call:2 fault-nth:72): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:45 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={0xffffffffffffffff, &(0x7f0000000000), 0x0}, 0x18) [ 1776.909928] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1776.919927] hfs: can't find a HFS filesystem on dev loop5 [ 1776.989337] hfs: invalid session number or type of track [ 1777.001082] hfs: invalid session number or type of track [ 1777.003218] hfs: can't find a HFS filesystem on dev loop5 [ 1777.012736] hfs: can't find a HFS filesystem on dev loop3 [ 1777.019100] Dev loop4: unable to read RDB block 1 [ 1777.024442] loop4: unable to read partition table 03:39:46 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={0xffffffffffffffff, &(0x7f0000000000), 0x0}, 0x18) [ 1777.039625] loop4: partition table beyond EOD, truncated [ 1777.052566] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1777.096011] FAULT_INJECTION: forcing a failure. [ 1777.096011] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1777.107835] CPU: 0 PID: 12460 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1777.114763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1777.124116] Call Trace: [ 1777.126732] dump_stack+0x1d3/0x2c6 [ 1777.130370] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1777.135613] ? up+0xea/0x1c0 [ 1777.138642] ? lock_downgrade+0x900/0x900 [ 1777.142812] should_fail.cold.4+0xa/0x17 [ 1777.146884] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1777.152001] ? mark_held_locks+0xc7/0x130 [ 1777.156159] ? lock_downgrade+0x900/0x900 [ 1777.160323] ? mark_held_locks+0x130/0x130 [ 1777.164567] ? vprintk_emit+0x39c/0x990 [ 1777.168557] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1777.174031] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1777.179576] ? llist_add_batch+0x106/0x170 [ 1777.183825] ? check_preemption_disabled+0x48/0x280 [ 1777.188861] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1777.194407] ? should_fail+0x22d/0xd01 [ 1777.198303] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1777.203860] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1777.208974] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1777.214520] ? wake_up_klogd+0x11a/0x180 [ 1777.218599] __alloc_pages_nodemask+0x366/0xea0 [ 1777.223279] ? __down_trylock_console_sem+0x155/0x200 [ 1777.228485] ? __alloc_pages_slowpath+0x2df0/0x2df0 [ 1777.233506] ? vprintk_emit+0x297/0x990 [ 1777.237500] ? find_held_lock+0x36/0x1c0 [ 1777.241655] ? bch_allocator_thread+0x2478/0x3be0 [ 1777.246546] ? ___might_sleep+0x1ed/0x300 [ 1777.250718] ? trace_hardirqs_off+0xb8/0x310 [ 1777.255147] cache_grow_begin+0x91/0x8c0 [ 1777.259219] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1777.264767] ? check_preemption_disabled+0x48/0x280 [ 1777.269801] kmem_cache_alloc_trace+0x67e/0x750 [ 1777.274492] kobject_uevent_env+0x2f3/0x101e [ 1777.278919] kobject_uevent+0x1f/0x24 [ 1777.282738] loop_clr_fd+0x607/0xcf0 [ 1777.286473] ? loop_attr_do_show_backing_file+0x1a0/0x1a0 [ 1777.292038] lo_ioctl+0x875/0x1d60 [ 1777.295644] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1777.301203] ? avc_has_extended_perms+0xab2/0x15a0 [ 1777.306145] ? lo_rw_aio_complete+0x470/0x470 [ 1777.310647] blkdev_ioctl+0xd8a/0x21b0 [ 1777.314556] ? blkpg_ioctl+0xc10/0xc10 [ 1777.318452] ? avc_ss_reset+0x190/0x190 [ 1777.322437] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1777.327373] ? kasan_check_read+0x11/0x20 [ 1777.331531] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1777.336820] ? rcu_softirq_qs+0x20/0x20 [ 1777.340829] ? ___might_sleep+0x1ed/0x300 [ 1777.344982] ? kasan_slab_free+0xe/0x10 [ 1777.348962] ? arch_local_save_flags+0x40/0x40 [ 1777.353551] ? do_syscall_64+0x1b9/0x820 [ 1777.357650] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1777.363046] block_ioctl+0xee/0x130 [ 1777.366689] ? blkdev_fallocate+0x400/0x400 [ 1777.371032] do_vfs_ioctl+0x1de/0x1790 [ 1777.374940] ? ioctl_preallocate+0x300/0x300 [ 1777.379364] ? selinux_file_mprotect+0x620/0x620 [ 1777.384155] ? trace_hardirqs_on+0xbd/0x310 [ 1777.388488] ? ksys_mount+0xa3/0x140 [ 1777.392207] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1777.397698] ? do_syscall_64+0x9a/0x820 [ 1777.401745] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1777.407295] ? security_file_ioctl+0x94/0xc0 [ 1777.411728] ksys_ioctl+0xa9/0xd0 [ 1777.415197] __x64_sys_ioctl+0x73/0xb0 [ 1777.419112] do_syscall_64+0x1b9/0x820 [ 1777.423038] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1777.428410] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1777.433349] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1777.438205] ? trace_hardirqs_on_caller+0x310/0x310 [ 1777.443232] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1777.448259] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1777.453287] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1777.458149] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1777.463352] RIP: 0033:0x4575c7 [ 1777.466553] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1777.485457] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1777.493170] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 00000000004575c7 [ 1777.500447] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000006 [ 1777.507725] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1777.514998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1777.522288] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:46 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_refresh_period\x00', 0x2, 0x0) ioctl$VIDIOC_ENUM_FMT(r2, 0xc0405602, &(0x7f0000000100)={0x6, 0x6, 0x3, "4fcb80711cd9392b7235ad0d463d598d8df018aa8aae57392e33a56672a6b622", 0x50565559}) 03:39:46 executing program 3 (fault-call:2 fault-nth:73): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:46 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:46 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000400001", 0x35, 0x1c0}]) 03:39:46 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:46 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={0xffffffffffffffff, &(0x7f0000000000), 0x0}, 0x18) [ 1777.683348] FAULT_INJECTION: forcing a failure. [ 1777.683348] name failslab, interval 1, probability 0, space 0, times 0 [ 1777.736011] CPU: 0 PID: 12472 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1777.740737] Dev loop4: unable to read RDB block 1 [ 1777.742988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1777.742996] Call Trace: [ 1777.743024] dump_stack+0x1d3/0x2c6 [ 1777.743051] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1777.743073] ? __kernel_text_address+0xd/0x40 [ 1777.743100] ? unwind_get_return_address+0x61/0xa0 [ 1777.756502] loop4: unable to read partition table [ 1777.757299] should_fail.cold.4+0xa/0x17 [ 1777.771886] loop4: partition table beyond EOD, truncated [ 1777.773196] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1777.773232] ? save_stack+0x43/0xd0 [ 1777.773246] ? kasan_kmalloc+0xc7/0xe0 [ 1777.773263] ? kmem_cache_alloc_trace+0x152/0x750 [ 1777.773286] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 1777.782010] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1777.783141] ? __list_lru_init+0x4d6/0x840 [ 1777.783160] ? graph_lock+0x270/0x270 [ 1777.783173] ? hfs_mount+0x34/0x40 [ 1777.783188] ? mount_fs+0xae/0x31d [ 1777.783202] ? vfs_kern_mount.part.35+0xdc/0x4f0 [ 1777.783220] ? do_mount+0x581/0x31f0 [ 1777.846184] ? ksys_mount+0x12d/0x140 [ 1777.850001] ? __x64_sys_mount+0xbe/0x150 [ 1777.854166] ? do_syscall_64+0x1b9/0x820 [ 1777.858252] ? find_held_lock+0x36/0x1c0 [ 1777.862338] ? __lock_is_held+0xb5/0x140 [ 1777.866427] ? ___might_sleep+0x1ed/0x300 [ 1777.870597] ? arch_local_save_flags+0x40/0x40 [ 1777.875208] __should_failslab+0x124/0x180 [ 1777.879465] should_failslab+0x9/0x14 [ 1777.883291] kmem_cache_alloc_trace+0x2d7/0x750 [ 1777.887979] ? __kmalloc_node+0x3c/0x70 [ 1777.891975] ? __kmalloc_node+0x3c/0x70 [ 1777.895972] ? rcu_read_lock_sched_held+0x108/0x120 [ 1777.901015] __memcg_init_list_lru_node+0x185/0x2d0 [ 1777.906055] ? kvfree_rcu+0x20/0x20 [ 1777.909720] ? __kmalloc_node+0x50/0x70 [ 1777.913743] __list_lru_init+0x4d6/0x840 [ 1777.917834] ? list_lru_destroy+0x500/0x500 [ 1777.922178] ? up_write+0x7b/0x220 [ 1777.925742] ? down_read+0x120/0x120 [ 1777.929473] ? init_wait_entry+0x1c0/0x1c0 [ 1777.933742] ? prealloc_shrinker+0x172/0x340 [ 1777.938180] sget_userns+0x9a5/0xed0 [ 1777.941913] ? kill_litter_super+0x60/0x60 [ 1777.946172] ? ns_test_super+0x50/0x50 [ 1777.950079] ? destroy_unused_super.part.10+0x110/0x110 [ 1777.955466] ? selinux_ipv4_output+0x50/0x50 [ 1777.959908] ? blkdev_get+0xc8/0xb50 [ 1777.963642] ? selinux_capable+0x36/0x40 [ 1777.967756] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1777.973307] ? security_capable+0x99/0xc0 [ 1777.977477] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1777.983032] ? ns_capable_common+0x13f/0x170 [ 1777.987462] ? kill_litter_super+0x60/0x60 [ 1777.991737] sget+0x10b/0x150 [ 1777.994864] ? ns_test_super+0x50/0x50 [ 1777.998774] mount_bdev+0x111/0x3e0 [ 1778.002420] ? hfs_show_options+0x710/0x710 [ 1778.006765] hfs_mount+0x34/0x40 [ 1778.010150] mount_fs+0xae/0x31d [ 1778.013539] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1778.018144] ? may_umount+0xb0/0xb0 [ 1778.021789] ? _raw_read_unlock+0x2c/0x50 [ 1778.025958] ? __get_fs_type+0x97/0xc0 [ 1778.029870] do_mount+0x581/0x31f0 [ 1778.033429] ? check_preemption_disabled+0x48/0x280 [ 1778.038471] ? copy_mount_string+0x40/0x40 [ 1778.042749] ? copy_mount_options+0x5f/0x430 [ 1778.047178] ? rcu_read_lock_sched_held+0x108/0x120 [ 1778.052214] ? kmem_cache_alloc_trace+0x353/0x750 [ 1778.057084] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1778.062644] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1778.068214] ? copy_mount_options+0x315/0x430 [ 1778.072740] ksys_mount+0x12d/0x140 [ 1778.076392] __x64_sys_mount+0xbe/0x150 [ 1778.080387] do_syscall_64+0x1b9/0x820 [ 1778.084291] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1778.089674] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1778.094642] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1778.099523] ? trace_hardirqs_on_caller+0x310/0x310 [ 1778.104559] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1778.109600] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1778.114640] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1778.119525] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1778.124731] RIP: 0033:0x45a1ca [ 1778.127941] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1778.146852] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1778.154576] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1778.161860] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1778.169143] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1778.176426] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 03:39:47 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, 0x0, 0x0}, 0x18) [ 1778.183733] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1778.208432] hfs: invalid session number or type of track [ 1778.214596] hfs: can't find a HFS filesystem on dev loop5 03:39:47 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, 0x0, 0x0}, 0x18) 03:39:47 executing program 3 (fault-call:2 fault-nth:74): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1778.263367] hfs: invalid session number or type of track [ 1778.273642] hfs: can't find a HFS filesystem on dev loop5 [ 1778.295928] Dev loop4: unable to read RDB block 1 [ 1778.300872] loop4: unable to read partition table 03:39:47 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, 0x0, 0x0}, 0x18) [ 1778.312855] loop4: partition table beyond EOD, truncated [ 1778.318638] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:47 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000000006", 0x35, 0x1c0}]) 03:39:47 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1778.383311] FAULT_INJECTION: forcing a failure. [ 1778.383311] name failslab, interval 1, probability 0, space 0, times 0 [ 1778.416592] CPU: 0 PID: 12494 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1778.423549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1778.423556] Call Trace: [ 1778.423583] dump_stack+0x1d3/0x2c6 [ 1778.423614] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1778.444382] ? __kernel_text_address+0xd/0x40 [ 1778.444400] ? unwind_get_return_address+0x61/0xa0 [ 1778.444423] should_fail.cold.4+0xa/0x17 [ 1778.444443] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1778.444467] ? save_stack+0x43/0xd0 [ 1778.466661] ? kasan_kmalloc+0xc7/0xe0 [ 1778.470583] ? kmem_cache_alloc_trace+0x152/0x750 [ 1778.475438] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 1778.480636] ? __list_lru_init+0x4d6/0x840 [ 1778.484881] ? graph_lock+0x270/0x270 [ 1778.488707] ? hfs_mount+0x34/0x40 [ 1778.492259] ? mount_fs+0xae/0x31d [ 1778.495808] ? vfs_kern_mount.part.35+0xdc/0x4f0 [ 1778.500571] ? do_mount+0x581/0x31f0 [ 1778.504289] ? ksys_mount+0x12d/0x140 [ 1778.508095] ? __x64_sys_mount+0xbe/0x150 [ 1778.512252] ? do_syscall_64+0x1b9/0x820 [ 1778.516353] ? find_held_lock+0x36/0x1c0 [ 1778.520432] ? __lock_is_held+0xb5/0x140 [ 1778.524512] ? ___might_sleep+0x1ed/0x300 [ 1778.528881] ? arch_local_save_flags+0x40/0x40 [ 1778.533483] __should_failslab+0x124/0x180 [ 1778.537734] should_failslab+0x9/0x14 [ 1778.541546] kmem_cache_alloc_trace+0x2d7/0x750 [ 1778.546226] ? __kmalloc_node+0x3c/0x70 [ 1778.550209] ? __kmalloc_node+0x3c/0x70 [ 1778.554191] ? rcu_read_lock_sched_held+0x108/0x120 [ 1778.559229] __memcg_init_list_lru_node+0x185/0x2d0 [ 1778.564259] ? kvfree_rcu+0x20/0x20 [ 1778.567910] ? __kmalloc_node+0x50/0x70 [ 1778.571901] __list_lru_init+0x4d6/0x840 [ 1778.575975] ? list_lru_destroy+0x500/0x500 [ 1778.580307] ? up_write+0x7b/0x220 [ 1778.583861] ? down_read+0x120/0x120 [ 1778.587583] ? init_wait_entry+0x1c0/0x1c0 [ 1778.591826] ? prealloc_shrinker+0x172/0x340 [ 1778.596254] sget_userns+0x9a5/0xed0 [ 1778.599975] ? kill_litter_super+0x60/0x60 [ 1778.604225] ? ns_test_super+0x50/0x50 [ 1778.608152] ? destroy_unused_super.part.10+0x110/0x110 [ 1778.613549] ? selinux_ipv4_output+0x50/0x50 [ 1778.617978] ? blkdev_get+0xc8/0xb50 [ 1778.621727] ? selinux_capable+0x36/0x40 [ 1778.625807] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1778.631352] ? security_capable+0x99/0xc0 [ 1778.635519] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1778.641066] ? ns_capable_common+0x13f/0x170 [ 1778.645487] ? kill_litter_super+0x60/0x60 [ 1778.649735] sget+0x10b/0x150 [ 1778.652853] ? ns_test_super+0x50/0x50 [ 1778.656763] mount_bdev+0x111/0x3e0 [ 1778.660401] ? hfs_show_options+0x710/0x710 [ 1778.664753] hfs_mount+0x34/0x40 [ 1778.668129] mount_fs+0xae/0x31d [ 1778.671537] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1778.676150] ? may_umount+0xb0/0xb0 [ 1778.679790] ? _raw_read_unlock+0x2c/0x50 [ 1778.683949] ? __get_fs_type+0x97/0xc0 [ 1778.687854] do_mount+0x581/0x31f0 [ 1778.691403] ? check_preemption_disabled+0x48/0x280 [ 1778.696438] ? copy_mount_string+0x40/0x40 [ 1778.700713] ? copy_mount_options+0x5f/0x430 [ 1778.705138] ? rcu_read_lock_sched_held+0x108/0x120 [ 1778.710167] ? kmem_cache_alloc_trace+0x353/0x750 [ 1778.715024] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1778.720570] ? _copy_from_user+0xdf/0x150 [ 1778.724742] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1778.730287] ? copy_mount_options+0x315/0x430 [ 1778.734799] ksys_mount+0x12d/0x140 [ 1778.738436] __x64_sys_mount+0xbe/0x150 [ 1778.742428] do_syscall_64+0x1b9/0x820 [ 1778.746325] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1778.751719] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1778.756661] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1778.761539] ? trace_hardirqs_on_caller+0x310/0x310 [ 1778.766568] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1778.771598] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1778.776628] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1778.781489] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1778.786705] RIP: 0033:0x45a1ca [ 1778.789912] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1778.808820] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1778.816537] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1778.823817] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1778.831091] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1778.838370] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1778.845645] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:47 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) r2 = syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x8000, 0x4100) ioctl$SIOCX25SSUBSCRIP(r2, 0x89e1, &(0x7f0000000200)={'veth0_to_bridge\x00', 0x67, 0x1}) 03:39:47 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) r1 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeffffdef) [ 1778.894984] hfs: invalid session number or type of track [ 1778.907620] Dev loop4: unable to read RDB block 1 [ 1778.909556] hfs: can't find a HFS filesystem on dev loop5 [ 1778.914980] loop4: unable to read partition table [ 1778.935950] loop4: partition table beyond EOD, truncated 03:39:47 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, 0x0, 0x0, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1778.949567] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1778.986337] hfs: invalid session number or type of track 03:39:48 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1779.011943] hfs: can't find a HFS filesystem on dev loop5 [ 1779.044658] Dev loop4: unable to read RDB block 1 [ 1779.049671] loop4: unable to read partition table 03:39:48 executing program 3 (fault-call:2 fault-nth:75): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1779.082598] loop4: partition table beyond EOD, truncated [ 1779.088989] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:48 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000000002", 0x35, 0x1c0}]) [ 1779.155295] hfs: invalid session number or type of track [ 1779.165600] hfs: invalid session number or type of track [ 1779.178130] hfs: can't find a HFS filesystem on dev loop3 [ 1779.182521] hfs: can't find a HFS filesystem on dev loop5 [ 1779.242783] FAULT_INJECTION: forcing a failure. [ 1779.242783] name failslab, interval 1, probability 0, space 0, times 0 [ 1779.268462] CPU: 0 PID: 12522 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1779.275426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1779.284797] Call Trace: [ 1779.284823] dump_stack+0x1d3/0x2c6 [ 1779.284846] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1779.284867] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1779.284891] should_fail.cold.4+0xa/0x17 [ 1779.284910] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1779.284932] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1779.291166] ? wake_up_klogd+0x11a/0x180 [ 1779.291183] ? console_device+0xc0/0xc0 [ 1779.291202] ? __down_trylock_console_sem+0x155/0x200 [ 1779.291223] ? graph_lock+0x270/0x270 [ 1779.291239] ? vprintk_emit+0x297/0x990 [ 1779.291265] ? find_held_lock+0x36/0x1c0 [ 1779.291288] ? __lock_is_held+0xb5/0x140 [ 1779.291315] ? ___might_sleep+0x1ed/0x300 [ 1779.306418] hfs: invalid session number or type of track [ 1779.311208] ? arch_local_save_flags+0x40/0x40 [ 1779.311229] ? vprintk_default+0x28/0x30 [ 1779.311253] __should_failslab+0x124/0x180 [ 1779.311272] should_failslab+0x9/0x14 [ 1779.311291] kmem_cache_alloc_trace+0x2d7/0x750 [ 1779.311319] kobject_uevent_env+0x2f3/0x101e [ 1779.311347] kobject_uevent+0x1f/0x24 [ 1779.311368] loop_clr_fd+0x607/0xcf0 [ 1779.317440] hfs: can't find a HFS filesystem on dev loop5 [ 1779.320970] ? loop_attr_do_show_backing_file+0x1a0/0x1a0 [ 1779.320997] lo_ioctl+0x875/0x1d60 [ 1779.321019] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1779.321038] ? avc_has_extended_perms+0xab2/0x15a0 [ 1779.321056] ? lo_rw_aio_complete+0x470/0x470 [ 1779.321074] blkdev_ioctl+0xd8a/0x21b0 [ 1779.321093] ? blkpg_ioctl+0xc10/0xc10 [ 1779.321108] ? avc_ss_reset+0x190/0x190 [ 1779.321129] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1779.321146] ? kasan_check_read+0x11/0x20 [ 1779.439581] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1779.444881] ? rcu_softirq_qs+0x20/0x20 [ 1779.448901] ? ___might_sleep+0x1ed/0x300 [ 1779.453070] ? kasan_slab_free+0xe/0x10 [ 1779.457065] ? arch_local_save_flags+0x40/0x40 [ 1779.461666] ? do_syscall_64+0x1b9/0x820 [ 1779.465773] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1779.471168] block_ioctl+0xee/0x130 [ 1779.474824] ? blkdev_fallocate+0x400/0x400 [ 1779.479280] do_vfs_ioctl+0x1de/0x1790 [ 1779.483201] ? ioctl_preallocate+0x300/0x300 [ 1779.487636] ? selinux_file_mprotect+0x620/0x620 [ 1779.492422] ? trace_hardirqs_on+0xbd/0x310 [ 1779.496762] ? ksys_mount+0xa3/0x140 [ 1779.500499] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1779.505977] ? do_syscall_64+0x9a/0x820 [ 1779.509975] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1779.515532] ? security_file_ioctl+0x94/0xc0 [ 1779.519966] ksys_ioctl+0xa9/0xd0 [ 1779.523446] __x64_sys_ioctl+0x73/0xb0 [ 1779.527358] do_syscall_64+0x1b9/0x820 [ 1779.531266] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1779.536649] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1779.541617] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1779.546485] ? trace_hardirqs_on_caller+0x310/0x310 [ 1779.551528] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1779.556565] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1779.561608] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1779.566481] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1779.571773] RIP: 0033:0x4575c7 [ 1779.575074] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1779.593992] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1779.601734] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 00000000004575c7 [ 1779.609022] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000006 [ 1779.616306] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1779.623621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1779.630909] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:48 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs,', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:48 executing program 3 (fault-call:2 fault-nth:76): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1779.683886] Dev loop4: unable to read RDB block 1 [ 1779.688801] loop4: unable to read partition table [ 1779.712524] loop4: partition table beyond EOD, truncated [ 1779.718338] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1779.754636] FAULT_INJECTION: forcing a failure. [ 1779.754636] name failslab, interval 1, probability 0, space 0, times 0 [ 1779.768957] CPU: 1 PID: 12529 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1779.775911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1779.785278] Call Trace: [ 1779.787896] dump_stack+0x1d3/0x2c6 [ 1779.791549] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1779.796765] ? __kernel_text_address+0xd/0x40 [ 1779.801281] ? unwind_get_return_address+0x61/0xa0 [ 1779.806244] should_fail.cold.4+0xa/0x17 [ 1779.810334] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1779.815462] ? save_stack+0x43/0xd0 [ 1779.819107] ? kasan_kmalloc+0xc7/0xe0 [ 1779.823011] ? kmem_cache_alloc_trace+0x152/0x750 [ 1779.827873] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 1779.833077] ? __list_lru_init+0x4d6/0x840 [ 1779.837330] ? graph_lock+0x270/0x270 [ 1779.841146] ? hfs_mount+0x34/0x40 [ 1779.844723] ? mount_fs+0xae/0x31d [ 1779.848278] ? vfs_kern_mount.part.35+0xdc/0x4f0 [ 1779.853048] ? do_mount+0x581/0x31f0 [ 1779.856779] ? ksys_mount+0x12d/0x140 [ 1779.860593] ? __x64_sys_mount+0xbe/0x150 [ 1779.864763] ? do_syscall_64+0x1b9/0x820 [ 1779.868849] ? find_held_lock+0x36/0x1c0 [ 1779.872933] ? __lock_is_held+0xb5/0x140 [ 1779.877028] ? ___might_sleep+0x1ed/0x300 [ 1779.881203] ? arch_local_save_flags+0x40/0x40 [ 1779.885818] __should_failslab+0x124/0x180 [ 1779.890070] should_failslab+0x9/0x14 [ 1779.893891] kmem_cache_alloc_trace+0x2d7/0x750 [ 1779.898581] ? __kmalloc_node+0x3c/0x70 [ 1779.902572] ? __kmalloc_node+0x3c/0x70 [ 1779.906573] ? rcu_read_lock_sched_held+0x108/0x120 [ 1779.911617] __memcg_init_list_lru_node+0x185/0x2d0 [ 1779.916657] ? kvfree_rcu+0x20/0x20 [ 1779.920326] ? __kmalloc_node+0x50/0x70 [ 1779.924326] __list_lru_init+0x4d6/0x840 [ 1779.928416] ? list_lru_destroy+0x500/0x500 [ 1779.932762] ? up_write+0x7b/0x220 [ 1779.936323] ? down_read+0x120/0x120 [ 1779.940063] ? prealloc_shrinker+0x17f/0x340 [ 1779.944506] sget_userns+0x9a5/0xed0 [ 1779.948238] ? kill_litter_super+0x60/0x60 [ 1779.952496] ? ns_test_super+0x50/0x50 [ 1779.956404] ? destroy_unused_super.part.10+0x110/0x110 [ 1779.961789] ? selinux_ipv4_output+0x50/0x50 [ 1779.966237] ? blkdev_get+0xc8/0xb50 [ 1779.969979] ? selinux_capable+0x36/0x40 [ 1779.974065] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1779.979619] ? security_capable+0x99/0xc0 [ 1779.979641] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1779.979658] ? ns_capable_common+0x13f/0x170 [ 1779.979678] ? kill_litter_super+0x60/0x60 [ 1779.993797] sget+0x10b/0x150 [ 1779.993812] ? ns_test_super+0x50/0x50 [ 1779.993832] mount_bdev+0x111/0x3e0 [ 1779.993852] ? hfs_show_options+0x710/0x710 [ 1780.013058] hfs_mount+0x34/0x40 [ 1780.016445] mount_fs+0xae/0x31d [ 1780.019839] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1780.024443] ? may_umount+0xb0/0xb0 [ 1780.028091] ? _raw_read_unlock+0x3f/0x50 [ 1780.032258] ? __get_fs_type+0x97/0xc0 [ 1780.036171] do_mount+0x581/0x31f0 [ 1780.039744] ? check_preemption_disabled+0x48/0x280 [ 1780.044785] ? copy_mount_string+0x40/0x40 [ 1780.049055] ? copy_mount_options+0x5f/0x430 [ 1780.053484] ? rcu_read_lock_sched_held+0x108/0x120 [ 1780.058521] ? kmem_cache_alloc_trace+0x353/0x750 [ 1780.063479] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1780.069048] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1780.074605] ? copy_mount_options+0x315/0x430 [ 1780.079128] ksys_mount+0x12d/0x140 [ 1780.082781] __x64_sys_mount+0xbe/0x150 [ 1780.086789] do_syscall_64+0x1b9/0x820 [ 1780.090714] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1780.096101] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1780.101055] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1780.105918] ? trace_hardirqs_on_caller+0x310/0x310 [ 1780.110953] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1780.115993] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1780.121036] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1780.125906] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1780.131115] RIP: 0033:0x45a1ca [ 1780.134326] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 03:39:49 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x200408d4, &(0x7f0000000100)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000000)=0x5, 0xfd79) sendto$inet6(r0, &(0x7f0000000400)="a7", 0x1, 0x0, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f3188b070") 03:39:49 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw(serpent-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1780.153243] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1780.160964] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1780.168251] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1780.175536] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1780.182818] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1780.190100] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:49 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, 0x0, 0x0, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:49 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:49 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket(0x10, 0x3, 0x0) recvmsg(r1, &(0x7f0000000780)={0x0, 0xffffffffffffffa6, 0x0, 0x0, 0x0, 0xfffffffffffffff9}, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f00000000c0), 0x248) dup2(r1, r0) [ 1780.283576] Dev loop4: unable to read RDB block 1 [ 1780.291232] loop4: unable to read partition table [ 1780.312770] loop4: partition table beyond EOD, truncated [ 1780.325548] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:49 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff6000000ea0e0001", 0x35, 0x1c0}]) 03:39:49 executing program 3 (fault-call:2 fault-nth:77): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1780.416659] hfs: invalid session number or type of track [ 1780.422197] hfs: can't find a HFS filesystem on dev loop5 [ 1780.489440] hfs: invalid session number or type of track [ 1780.490489] hfs: invalid session number or type of track [ 1780.503008] hfs: can't find a HFS filesystem on dev loop5 [ 1780.510120] hfs: can't find a HFS filesystem on dev loop3 [ 1780.543049] FAULT_INJECTION: forcing a failure. [ 1780.543049] name failslab, interval 1, probability 0, space 0, times 0 [ 1780.558764] Dev loop4: unable to read RDB block 1 [ 1780.569712] loop4: unable to read partition table [ 1780.578981] CPU: 1 PID: 12566 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1780.585935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1780.592645] loop4: partition table beyond EOD, truncated [ 1780.595305] Call Trace: [ 1780.600768] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1780.603353] dump_stack+0x1d3/0x2c6 [ 1780.603375] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1780.603394] ? is_bpf_text_address+0xd3/0x170 [ 1780.603416] should_fail.cold.4+0xa/0x17 [ 1780.628068] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1780.633213] ? graph_lock+0x270/0x270 [ 1780.637035] ? save_stack+0x43/0xd0 [ 1780.640677] ? kasan_kmalloc+0xc7/0xe0 [ 1780.644607] ? kmem_cache_alloc_trace+0x152/0x750 [ 1780.649474] ? kobject_uevent_env+0x2f3/0x101e [ 1780.654075] ? kobject_uevent+0x1f/0x24 [ 1780.658069] ? loop_clr_fd+0x607/0xcf0 [ 1780.661987] ? find_held_lock+0x36/0x1c0 [ 1780.666077] ? __lock_is_held+0xb5/0x140 [ 1780.670172] ? ___might_sleep+0x1ed/0x300 [ 1780.674349] ? arch_local_save_flags+0x40/0x40 [ 1780.678960] __should_failslab+0x124/0x180 [ 1780.683225] should_failslab+0x9/0x14 [ 1780.687042] __kmalloc+0x2e0/0x770 [ 1780.690604] ? kobject_uevent_env+0x2f3/0x101e [ 1780.695216] ? rcu_read_lock_sched_held+0x108/0x120 [ 1780.700251] ? kobject_get_path+0xc2/0x1b0 [ 1780.704506] ? kmem_cache_alloc_trace+0x353/0x750 [ 1780.709372] kobject_get_path+0xc2/0x1b0 [ 1780.713456] kobject_uevent_env+0x314/0x101e [ 1780.717900] kobject_uevent+0x1f/0x24 [ 1780.721739] loop_clr_fd+0x607/0xcf0 [ 1780.725483] ? loop_attr_do_show_backing_file+0x1a0/0x1a0 [ 1780.731045] lo_ioctl+0x875/0x1d60 [ 1780.734609] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1780.740172] ? avc_has_extended_perms+0xab2/0x15a0 [ 1780.745128] ? lo_rw_aio_complete+0x470/0x470 [ 1780.749645] blkdev_ioctl+0xd8a/0x21b0 [ 1780.753574] ? blkpg_ioctl+0xc10/0xc10 [ 1780.757478] ? avc_ss_reset+0x190/0x190 [ 1780.761474] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1780.766420] ? kasan_check_read+0x11/0x20 [ 1780.770589] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1780.775882] ? rcu_softirq_qs+0x20/0x20 [ 1780.779903] ? ___might_sleep+0x1ed/0x300 [ 1780.784071] ? kasan_slab_free+0xe/0x10 [ 1780.788065] ? arch_local_save_flags+0x40/0x40 [ 1780.792666] ? do_syscall_64+0x1b9/0x820 [ 1780.796764] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1780.802157] block_ioctl+0xee/0x130 [ 1780.805809] ? blkdev_fallocate+0x400/0x400 [ 1780.810154] do_vfs_ioctl+0x1de/0x1790 [ 1780.814073] ? ioctl_preallocate+0x300/0x300 [ 1780.818503] ? selinux_file_mprotect+0x620/0x620 [ 1780.823284] ? trace_hardirqs_on+0xbd/0x310 [ 1780.827623] ? ksys_mount+0xa3/0x140 [ 1780.831357] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1780.836833] ? do_syscall_64+0x9a/0x820 [ 1780.840836] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1780.846392] ? security_file_ioctl+0x94/0xc0 [ 1780.850828] ksys_ioctl+0xa9/0xd0 [ 1780.854309] __x64_sys_ioctl+0x73/0xb0 [ 1780.858236] do_syscall_64+0x1b9/0x820 [ 1780.862140] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1780.867522] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1780.872471] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1780.877339] ? trace_hardirqs_on_caller+0x310/0x310 [ 1780.882374] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1780.887412] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1780.892453] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1780.897322] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1780.902523] RIP: 0033:0x4575c7 [ 1780.905759] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1780.924672] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1780.932420] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 00000000004575c7 03:39:49 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1780.939718] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000006 [ 1780.947003] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1780.954288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1780.961572] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1781.005743] hfs: invalid session number or type of track [ 1781.019969] hfs: can't find a HFS filesystem on dev loop5 03:39:50 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x80000, 0x0) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_GET(r2, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000240)={&(0x7f0000000440)={0x414, r3, 0x10, 0x70bd25, 0x25dfdbfe, {}, [@TIPC_NLA_BEARER={0xdc, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x22}, @TIPC_NLA_BEARER_NAME={0x18, 0x1, @l2={'eth', 0x3a, 'team_slave_1\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e20, @local}}, {0x14, 0x2, @in={0x2, 0x4e23, @loopback}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6}, @TIPC_NLA_BEARER_PROP={0x3c, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xa93f}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x100}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x171}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @multicast1}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x8001, @local, 0xfffffffffffffffc}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8}]}, @TIPC_NLA_BEARER={0xc, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6}]}, @TIPC_NLA_NET={0x58, 0x7, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xffffffff}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x1}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x6}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x9}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7f}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x3f}]}, @TIPC_NLA_LINK={0x10, 0x4, [@TIPC_NLA_LINK_PROP={0xc, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8e7}]}]}, @TIPC_NLA_MEDIA={0x1c, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_BEARER={0x15c, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xfffffffffffffffd}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x5, @ipv4={[], [], @loopback}, 0x4af3}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x7, @dev={0xfe, 0x80, [], 0x1e}}}}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xc7}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0x101, @remote, 0x3}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x18000000000000, @loopback, 0x6}}}}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x18}]}, @TIPC_NLA_BEARER_NAME={0x18, 0x1, @l2={'eth', 0x3a, 'team_slave_1\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x100000001}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x3f, @mcast1, 0x5}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x9, @local, 0x6}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @remote}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0xfff, @loopback, 0xffffffffffffff61}}}}]}, @TIPC_NLA_MON={0x3c, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0xfff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x81}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8000}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x65d3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xf3d3}]}, @TIPC_NLA_SOCK={0x50, 0x2, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x101}, @TIPC_NLA_SOCK_REF={0x8}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x401}, @TIPC_NLA_SOCK_ADDR={0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xab4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xfffffffffffffbff}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x400}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x10000000}, @TIPC_NLA_SOCK_ADDR={0x8}]}, @TIPC_NLA_MEDIA={0x98, 0x5, [@TIPC_NLA_MEDIA_PROP={0x2c, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x100000001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xa7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}]}, @TIPC_NLA_MEDIA_PROP={0x54, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x401}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9fdd}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_NODE={0x14, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xf1}]}]}, 0x414}, 0x1, 0x0, 0x0, 0x480c0}, 0x4008000) ioctl$SIOCGSTAMPNS(r2, 0x8907, &(0x7f00000003c0)) add_key$user(&(0x7f00000002c0)='user\x00', &(0x7f0000000300)={'syz', 0x2}, &(0x7f0000000340)="76c07a0be2db3321859690201e7fdf15330eacec902b9363bbcd055c465999", 0x1f, 0xfffffffffffffffc) [ 1781.053477] Dev loop4: unable to read RDB block 1 [ 1781.066214] loop4: unable to read partition table [ 1781.077424] hfs: invalid session number or type of track [ 1781.083597] loop4: partition table beyond EOD, truncated [ 1781.092942] hfs: can't find a HFS filesystem on dev loop5 03:39:50 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040), 0x0, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:50 executing program 3 (fault-call:2 fault-nth:78): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1781.099352] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:50 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff6000000001f0001", 0x35, 0x1c0}]) 03:39:50 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1781.251813] FAULT_INJECTION: forcing a failure. [ 1781.251813] name failslab, interval 1, probability 0, space 0, times 0 [ 1781.265703] hfs: invalid session number or type of track [ 1781.271421] hfs: can't find a HFS filesystem on dev loop5 [ 1781.280510] CPU: 1 PID: 12597 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1781.287466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1781.296834] Call Trace: [ 1781.299450] dump_stack+0x1d3/0x2c6 [ 1781.303112] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1781.308333] should_fail.cold.4+0xa/0x17 [ 1781.312416] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1781.317554] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1781.323113] ? graph_lock+0x270/0x270 [ 1781.326947] ? find_held_lock+0x36/0x1c0 [ 1781.331033] ? __lock_is_held+0xb5/0x140 [ 1781.335128] ? ___might_sleep+0x1ed/0x300 [ 1781.339295] ? arch_local_save_flags+0x40/0x40 [ 1781.343900] ? widen_string+0xe0/0x2e0 [ 1781.347811] ? set_precision+0xe0/0xe0 [ 1781.351739] ? idr_replace+0x163/0x250 [ 1781.355650] __should_failslab+0x124/0x180 [ 1781.359922] should_failslab+0x9/0x14 [ 1781.363749] kmem_cache_alloc_trace+0x2d7/0x750 [ 1781.368439] ? widen_string+0x2e0/0x2e0 [ 1781.372436] hfs_fill_super+0xfd/0x18c0 [ 1781.376434] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1781.381993] ? bdev_name.isra.5+0x1a0/0x1f0 [ 1781.386348] ? hfs_show_options+0x710/0x710 [ 1781.390707] ? format_decode+0x1b2/0xaf0 [ 1781.394797] ? enable_ptr_key_workfn+0x30/0x30 [ 1781.399405] ? selinux_ipv4_output+0x50/0x50 [ 1781.403845] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1781.409400] ? vsnprintf+0x20d/0x1b60 [ 1781.413235] ? pointer+0x900/0x900 [ 1781.416808] ? selinux_capable+0x36/0x40 [ 1781.420893] ? snprintf+0xae/0xe0 [ 1781.424369] ? vsprintf+0x40/0x40 [ 1781.427846] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1781.432882] ? set_blocksize+0x2c1/0x340 [ 1781.436966] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1781.442530] mount_bdev+0x30c/0x3e0 [ 1781.446180] ? hfs_show_options+0x710/0x710 [ 1781.450525] hfs_mount+0x34/0x40 [ 1781.453917] mount_fs+0xae/0x31d [ 1781.457307] vfs_kern_mount.part.35+0xdc/0x4f0 [ 1781.461908] ? may_umount+0xb0/0xb0 [ 1781.465550] ? _raw_read_unlock+0x2c/0x50 [ 1781.469739] ? __get_fs_type+0x97/0xc0 [ 1781.473650] do_mount+0x581/0x31f0 [ 1781.477237] ? check_preemption_disabled+0x48/0x280 [ 1781.482282] ? copy_mount_string+0x40/0x40 [ 1781.486545] ? copy_mount_options+0x5f/0x430 [ 1781.490976] ? rcu_read_lock_sched_held+0x108/0x120 [ 1781.496014] ? kmem_cache_alloc_trace+0x353/0x750 [ 1781.500887] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1781.506440] ? _copy_from_user+0xdf/0x150 [ 1781.510611] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1781.516165] ? copy_mount_options+0x315/0x430 [ 1781.520707] ksys_mount+0x12d/0x140 [ 1781.524360] __x64_sys_mount+0xbe/0x150 [ 1781.528447] do_syscall_64+0x1b9/0x820 [ 1781.532356] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1781.537751] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1781.542717] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1781.547590] ? trace_hardirqs_on_caller+0x310/0x310 [ 1781.552632] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1781.557672] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1781.562760] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1781.567635] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1781.572845] RIP: 0033:0x45a1ca [ 1781.576056] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1781.594969] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 03:39:50 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1, 0xc}]}, &(0x7f0000f6bffb)='GPL\x00'}, 0x48) [ 1781.602713] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 000000000045a1ca [ 1781.610003] RDX: 00007fdbc5c31ad0 RSI: 0000000020000080 RDI: 00007fdbc5c31af0 [ 1781.617285] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1781.624566] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1781.631852] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 [ 1781.664387] Dev loop4: unable to read RDB block 1 [ 1781.670817] loop4: unable to read partition table [ 1781.681939] hfs: invalid session number or type of track [ 1781.691299] hfs: can't find a HFS filesystem on dev loop5 [ 1781.699222] loop4: partition table beyond EOD, truncated 03:39:50 executing program 3 (fault-call:2 fault-nth:79): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:50 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x3, &(0x7f0000001fd8)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x5, 0x7d}}, &(0x7f0000000000)='PL \x00L\xf7\xd1*\xf1\x1c\xe9%7\xb5\xe3\x19\x1ef\xde]N\xc1\x8eL-\xf0\x14\x84\xa8mw\x84/bIF\xea\xe3\x10yL\x8c\x96\xff\x14f#.%\x95\x119\xbd\xa5\xd2\x99\x0eR?\x8e\xc3\b\x0f\xfc\x12$\xd8\xdcL\x84\xa9\xc8\xe8\xab1Wh\x06qU#\xfat\x9e\x86\x15\xc6\x10I\xb8\xb1\xbej\xa7t\a\x02\xccZ\xdd', 0x5, 0x2b7, &(0x7f000000cf3d)=""/195}, 0x48) [ 1781.718670] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:50 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:50 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$unix(0xffffffffffffffff, 0x0, 0x80) write$P9_RSTAT(0xffffffffffffffff, 0x0, 0x0) write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0) write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0) recvmsg(r0, &(0x7f0000000180)={&(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev}}}, 0x80, 0x0}, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000340)) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x31, r1, 0x0) [ 1781.813645] hfs: invalid session number or type of track [ 1781.832603] hfs: can't find a HFS filesystem on dev loop3 [ 1781.841462] Dev loop4: unable to read RDB block 1 [ 1781.847863] loop4: unable to read partition table [ 1781.862653] loop4: partition table beyond EOD, truncated [ 1781.868483] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1781.870076] hfs: invalid session number or type of track [ 1781.884260] FAULT_INJECTION: forcing a failure. [ 1781.884260] name failslab, interval 1, probability 0, space 0, times 0 [ 1781.897286] CPU: 1 PID: 12614 Comm: syz-executor3 Not tainted 4.20.0 #167 [ 1781.904235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1781.904242] Call Trace: [ 1781.904266] dump_stack+0x1d3/0x2c6 [ 1781.904289] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1781.904312] ? lock_downgrade+0x900/0x900 [ 1781.904334] should_fail.cold.4+0xa/0x17 [ 1781.913829] hfs: can't find a HFS filesystem on dev loop5 [ 1781.916299] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1781.925096] ? rcu_softirq_qs+0x20/0x20 [ 1781.925111] ? unwind_dump+0x190/0x190 [ 1781.925135] ? is_bpf_text_address+0xd3/0x170 [ 1781.925155] ? graph_lock+0x270/0x270 [ 1781.925176] ? __kernel_text_address+0xd/0x40 [ 1781.964564] ? unwind_get_return_address+0x61/0xa0 [ 1781.969490] ? find_held_lock+0x36/0x1c0 [ 1781.973547] ? __lock_is_held+0xb5/0x140 [ 1781.977607] ? ___might_sleep+0x1ed/0x300 [ 1781.981747] ? kobject_uevent+0x1f/0x24 [ 1781.985728] ? arch_local_save_flags+0x40/0x40 [ 1781.990300] ? block_ioctl+0xee/0x130 [ 1781.994094] ? do_vfs_ioctl+0x1de/0x1790 [ 1781.998148] ? ksys_ioctl+0xa9/0xd0 [ 1782.001769] ? __x64_sys_ioctl+0x73/0xb0 [ 1782.005828] __should_failslab+0x124/0x180 [ 1782.010058] should_failslab+0x9/0x14 [ 1782.013853] kmem_cache_alloc+0x2be/0x730 [ 1782.017999] skb_clone+0x1bb/0x500 [ 1782.021534] ? skb_split+0x11e0/0x11e0 [ 1782.025416] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1782.030947] ? netlink_trim+0x1b4/0x380 [ 1782.034917] ? netlink_skb_destructor+0x210/0x210 [ 1782.039763] netlink_broadcast_filtered+0x110f/0x1680 [ 1782.044952] ? __netlink_sendskb+0xd0/0xd0 [ 1782.049183] ? kasan_check_read+0x11/0x20 [ 1782.053329] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1782.058605] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1782.064137] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 1782.069583] ? refcount_add_not_zero_checked+0x330/0x330 [ 1782.075033] ? netlink_has_listeners+0x2cb/0x4a0 [ 1782.079784] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1782.084795] netlink_broadcast+0x3a/0x50 [ 1782.088849] kobject_uevent_env+0xa83/0x101e [ 1782.093258] kobject_uevent+0x1f/0x24 [ 1782.097054] loop_clr_fd+0x607/0xcf0 [ 1782.100763] ? loop_attr_do_show_backing_file+0x1a0/0x1a0 [ 1782.106296] lo_ioctl+0x875/0x1d60 [ 1782.109832] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1782.115363] ? avc_has_extended_perms+0xab2/0x15a0 [ 1782.120284] ? lo_rw_aio_complete+0x470/0x470 [ 1782.124774] blkdev_ioctl+0xd8a/0x21b0 [ 1782.128653] ? blkpg_ioctl+0xc10/0xc10 [ 1782.132548] ? avc_ss_reset+0x190/0x190 [ 1782.136526] ? rcu_read_unlock_special+0x1d0/0x1d0 [ 1782.141445] ? kasan_check_read+0x11/0x20 [ 1782.145588] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1782.150907] ? rcu_softirq_qs+0x20/0x20 [ 1782.154916] ? ___might_sleep+0x1ed/0x300 [ 1782.159082] ? kasan_slab_free+0xe/0x10 [ 1782.163066] ? arch_local_save_flags+0x40/0x40 [ 1782.167640] ? do_syscall_64+0x1b9/0x820 [ 1782.171710] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1782.177073] block_ioctl+0xee/0x130 [ 1782.180708] ? blkdev_fallocate+0x400/0x400 [ 1782.185026] do_vfs_ioctl+0x1de/0x1790 [ 1782.188910] ? ioctl_preallocate+0x300/0x300 [ 1782.193313] ? selinux_file_mprotect+0x620/0x620 [ 1782.198062] ? trace_hardirqs_on+0xbd/0x310 [ 1782.202373] ? ksys_mount+0xa3/0x140 [ 1782.206093] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1782.211538] ? do_syscall_64+0x9a/0x820 [ 1782.215513] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1782.221042] ? security_file_ioctl+0x94/0xc0 [ 1782.225442] ksys_ioctl+0xa9/0xd0 [ 1782.228892] __x64_sys_ioctl+0x73/0xb0 [ 1782.232775] do_syscall_64+0x1b9/0x820 [ 1782.236658] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1782.242028] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1782.246947] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1782.251783] ? trace_hardirqs_on_caller+0x310/0x310 [ 1782.256793] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1782.261802] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1782.266820] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1782.271660] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1782.276860] RIP: 0033:0x4575c7 [ 1782.280047] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1782.298943] RSP: 002b:00007fdbc5c31a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1782.306643] RAX: ffffffffffffffda RBX: 00007fdbc5c31b30 RCX: 00000000004575c7 03:39:51 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) r2 = dup3(r0, r0, 0x80000) write$USERIO_CMD_SET_PORT_TYPE(r2, &(0x7f0000000080)={0x1, 0xbcef}, 0x2) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1782.313902] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000006 [ 1782.321162] RBP: 0000000020000080 R08: 00007fdbc5c31b30 R09: 00007fdbc5c31ad0 [ 1782.328424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1782.335703] R13: 0000000000000000 R14: 00000000004da8a8 R15: 0000000000000004 03:39:51 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff6000000007a0001", 0x35, 0x1c0}]) 03:39:51 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040), 0x0, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:51 executing program 3 (fault-call:2 fault-nth:80): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1782.420069] hfs: invalid session number or type of track [ 1782.441750] hfs: can't find a HFS filesystem on dev loop5 03:39:51 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\t', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1782.521973] hfs: invalid session number or type of track [ 1782.529481] hfs: can't find a HFS filesystem on dev loop3 [ 1782.583293] Dev loop4: unable to read RDB block 1 [ 1782.588201] loop4: unable to read partition table [ 1782.588272] loop4: partition table beyond EOD, truncated [ 1782.600199] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:51 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:51 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560a067fffffff81004e220000000058000b4824ca944f64009400050028925aa8000000000000008000f0fffeffff09000000fff5dd00000010000100000c0900fcff0000040e05a5", 0x58}], 0x1) [ 1782.703237] Dev loop4: unable to read RDB block 1 [ 1782.710906] loop4: unable to read partition table [ 1782.722124] hfs: invalid session number or type of track [ 1782.725178] loop4: partition table beyond EOD, truncated [ 1782.742503] hfs: can't find a HFS filesystem on dev loop3 03:39:51 executing program 1: r0 = syz_open_dev$usb(&(0x7f00000003c0)='/dev/bus/usb/00#/00#\x00', 0x40000fffffb, 0x802) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000400)={0x100302}) [ 1782.752913] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:51 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:51 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff6000000000003a7", 0x35, 0x1c0}]) 03:39:51 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='\nfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:51 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x3, &(0x7f0000001fd8)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x7, 0xffffffc5}}, &(0x7f0000000000)='PL \x00L\xf7\xd1*\xf1\x1c\xe9%7\xb5\xe3\x19\x1ef\xde]N\xc1\x8eL-\xf0\x14\x84\xa8mw\x84/bIF\xea\xe3\x10yL\x8c\x96\xff\x14f#.%\x95\x119\xbd\xa5\xd2\x99\x0eR?\x8e\xc3\b\x0f\xfc\x12$\xd8\xdcL\x84\xa9\xc8\xe8\xab1Wh\x06qU#\xfat\x9e\x86\x15\xc6\x10I\xb8\xb1\xbej\xa7t\a\x02\xccZ\xdd', 0x5, 0x2b7, &(0x7f000000cf3d)=""/195}, 0x48) [ 1782.941211] hfs: invalid session number or type of track [ 1782.948644] hfs: can't find a HFS filesystem on dev loop5 [ 1782.963110] Dev loop4: unable to read RDB block 1 [ 1782.968011] loop4: unable to read partition table [ 1782.992558] loop4: partition table beyond EOD, truncated [ 1782.998054] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1783.013663] hfs: invalid session number or type of track [ 1783.019183] hfs: can't find a HFS filesystem on dev loop5 [ 1783.113487] Dev loop4: unable to read RDB block 1 [ 1783.118934] loop4: unable to read partition table [ 1783.137105] loop4: partition table beyond EOD, truncated [ 1783.149804] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:52 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) r2 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/status\x00', 0x0, 0x0) ioctl$VIDIOC_DBG_G_REGISTER(r2, 0xc0385650, &(0x7f0000000080)={{0x2, @addr=0x1}, 0x8, 0x6}) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) 03:39:52 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) getpeername(0xffffffffffffffff, 0x0, 0x0) r1 = gettid() ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0) r2 = dup2(r0, r0) setsockopt$netlink_NETLINK_PKTINFO(0xffffffffffffffff, 0x10e, 0x3, 0x0, 0x0) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) socket$unix(0x1, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) write$cgroup_int(0xffffffffffffffff, 0x0, 0xffffff20) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={&(0x7f0000000000), 0xc, &(0x7f0000000240)}, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) write$P9_RLINK(0xffffffffffffffff, 0x0, 0x0) openat$cgroup_type(0xffffffffffffffff, 0x0, 0x2, 0x0) write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0) tkill(r1, 0x1000000000016) 03:39:52 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:52 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='%fs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:52 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x10', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:52 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000060000001", 0x35, 0x1c0}]) 03:39:52 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040), 0x0, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1783.393440] Dev loop4: unable to read RDB block 1 [ 1783.399017] loop4: unable to read partition table [ 1783.415268] loop4: partition table beyond EOD, truncated [ 1783.426581] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:52 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:52 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='|fs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1783.522567] Dev loop4: unable to read RDB block 1 [ 1783.527512] loop4: unable to read partition table [ 1783.547858] loop4: partition table beyond EOD, truncated [ 1783.562563] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:52 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000090001", 0x35, 0x1c0}]) [ 1783.610155] hfs: invalid session number or type of track [ 1783.616872] hfs: can't find a HFS filesystem on dev loop5 [ 1783.691569] hfs: invalid session number or type of track [ 1783.708325] hfs: can't find a HFS filesystem on dev loop5 03:39:52 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:52 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='h\ns\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1783.773099] Dev loop4: unable to read RDB block 1 [ 1783.778025] loop4: unable to read partition table [ 1783.798518] loop4: partition table beyond EOD, truncated [ 1783.814628] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1783.858226] hfs: invalid session number or type of track [ 1783.882679] hfs: can't find a HFS filesystem on dev loop5 [ 1783.934843] hfs: invalid session number or type of track [ 1783.940817] hfs: can't find a HFS filesystem on dev loop5 [ 1783.965409] Dev loop4: unable to read RDB block 1 [ 1783.970732] loop4: unable to read partition table [ 1783.976836] loop4: partition table beyond EOD, truncated [ 1783.992599] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:53 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) r2 = fcntl$dupfd(r0, 0x406, r1) ioctl$VT_GETMODE(r2, 0x5601, &(0x7f0000000200)) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) lsetxattr$security_ima(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='security.ima\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="040b40396b1b71c7abfa1a4444d4c487aa2e526ccbdae986677e9bb02825b6d3a4d592f2da80e120aeb901000000c4c0d2e09eb8e3d668"], 0xd, 0x3) fcntl$getownex(r2, 0x10, &(0x7f0000000240)) 03:39:53 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:53 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:53 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='h%s\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:53 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff60000000fff0001", 0x35, 0x1c0}]) 03:39:53 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040), 0x0, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1784.172333] hfs: invalid session number or type of track [ 1784.202570] hfs: can't find a HFS filesystem on dev loop5 [ 1784.263481] Dev loop4: unable to read RDB block 1 [ 1784.271998] hfs: invalid session number or type of track [ 1784.274277] loop4: unable to read partition table [ 1784.296442] loop4: partition table beyond EOD, truncated [ 1784.296702] hfs: can't find a HFS filesystem on dev loop5 [ 1784.309955] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:53 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:53 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='h.s\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1784.444413] Dev loop4: unable to read RDB block 1 [ 1784.449887] loop4: unable to read partition table [ 1784.467375] loop4: partition table beyond EOD, truncated [ 1784.481455] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:53 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff6000000ffffff1f", 0x35, 0x1c0}]) [ 1784.565374] hfs: invalid session number or type of track [ 1784.570889] hfs: can't find a HFS filesystem on dev loop5 [ 1784.637285] hfs: invalid session number or type of track [ 1784.652472] hfs: can't find a HFS filesystem on dev loop5 03:39:53 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x06', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:53 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='h/s\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1784.748559] Dev loop4: unable to read RDB block 1 [ 1784.754318] loop4: unable to read partition table [ 1784.775908] loop4: partition table beyond EOD, truncated [ 1784.791352] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1784.933783] Dev loop4: unable to read RDB block 1 [ 1784.939167] loop4: unable to read partition table [ 1784.949373] loop4: partition table beyond EOD, truncated [ 1784.969462] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:54 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:54 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x400001, 0x0) ioctl$SG_SET_TIMEOUT(r1, 0x2201, &(0x7f0000000100)=0xba) setsockopt$TIPC_MCAST_REPLICAST(r1, 0x10f, 0x86) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r2 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r1, &(0x7f00000002c0)={&(0x7f0000000140), 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r3, 0xb01, 0x70bd2d, 0x25dfdbff, {{}, 0x0, 0x4, 0x0, {0x8}}, ["", "", "", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x0) write$binfmt_script(r2, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r2, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) getsockopt$bt_rfcomm_RFCOMM_CONNINFO(r1, 0x12, 0x2, &(0x7f0000000300)=""/68, &(0x7f0000000380)=0x44) 03:39:54 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfc\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:54 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:54 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000003000001", 0x35, 0x1c0}]) 03:39:54 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1785.140223] hfs: invalid session number or type of track [ 1785.179192] hfs: can't find a HFS filesystem on dev loop5 [ 1785.243559] Dev loop4: unable to read RDB block 1 [ 1785.256818] hfs: invalid session number or type of track [ 1785.257806] loop4: unable to read partition table [ 1785.262293] hfs: can't find a HFS filesystem on dev loop5 03:39:54 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:54 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfu\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1785.290228] loop4: partition table beyond EOD, truncated [ 1785.296991] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1785.385522] hfs: invalid session number or type of track [ 1785.395810] Dev loop4: unable to read RDB block 1 [ 1785.401508] loop4: unable to read partition table [ 1785.410185] hfs: can't find a HFS filesystem on dev loop5 [ 1785.418009] loop4: partition table beyond EOD, truncated [ 1785.425927] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:54 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000060001", 0x35, 0x1c0}]) [ 1785.484991] hfs: invalid session number or type of track [ 1785.501974] hfs: can't find a HFS filesystem on dev loop5 03:39:54 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:54 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfd\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1785.681525] hfs: invalid session number or type of track [ 1785.691112] hfs: can't find a HFS filesystem on dev loop5 [ 1785.713234] Dev loop4: unable to read RDB block 1 [ 1785.721806] loop4: unable to read partition table [ 1785.727709] loop4: partition table beyond EOD, truncated [ 1785.743507] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1785.763809] hfs: invalid session number or type of track [ 1785.770811] hfs: can't find a HFS filesystem on dev loop5 03:39:54 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\a', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:54 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1785.893787] Dev loop4: unable to read RDB block 1 [ 1785.899027] loop4: unable to read partition table [ 1785.920280] loop4: partition table beyond EOD, truncated [ 1785.941923] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:55 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) r1 = syz_open_dev$radio(&(0x7f0000000080)='/dev/radio#\x00', 0x1, 0x2) getpeername$packet(0xffffffffffffffff, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000480)={r2, 0x1, 0x6, @dev={[], 0x1e}}, 0x10) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r3, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:39:55 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hf*\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:55 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:55 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000550001", 0x35, 0x1c0}]) 03:39:55 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1786.224640] Dev loop4: unable to read RDB block 1 [ 1786.229649] loop4: unable to read partition table [ 1786.243890] hfs: invalid session number or type of track [ 1786.250247] loop4: partition table beyond EOD, truncated [ 1786.250278] hfs: can't find a HFS filesystem on dev loop5 [ 1786.272479] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:55 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hf%\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1786.344471] hfs: invalid session number or type of track [ 1786.353374] hfs: can't find a HFS filesystem on dev loop5 [ 1786.383573] Dev loop4: unable to read RDB block 1 [ 1786.389329] loop4: unable to read partition table 03:39:55 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1786.395056] loop4: partition table beyond EOD, truncated [ 1786.400954] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:55 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000007000001", 0x35, 0x1c0}]) [ 1786.541454] hfs: invalid session number or type of track [ 1786.547166] hfs: can't find a HFS filesystem on dev loop5 [ 1786.606221] hfs: invalid session number or type of track [ 1786.611713] hfs: can't find a HFS filesystem on dev loop5 [ 1786.623840] Dev loop4: unable to read RDB block 1 [ 1786.629208] loop4: unable to read partition table [ 1786.635847] loop4: partition table beyond EOD, truncated [ 1786.641786] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:55 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hf.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:55 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\xff', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:55 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1786.754325] Dev loop4: unable to read RDB block 1 [ 1786.759551] loop4: unable to read partition table [ 1786.772713] loop4: partition table beyond EOD, truncated [ 1786.778208] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:55 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000000004", 0x35, 0x1c0}]) 03:39:56 executing program 0: r0 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/checkreqprot\x00', 0x0, 0x0) bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-avx2\x00'}, 0x58) r1 = socket$alg(0x26, 0x5, 0x0) ioctl$DRM_IOCTL_SET_MASTER(r0, 0x641e) bind$alg(r1, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0) r2 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r2, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r2, &(0x7f0000008a00)=[{{0x0, 0xfffffffffffffc91, &(0x7f0000000200)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}, 0x8000000}], 0x1, 0x0, 0x0) 03:39:56 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:56 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfo\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:56 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\"', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1787.053230] Dev loop4: unable to read RDB block 1 [ 1787.079951] loop4: unable to read partition table [ 1787.102820] loop4: partition table beyond EOD, truncated [ 1787.115388] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:56 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfsk', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1787.243280] Dev loop4: unable to read RDB block 1 [ 1787.252192] loop4: unable to read partition table [ 1787.266914] loop4: partition table beyond EOD, truncated 03:39:56 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hf,\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1787.288033] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:56 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000000008", 0x35, 0x1c0}]) 03:39:56 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1787.501760] hfs: invalid session number or type of track [ 1787.503321] Dev loop4: unable to read RDB block 1 [ 1787.508558] hfs: can't find a HFS filesystem on dev loop5 [ 1787.512303] loop4: unable to read partition table [ 1787.541161] loop4: partition table beyond EOD, truncated [ 1787.547797] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:56 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfl\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:56 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1787.574535] hfs: invalid session number or type of track [ 1787.582604] hfs: can't find a HFS filesystem on dev loop5 03:39:56 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1787.654619] Dev loop4: unable to read RDB block 1 [ 1787.659797] loop4: unable to read partition table [ 1787.670947] loop4: partition table beyond EOD, truncated [ 1787.683615] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:56 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hf\"\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1787.767306] hfs: invalid session number or type of track [ 1787.783415] hfs: can't find a HFS filesystem on dev loop5 [ 1787.840110] hfs: invalid session number or type of track [ 1787.866385] hfs: can't find a HFS filesystem on dev loop5 03:39:56 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f0000000080)=0x0) ioctl$sock_FIOSETOWN(r1, 0x8901, &(0x7f0000000100)=r2) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:39:56 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff60000007ffffff9", 0x35, 0x1c0}]) 03:39:56 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:56 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:57 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hf+\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1788.046149] hfs: invalid session number or type of track [ 1788.051653] hfs: can't find a HFS filesystem on dev loop5 [ 1788.117115] Dev loop4: unable to read RDB block 1 [ 1788.122535] loop4: unable to read partition table [ 1788.128061] loop4: partition table beyond EOD, truncated [ 1788.146984] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1788.159347] hfs: invalid session number or type of track [ 1788.169752] hfs: can't find a HFS filesystem on dev loop5 03:39:57 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1788.277948] Dev loop4: unable to read RDB block 1 [ 1788.283360] loop4: unable to read partition table [ 1788.302302] loop4: partition table beyond EOD, truncated [ 1788.321980] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:57 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hf0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1788.360590] hfs: invalid session number or type of track [ 1788.382543] hfs: can't find a HFS filesystem on dev loop5 03:39:57 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000045520001", 0x35, 0x1c0}]) 03:39:57 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1788.473557] hfs: invalid session number or type of track [ 1788.479042] hfs: can't find a HFS filesystem on dev loop5 03:39:57 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1788.603298] Dev loop4: unable to read RDB block 1 [ 1788.610589] loop4: unable to read partition table [ 1788.622606] loop4: partition table beyond EOD, truncated [ 1788.639584] hfs: invalid session number or type of track [ 1788.645968] hfs: can't find a HFS filesystem on dev loop5 03:39:57 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hf\n\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1788.646354] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1788.704074] hfs: invalid session number or type of track [ 1788.713062] hfs: can't find a HFS filesystem on dev loop5 03:39:57 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1788.783551] Dev loop4: unable to read RDB block 1 [ 1788.793029] loop4: unable to read partition table [ 1788.819733] loop4: partition table beyond EOD, truncated 03:39:57 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) pivot_root(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='./file0\x00') 03:39:57 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1788.841516] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:57 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000000ffa", 0x35, 0x1c0}]) [ 1788.945538] hfs: invalid session number or type of track [ 1788.951032] hfs: can't find a HFS filesystem on dev loop5 03:39:58 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hf-\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1789.026751] hfs: invalid session number or type of track [ 1789.033823] hfs: can't find a HFS filesystem on dev loop5 [ 1789.088285] Dev loop4: unable to read RDB block 1 [ 1789.113509] loop4: unable to read partition table 03:39:58 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\xf6', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1789.138118] loop4: partition table beyond EOD, truncated [ 1789.152948] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:58 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfi\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:58 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1789.283484] Dev loop4: unable to read RDB block 1 [ 1789.288416] loop4: unable to read partition table [ 1789.304033] loop4: partition table beyond EOD, truncated [ 1789.309520] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:58 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:58 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000074f40c59", 0x35, 0x1c0}]) 03:39:58 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfX\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1789.527381] hfs: invalid session number or type of track [ 1789.534204] hfs: can't find a HFS filesystem on dev loop5 [ 1789.594881] hfs: invalid session number or type of track [ 1789.600846] Dev loop4: unable to read RDB block 1 [ 1789.606547] loop4: unable to read partition table [ 1789.613506] hfs: can't find a HFS filesystem on dev loop5 [ 1789.627531] loop4: partition table beyond EOD, truncated [ 1789.637992] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:58 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\n', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:58 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:58 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800d80000000000000000000000009c57089100"], 0x18, 0x8000000000000000}], 0x1, 0x0) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/autofs\x00', 0x2000, 0x0) ioctl$SNDRV_CTL_IOCTL_PVERSION(r2, 0x80045500, &(0x7f0000000240)) ioctl$sock_inet_SIOCGIFADDR(r2, 0x8915, &(0x7f0000000140)={'bond_slave_0\x00', {0x2, 0x4e24, @broadcast}}) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x0) r3 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/enforce\x00', 0x401, 0x0) socket$can_raw(0x1d, 0x3, 0x1) bind$bt_l2cap(r3, &(0x7f0000000100)={0x1f, 0x7b, {0x7c, 0x4, 0xffff, 0xffffffffffffffae, 0x401, 0x9}, 0x9, 0x4}, 0xe) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) [ 1789.790088] Dev loop4: unable to read RDB block 1 [ 1789.803891] loop4: unable to read partition table [ 1789.814863] loop4: partition table beyond EOD, truncated [ 1789.832582] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:58 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfx\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:58 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000000035", 0x35, 0x1c0}]) 03:39:59 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1790.036145] Dev loop4: unable to read RDB block 1 [ 1790.044120] loop4: unable to read partition table 03:39:59 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:39:59 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfp\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1790.077397] hfs: invalid session number or type of track [ 1790.078235] loop4: partition table beyond EOD, truncated [ 1790.090886] hfs: can't find a HFS filesystem on dev loop5 [ 1790.096715] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1790.168984] hfs: invalid session number or type of track [ 1790.175872] hfs: can't find a HFS filesystem on dev loop5 [ 1790.185044] Dev loop4: unable to read RDB block 1 [ 1790.201974] loop4: unable to read partition table [ 1790.216625] loop4: partition table beyond EOD, truncated [ 1790.226488] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:59 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:39:59 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000000a00", 0x35, 0x1c0}]) [ 1790.418900] hfs: invalid session number or type of track [ 1790.425769] hfs: can't find a HFS filesystem on dev loop5 03:39:59 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hf#\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1790.484223] Dev loop4: unable to read RDB block 1 [ 1790.496633] loop4: unable to read partition table [ 1790.503280] loop4: partition table beyond EOD, truncated [ 1790.503876] hfs: invalid session number or type of track [ 1790.509065] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:59 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, 0x0, 0x0, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1790.552834] hfs: can't find a HFS filesystem on dev loop5 03:39:59 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1790.653447] Dev loop4: unable to read RDB block 1 [ 1790.659949] loop4: unable to read partition table [ 1790.680367] loop4: partition table beyond EOD, truncated [ 1790.689052] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:39:59 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0xffffff91) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) r2 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x3, 0x80000) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r2, 0x84, 0x6e, &(0x7f0000000200)=[@in6={0xa, 0x4e22, 0x5, @dev={0xfe, 0x80, [], 0x1d}, 0xffffffffffffff6f}, @in={0x2, 0x4e22, @multicast2}, @in6={0xa, 0x4e22, 0x1, @dev={0xfe, 0x80, [], 0xe}, 0x3}, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0xd}}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1d}}, @in6={0xa, 0x4e21, 0x2, @mcast1, 0x959c}], 0x84) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:39:59 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs`', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:39:59 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) r1 = syz_open_dev$swradio(&(0x7f0000000080)='/dev/swradio#\x00', 0x1, 0x2) bind$alg(r1, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r2 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r2, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r2, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:39:59 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000006000001", 0x35, 0x1c0}]) [ 1790.815616] hfs: invalid session number or type of track [ 1790.821127] hfs: can't find a HFS filesystem on dev loop5 03:39:59 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x8, 0x10100) write$FUSE_NOTIFY_RETRIEVE(r1, &(0x7f0000000100)={0x30, 0x5, 0x0, {0x0, 0x6, 0x596, 0x52}}, 0xffffffffffffff7a) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r2 = accept$alg(r0, 0x0, 0x0) setsockopt$inet6_tcp_TLS_TX(r1, 0x6, 0x1, &(0x7f0000000200), 0x1db) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r1, 0x84, 0x15, &(0x7f0000000140)={0xe3}, 0x1) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) openat$zero(0xffffffffffffff9c, &(0x7f0000000340)='/dev/zero\x00', 0x200000, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r1, 0x80045530, &(0x7f0000000240)=""/119) recvmmsg(r2, &(0x7f00000002c0)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000000)=""/48, 0x30}], 0x1}}], 0x1, 0x0, 0x0) [ 1790.870027] hfs: invalid session number or type of track [ 1790.882537] hfs: can't find a HFS filesystem on dev loop5 [ 1790.933145] Dev loop4: unable to read RDB block 1 [ 1790.945424] loop4: unable to read partition table [ 1790.963510] loop4: partition table beyond EOD, truncated [ 1790.972864] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:00 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, 0x0, 0x0, 0x0, 0x0) 03:40:00 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x0e', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:00 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha1\x00'}, 0xfffffffffffffd28) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:40:00 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1791.107484] Dev loop4: unable to read RDB block 1 [ 1791.124350] loop4: unable to read partition table 03:40:00 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000080)) r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000200)='/selinux/avc/hash_stats\x00', 0x0, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000280)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000480)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000003c0)={&(0x7f00000004c0)=@newqdisc={0xd0, 0x24, 0x7, 0x70bd2c, 0x25dfdbff, {0x0, r2, {0x1b, 0xa}, {0x10, 0xffff}, {0x1, 0x17}}, [@TCA_EGRESS_BLOCK={0x8}, @TCA_STAB={0x54, 0x8, [@TCA_STAB_DATA={0x14, 0x2, [0x8, 0x0, 0x1, 0x100000001, 0x4, 0x800, 0x6]}, @TCA_STAB_DATA={0x18, 0x2, [0x8, 0x8, 0x2f9, 0x4, 0xc0, 0x7fff, 0x7, 0x80000000, 0x1, 0x8740]}, @TCA_STAB_DATA={0x4}, @TCA_STAB_DATA={0x8, 0x2, [0x3, 0x2]}, @TCA_STAB_DATA={0x18, 0x2, [0x1, 0x1, 0x8, 0x7fffffff, 0x1f, 0x1, 0x7fffffff, 0x800000, 0x20]}]}, @qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48, 0x2, {{0x3, 0x100000000, 0x2, 0x6, 0x14}, 0x3, 0x1, 0x7f, 0x7, 0x0, 0x1e, 0x2, 0x0, 0x8, {0xd, 0x0, 0x4, 0x80000000, 0x0, 0x1f}}}}]}, 0xd0}, 0x1, 0x0, 0x0, 0x800}, 0x800) r3 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r3, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1791.154486] loop4: partition table beyond EOD, truncated [ 1791.173530] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1791.243312] hfs: invalid session number or type of track [ 1791.248799] hfs: can't find a HFS filesystem on dev loop3 [ 1791.364007] hfs: invalid session number or type of track [ 1791.369494] hfs: can't find a HFS filesystem on dev loop3 03:40:00 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:40:00 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\xff', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:00 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000009000001", 0x35, 0x1c0}]) 03:40:00 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1791.503903] Dev loop4: unable to read RDB block 1 [ 1791.521184] loop4: unable to read partition table [ 1791.538432] loop4: partition table beyond EOD, truncated [ 1791.551445] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:00 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x6b6b6b, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1791.685096] hfs: invalid session number or type of track [ 1791.691149] hfs: can't find a HFS filesystem on dev loop3 [ 1791.715253] Dev loop4: unable to read RDB block 1 [ 1791.736798] loop4: unable to read partition table [ 1791.749673] loop4: partition table beyond EOD, truncated [ 1791.756332] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1791.769176] hfs: invalid session number or type of track [ 1791.783668] hfs: invalid session number or type of track [ 1791.789131] hfs: can't find a HFS filesystem on dev loop5 [ 1791.794974] hfs: can't find a HFS filesystem on dev loop3 03:40:00 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff6000000006c0001", 0x35, 0x1c0}]) 03:40:00 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00), 0x0, 0x0, 0x0) 03:40:00 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1791.953715] hfs: invalid session number or type of track [ 1791.959222] hfs: can't find a HFS filesystem on dev loop5 03:40:01 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0xa00, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:01 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000200)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes128\x00'}, 0x1f) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x105002, 0x0) read$eventfd(r1, &(0x7f0000000100), 0x8) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r2 = gettid() syz_open_procfs(r2, &(0x7f0000000140)='limits\x00') r3 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) fcntl$lock(r0, 0x27, &(0x7f0000000180)={0x0, 0x0, 0x1, 0x2, r2}) write$binfmt_script(r1, &(0x7f00000001c0)=ANY=[], 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1792.033411] Dev loop4: unable to read RDB block 1 [ 1792.038333] loop4: unable to read partition table [ 1792.048058] hfs: invalid session number or type of track [ 1792.061039] hfs: can't find a HFS filesystem on dev loop3 [ 1792.076723] loop4: partition table beyond EOD, truncated [ 1792.093487] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1792.123054] hfs: invalid session number or type of track 03:40:01 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[@ANYRES16=r1], 0x2) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1792.138963] hfs: invalid session number or type of track [ 1792.139804] hfs: can't find a HFS filesystem on dev loop3 [ 1792.149365] hfs: can't find a HFS filesystem on dev loop5 03:40:01 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, 0x0, 0x0, 0x0, 0x0) 03:40:01 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfsh', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:40:01 executing program 0: getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000000280)={{{@in6=@loopback, @in6=@ipv4={[], [], @multicast2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@initdev}, 0x0, @in=@remote}}, &(0x7f0000000380)=0xe8) setuid(r0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0) r2 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) r3 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/mls\x00', 0x0, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000100)={0xf4ea, 0x1000, 0x78a, 0x0, 0x4, 0x101, 0x3, 0x8, 0x4, 0x3, 0x6, 0x1, 0x0, 0x54, 0x1, 0xffffffff9678b654, 0x3, 0x81, 0x8}) getpeername$ax25(r3, &(0x7f0000000200)={{0x3, @rose}, [@remote, @default, @rose, @bcast, @bcast, @remote, @netrom, @rose]}, &(0x7f0000000140)=0x48) write$binfmt_script(r2, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r2, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1792.228352] hfs: invalid session number or type of track [ 1792.233037] Dev loop4: unable to read RDB block 1 [ 1792.236195] hfs: can't find a HFS filesystem on dev loop5 [ 1792.238756] loop4: unable to read partition table [ 1792.238827] loop4: partition table beyond EOD, truncated [ 1792.262547] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:01 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x6, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:01 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000230001", 0x35, 0x1c0}]) [ 1792.405284] hfs: invalid session number or type of track [ 1792.411725] hfs: can't find a HFS filesystem on dev loop5 03:40:01 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\xea', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1792.462648] hfs: invalid session number or type of track [ 1792.482485] hfs: can't find a HFS filesystem on dev loop5 [ 1792.493968] loop4: [POWERTEC] 03:40:01 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x1000000000000000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1792.585672] loop4: [POWERTEC] [ 1792.619849] hfs: invalid session number or type of track [ 1792.628798] hfs: can't find a HFS filesystem on dev loop5 [ 1792.694473] hfs: invalid session number or type of track [ 1792.700327] hfs: can't find a HFS filesystem on dev loop5 03:40:01 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff6000000004c0001", 0x35, 0x1c0}]) 03:40:01 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x6000000000000000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:01 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:40:01 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1792.903264] Dev loop4: unable to read RDB block 1 [ 1792.908308] loop4: unable to read partition table [ 1792.930803] hfs: invalid session number or type of track [ 1792.942826] loop4: partition table beyond EOD, truncated [ 1792.951869] hfs: can't find a HFS filesystem on dev loop5 [ 1792.959350] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1792.977697] hfs: invalid session number or type of track [ 1792.992544] hfs: can't find a HFS filesystem on dev loop3 [ 1793.014766] hfs: invalid session number or type of track [ 1793.020679] hfs: can't find a HFS filesystem on dev loop5 [ 1793.053628] hfs: invalid session number or type of track [ 1793.059091] hfs: can't find a HFS filesystem on dev loop3 03:40:02 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1793.084417] Dev loop4: unable to read RDB block 1 [ 1793.089346] loop4: unable to read partition table [ 1793.106922] loop4: partition table beyond EOD, truncated 03:40:02 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:40:02 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1793.133516] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:02 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/autofs\x00', 0x2000, 0x0) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_NEW_SERVICE(r1, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000300)={&(0x7f0000000440)={0x134, r2, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x87ed}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast2}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'lo\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, [], 0x19}}]}, @IPVS_CMD_ATTR_DEST={0x34, 0x2, [@IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e22}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x5}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x7}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x7f}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x1}, @IPVS_DEST_ATTR_U_THRESH={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8001}, @IPVS_CMD_ATTR_DAEMON={0x50, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x3}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x1f}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, [], 0x1e}}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}]}, @IPVS_CMD_ATTR_DAEMON={0x28, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @loopback}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x40}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x59e}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5}]}, 0x134}, 0x1, 0x0, 0x0, 0x800}, 0x800) r3 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) ioctl$PPPOEIOCDFWD(r1, 0xb101, 0x0) setxattr$trusted_overlay_nlink(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='trusted.overlay.nlink\x00', &(0x7f0000000200)={'U+', 0x1}, 0x28, 0x2) prctl$PR_GET_FPEMU(0x9, &(0x7f0000000380)) write$binfmt_script(r3, &(0x7f0000000300)=ANY=[], 0x3a4) r4 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/status\x00', 0x0, 0x0) ioctl$TUNSETPERSIST(r4, 0x400454cb, 0x1) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:40:02 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff6000000000001ff", 0x35, 0x1c0}]) [ 1793.225062] hfs: invalid session number or type of track [ 1793.230607] hfs: can't find a HFS filesystem on dev loop5 [ 1793.240735] hfs: invalid session number or type of track [ 1793.252482] hfs: can't find a HFS filesystem on dev loop3 [ 1793.320997] hfs: invalid session number or type of track [ 1793.330412] hfs: invalid session number or type of track [ 1793.338272] hfs: can't find a HFS filesystem on dev loop3 [ 1793.345427] Dev loop4: unable to read RDB block 1 [ 1793.348438] hfs: can't find a HFS filesystem on dev loop5 [ 1793.352996] loop4: unable to read partition table 03:40:02 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/cache_bypass\x00', 0x2, 0x0) ioctl$VIDIOC_DECODER_CMD(r2, 0xc0485660, &(0x7f0000000280)={0x7, 0x1, @stop_pts=0x7fffffff}) bind$alg(r0, &(0x7f0000000100)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha512\x00'}, 0x58) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0xfed4, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x37cc100}], 0x1}}], 0x1, 0x0, 0x0) 03:40:02 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1793.368232] loop4: partition table beyond EOD, truncated [ 1793.376972] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:02 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x900, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:02 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ppp\x00', 0x8000, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000002c0)={0xffffffffffffffff}, 0x106, 0x1000}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000340)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0xfff, @mcast1, 0xe0}, {0xa, 0x4e23, 0x7, @loopback, 0x6a8}, r1, 0x57f}}, 0x48) r2 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000140)='NET_DM\x00') sendmsg$NET_DM_CMD_START(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x480900}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x14, r2, 0x300, 0x70bd27, 0x25dfdbfc, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x4) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, 0x0, 0x0) r4 = accept$alg(r3, 0x0, 0x0) sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r4, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r4, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1793.524109] Dev loop4: unable to read RDB block 1 [ 1793.538464] loop4: unable to read partition table [ 1793.561881] hfs: invalid session number or type of track [ 1793.563023] loop4: partition table beyond EOD, truncated [ 1793.576731] hfs: can't find a HFS filesystem on dev loop5 [ 1793.577565] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1793.598454] hfs: invalid session number or type of track [ 1793.604722] hfs: can't find a HFS filesystem on dev loop3 03:40:02 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff60000000000003f", 0x35, 0x1c0}]) [ 1793.667679] hfs: invalid session number or type of track [ 1793.679308] hfs: can't find a HFS filesystem on dev loop5 03:40:02 executing program 2: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r0, &(0x7f0000000000), 0x0}, 0x18) [ 1793.714963] hfs: invalid session number or type of track [ 1793.720463] hfs: can't find a HFS filesystem on dev loop3 03:40:02 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x2200, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:02 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1793.822221] hfs: invalid session number or type of track [ 1793.835011] Dev loop4: unable to read RDB block 1 [ 1793.839314] hfs: can't find a HFS filesystem on dev loop5 [ 1793.840169] loop4: unable to read partition table [ 1793.866469] loop4: partition table beyond EOD, truncated [ 1793.890724] hfs: invalid session number or type of track [ 1793.891401] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1793.899731] hfs: can't find a HFS filesystem on dev loop5 [ 1793.949965] hfs: invalid session number or type of track [ 1793.957644] hfs: can't find a HFS filesystem on dev loop3 03:40:03 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:40:03 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(0x0, 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:40:03 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x500000000000000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1794.014630] Dev loop4: unable to read RDB block 1 [ 1794.019986] loop4: unable to read partition table [ 1794.034231] loop4: partition table beyond EOD, truncated [ 1794.034594] hfs: invalid session number or type of track [ 1794.048957] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1794.072483] hfs: can't find a HFS filesystem on dev loop3 03:40:03 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff60000004c000001", 0x35, 0x1c0}]) 03:40:03 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:40:03 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x1f}, &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, 0x0, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1794.178094] hfs: invalid session number or type of track [ 1794.189244] hfs: can't find a HFS filesystem on dev loop5 [ 1794.264205] hfs: invalid session number or type of track [ 1794.278478] hfs: can't find a HFS filesystem on dev loop5 [ 1794.295362] Dev loop4: unable to read RDB block 1 03:40:03 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0xffffff7f00000000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1794.309981] loop4: unable to read partition table [ 1794.327090] hfs: invalid session number or type of track [ 1794.336959] loop4: partition table beyond EOD, truncated [ 1794.346390] hfs: can't find a HFS filesystem on dev loop3 [ 1794.353521] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1794.412284] hfs: invalid session number or type of track [ 1794.432507] hfs: can't find a HFS filesystem on dev loop3 [ 1794.448610] hfs: invalid session number or type of track 03:40:03 executing program 0: lsetxattr$security_ima(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='security.ima\x00', &(0x7f0000000440)=@v2={0x5, 0x0, 0x14, 0x2cee40000, 0x1000, "656a8899ff3ac737650455dcaa031b3f4cfaed4cc82f15b3f42416734fb25586d3bb71be4488b0edabca73c099da674dc7b0241a937ce5858c21760f9423041be4e67a48945494b1db6e0388c319c9f2ec05a588ff9d2f6274fb331b2a72c289658c0cd7d82c5abdd36c7db4861a147711737cf85384143deb48862c16bcc84d3d1614f8d459f43d82a39b7790f7455430e46bbe1399f0bc67d73f149b6cdc3bf4e3b6bd9c9383134341503dbf7a4ee55bb129e029342b43b9f3f88fb1ef6989d94496c1a6ff18e0de65a9ab3a2406d526f3815531dccd4df97de55d7461a98c1a7e562dfa37fa437b8265ffb7753850bf73e58962206a962f4da2a1d895ff05fa598a9e29575aea1a7569962f44aeb388a622287c19874dd211e6d67ff27937e51fff2af525af4037bf02c7548554f50267960fd571d574e04066be2f37e1947d8c888797ad0d66633f48facbd452dbfcf22979752678de199728ff95038155ee2c77935aba4c6107f42ae13390a5549c9944123e236150f68bacf7084a1f64638705a9b3ba7d44be29038f1514f5099d1ff8bab0767fc197405a2e4c525607f64be778baa9485ebbdd6f54194e57d7af88d7f8464f35fc30447dd670149205911c7df44f4d0b516c169a57956951afea8e47b13b7fae054db5724254e864862d11bd90720aa1ac034fcec9ccbe865e295c60d4015e9398e433a66685c22fdc4719bbf2b1589cc8cd6d15f38ae498f19a7a3930198ee3d016ea3a863585b8d20cdf5e243bad2d7390be93123bf66c985f9f516936fe38c2328aee0f7bf2e1bfc8f6fa62f6c97229207d416a5649f289800b7d123cf65280140c45acce50e6b845858b28b33c5edee36e73d303b043cd50db793fc2706e40861d687994891679100e58889aee100d1a6a4b45d17097e61488a29926993f0965343898b2192fdaf018678d0f44285b2f9ac91e471645430c9bd3e715e90bbd59eef89ac7dcd8bc64bc60af25a10d0969adf903f1858ba3790e15d078648bf69af242b0145db68fc5ff871b0b2fbc30a9e82c023a993c946a99cfd02962c6088443636a36a8fa7b41df1afd688472d6d9347066e1d4a88b8d71fae526dd9c56bbc6fdc6e3f36d7135313cdf2f316fc135bf9575aa3b5adec68e358f0009fa26f0751c0774e5828717b6cc4ca03141b344978aa585b342a032ae805c826160a276c21f1aff564eede30aa9a66a96e06cf57ea274f17c036f5e68ad08413b8a30efc945f3c67de829ec4f066e6472b1a50089e5bdffe87f19e0a71e2dfa7062f04e81287a7cb20414739d0f39463300a349ae2e036c05f52ccd1992dcb4872341f258995e21c86b3370832f2ea2624b12b183d02c2a6d317556a8cf9ed386f1049415a5024d10e9ef2a7eb7c98bf6a8491f9d8257c40a6654aebeb937928af153710316785591a133df52128a7972c081e5f3987db98d80aa0319d8604d9e81a21b570be07a73da3aa80b664932312e086c561e922f34a358007ce3775fde37bc77a702e95d0fc288f0831ea799a2b5fe75bf3fe8c5fa43ace4788aceaa33c926e6eafe1068b48f8ab9eda032b51f292e108cb5a9ff9747e9681c3bc2344d66f6572f04d8faaa4e104ebc8ce9b66eae1aee82dc80e9331547c83eb93d6c9c34e430ee9860afe0a7470fdb0914f76d99836e8fec7fc46f3c8420f0b04c2f98b314af8e5afc5452bd3ab158424519126506b0662b9d0f6596bb0ee9c3f29f10a3d23019fd64b541e64184ae31698ce3940c6ee05a7772e5f7fe77cd18de63cbff0e7d58353571f4e4576c164bc87cbae521ed3a215d8f9ad4aeceb3392874852f1a70de8d5f599149e46663c9fd015aa8ea50155afc6506175348bddbdeadbe28c9fbaf0732efe6c368578798eea71c0ee0a4a3aa3d8399a32c22bf54480960aa3941d92a7590c075858bff75f3531d0aa25b5651e0e411401dfbb3d3c70f5275e4f50d53989d6d097d1ba4fb6bf4a30f9cb6eda4af145588159f844c8df2b1959f900b8a50656cba2cfd958a596eae50797cbb941d14f180d9f690388c75570f10458eaaebd5125c1f8fc9961ae21005a89352034c7958c11ba35f618381a34355cff559f11af88e830b1558286450b6a35b16d7fc4c345ac7e8a2db2bdaefd4e28e975bd72977f96a9b86065e11636e49bcac5ba13a6620b170fef200509ffcd77987994326facd4432fee2db8abf98e09d410ab8cd8a079f8d35019c84f35f3d00f517a80d4ff541d2008767d4560748667e07cc3c563b722711bf2a78997080e4ba1cffce25cc837f344acebacae2902dd956e302106a799e645fc391d4bf26f96737cc54be4be82861fc06f93d5ae23b139f83cd40c50af9fe1c5b492c608644b9d702bed6dd7898bd2be62fa8af0b5ecff3504ba9199ea48863358d38d537647bcbfcd2a47b3ac797c2edab9f86209cfb37a9831cfcc43bcb8ccb6849075dd8982afef6c86910d82f4818f22fbe31d7ab764325303f56c1c452c5c59934e792f47686dcf47c6aa2f1b7d399737243727a16204666fb195a4cd336f7c5781ed817a9b0f4f7a1d10ab2440b12b6a6ac3ea525a9a8bcb6dc2ef5f082ec2d91c9fa9ba5c0f9b4cb8b4ebe9f8e8019ffcd1d5b6c8a8d044d6d0feadeea32d46484a09cb378c021ada78873d93ce55eba5dba0617ab9aa3d39b37b85cbe54e9e4536ebb39b0744cf5d0dc6861611e3abf103b54649dd26b1193a60440aac42107569142458f6990a91d9192ecc377580d042aeef75b9c6203ff38ec063546dae1f1e488458410c02ea49e1a7cb65298da308eb55baf0d12c277ed9b5ed13f21837b2df094d5168d9917683736816f77e6be4a7d483f537fdd089424bd3bc987ce4e3d61fcdcafdf5d3dec4c1ec1741512b1a226128b775dce72fadb7d2d2ba883b8d11d66eb32a2858be3f166b547fc6e0b70dc632208b61344306c36c5af550b76a297973fa1373fc2f1871d55d2a2d0eddfd197f2f5537cb42d29ea797d55fc8d6479329601876fe9f41649f04da01e2131fc3eeddfe1d21ea67a7329dce13534e5544a3da667e705991a94e67decca82947873073b7cec8206de05e6547d77c00552fc71edc8ade4942d6b1501cb696dd4980e82e5a403d02e51bc655de7d8f1bf46eec58069e6833482bbc0ff296a0fcb3b6b47957a3acd09fddd0d8b12bed497c581af6e59fbead9eaa1570f9a03be8fcd736116dc979315849280adcffe2a782280071531f875c5c00aede478932c1d30b24785c87e01c64f82abf94a4c772c6e22e530f3989609bcc829ccb1c820b409c6e9082e67c1566fbdcfff4f5947a39bda59ea71c7eb74798428f56d87e32218dabc70e08e0186444de2ee078a62e1565774e771bd1fa5e4fd83edf0986e077b9979fcfda1ca36c74d40b5c5bef638daac32e581b2ddd0eb8685e0828e73da0bfdf3fa5d4416fa8a9c81130fb6c41d3a396dbb07073a41a66c86ff534a951b72dc8a763b35bcce72189eea66500a0a8811cfa3924c8b43088da1c3174593f7d7f1886953041e3c90410faae47cd8cb04ece0948a4b17366b5ffb474b22f929fc63541b80eca1ef1a95657916f19501d55cddf2bff92926024809d9bad428186f7d1c6919313062cbf551c7c66a78b562b4c208b46d1c1c4206d443d47adb2c871e30f8f26b8531688d084a502df61048dedd77a246d0f88df02c47e50ea4c5ebda2dd8c7795c0f31b54db0c3bbc4451ef48a9ccd1e7a4ea406c1f801b92d89f4e2cfd2b5e4b7fa2311282c70a8698c6d67cc1c828884bb9d7d943d23d12fd29bfcb5e9f8c5e34907b136dbebf8300b714b9e2a3a1f369d18df6f24e4fd9696b52d2ec037bb34642b20eadbfbe1af0e4e08de11e5242ad21862653e088781074875f1b076b0f305b7326983f84c2be7411498f050589e38d077befc746710513e0c275c800c52f53b51b479bf0b274c266d501dc86480ce5b2f9630e384c62e0f574182f590287ae267a5f1b1ab936e0735fd85509c65b31d8cf57a31d535b321aa493c4282771afa5091e702a912a0ad378c89f3dd4470d2c09da34e0ebcc384aaf5ba0f365c548b0d9efc451086c645f2f05ed03c3f1c1a1f99c643f0d9f4f7657a531acfe4cad050ff0b4578e59bacd912c36a4bee74c24cdddaf5915c72525770fb8343def4786c7ce4976b74caacf5e627b1e33a5dcd2fa6a362cf1a49e62ebb7fb83ca57aebfbce77ae47dfecee2a149f7e56601961af0dda736ae82ba8c705dbb2af5bf11f59172bfdffc05bb47b5a72635381df8c3c12eb116c2636e4340ff534675329d4518bceb239854b8aabc72e63ba4df962c15108c354279a28b0e38b528533f3e7f91afc81ed8e4e40defbd4cf81d43007842abd3645a36a60909e518a6ed8f6f42c36daf70aa03a9f013fd48859b8e27af598dd09fbd20e0402520c7694cc5e053739b395e410911f619db4b3395c5e9d95e658d06d29f644615c098f019f0b126ce66030bba63ca9b96d2fc137eb26d0a594d48620a56cb9dcd1042ef07d5602cb972e07eba2a55130cf1241533c6ce5a5b362f23c3060a4daceada00df36c121bdf6a5f2714383e71ca889d328a4a81adf4cf30dbd0d3cebefdc9843650842a89dc7e83ddf6569274e48763366bf86eb4973bfd2cd25c5769645338479c8890c218fee441789881835f49146b056b08447570cc48d03b78b86cffe9981e79194c9d4ce9736275a206c1c9b07d574b554d38238402f5d6c4328e7184c2878b6271072309612ce57ff980efaa29a6a96db329ab41075bdf46c75ebfe1da4ff4332e6e57e83147f97c541f1b70f763288e9c681c385b121fe960e39345dbb33fc64286980463dc302c42e7aca6f5b5bd9708e71835656fc7e7f3f6afb13851e576628c967d99c152a44566c4e173604f179f6fe53dc4af264f46eade499ea8c77983a1f8727903755394399eeae02a0e8bace1235b391b0b9eb8c4e55782fd5b9a80b8394815777cace182671573aa13d00863d110df5049ae037068ca422ae364eb992ea771f67f513e90163773a46ab837667acdff8b5ec63c031785b9e6f067d6bb24b7ab35be658c58ea564ab17f29272610b6d29f0b3da7e273790b6e77a56d783522445da9521fa5f2c506a113c8745c18902f97111a8eeeb556fd527bfbf882dce4c652e68b0ef6c27a2ed3b1b6843732ab0fcb70a960e072a0a4ea4a21a899e90ac6a953fee434b3141a0cbbc3f000bddda8cd3dc0cb93711b7eebaaeacde2de23d6a00fc926c77e096a1bccdb0e3f969150a8c555f752dd59aed26687505304c94d55ce87ecfb9e17a5fd465d60dc71669c7047d7af9ec8a089eb3d7b720c12de0275c5c40be7861c42a8cd012e543f59ed8230597ee5b05892caacdf68376bbdb284a1797d15b2bb06ae1088174d8c6bd7d29b591feb31232bdfb78598a2c6a1e138c9cf91c5a04a1004679d5ba6eb00887e047d6356dd21a7cfdc0905a5a9eead293280212e45aae404dc2c3ca97662f4a0b512b772de39618e32d6e173415a08c8199579d802205c695ac071684e25b401cb9ef80de05b98a8edfd53d120a60e846e776b2a91eff8ef409759cb1eecff9d6d858d56b9759ba66e2cca13091e0a8d4c3741ba3d9bc228585e137923e67fb6e6d627e6a859585e4ffa4a6528c8d949251a7412c3d5bdd66003f06c8b5fdc6c3e2f6b80417acbe4c389e3f9e1d443cc9c89be5c44bd55468245628b42784ec95db8bbbb99be6e281f308ec5d2d91b402676c043c724b8e2"}, 0x100a, 0x2) r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000340)='/dev/full\x00', 0x800, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000380)={0x0, 0x4}, &(0x7f00000003c0)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000001480)={r1, 0xff, "cb6b50cbbb9fe56dd7b5893ef6d735f089f988d5c768c7c56b50e85873f2f3a3cda951ddcb466a3d5b4040e5678f5598905ebc064cd0317b9520f95a736757f7e3642a0d18d214246488f34519c21659dea39d5d7095ae108fee624aa8ef8c2a7f1bbf17ae6fe389e2a339b61ba7db25f6113bed3e2350e1ef5dea396541f4cce960d72d0914d4327d11379349f385fbe6b367bf08f7099cda7751092f6a23641f945b8687a8b389a0d689a2818d671d3077c3a90030502741ae18185d9283803ac503da3a032e7025562282e1951ec99d9c75f61f69319f5218c1853b60c1e40273054daa2b896f9b775c76b523d5ce5b5e5ffd8ab5dd70789a007583b1e2"}, &(0x7f00000015c0)=0x107) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(r2, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r3, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) getresgid(&(0x7f0000000140), &(0x7f0000000200), &(0x7f0000000240)) getsockname$packet(r0, &(0x7f0000000280)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1794.461404] hfs: can't find a HFS filesystem on dev loop5 03:40:03 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1794.503568] Dev loop4: unable to read RDB block 1 [ 1794.517301] loop4: unable to read partition table [ 1794.532309] loop4: partition table beyond EOD, truncated [ 1794.539347] hfs: invalid session number or type of track [ 1794.557552] hfs: can't find a HFS filesystem on dev loop5 [ 1794.571777] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:03 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x3000000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:03 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000740001", 0x35, 0x1c0}]) [ 1794.666582] hfs: invalid session number or type of track [ 1794.679785] hfs: can't find a HFS filesystem on dev loop3 [ 1794.720614] hfs: invalid session number or type of track [ 1794.727257] hfs: can't find a HFS filesystem on dev loop5 [ 1794.753661] hfs: invalid session number or type of track [ 1794.762500] hfs: can't find a HFS filesystem on dev loop3 03:40:03 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1794.804708] hfs: invalid session number or type of track [ 1794.810719] hfs: can't find a HFS filesystem on dev loop5 [ 1794.818328] Dev loop4: unable to read RDB block 1 [ 1794.823793] loop4: unable to read partition table [ 1794.829540] loop4: partition table beyond EOD, truncated [ 1794.837452] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1794.958195] hfs: invalid session number or type of track [ 1794.973597] Dev loop4: unable to read RDB block 1 [ 1794.978876] loop4: unable to read partition table [ 1794.984739] loop4: partition table beyond EOD, truncated [ 1794.990662] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1794.992465] hfs: can't find a HFS filesystem on dev loop3 03:40:04 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:40:04 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0xffffff8c, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:04 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000030001", 0x35, 0x1c0}]) 03:40:04 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) pipe(0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000180)=""/100) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1795.073709] hfs: invalid session number or type of track [ 1795.079215] hfs: can't find a HFS filesystem on dev loop3 [ 1795.108562] hfs: invalid session number or type of track 03:40:04 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1795.145583] hfs: can't find a HFS filesystem on dev loop5 [ 1795.200667] hfs: invalid session number or type of track [ 1795.207299] hfs: can't find a HFS filesystem on dev loop3 [ 1795.222361] hfs: invalid session number or type of track [ 1795.228229] hfs: can't find a HFS filesystem on dev loop5 03:40:04 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0xedc000000000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1795.254500] Dev loop4: unable to read RDB block 1 [ 1795.260346] loop4: unable to read partition table [ 1795.268061] loop4: partition table beyond EOD, truncated [ 1795.289011] hfs: invalid session number or type of track [ 1795.291977] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1795.310387] hfs: can't find a HFS filesystem on dev loop3 03:40:04 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1795.375831] hfs: invalid session number or type of track [ 1795.381494] hfs: can't find a HFS filesystem on dev loop5 03:40:04 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = add_key$keyring(&(0x7f0000000200)='keyring\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) request_key(&(0x7f0000000080)='encrypted\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000140)='skcipher\x00', r1) r2 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r2, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r2, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1795.425177] Dev loop4: unable to read RDB block 1 [ 1795.430356] loop4: unable to read partition table [ 1795.431076] hfs: invalid session number or type of track [ 1795.442673] loop4: partition table beyond EOD, truncated [ 1795.443338] hfs: can't find a HFS filesystem on dev loop5 [ 1795.448170] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:04 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000006801", 0x35, 0x1c0}]) 03:40:04 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x500, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1795.595987] hfs: invalid session number or type of track [ 1795.601493] hfs: can't find a HFS filesystem on dev loop3 [ 1795.687375] hfs: invalid session number or type of track [ 1795.693484] hfs: can't find a HFS filesystem on dev loop5 [ 1795.694042] hfs: invalid session number or type of track [ 1795.715841] Dev loop4: unable to read RDB block 1 [ 1795.721244] loop4: unable to read partition table [ 1795.722476] hfs: can't find a HFS filesystem on dev loop3 [ 1795.731967] loop4: partition table beyond EOD, truncated [ 1795.739353] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:04 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1795.784699] hfs: invalid session number or type of track [ 1795.801138] hfs: can't find a HFS filesystem on dev loop5 03:40:04 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x10, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1795.869105] Dev loop4: unable to read RDB block 1 [ 1795.881887] loop4: unable to read partition table [ 1795.889171] hfs: invalid session number or type of track [ 1795.900851] loop4: partition table beyond EOD, truncated [ 1795.902472] hfs: can't find a HFS filesystem on dev loop3 [ 1795.910500] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:05 executing program 1 (fault-call:3 fault-nth:0): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:40:05 executing program 2 (fault-call:8 fault-nth:0): r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:40:05 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000e00001", 0x35, 0x1c0}]) [ 1796.045046] hfs: invalid session number or type of track [ 1796.054561] hfs: invalid session number or type of track [ 1796.060038] hfs: can't find a HFS filesystem on dev loop3 [ 1796.072590] hfs: can't find a HFS filesystem on dev loop5 [ 1796.122207] FAULT_INJECTION: forcing a failure. [ 1796.122207] name failslab, interval 1, probability 0, space 0, times 0 [ 1796.141319] FAULT_INJECTION: forcing a failure. [ 1796.141319] name failslab, interval 1, probability 0, space 0, times 0 [ 1796.162627] CPU: 0 PID: 13445 Comm: syz-executor2 Not tainted 4.20.0 #167 [ 1796.169605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1796.178963] Call Trace: [ 1796.181566] dump_stack+0x1d3/0x2c6 [ 1796.185207] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1796.190413] ? mark_held_locks+0xc7/0x130 [ 1796.194575] should_fail.cold.4+0xa/0x17 [ 1796.198828] ? retint_kernel+0x2d/0x2d [ 1796.202737] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1796.207846] ? trace_hardirqs_off+0x310/0x310 [ 1796.212344] ? rcu_softirq_qs+0x20/0x20 [ 1796.216322] ? dput.part.25+0x241/0x790 [ 1796.220325] ? find_held_lock+0x36/0x1c0 [ 1796.224407] ? ___might_sleep+0x1ed/0x300 [ 1796.228563] ? arch_local_save_flags+0x40/0x40 [ 1796.233153] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 1796.238626] __should_failslab+0x124/0x180 [ 1796.242866] should_failslab+0x9/0x14 [ 1796.246672] kmem_cache_alloc_trace+0x2d7/0x750 [ 1796.251358] ? lockdep_hardirqs_on+0x421/0x5c0 [ 1796.255951] alloc_pipe_info+0x164/0x5d0 [ 1796.260014] ? pipe_read+0x940/0x940 [ 1796.263739] ? ___might_sleep+0x1ed/0x300 [ 1796.267893] ? arch_local_save_flags+0x40/0x40 [ 1796.272492] splice_direct_to_actor+0x786/0x9d0 [ 1796.277257] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1796.282801] ? pipe_to_sendpage+0x400/0x400 [ 1796.287127] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1796.292155] ? do_splice_to+0x190/0x190 [ 1796.296132] ? security_file_permission+0x1c2/0x230 [ 1796.301157] ? rw_verify_area+0x118/0x360 [ 1796.305312] do_splice_direct+0x2d4/0x420 [ 1796.309469] ? splice_direct_to_actor+0x9d0/0x9d0 [ 1796.314330] ? rw_verify_area+0x118/0x360 [ 1796.318490] do_sendfile+0x62a/0xe20 [ 1796.322217] ? do_compat_pwritev64+0x1c0/0x1c0 [ 1796.326822] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1796.332362] ? _copy_from_user+0xdf/0x150 [ 1796.336522] __x64_sys_sendfile64+0x15d/0x250 [ 1796.341021] ? __ia32_sys_sendfile+0x2a0/0x2a0 [ 1796.345613] ? do_syscall_64+0x142/0x820 [ 1796.349703] do_syscall_64+0x1b9/0x820 [ 1796.353602] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1796.358971] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1796.363906] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1796.368771] ? trace_hardirqs_on_caller+0x310/0x310 [ 1796.373800] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1796.378824] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1796.383681] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1796.388885] RIP: 0033:0x457759 [ 1796.392093] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1796.411501] RSP: 002b:00007f7a2db54c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1796.419211] RAX: ffffffffffffffda RBX: 00007f7a2db54c90 RCX: 0000000000457759 [ 1796.426482] RDX: 00000000200000c0 RSI: 0000000000000006 RDI: 0000000000000005 [ 1796.433752] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1796.441022] R10: 00000000effffdef R11: 0000000000000246 R12: 00007f7a2db556d4 [ 1796.448299] R13: 00000000004c4361 R14: 00000000004d7890 R15: 0000000000000007 [ 1796.456550] CPU: 0 PID: 13446 Comm: syz-executor1 Not tainted 4.20.0 #167 [ 1796.463499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1796.472856] Call Trace: [ 1796.475486] dump_stack+0x1d3/0x2c6 [ 1796.479137] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1796.484348] ? __fget+0x4aa/0x740 [ 1796.487829] should_fail.cold.4+0xa/0x17 [ 1796.491905] ? kasan_check_read+0x11/0x20 [ 1796.496066] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1796.501196] ? __fget+0x4d1/0x740 [ 1796.504674] ? find_held_lock+0x36/0x1c0 [ 1796.508832] ? pnp_check_mem+0x7b8/0x820 [ 1796.512918] ? ___might_sleep+0x1ed/0x300 [ 1796.517081] ? find_held_lock+0x36/0x1c0 [ 1796.521151] ? arch_local_save_flags+0x40/0x40 [ 1796.525877] __should_failslab+0x124/0x180 [ 1796.530115] should_failslab+0x9/0x14 [ 1796.533934] __kmalloc_track_caller+0x2d1/0x760 [ 1796.538616] ? usercopy_warn+0x110/0x110 [ 1796.542710] ? map_lookup_elem+0x283/0xc50 [ 1796.546968] memdup_user+0x2c/0xa0 [ 1796.550521] map_lookup_elem+0x283/0xc50 [ 1796.554594] ? selinux_bpf+0xf2/0x130 [ 1796.558408] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1796.563967] __x64_sys_bpf+0x318/0x520 [ 1796.567867] ? bpf_prog_get+0x20/0x20 [ 1796.571717] do_syscall_64+0x1b9/0x820 [ 1796.575620] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1796.580995] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1796.585938] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1796.590797] ? trace_hardirqs_on_caller+0x310/0x310 [ 1796.595828] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1796.600862] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1796.605898] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1796.610761] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1796.615959] RIP: 0033:0x457759 [ 1796.619165] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1796.638075] RSP: 002b:00007f9621676c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1796.645791] RAX: ffffffffffffffda RBX: 00007f9621676c90 RCX: 0000000000457759 [ 1796.653065] RDX: 0000000000000018 RSI: 00000000200000c0 RDI: 0000000000000001 [ 1796.660340] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 03:40:05 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x8202000000000000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:05 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x8c', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:40:05 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) ioctl$RTC_PLL_SET(r1, 0x40207012, &(0x7f0000000080)={0x8, 0x400, 0x7a, 0x41c, 0x3, 0x20, 0x90}) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)}], 0x311, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:40:05 executing program 1 (fault-call:3 fault-nth:1): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1796.667613] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f96216776d4 [ 1796.674890] R13: 00000000004bdc2d R14: 00000000004cdbd0 R15: 0000000000000005 [ 1796.704668] hfs: invalid session number or type of track [ 1796.710169] hfs: can't find a HFS filesystem on dev loop5 03:40:05 executing program 2 (fault-call:8 fault-nth:1): r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1796.757934] Dev loop4: unable to read RDB block 1 [ 1796.766334] loop4: unable to read partition table [ 1796.786511] hfs: invalid session number or type of track [ 1796.789805] loop4: partition table beyond EOD, truncated [ 1796.801361] hfs: can't find a HFS filesystem on dev loop5 03:40:05 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000140)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)=[@iv={0xe0, 0x117, 0x2, 0xc6, "76ef77b4f8791d952f02f5b472c793bfe116efb8ce225bcb3aec015e44c94b272ecffe33ba6a29931d6229354d9498ed306ca7fb0a318c725a4b57225a9e2ab2f42ec46acc41257d3eea10330e825170bb29123fe2311219b4a67fd01769b2f1e8c9d33c6c9d03d90287eb46fc920e6f091daa1e1eed92d4dce0fbc3e95691080140e2c9d4b0aaf2aacd5f797a91d5574474e02360d0b5e73e0f9cf8b79a0b04bb0e4e31cb98375b23db5f5540c0c6680dada345ef951924cfc799cf8faf7058912bf4ad896c"}, @iv={0x1018, 0x117, 0x2, 0x1000, "4f0901613ca76f4a56f5f35f74a959964895b4c2ac970a2313912549b112e51db974797a2ad9296f85535bfc1d66d75211522f2ccb2d4669397e181a3c5329321cecaeb0e0c21d101fdf04de7794ddacde71d93d556bcd76fcbecadec43496b9780f523f332735609310f200a4ca01c02776fd67caa5d081795f2df6f0e4f332624360bf34157cbb2498e7cfebd68103c692c4bdaf59da123cb67a5d12a9d6c2b4d7d0f75818cb09455c57bca76307b33d8a19b621e930f2eab3c8e7bc8907cbfb4a2c633c6e528e3ca0a4add724af4054f8e8e8160832cdfa97b5f2bb2f15e4c9c47a6830340b7a3ebf309ce52c972739492c91d6aea3ebb50c4d109fb9183f4762a1ec6844d866729c49f82cb23d5e439f8a16b213cf293e2307d334657e8a2b9974c1c6aab983d24ab240828d81a68aa3a051e1c082a2ce761e09d02172d13c342be9fa1e6363e1d2625db9c5daca6cb8be0537d2a52010db8603e730112cf764c230089218cf45addf7e06dba13b0276a40b6f47392264984af4ade9c381db2fdea2baeec58c833bbddd83c5914b320294357afb8c6b32d89061ed800583f97a058c506f3af101f5849db8dee3c2c4131b994380469a077916c1e63a8069dc73d8ad4e0e199d9ae6bef9742ee453221ea4cb8dee628052a76de5d25462995188076a3a86c35ce03979e704d5e4bc6399dce31b211dd54d7a2ccea0bf2f1e127f46bf9f46b8c196d32b3aa27495f83a0b4cf87d714518493b70f9a21f5c0bbdbc1a1bec095843096283d8881ba48d2723510ecccb65c7d104164a78deb05c05dfe4601749cd30461466b323f5f13a6b0bc3da5953af8f578e5ccf9be02429d46d19faada71cfb16043afaad41c65ac1ac276ec713b52b606bf79090ecf85bb07cf1cfe599b7bf75c094675b853bd5d40a5ba9d00158fe0b9b55fa30adf8ad38e1b375f8970cab4a37b708f6ca2de4f5d2b75af81de537afccd349d14f975cd216524fc079e0daabfa79ba8be7fba8dfdadba3521e8f92fcc7ddaede6861469683ddd9e109a986193a7658bb5358292c1645b7c3149800135b968c90db989993349134fce72a6232a437d331a7736da92b3567a8d038a3755ebbe7c4aa3f9143676e8866d0ff81b9ede8481d515fb004a5a530241ed652dbbf543f089e006d52a28c8143d845a48702a0fc760f05e9a63271ba0fbb35823d9324056c3c34389d0df82c1e32b9212ba0868881d93f67c95e83cc0e7cd05a1f1ed86f602bcbf2f4356dee198096887612ac791e119283ff50cdd28f683b863593ca6589cd567709fff456c734643ad16ef80fc00b786566f6e7ea479db81d86d03a9e3808f62549b703c0ed10ed2be48e4ada25728a9ad37622c296fa9b4472f6ee27a34f68d7d7bd7d969117ab13cebaa561746fb394482bb958d56d75dc5faa9b63d9c1d751a331a29626fe059af597f84f6a749d5cacafcdd5b4428132db48651d0eb21050e082d88476c16dd38a33582f16a8fd62afe832fb76c850512827d3bb9c80ebb1390b10dfb6e77bb68c55a65914ec5a63072e85a8a360ae921fb4d140bba62e1869ecf11101c77dcb5668cec77a02346f43e905769e644b025c9c9a29a8dde4fc24e37a6fd666c0dabda3f6618b04b9f31545443ab97e48688c8c5c2457ce6e9863e3b1e51c5c98819a9b47ee5a7a08c283cdda4ea977c3bbc92d3d93f0e4344cd280f194916499cf22c1cbe7dfff62b8d17026cad3a23c4d96db1fdac61dce3a16c446075b4eb91105075e4aacde243de232674e97ea16b7ae23b4d60e6d1deb75fba1b1efe118bf1316b2912d06a6cc245b8b9ab40b35b566c9e1c99e02d07072fffe8e4e951d2d2c5503f1040a5af02abc252ba306546a9b68e2369877ef94e68dc11305204f6a8b9e808e0ef4a917c77fc3d4f44fe88e1123e13634ac85ee979963828fcec3e036568803e72e13d7449f549ae13a6bf22a11509272ba9378d6b2716b479de505ef45e4b87b078ee9a2ca149e8eadb99b9a11e2ffff8b710b95a2c78813fe23cf6b2d89d3345db814cad49ec0a052ded515bfa1b42a8fb2a5cf7cfaf9806298ef5c50b6be6d2f4cfdab564cff1162bfb9edfa302c13abf157ee3f5e3f4b6a2bb26042553dec59a1cd8be396d56f97d4efa4cf6ce71703562e3cd6892f82fb24e725a73374e186d283e15ce6e94fa8ff9f904eb5eb99242cef84271b78aaa1371a43b0a3063c299ca3e694c29589eada8f231b7da6406de132aea752b7434f19222440c956a64b0c37bf9fe597817afdaf1427015950e6464d496916e9d2f9e9dd260a734babd209329d656e18c511009f289c7496b5f87ef45a1d23cb5b4f0df5268241663b6f1c436009aee83497ef0e2cc200803966b8c7f5b2aaca86096345f0406af7eb5aef793a1b4a6ae9c19042833c6d447962752101bce69f871e1e353ee3861cb65ffef68fd5f2985dcb65f58bf6795e9b522b71e125c62365d13d7c5ce45bbb30cd9f079c327a18be93d3b73fbd67ac0c5af104b13cc8b33208196e8bebbdc66120c6d9fb172432a646b7ee15623b235915d3a504d3f1784de97721605c3695ebfcdcfd5fabf2ef1be6efcdf6638a6a240b64b2672d9c1de343fbdf9681652a8565aac36516f5e9a15906c846d817d7c4c43781336151d578993a11c5c7b82f60f7b36aa8d404caf507ae4fa607d4114d7b427b319cf4bcade23e2df52c8d79a110e9a9b07f48c6d1b0b9a85d08b9d9de2a0403d1221db30884027badac510f75e37e7f47b8879e1a6e987569d2779fa4714987129d9dda38ada2c7990c3f55738d3ab9c05656c7daf31148478e76f8d64ad7d5a90040393643d1553a70aff466293bce3bf5c454d01f6dd78d3ee35b47a2d934aa63bb8d16e2623ee4c8909b09c56fbcd94ffc690511dd2f2d2d9fe85614c69555f610a5953f35143ecc20a853a6137efb50d202db0da2651b90884a41dd53ca3cbeeb3d5a46994f104ba177c3c5d8ef95fe020bb5b7329fae03687d2ddc93e79aee4578e5c6402c70794df85e964719de194aa17d7739cb5f7bb352548ce63892c34dae6b2c22f2ff4a0e103ae91e2910f4317da78772614972d3cee68242975102368b16ebd2dde9275f5f25ea62c3a3b6b99e2e053316a2af05a2f5bb30c8e95da15a97034cbe80dc1e2271ada4e6ed80b562eb394ccb640ea3f54ef28194d6e421b217e7e937cb88f5b268f28d37df57e875d12652fd183af1e85b1ff13081e5c04a5e34645e18f835cfb5361b1350f5cda54fa724e67b520d0afd7ee77178c0ef848823461b13b4495647550b556b488f6e71fa34c10bb82bbcfa7f17f4a4c17438d41989fe49774cb917e1e5f0fdb6d6aad02dfed90c77f7aed1b4ca8a2b5eb13413cf26be8b6ccaca9ef3b58ffebf20ecbe9db4568eab9da70e313b4ceccf92988af599992796119e4f318946e384b369955afa18568ab4321c9f9c8656ac1114c0a26608e3af9c58339046a7ad46ecd8e51cb419b600fe23245c6c9524f48c31386816f9de5bdf6699a826d89ced2897624653f2c654ee6c9eb328d683e13d6244296642f7f1874406379b31131fabf362d09046408462d3dd6cf65e59fc0af1f9d4a1ffa96a4966cbda9e38e80883dab8f7aace309097da41febe2eb0edcf0652f26ebef2bba780973738a7c7cf87c977996c8daa8aad1fa01f2ab455ac82c5b242506e31baad91e5364d53e96816445741f1173d2dd2945bf0158f54b944ed8c336ce2a19c1200734170a4d928c8b645f1fe54ec2b5520de64890b850f64b52bf4b1f322af53f04d22af379dbed26da52d5ab42ab0e0537ca3fcc605cfc10daf2faa0a63f70277f8f58e318458b7c7ccf342150c4b2dca35c678e196f3bfd29f2548249203f95dba6c764aaf6f9509a97133767592ae33f280e1b89cea9c93c48438533dd4652955bddc39cab45fe4e9b68bb0b4cabf6dc748ceec344aabc1df35ae796da0e487be3f309915139b38f62dea44aeaf0c3f22fba288968a621bdd04b52aaa4fb30987e5e5abaf6550ba3f9fbdd2cc95b1f57318cc0f8ce9829fb060d037159f3c15122e56090b3e2154eb043f68a823a208b0d766ce38a9b27578bca0091073fc87cb77036684225e9494b11ae735afa7107f5ab2e964c8ac50da8c0c110836819c75eab9f453147ed5b05fb6bcab4d6c4e6f651654f911f7a6862e2ca32b7669f8346193fa7ddc79923bae08b6825aa5d32cc37fb990358dcb96f3b2cd82d616cbbeea5577a0b6e07e6f537cd7cf2fab088ef6b86219410720ff420a5b0d8631fe657cc6c43c4f5331eebe9c8edef10781c8f14333e5dcc9208750bf6e605123f3fe0ef07c33202390dd934e647a6cc408e42ad5558ea144d3a10d26c9a08e15a6e849d33f75be21c56130f77b7e99bb51bcb0bb688decc895e4a6e1b5c454dab72c0f4ae02e37dce47040a711bc78721981098db006162f1b288d04e9d2f2896de34f104fd7bc836b6c228bd19aa74d3d8689a5b3545428b086036f0da3dc303e48b8027ab9ec9124ea4619b69bb55622bca09e0fa0d5da311800cee87758df5284bdb800bc0f554ee8774669d1fd0bc5e84af0e8b3c1c905c5a791aa53955b19149d6858e159ecd3bc95479ff9d7f6f53047f5db87046c0b7321479f872320f82b3e2d5521ebafac4d59f7350beedaada16142cc94fe5d036199c9ff86e069ff765623c78c9da39614c966ccba8d1b58b977ef8670f3f2c2b526b8e06874c97e745a7484c423abee45d5849b5b4fc10826c90170291152e5499a84344fe4c2110e99e9851decd1b14c6f56967f84c2a100fbfc7e2bd9f8bc1a1eba15b1a0003059b2a2a2c4a24f264813d2b399df31ac6986d7a6d93ad76170224c35204db0d4226b355419a40e675044d63ca354d2a35714c88e633b8c4285ba7e2f55d8ca695013aaaa4ec229c6355868770b19619029eb8bf1a96f85cd0b888156dcce85d63cecb0750a11565db6e08fc659faa5db73c787cd218eaac65fc9a64fd57b746cdfe93c49ef05da1c6b29def2ecf472905d41922766189135db79fd23ab75e60e0e355bbfa80d9099b1694f4b5a2cb396c3f510b4fd19683a89c697e8a2d159d9430fee8f3d5071621632fe8810137d58752cbc8dc6cc44aa30503091228c4d2684ed8e3ec07d4341a4e529622657658a0352cdce61e60c59020cdeb6e7a377c1aff078309e4e6ad64f6883358275a9e45a2e0730440876f0346fdc7341af851af53dc54d65fbff3992679dcbcedb9e6d84ded4c241e13af30e31f99a907d0bffb3a1f5f7c53f20fc832ccb3aa7c8f14c72ddc4b1c07edd52543a413b69958744df3a3a63ad2ddaf2ef96591bfe2a0b0b5fe2a004c932c2dc6126ed32a38a39ee94764140b9b3b2940d798042042b9d310c7ef9dd1fc936f21c3912554bcc46f74d16414e37bb677aad22e3ce20b73acf59ff1d0e81711356404214a3e0b645c8332b4ef20de9ed25cfd06590c098c6892138ea7594a95ce5835dd186ac310ca896a281de797578920428853c7ffc39ee88c7b9223d1d80a4da6de5b0429057dce0261a596b047c202268d8994403fc31389e77e82390101ffd0849ebaa4cf31e3fcfb3cc54f0f7bbc5b80a38c203b7ace3f7adef5fb8e148d4169cedaf91edad076e63f1af1393866265c7791f521e0bfaaf1f20d1befb3a1b3e427ddba7f94aff1480885310a4266526edda1b9b41f0cab7e1149d858f4b143ccc7a68affe2e779537b9a9d89a122137629087752e91035c04a4"}, @iv={0x110, 0x117, 0x2, 0xf6, "374e8ba8d61acf94ee44b628479f49906c4b85b11e6fac5c70e3d907ebbdbc8873022e78c09ca68d77bb09752720d7cfca37d0096e9e8692b98fbaf86f80b7af4dee751f3b0b3504a5735e82da7b6ec5c70e6150be7a1fc169ea28c9e7f60bab540c014b31b1650b4824e387612fceb7320e2ab93fdcf5261ad2f1db1773d43f06e7ba517a6a9ddd3f40262db53895f22752fc905afe27a4684afc5d7998999b280bf64a2dc4102a3c9971366d6ca3f9852efe78c344151bf0ffd43cc4d7bc6c9592411baf1c9714cefc72dfbe6e3b944ba39e74c4f2858c54790645c491c900d995419a2e8aa1b5372e9005460f9cbf22b2b1079b56"}, @op={0x18}], 0x1220}], 0x4924b37, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x410002, 0x0) ioctl$SG_GET_TIMEOUT(r2, 0x2202, 0x0) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1796.818758] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1796.832920] FAULT_INJECTION: forcing a failure. [ 1796.832920] name failslab, interval 1, probability 0, space 0, times 0 [ 1796.847804] CPU: 0 PID: 13462 Comm: syz-executor1 Not tainted 4.20.0 #167 [ 1796.854754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1796.864117] Call Trace: [ 1796.866737] dump_stack+0x1d3/0x2c6 [ 1796.870393] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1796.875603] ? unwind_get_return_address+0x61/0xa0 [ 1796.880557] should_fail.cold.4+0xa/0x17 [ 1796.884640] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1796.889762] ? save_stack+0xa9/0xd0 [ 1796.893403] ? save_stack+0x43/0xd0 [ 1796.897046] ? graph_lock+0x270/0x270 [ 1796.900858] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1796.906252] ? find_held_lock+0x36/0x1c0 [ 1796.910354] ? ___might_sleep+0x1ed/0x300 [ 1796.914514] ? arch_local_save_flags+0x40/0x40 [ 1796.919106] ? usercopy_warn+0x110/0x110 [ 1796.923187] __should_failslab+0x124/0x180 [ 1796.927435] should_failslab+0x9/0x14 [ 1796.931249] __kmalloc+0x2e0/0x770 [ 1796.934803] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1796.940528] ? _copy_from_user+0xdf/0x150 [ 1796.944713] ? map_lookup_elem+0x3c1/0xc50 [ 1796.948978] map_lookup_elem+0x3c1/0xc50 [ 1796.953050] ? selinux_bpf+0xf2/0x130 [ 1796.956868] __x64_sys_bpf+0x318/0x520 [ 1796.960769] ? bpf_prog_get+0x20/0x20 [ 1796.964601] do_syscall_64+0x1b9/0x820 [ 1796.968498] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1796.973874] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1796.978819] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1796.983676] ? trace_hardirqs_on_caller+0x310/0x310 [ 1796.988734] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1796.993768] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1796.998801] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1797.003659] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1797.008874] RIP: 0033:0x457759 [ 1797.012079] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1797.030992] RSP: 002b:00007f9621676c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1797.038721] RAX: ffffffffffffffda RBX: 00007f9621676c90 RCX: 0000000000457759 [ 1797.045999] RDX: 0000000000000018 RSI: 00000000200000c0 RDI: 0000000000000001 [ 1797.053278] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1797.060558] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f96216776d4 03:40:06 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x40000000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1797.067832] R13: 00000000004bdc2d R14: 00000000004cdbd0 R15: 0000000000000005 03:40:06 executing program 1 (fault-call:3 fault-nth:2): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1797.125130] FAULT_INJECTION: forcing a failure. [ 1797.125130] name failslab, interval 1, probability 0, space 0, times 0 [ 1797.142989] CPU: 0 PID: 13468 Comm: syz-executor2 Not tainted 4.20.0 #167 [ 1797.149944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1797.149952] Call Trace: [ 1797.149982] dump_stack+0x1d3/0x2c6 [ 1797.150009] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1797.170765] ? __kernel_text_address+0xd/0x40 [ 1797.175277] should_fail.cold.4+0xa/0x17 [ 1797.179366] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1797.184476] ? save_stack+0x43/0xd0 [ 1797.188108] ? kasan_kmalloc+0xc7/0xe0 [ 1797.191995] ? kmem_cache_alloc_trace+0x152/0x750 [ 1797.196840] ? alloc_pipe_info+0x164/0x5d0 [ 1797.201077] ? splice_direct_to_actor+0x786/0x9d0 [ 1797.205924] ? do_sendfile+0x62a/0xe20 [ 1797.209814] ? __x64_sys_sendfile64+0x15d/0x250 [ 1797.214485] ? do_syscall_64+0x1b9/0x820 [ 1797.218548] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1797.223926] ? find_held_lock+0x36/0x1c0 [ 1797.228007] ? ___might_sleep+0x1ed/0x300 [ 1797.232161] ? arch_local_save_flags+0x40/0x40 [ 1797.236745] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 1797.242293] __should_failslab+0x124/0x180 [ 1797.246544] should_failslab+0x9/0x14 [ 1797.250392] __kmalloc+0x2e0/0x770 [ 1797.253934] ? kmem_cache_alloc_trace+0x353/0x750 [ 1797.258775] ? kasan_check_read+0x11/0x20 [ 1797.262923] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 1797.268199] ? alloc_pipe_info+0x2ce/0x5d0 [ 1797.272439] alloc_pipe_info+0x2ce/0x5d0 [ 1797.276503] ? pipe_read+0x940/0x940 [ 1797.280252] ? ___might_sleep+0x1ed/0x300 [ 1797.284405] ? arch_local_save_flags+0x40/0x40 [ 1797.288994] ? ksys_dup3+0x680/0x680 [ 1797.292723] ? print_usage_bug+0xc0/0xc0 [ 1797.296810] splice_direct_to_actor+0x786/0x9d0 [ 1797.301496] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1797.307039] ? pipe_to_sendpage+0x400/0x400 [ 1797.311368] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1797.316393] ? do_splice_to+0x190/0x190 [ 1797.320371] ? security_file_permission+0x1c2/0x230 [ 1797.325392] ? rw_verify_area+0x118/0x360 [ 1797.329577] do_splice_direct+0x2d4/0x420 [ 1797.333759] ? splice_direct_to_actor+0x9d0/0x9d0 [ 1797.338613] ? rw_verify_area+0x118/0x360 [ 1797.342767] do_sendfile+0x62a/0xe20 [ 1797.346514] ? do_compat_pwritev64+0x1c0/0x1c0 [ 1797.351137] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1797.356680] ? _copy_from_user+0xdf/0x150 [ 1797.360867] __x64_sys_sendfile64+0x15d/0x250 [ 1797.365365] ? __ia32_sys_sendfile+0x2a0/0x2a0 [ 1797.369979] do_syscall_64+0x1b9/0x820 [ 1797.373882] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1797.379249] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1797.384188] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1797.389036] ? trace_hardirqs_on_caller+0x310/0x310 [ 1797.394072] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1797.399609] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1797.404637] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1797.409507] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1797.414706] RIP: 0033:0x457759 [ 1797.417921] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1797.436824] RSP: 002b:00007f7a2db54c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1797.444531] RAX: ffffffffffffffda RBX: 00007f7a2db54c90 RCX: 0000000000457759 [ 1797.451809] RDX: 00000000200000c0 RSI: 0000000000000006 RDI: 0000000000000005 [ 1797.459073] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1797.466341] R10: 00000000effffdef R11: 0000000000000246 R12: 00007f7a2db556d4 [ 1797.473607] R13: 00000000004c4361 R14: 00000000004d7890 R15: 0000000000000007 [ 1797.486066] Dev loop4: unable to read RDB block 1 [ 1797.493401] loop4: unable to read partition table [ 1797.511669] loop4: partition table beyond EOD, truncated [ 1797.517865] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:06 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1797.529412] hfs: invalid session number or type of track [ 1797.558335] hfs: can't find a HFS filesystem on dev loop5 [ 1797.567396] FAULT_INJECTION: forcing a failure. [ 1797.567396] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1797.579219] CPU: 1 PID: 13480 Comm: syz-executor1 Not tainted 4.20.0 #167 [ 1797.586149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1797.595504] Call Trace: [ 1797.598113] dump_stack+0x1d3/0x2c6 [ 1797.601762] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1797.606976] should_fail.cold.4+0xa/0x17 [ 1797.611050] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1797.616166] ? __lock_acquire+0x62f/0x4c20 [ 1797.620424] ? lock_downgrade+0x900/0x900 [ 1797.624579] ? check_preemption_disabled+0x48/0x280 [ 1797.629647] ? mark_held_locks+0x130/0x130 [ 1797.633911] ? mark_held_locks+0x130/0x130 [ 1797.638161] ? is_bpf_text_address+0xd3/0x170 [ 1797.642687] ? kernel_text_address+0x79/0xf0 [ 1797.647113] ? __kernel_text_address+0xd/0x40 [ 1797.651626] ? unwind_get_return_address+0x61/0xa0 [ 1797.656572] ? __save_stack_trace+0x8d/0xf0 [ 1797.660912] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1797.666464] ? should_fail+0x22d/0xd01 [ 1797.670408] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1797.675549] ? save_stack+0xa9/0xd0 [ 1797.679192] __alloc_pages_nodemask+0x366/0xea0 [ 1797.683883] ? graph_lock+0x270/0x270 [ 1797.687702] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1797.693083] ? __alloc_pages_slowpath+0x2df0/0x2df0 [ 1797.698120] ? find_held_lock+0x36/0x1c0 [ 1797.702217] ? ___might_sleep+0x1ed/0x300 [ 1797.706378] ? trace_hardirqs_off+0xb8/0x310 [ 1797.710804] cache_grow_begin+0x91/0x8c0 [ 1797.714876] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1797.720426] ? check_preemption_disabled+0x48/0x280 [ 1797.725458] __kmalloc+0x6aa/0x770 [ 1797.729009] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1797.734560] ? map_lookup_elem+0x3c1/0xc50 [ 1797.738807] map_lookup_elem+0x3c1/0xc50 [ 1797.742882] ? selinux_bpf+0xf2/0x130 [ 1797.746724] __x64_sys_bpf+0x318/0x520 [ 1797.750624] ? bpf_prog_get+0x20/0x20 [ 1797.754458] do_syscall_64+0x1b9/0x820 [ 1797.758361] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1797.763739] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1797.768678] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1797.773545] ? trace_hardirqs_on_caller+0x310/0x310 [ 1797.778576] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 1797.783627] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1797.788701] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1797.793578] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1797.798786] RIP: 0033:0x457759 [ 1797.801985] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1797.820889] RSP: 002b:00007f9621676c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1797.828604] RAX: ffffffffffffffda RBX: 00007f9621676c90 RCX: 0000000000457759 [ 1797.835902] RDX: 0000000000000018 RSI: 00000000200000c0 RDI: 0000000000000001 [ 1797.843179] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1797.850462] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f96216776d4 03:40:06 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000060001", 0x35, 0x1c0}]) 03:40:06 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) ioctl$VIDIOC_S_AUDOUT(r1, 0x40345632, &(0x7f0000000080)={0x0, "d06ce8ec35644841f209d34324f77522cd9af622be5a4620e3e80060f90ed64d", 0x2, 0x1}) write$binfmt_script(r1, &(0x7f0000000200)=ANY=[@ANYRESDEC=r1, @ANYRESOCT=r1, @ANYPTR=&(0x7f00000001c0)=ANY=[@ANYRES32, @ANYPTR=&(0x7f0000000140)=ANY=[@ANYRESDEC=r1, @ANYRESDEC, @ANYRESOCT=r1, @ANYRES16=r0], @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r1], @ANYRESHEX=r1, @ANYPTR64], 0x4d) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1797.857736] R13: 00000000004bdc2d R14: 00000000004cdbd0 R15: 0000000000000005 03:40:06 executing program 1 (fault-call:3 fault-nth:3): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1797.925089] hfs: invalid session number or type of track [ 1797.932881] hfs: invalid session number or type of track [ 1797.941756] hfs: can't find a HFS filesystem on dev loop5 [ 1797.962799] hfs: can't find a HFS filesystem on dev loop3 03:40:07 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x300000000000000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:07 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:40:07 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x8) bind$vsock_dgram(r2, &(0x7f0000000100)={0x28, 0x0, 0x0, @host}, 0x10) r3 = getpgid(0x0) ptrace$pokeuser(0x6, r3, 0x1ff, 0x8) [ 1798.027625] hfs: invalid session number or type of track [ 1798.040926] hfs: can't find a HFS filesystem on dev loop3 [ 1798.050613] Dev loop4: unable to read RDB block 1 [ 1798.065456] loop4: unable to read partition table 03:40:07 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1798.081322] loop4: partition table beyond EOD, truncated [ 1798.087742] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:07 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1798.164116] hfs: invalid session number or type of track [ 1798.174782] Dev loop4: unable to read RDB block 1 [ 1798.178827] hfs: can't find a HFS filesystem on dev loop5 [ 1798.179777] loop4: unable to read partition table [ 1798.216488] loop4: partition table beyond EOD, truncated [ 1798.229684] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1798.244810] hfs: invalid session number or type of track [ 1798.254834] hfs: invalid session number or type of track [ 1798.256551] hfs: can't find a HFS filesystem on dev loop3 [ 1798.260303] hfs: can't find a HFS filesystem on dev loop5 03:40:07 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x11, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:40:07 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0xe0000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:07 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000740001", 0x35, 0x1c0}]) 03:40:07 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0xffffff1f, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1798.395538] hfs: invalid session number or type of track [ 1798.401154] hfs: can't find a HFS filesystem on dev loop3 [ 1798.414006] hfs: invalid session number or type of track [ 1798.419497] hfs: can't find a HFS filesystem on dev loop5 03:40:07 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1798.483967] Dev loop4: unable to read RDB block 1 [ 1798.489055] loop4: unable to read partition table [ 1798.500098] hfs: invalid session number or type of track [ 1798.500104] loop4: partition table beyond EOD, truncated [ 1798.516177] hfs: can't find a HFS filesystem on dev loop5 [ 1798.519526] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:07 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x10, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:40:07 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x10000000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1798.608619] hfs: invalid session number or type of track [ 1798.624446] hfs: can't find a HFS filesystem on dev loop3 [ 1798.673278] Dev loop4: unable to read RDB block 1 [ 1798.678165] loop4: unable to read partition table [ 1798.678232] loop4: partition table beyond EOD, truncated [ 1798.678250] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:07 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x6, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1798.803796] hfs: invalid session number or type of track [ 1798.809406] hfs: can't find a HFS filesystem on dev loop5 03:40:07 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10003, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1798.873113] hfs: invalid session number or type of track [ 1798.878599] hfs: can't find a HFS filesystem on dev loop5 03:40:07 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:40:07 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000ea0e01", 0x35, 0x1c0}]) 03:40:07 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) accept(r0, &(0x7f0000000100)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @empty}}}, &(0x7f0000000080)=0x80) getsockopt$bt_BT_SECURITY(r2, 0x112, 0x4, &(0x7f0000000200), 0x2) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:40:07 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0xe, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:40:08 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x82020000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1799.000150] hfs: invalid session number or type of track [ 1799.006674] hfs: can't find a HFS filesystem on dev loop3 03:40:08 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x4, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1799.041709] hfs: invalid session number or type of track [ 1799.047988] hfs: can't find a HFS filesystem on dev loop5 [ 1799.055103] Dev loop4: unable to read RDB block 1 [ 1799.060311] loop4: unable to read partition table [ 1799.066473] loop4: partition table beyond EOD, truncated [ 1799.072309] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1799.097310] hfs: invalid session number or type of track [ 1799.108537] hfs: can't find a HFS filesystem on dev loop3 [ 1799.125741] hfs: invalid session number or type of track [ 1799.134069] hfs: can't find a HFS filesystem on dev loop5 03:40:08 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:40:08 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x9000000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:08 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x15, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1799.235608] Dev loop4: unable to read RDB block 1 [ 1799.240781] loop4: unable to read partition table [ 1799.262235] loop4: partition table beyond EOD, truncated [ 1799.289266] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:08 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x8, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:40:08 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000600001", 0x35, 0x1c0}]) [ 1799.351102] hfs: invalid session number or type of track [ 1799.367924] hfs: invalid session number or type of track [ 1799.377780] hfs: can't find a HFS filesystem on dev loop3 [ 1799.384042] hfs: can't find a HFS filesystem on dev loop5 [ 1799.428085] hfs: invalid session number or type of track [ 1799.439016] hfs: invalid session number or type of track [ 1799.447792] hfs: can't find a HFS filesystem on dev loop3 [ 1799.460933] hfs: can't find a HFS filesystem on dev loop5 [ 1799.513727] Dev loop4: unable to read RDB block 1 [ 1799.518633] loop4: unable to read partition table [ 1799.537498] loop4: partition table beyond EOD, truncated [ 1799.544627] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:08 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0xa, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:40:08 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfsH', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:40:08 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10010, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) [ 1799.643624] Dev loop4: unable to read RDB block 1 [ 1799.648798] loop4: unable to read partition table [ 1799.654439] loop4: partition table beyond EOD, truncated [ 1799.660180] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:08 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x9, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:08 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000050001", 0x35, 0x1c0}]) 03:40:08 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x20000, 0x8) ioctl$DRM_IOCTL_VERSION(r0, 0xc0406400, &(0x7f00000002c0)={0x1ff, 0x6, 0x5, 0xb8, &(0x7f0000000300)=""/184, 0x1000, &(0x7f0000000440)=""/4096, 0x56, &(0x7f0000000100)=""/86}) bind$alg(0xffffffffffffffff, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000001440)="c3b5d6d7b325e8d728829115b718f5f6d56753b58a2126697782347578f8196b9a486e45d2f4fb97aac84cb4dbea341fac67b33f2647e731fae8881734bd2cd18887efaf6c127563f06dbd6912e1a20d5cc87e906c2088db4d153e9064a0b0ade784f688564717d69a5dfa061730245d89d8d4e1fd5c4d74ba62d5b4d1e19a6638a19cc2e32f344723968bb4c442422057fead538ab07ab6c4edf231a07c085ac4494fe544fd8f5709729a29949842a6ad8ee5478846b44feec880a56b3250b090bcdbcd3e6c5c7ee70b6549ec08f8761392b112e3cd4833b4f82e3414c3f9c4fc6f2a", 0xe3) 03:40:08 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x7, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1799.874541] hfs: invalid session number or type of track [ 1799.880054] hfs: can't find a HFS filesystem on dev loop5 03:40:08 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:40:08 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x0, 0x0) ioctl$UI_GET_VERSION(r2, 0x8004552d, &(0x7f0000000100)) [ 1799.967607] Dev loop4: unable to read RDB block 1 03:40:08 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0xd, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1799.993526] loop4: unable to read partition table [ 1800.003611] hfs: invalid session number or type of track [ 1800.008082] loop4: partition table beyond EOD, truncated [ 1800.009395] hfs: can't find a HFS filesystem on dev loop5 [ 1800.032664] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:09 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x400000000000000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:09 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1800.095719] hfs: invalid session number or type of track [ 1800.104198] hfs: can't find a HFS filesystem on dev loop3 [ 1800.163336] Dev loop4: unable to read RDB block 1 [ 1800.168226] loop4: unable to read partition table [ 1800.183320] loop4: partition table beyond EOD, truncated [ 1800.188791] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1800.207260] hfs: invalid session number or type of track 03:40:09 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0xf, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1800.219387] hfs: can't find a HFS filesystem on dev loop3 03:40:09 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000002301", 0x35, 0x1c0}]) [ 1800.323818] hfs: invalid session number or type of track [ 1800.329612] hfs: can't find a HFS filesystem on dev loop5 [ 1800.380311] hfs: invalid session number or type of track [ 1800.389736] hfs: can't find a HFS filesystem on dev loop5 [ 1800.436195] loop4: [POWERTEC] 03:40:09 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:40:09 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x9, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:40:09 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf1000d, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:40:09 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x700000000000000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1800.553433] loop4: [POWERTEC] 03:40:09 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff6000000007a0001", 0x35, 0x1c0}]) [ 1800.615714] hfs: invalid session number or type of track [ 1800.621192] hfs: can't find a HFS filesystem on dev loop3 03:40:09 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x13, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1800.658052] hfs: invalid session number or type of track [ 1800.672330] hfs: can't find a HFS filesystem on dev loop5 [ 1800.714710] hfs: invalid session number or type of track [ 1800.720183] hfs: can't find a HFS filesystem on dev loop3 [ 1800.732160] hfs: invalid session number or type of track [ 1800.752565] hfs: can't find a HFS filesystem on dev loop5 [ 1800.763551] Dev loop4: unable to read RDB block 1 [ 1800.772668] loop4: unable to read partition table [ 1800.782284] loop4: partition table beyond EOD, truncated [ 1800.804892] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:09 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) r1 = syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0x9, 0x1) write$FUSE_NOTIFY_INVAL_ENTRY(r1, &(0x7f0000000100)={0x37, 0x3, 0x0, {0x3, 0x16, 0x0, 'fpu(ecb-blowfish-asm)\x00'}}, 0x37) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'fpu(ecb-blowfish-asm)\x00'}, 0x58) syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0x7f, 0x2000) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r2 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r2, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r2, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:40:09 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:40:09 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x2c00, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:09 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x3, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1800.918325] hfs: invalid session number or type of track [ 1800.925684] Dev loop4: unable to read RDB block 1 [ 1800.931085] loop4: unable to read partition table [ 1800.943586] loop4: partition table beyond EOD, truncated [ 1800.950191] hfs: can't find a HFS filesystem on dev loop5 [ 1800.960751] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1800.962209] hfs: invalid session number or type of track 03:40:10 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0xb, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:40:10 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000040001", 0x35, 0x1c0}]) [ 1801.020423] hfs: invalid session number or type of track [ 1801.032819] hfs: can't find a HFS filesystem on dev loop5 [ 1801.055981] hfs: can't find a HFS filesystem on dev loop3 03:40:10 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x4000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1801.122029] hfs: invalid session number or type of track [ 1801.148873] hfs: can't find a HFS filesystem on dev loop3 03:40:10 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(rfc7539esp(xts(cast6),sha224-avx2))\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) socketpair(0xa, 0x800, 0x9, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = syz_open_dev$dspn(&(0x7f0000000340)='/dev/dsp#\x00', 0x400, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r4, 0x40045532, &(0x7f0000000380)=0x9) getsockopt$packet_int(r3, 0x107, 0x12, &(0x7f00000002c0), &(0x7f0000000300)=0x4) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) ioctl$KVM_S390_UCAS_UNMAP(r1, 0x4018ae51, &(0x7f0000000080)={0x8, 0xd6, 0x5}) write$binfmt_script(r1, &(0x7f0000000100)=ANY=[], 0x3cd) r5 = syz_open_dev$midi(&(0x7f0000000100)='/dev/midi#\x00', 0xe25, 0x20002) ioctl$RNDGETENTCNT(r5, 0x80045200, &(0x7f0000000240)) openat$cgroup_procs(r5, &(0x7f0000000140)='cgroup.threads\x00', 0x2, 0x0) write$binfmt_aout(r2, &(0x7f0000000440)={{0x1cf, 0x1, 0x7ff, 0x240, 0x117, 0x3, 0x215, 0x9}, "e196df0412ac46842a8defba0598ee88fb8839ed984b774db1b67b342b1dae43eb2ee5fd85235aa10483e804f418664aff79d9b1305ab1bc858b82ecede54e623315b9ec6b3a5135554cafad0d31409489e9cc0386b6e29b0e0fe99658f146bc7386dee93f6e12eab6b753f06d467dff0e948400ef7acbd7de1a203355074dcf9b762a15c302140a3868d188bde93b74357be3af5d9b289aeaa7104bbfecca3a278dad869c9100b20f7e2108d151306f", [[], [], []]}, 0x3d0) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_DRAIN(r5, 0x40045731, &(0x7f0000000200)=0x180000) [ 1801.174062] Dev loop4: unable to read RDB block 1 [ 1801.187442] loop4: unable to read partition table [ 1801.212881] loop4: partition table beyond EOD, truncated [ 1801.227620] hfs: invalid session number or type of track [ 1801.229268] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1801.247602] hfs: can't find a HFS filesystem on dev loop5 [ 1801.303507] hfs: invalid session number or type of track [ 1801.312859] Dev loop4: unable to read RDB block 1 [ 1801.313044] hfs: can't find a HFS filesystem on dev loop5 [ 1801.319401] loop4: unable to read partition table [ 1801.339387] loop4: partition table beyond EOD, truncated [ 1801.351826] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:10 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10004, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:40:10 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0xc, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:40:10 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\xff', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:40:10 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x5000000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:10 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000000601", 0x35, 0x1c0}]) 03:40:10 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x2ab) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), 0x0, 0x11}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1801.548415] hfs: invalid session number or type of track [ 1801.571313] hfs: can't find a HFS filesystem on dev loop5 03:40:10 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x12, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:40:10 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0xffffffffffffff6a, &(0x7f0000000100)=[{&(0x7f0000000140)=""/48, 0xffffffffffffffa0}], 0x1}}], 0x1, 0x0, 0x0) [ 1801.622887] Dev loop4: unable to read RDB block 1 [ 1801.638348] hfs: invalid session number or type of track [ 1801.656841] loop4: unable to read partition table 03:40:10 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x14, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1801.667845] hfs: can't find a HFS filesystem on dev loop5 [ 1801.682775] loop4: partition table beyond EOD, truncated [ 1801.700235] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:10 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x3f000000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:10 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\xfd', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1801.799688] Dev loop4: unable to read RDB block 1 [ 1801.810333] loop4: unable to read partition table [ 1801.827559] loop4: partition table beyond EOD, truncated [ 1801.838713] hfs: invalid session number or type of track 03:40:10 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1801.846093] hfs: can't find a HFS filesystem on dev loop5 [ 1801.849667] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1801.953331] hfs: invalid session number or type of track [ 1801.958802] hfs: can't find a HFS filesystem on dev loop5 03:40:11 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10002, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:40:11 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000002001", 0x35, 0x1c0}]) 03:40:11 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:40:11 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x20000000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:11 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1802.447747] hfs: invalid session number or type of track [ 1802.459662] hfs: invalid session number or type of track [ 1802.465469] hfs: can't find a HFS filesystem on dev loop3 [ 1802.487078] hfs: can't find a HFS filesystem on dev loop5 03:40:11 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:40:11 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) socketpair(0x11, 0x0, 0xffffffffffffffc0, &(0x7f0000000080)={0xffffffffffffffff}) setsockopt$RDS_GET_MR(r1, 0x114, 0x2, &(0x7f0000000240)={{&(0x7f0000000100)=""/89, 0x59}, &(0x7f0000000200), 0x41}, 0x20) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r2 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r2, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000280)='/dev/hwrng\x00', 0x80, 0x0) write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(0xffffffffffffff9c, &(0x7f0000000340)={0x10, 0x30, 0xfa00, {&(0x7f0000000300)={0xffffffffffffffff}, 0x2, {0xa, 0x4e20, 0x1, @dev={0xfe, 0x80, [], 0x12}, 0x2}}}, 0x38) write$RDMA_USER_CM_CMD_LEAVE_MCAST(r3, &(0x7f0000000380)={0x11, 0x10, 0xfa00, {&(0x7f00000002c0), r4}}, 0x18) recvmmsg(r2, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1802.514092] Dev loop4: unable to read RDB block 1 [ 1802.525017] loop4: unable to read partition table [ 1802.545381] hfs: invalid session number or type of track [ 1802.548235] loop4: partition table beyond EOD, truncated [ 1802.550849] hfs: can't find a HFS filesystem on dev loop3 [ 1802.572581] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1802.598260] hfs: invalid session number or type of track 03:40:11 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1802.624995] hfs: can't find a HFS filesystem on dev loop5 03:40:11 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1802.696403] Dev loop4: unable to read RDB block 1 [ 1802.707138] loop4: unable to read partition table [ 1802.735563] loop4: partition table beyond EOD, truncated 03:40:11 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0xedc0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1802.743847] hfs: invalid session number or type of track [ 1802.756743] hfs: can't find a HFS filesystem on dev loop3 [ 1802.757580] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:11 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000000000", 0x35, 0x1c0}]) [ 1802.833745] hfs: invalid session number or type of track [ 1802.839224] hfs: can't find a HFS filesystem on dev loop3 03:40:11 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1802.881366] hfs: invalid session number or type of track [ 1802.921665] hfs: can't find a HFS filesystem on dev loop5 [ 1802.969961] Dev loop4: unable to read RDB block 1 [ 1802.975370] loop4: AHDI p1 p2 p3 p4 [ 1802.983872] loop4: partition table partially beyond EOD, truncated [ 1803.004048] hfs: invalid session number or type of track [ 1803.010522] loop4: p1 start 4278648842 is beyond EOD, truncated [ 1803.026500] hfs: can't find a HFS filesystem on dev loop5 [ 1803.041893] loop4: p2 start 3813850810 is beyond EOD, truncated [ 1803.193672] Dev loop4: unable to read RDB block 1 [ 1803.198870] loop4: AHDI p1 p2 p3 p4 [ 1803.203263] loop4: partition table partially beyond EOD, truncated [ 1803.210101] loop4: p1 start 4278648842 is beyond EOD, truncated [ 1803.216959] loop4: p2 start 3813850810 is beyond EOD, truncated 03:40:12 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10500, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:40:12 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\a', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:40:12 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:40:12 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x7, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:12 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000e0ff01", 0x35, 0x1c0}]) [ 1803.368353] hfs: invalid session number or type of track [ 1803.379631] hfs: can't find a HFS filesystem on dev loop5 03:40:12 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:40:12 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = syz_open_dev$admmidi(&(0x7f0000000100)='/dev/admmidi#\x00', 0x8, 0x4000) r2 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) bind$alg(r1, &(0x7f0000000200)={0x26, 'hash\x00', 0x0, 0x0, 'sha256\x00'}, 0x58) write$binfmt_script(r2, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) write$FUSE_NOTIFY_STORE(r0, &(0x7f0000000080)={0x30, 0x4, 0x0, {0x2, 0x7fffffff, 0x8, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}, 0x30) recvmmsg(r2, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) accept$alg(r0, 0x0, 0x0) [ 1803.453715] hfs: invalid session number or type of track [ 1803.459209] hfs: can't find a HFS filesystem on dev loop5 03:40:12 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x60, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1803.513566] Dev loop4: unable to read RDB block 1 [ 1803.518796] loop4: unable to read partition table [ 1803.529365] loop4: partition table beyond EOD, truncated [ 1803.536293] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:12 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\n', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1803.588584] hfs: invalid session number or type of track [ 1803.594793] hfs: can't find a HFS filesystem on dev loop5 [ 1803.644228] Dev loop4: unable to read RDB block 1 [ 1803.649654] loop4: unable to read partition table [ 1803.662582] hfs: invalid session number or type of track [ 1803.670506] hfs: can't find a HFS filesystem on dev loop5 [ 1803.679025] loop4: partition table beyond EOD, truncated 03:40:12 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1803.693019] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:12 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x600000000000000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:12 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000550001", 0x35, 0x1c0}]) [ 1803.848655] hfs: invalid session number or type of track [ 1803.866502] hfs: can't find a HFS filesystem on dev loop5 [ 1803.918806] hfs: invalid session number or type of track [ 1803.924984] hfs: can't find a HFS filesystem on dev loop5 [ 1803.963756] Dev loop4: unable to read RDB block 1 [ 1803.972632] loop4: unable to read partition table [ 1803.984454] loop4: partition table beyond EOD, truncated [ 1804.000146] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1804.106786] Dev loop4: unable to read RDB block 1 [ 1804.111939] loop4: unable to read partition table [ 1804.117789] loop4: partition table beyond EOD, truncated [ 1804.123868] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:13 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10600, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:40:13 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:40:13 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:40:13 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x2200000000000000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:13 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000ffe001", 0x35, 0x1c0}]) [ 1804.206931] hfs: invalid session number or type of track [ 1804.224575] hfs: can't find a HFS filesystem on dev loop5 [ 1804.235711] hfs: invalid session number or type of track [ 1804.247606] hfs: can't find a HFS filesystem on dev loop3 03:40:13 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1804.295211] hfs: invalid session number or type of track [ 1804.300675] hfs: can't find a HFS filesystem on dev loop5 [ 1804.333372] hfs: invalid session number or type of track [ 1804.338848] hfs: can't find a HFS filesystem on dev loop3 [ 1804.353912] Dev loop4: unable to read RDB block 1 [ 1804.367325] loop4: unable to read partition table [ 1804.385171] loop4: partition table beyond EOD, truncated 03:40:13 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0xfffffffffffffeb5) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) r2 = socket(0x1b, 0x1, 0x100000000) setsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000080)=@int=0x2bed, 0x4) stat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0}) r4 = getgid() fchown(r1, r3, r4) write$binfmt_script(r1, &(0x7f0000000140)=ANY=[@ANYRESOCT, @ANYRES16=r1], 0xffffffffffffffd9) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) ioctl$FIDEDUPERANGE(r1, 0xc0189436, &(0x7f0000000280)=ANY=[@ANYBLOB="ffffff7f0000000006000000000000000200000000000000", @ANYRES32=r2, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00']) 03:40:13 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x6b6b6b00, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:13 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:40:13 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1804.422159] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1804.488420] hfs: invalid session number or type of track [ 1804.510064] hfs: can't find a HFS filesystem on dev loop5 [ 1804.550938] hfs: invalid session number or type of track [ 1804.557275] hfs: can't find a HFS filesystem on dev loop3 [ 1804.568785] Dev loop4: unable to read RDB block 1 [ 1804.569690] hfs: invalid session number or type of track [ 1804.582759] loop4: unable to read partition table [ 1804.583779] hfs: can't find a HFS filesystem on dev loop5 [ 1804.597903] loop4: partition table beyond EOD, truncated 03:40:13 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:40:13 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x2400, 0x0) ioctl$SNDRV_TIMER_IOCTL_STATUS(r2, 0x80605414, &(0x7f0000000200)=""/196) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x200, 0x0) ioctl$KDDELIO(r3, 0x4b35, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1804.627345] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:14 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r2 = getpid() perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0x8, 0x1000, 0x10001, 0x0, 0x0, 0x9, 0x40000, 0x5, 0x9, 0x3f, 0x81, 0x8, 0x9, 0x10000, 0x0, 0x6, 0x8, 0x5, 0x0, 0x9, 0x7, 0x80000001, 0x4, 0x4, 0x40, 0x2, 0x6, 0x5, 0x6, 0xd100000000000000, 0x40, 0x8, 0xffaf, 0x6, 0x43, 0x5, 0x0, 0x6, 0x6, @perf_bp={&(0x7f0000000140), 0x4}, 0x400, 0x3, 0x59d5, 0x7, 0x3, 0x3ca00393, 0x4}, r2, 0x7, r1, 0xb) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r3) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r4, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r5 = accept$alg(0xffffffffffffffff, 0x0, 0x0) recvmmsg(r5, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:40:14 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x200000000000000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:14 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:40:14 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000000501", 0x35, 0x1c0}]) 03:40:14 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1805.123345] hfs: invalid session number or type of track [ 1805.133972] hfs: can't find a HFS filesystem on dev loop5 [ 1805.144521] hfs: invalid session number or type of track [ 1805.150939] hfs: can't find a HFS filesystem on dev loop3 [ 1805.171218] Dev loop4: unable to read RDB block 1 [ 1805.177022] loop4: unable to read partition table [ 1805.190195] hfs: invalid session number or type of track [ 1805.204013] hfs: invalid session number or type of track [ 1805.206777] hfs: can't find a HFS filesystem on dev loop5 [ 1805.209479] hfs: can't find a HFS filesystem on dev loop3 03:40:14 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:40:14 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1805.224778] loop4: partition table beyond EOD, truncated [ 1805.236633] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:14 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x3f00000000000000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1805.343098] Dev loop4: unable to read RDB block 1 [ 1805.348315] loop4: unable to read partition table [ 1805.365945] hfs: invalid session number or type of track [ 1805.371950] loop4: partition table beyond EOD, truncated 03:40:14 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1805.390567] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1805.399827] hfs: can't find a HFS filesystem on dev loop3 03:40:14 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000006001", 0x35, 0x1c0}]) [ 1805.463164] hfs: invalid session number or type of track [ 1805.471840] hfs: can't find a HFS filesystem on dev loop5 [ 1805.495227] hfs: invalid session number or type of track [ 1805.500705] hfs: can't find a HFS filesystem on dev loop3 03:40:14 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm_plock\x00', 0x300, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r1, 0xc4c85513, &(0x7f0000000440)={{0xa, 0x6, 0xdc, 0x3, 'syz1\x00', 0x7ff}, 0x0, [0x7fffffff, 0xffffffff, 0x0, 0x8, 0xdeb0, 0x9, 0x4, 0xfffffffffffffffe, 0x200, 0x9, 0x7, 0x3, 0x5, 0x20, 0xffffffffffffffd9, 0x9, 0x10001, 0x9, 0x2, 0x7, 0x5, 0x5, 0x3, 0xfffffffffffffff8, 0x9, 0x100000000, 0x8, 0x400, 0x2, 0x4b3a, 0x9a7b, 0xbd72, 0x4, 0x45, 0x5, 0x9, 0x7f, 0x75e, 0x0, 0x8f4, 0x3, 0x1, 0x2, 0xffffffff80000001, 0x101, 0x7, 0x1000, 0xfffffffffffff1b2, 0x5, 0x5, 0x1, 0x6, 0x1ff, 0x0, 0x80000001, 0x10000, 0x5, 0xffff, 0x0, 0x10000, 0x8, 0x10000, 0x2, 0x100000000, 0x2, 0xb97, 0x1, 0x5, 0x1, 0x7, 0x1, 0x3f, 0x5, 0x7fff, 0x2, 0x5, 0xd315, 0xee, 0x40, 0x5, 0xfffffffffffffec9, 0x3ff, 0x7fffffff, 0x100, 0x0, 0x0, 0x5, 0x3, 0x3, 0x97b, 0x200, 0x2, 0x80000000, 0x1ff, 0x3, 0x200, 0x1, 0x1, 0xcf8, 0xd0, 0xfffffffffffffbff, 0x2883, 0x5, 0x3, 0x0, 0x7fff, 0x8, 0x7, 0xfffffffffffffffc, 0x0, 0xfffffffffffffff8, 0x8000, 0xffffffff, 0x37, 0x4, 0x5, 0x0, 0x6, 0x4b6c709, 0x40, 0x1f, 0xfff, 0x0, 0x2, 0x80000000, 0x3, 0x4, 0x3], {0x0, 0x1c9c380}}) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r2 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r2, &(0x7f00000003c0)=ANY=[], 0xffffffffffffffb3) recvmmsg(r2, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:40:14 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1805.593725] hfs: invalid session number or type of track [ 1805.599217] hfs: can't find a HFS filesystem on dev loop5 [ 1805.663130] Dev loop4: unable to read RDB block 1 [ 1805.668086] loop4: unable to read partition table [ 1805.684218] hfs: invalid session number or type of track [ 1805.690020] hfs: can't find a HFS filesystem on dev loop3 [ 1805.715190] loop4: partition table beyond EOD, truncated [ 1805.720721] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1805.738643] hfs: invalid session number or type of track [ 1805.745560] hfs: can't find a HFS filesystem on dev loop3 03:40:14 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x2000000000000000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:14 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:40:14 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) r2 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x3f, 0x10040) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r2, 0x84, 0x4, &(0x7f00000000c0), &(0x7f0000000240)=0x4) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rfkill\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r3, 0xc008551b, &(0x7f0000000100)={0x100, 0x4, [0xfffffffeffffffff]}) ioctl$PERF_EVENT_IOC_REFRESH(r3, 0x2402, 0x1ffe00) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:40:14 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup(r0) r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000540)='/selinux/status\x00', 0x0, 0x0) r2 = openat$cgroup_ro(r1, &(0x7f0000000400)='memory.current\x00', 0x0, 0x0) ioctl$KVM_PPC_GET_SMMU_INFO(r1, 0x8250aea6, &(0x7f0000000a80)=""/225) r3 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r3, 0x84, 0x74, &(0x7f0000000140)=""/34, &(0x7f0000000240)=0x22) ftruncate(r4, 0x1000000) ioctl$VT_DISALLOCATE(r3, 0x5608) sendfile(r3, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r3) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r4, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(aes-aesni)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x7233a5de68a22544) r5 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000280)={'bpq0\x00', {0x2, 0x4e20, @local}}) setsockopt$packet_fanout_data(r2, 0x107, 0x16, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x7fff, 0xfffffffffffffffb, 0x7, 0x21d}]}, 0x10) setsockopt$inet6_udp_encap(r3, 0x11, 0x64, &(0x7f0000000440)=0x5, 0xffffffa8) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20, 0x0) 03:40:14 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\t', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1805.816433] Dev loop4: unable to read RDB block 1 [ 1805.832912] loop4: unable to read partition table [ 1805.843076] loop4: partition table beyond EOD, truncated [ 1805.856897] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:14 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000524501", 0x35, 0x1c0}]) [ 1805.926629] hfs: invalid session number or type of track [ 1805.932119] hfs: can't find a HFS filesystem on dev loop5 03:40:15 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1806.061010] hfs: invalid session number or type of track [ 1806.070223] hfs: can't find a HFS filesystem on dev loop5 03:40:15 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:40:15 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:40:15 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x8cffffff, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1806.153641] Dev loop4: unable to read RDB block 1 [ 1806.158953] loop4: unable to read partition table [ 1806.184854] loop4: partition table beyond EOD, truncated [ 1806.214002] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:15 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1806.264917] hfs: invalid session number or type of track [ 1806.270419] hfs: can't find a HFS filesystem on dev loop5 [ 1806.278530] hfs: invalid session number or type of track [ 1806.292667] hfs: can't find a HFS filesystem on dev loop3 [ 1806.352125] hfs: invalid session number or type of track [ 1806.360415] hfs: can't find a HFS filesystem on dev loop3 [ 1806.366831] hfs: invalid session number or type of track [ 1806.371361] Dev loop4: unable to read RDB block 1 [ 1806.372304] hfs: can't find a HFS filesystem on dev loop5 [ 1806.385594] loop4: unable to read partition table [ 1806.395608] loop4: partition table beyond EOD, truncated [ 1806.402222] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:15 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0xf6ffffff, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:15 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:40:15 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1806.528490] hfs: invalid session number or type of track [ 1806.545927] hfs: can't find a HFS filesystem on dev loop5 [ 1806.575285] hfs: invalid session number or type of track [ 1806.580818] hfs: can't find a HFS filesystem on dev loop3 [ 1806.610546] hfs: invalid session number or type of track [ 1806.617650] hfs: can't find a HFS filesystem on dev loop5 [ 1806.634282] hfs: invalid session number or type of track [ 1806.640057] hfs: can't find a HFS filesystem on dev loop3 03:40:15 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) r1 = syz_open_dev$midi(&(0x7f0000000140)='/dev/midi#\x00', 0x3, 0x1073c1) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x82, 0x0) ioctl$VT_RESIZEX(r2, 0x560a, &(0x7f0000000100)={0x0, 0x0, 0x0, 0xfffffffffffffffa, 0x8, 0x5}) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000280)={0x0, 0x80000001}, &(0x7f00000002c0)=0x8) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000000300)={r3, 0xccd, 0x4, [0x0, 0x80000001, 0x100000001, 0x8001]}, 0x10) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) syz_open_dev$mice(&(0x7f0000000240)='/dev/input/mice\x00', 0x0, 0x27d0595448e10177) r4 = accept$alg(r0, 0x0, 0x0) r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000200)='/dev/rfkill\x00', 0x40501, 0x0) writev(r5, &(0x7f0000000080)=[{&(0x7f00000000c0)="0bd2430f080319", 0x7}], 0x1) openat$urandom(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/urandom\x00', 0x4000, 0x0) sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f0000000340), &(0x7f0000000380)=0x4) socket$alg(0x26, 0x5, 0x0) write$binfmt_script(r4, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r4, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:40:15 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000140)='/dev/hwrng\x00', 0x1, 0x0) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:40:15 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000680001", 0x35, 0x1c0}]) 03:40:15 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:40:15 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x8202, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:15 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x0e', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1806.787873] QAT: Invalid ioctl [ 1806.829404] hfs: invalid session number or type of track [ 1806.848631] hfs: can't find a HFS filesystem on dev loop5 [ 1806.884011] Dev loop4: unable to read RDB block 1 [ 1806.899819] loop4: unable to read partition table [ 1806.912744] loop4: partition table beyond EOD, truncated [ 1806.919586] hfs: invalid session number or type of track 03:40:15 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1806.930080] hfs: can't find a HFS filesystem on dev loop5 [ 1806.934570] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:15 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x6000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:16 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:40:16 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1807.071776] Dev loop4: unable to read RDB block 1 [ 1807.078063] loop4: unable to read partition table [ 1807.085568] hfs: invalid session number or type of track [ 1807.091036] hfs: can't find a HFS filesystem on dev loop5 [ 1807.097731] loop4: partition table beyond EOD, truncated [ 1807.119450] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:16 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:40:16 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000030001", 0x35, 0x1c0}]) [ 1807.173188] hfs: invalid session number or type of track [ 1807.182605] hfs: can't find a HFS filesystem on dev loop3 [ 1807.193667] hfs: invalid session number or type of track [ 1807.210637] hfs: can't find a HFS filesystem on dev loop5 [ 1807.254233] hfs: invalid session number or type of track [ 1807.277172] hfs: can't find a HFS filesystem on dev loop3 [ 1807.333253] Dev loop4: unable to read RDB block 1 [ 1807.338422] loop4: unable to read partition table [ 1807.344211] loop4: partition table beyond EOD, truncated [ 1807.350043] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1807.423889] Dev loop4: unable to read RDB block 1 [ 1807.429107] loop4: unable to read partition table [ 1807.434768] loop4: partition table beyond EOD, truncated [ 1807.440500] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1807.586915] QAT: Invalid ioctl 03:40:16 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) ioctl$KDMKTONE(r0, 0x4b30, 0x1) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) r2 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/policy\x00', 0x0, 0x0) ioctl$GIO_FONTX(r2, 0x4b6b, &(0x7f0000000280)=""/71) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r2, 0x40405515, &(0x7f0000000100)={0x4, 0x0, 0xd4, 0x7, '\x00', 0x6}) ioctl$UI_BEGIN_FF_UPLOAD(r2, 0xc06855c8, &(0x7f0000000200)={0x1, 0x2, {0x54, 0x0, 0x5, {0x5}, {0x40, 0x7}, @period={0x5b, 0x1, 0x80, 0x800, 0x7, {0x3000000000, 0x7ff, 0x637, 0x1ff}, 0x2, &(0x7f0000000140)=[0x1, 0x7]}}, {0x55, 0x100000001, 0x1ff, {0x7, 0x6}, {0x9, 0x1ff}, @ramp={0x1, 0x84, {0x0, 0x100000000, 0x6, 0x27c5871e}}}}) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:40:16 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r2 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f0000000080)={0x0}, &(0x7f0000000100)=0x8) r4 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r4, 0x1000000) sendfile(r2, r4, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f0000000400)={r3, 0x7881}, &(0x7f0000000440)=0x8) io_setup(0xdb, &(0x7f0000000140)=0x0) io_cancel(r5, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x7, 0x0, r1, &(0x7f00000012c0)="9443786df0de75369c39f7537798fd020811d91af6ca382dfd5ec98a15aace3236e06a9fed876b4b32992526c0fca598a95db3d28c85028e8a4485d7053e1f34c62f56620c5765642479d8b772a7df89b42413167f657fe3a49c522cb5e28b7f2c517fe0a10f0cfeab4c81016abfedeb46cec7ef33754321dce4838b4a84148bdd01138e3faff2146b8512d01e92d3cd36e47d31bbb2f555d0dcc7f390a91358a32020fe3f167c0f38a6e7a5b9a45ba884aaf46d812db85e4e98b05592ccf7ed2157564802a043e4a8f5c58f663665f6762dc9c6f3982ec0b228e78c18f937ddf00a6bdbd2e1606d20a2556ebb218ef4c3c044e5e1f110c7900da3db283eed41fda7c1cf53357bef6b121cb8ecb3b9d9e9ff774f65e6f7f965ac794ee2487a311ed656ebd38fc0cb635c9a855694cfb0ed2b6faa4a048446c8ec87449e0d4f3516ea20cbcd98dc95078ca050b480458b41a3ed8eae9527e819df6f037a04590bbaf7b463f0bba721558ae9e4fd967b07693dd1f8156bb0f35c5954b6537bdc51cf03ae229c50c0ebe41d6e8e8c915f5f370260c93be01b26d64f5e26cb417c24292be5307f5e78f24465be6becf57381525ca345ec26e416781c6fb935c3942035921122ad5da493fdaf00966e6d03c50f36cddb77a5c4bdbc6510ff89533cf0b724cd186b0f3e4e8eb459be2f8b06313babbeec3206f75f575db1b0aa0ec6ea1570a0e71d38346434833df610a306972f48697b987b7f5e0624d07da6d2a2f1e7430eb043f4ae93d14d21edd51443b358027658679d509c327f1db2e1f9a3b3ca24c431c1ea99ed0c3bdaa8a30a867628b212054a0013417a0f9f251f51c9d9ceba11de6c24cbc3221032e79c7806621d9411ab2e29e8a47f1e14fe8eccc8b1e7d3ddbf7f81b6e38c818014b2f81485af83d63aa79ede4b3069f573ccacc5258e8e646d20a1443fa0af06d1cdaaca30493d416595ff421c8e9691734e7875a0d2d23d4455f8259062fa1ed97923afdbeefd814498f17f8077803a4b1b83f8e1c623c50d8a6aba2f42cf362f925c2172d4345589cb60640e2b55a8ea6742e4a9515caafe03ae1530053f026b5505b64a940add2114d69783fce5d8cfc2079128ef86906c1bdb5f2753ccb436b40cc8181eb00a014871b461bbb9d93ae70cf233bdc4dd4939c80b703e88eed9d370ed66730e09a623d1b12afaaf1702e6914b841ee981653bc5ef7e5396c78cd9d92bb2d9460976c4641d31709b5f142f16aa2538737fe43aeff54c011aa46a935e7db6dc577e27c303c77fd013c51f22022e2a70cf4ea3d28433e5d8d1b9aaf4113707c97c1d1302478a5d1e0fb281d527b68527fea132203d2097a6777b8f09c97fdfdda4ca52af05ec81eab6b0715555757ede9c1f1e9459dd639ee60fc7dc7ae230e427ec00eda690907fa1f501700e814b9eb964d5e84353a974e9c195e0dbc33605f4a19625e8c48e4c75f8382ee926ecdca62d8b7fb9699432fd7b473cc6cca05fbd620811e0981c8c64cc3e8af1fc7f3cecc9751086c04316157708c6ed3d2ddf7cb11050312763cdf03999e7995b03d614f627df5735e6ad37a527a6ed297bcc87651ae1ba24f6a324146e5e7bcb12f6e8f64d6b72f7ee7e9289342873c90227afcce7828a8b28cc1fcc8564361247daa1883f125df1d3baaabc682aa97856dc82d598a3e5c5aef478f6d9fbbdeb06c1da5b8a37ce0bad6e51f74ffadc89d31938a9d05b09e1a0b5ba760a5bd17b66b3bb644ad365e878026bcb626a6ada2401b4d7c7bc73a40dcc935adb74a29f71be49940ca232e5303f8573c3ac3b3ecb88df1ffad52a5fe13f065d100d567b96084339f68f4a7926886a4f715bddc514e95eeac57dfe39e1156d4996ca35a893c324caec73cb10dbebc2945e9bac64d1b4927594d67595eb99beffde4aaa978f89897bb4be65612da3d05b8e9f9de4ef0eb4360bfd76db32cb8507682f371519015df381f540e178c3575bc97a2793e9c300ea3ebe20d4b3a858cc70411aa687c705f806af8efbcab1baf8a0f5529d8655e447ac11c387eb82d2aca2fa762d96405ee7105e93641944bc04d0b3266fc54dcb511fee55ff7b48ce652765a402c247991de3bf5155e2ba5a250969d88858be31e3274e9be4b88cc78aed6498954af35058a94cf0597cdf863e4eedaca968eedb5c96542c900440f20749eb62c166ca2a113f37f5c10659bb9666da8d35593bd395e8fc7bcc63dd39dca5c6d05ca4b1097c7f1e5a62d7c724342511ad658cbab025b892035c8f7de1c4046c1df7028b19685ed8291e09d55b53e0ba0ee09d842b20a09d83f4aea39b088a77c58ac0963c40b6c4670b0d2f47cd442ffbd875d6646605618e5c6edc8f96e5ba77a7d0d68d75fac57f63eac81f60925d7f48850379164837d7f2c9bbea54df3a5155749a4c0b270446a9342328f9529023f1fa1ea679c8cb828a073d592a634b7e3965ad4318bc92e6447e0dd1028e9a2fa729711380a06e4b79210287e089407b2063fa4771f5843f6e9f634830b497dcef72ccc8e9fc8f129e4ef5d65f3a0bd9b36b43496594655fd9fe56384101257435db9f73fa6d49199677c0cfc5f23855f3e8149f1d694ee5f4cecea99b470fa0f45e5888d139f3c3682e6b2100a8c7b11e23d54fbdc7ea78349c15f0a47040abe87fe1aa143d88380b5e10326b613635a4e9e0bd22afeb16aa7d19f20d64673dda741e8002bdb4fd49207a78de977ad78e9c99a151d9d0716a483170ed31911e485b634c214c705a6bfda8c8fdab3df40ed20f7f2ed4ae990495991678f37d1e406429d157099ddf7875b92b902889a63cf35811276f09adfa4e5f9822a58adf68fc669782d7dd669aecd6da4144a841b66f2f6a1a2f2e69162adcfa28d6dbdd01764741f383b80c2af1710feb2a2bc57330d0b4d84790f42be30af9a613617a9e0037946954ea64db22ccbb60a7a628377d74bd57babe9efc51d2e5d82fcac0adb21af7c66b05339e8096599600e0a4ebe7aeb1321d294c4047b4a96fed55711a0dff32e511f47a7d758f1d398fd20112b2aaf2ea4c334a3e641aa69945ee6b8fdfbd75a61e2bb77987b6f698d435c4e18b7d9a00201817d41045af9eef45df63494cbf5ae3dd2c01e729f5755a4e8921d375cbaafa768f644158fca8b8ba1e9192fe2f1fcb57a347a831a2a1f0b908ded7a069871b71a9eca8bc866fc024611b1257be1789fd661bd7ddf67edc1c32af3e8adc9248574050620b376c9fc3f1c7bae845b351062032d11430da622731529cc25369f7ca62404e196b627b4d1cbf91d64a7da4c91afc693c355df1929ae04c444f50fb3b2ee3e8f4cf49fad74e51a891f45dc50537c0fed8b26e18abeb24a7f98bed4baa73d301c9c70e2ddcd016b8b098adc230c89b351e14e37ac708dc5d5665c74a71ce79d3aed01f5f0408dcb126a45f3365cac1fe34e098d29be253a47fdadff4041f864830523da77529223a144fd3f3e480453f31455866a0630339980987445c12c816d8cd65b5053709027d8909323281ed7573c45ddfee5f08715020df0be10221619a3e06092d937cfd57a2273c19bac967209b1ee997b3fdb5b4a898e7fa68ae4c48cb2710fb658d138aab2803a3c23ef92b09e3aa93d2c3d639161a62eb0bb5cce88d24578068957b6d195d06d642d8fa79aa94ec228a1018a3feb98751c4695c025edae7d0fa9747e4c6272e62d51bbac23614f23c8ebd8113ab238b2f1c629cf8008949f6ad616be9ec0ea658d5654511b4f239f25000e76c88df3db65baca52fc42844f5650813f1bfb9b1af4df1468f0e78c5873b85506e7d5e1ed2621b93e40d0f639348946e9c4646e427a2a01da2c7521e4c6011d1eb476dfd4024c8fae9a133add7ba71036b7e1b7bbfda875834115d38b717e9b3f567d53d7c70e6081c0d094b4a7d3fc5e7f63e0ac35b8ad85733123bcd0e1ffa9858c33f53edca0e16bf8a63c9fbfc4a740e8c7514fc50d741bd2575991c3803de34a69e92080496f5d4c29dc82565c10659e1720532b3e76e897ddd605f3f36e5f535ceb0c3eb9581e96ab84e3d9d67d6ba87b7ed6d9b4652803bf71a80392123770f7f6eb33726f22fd6d8e30348a6c7c6fd2aac62ed77cdd363b07a484923bf52e3d80898247eb0732f4056b2e1d731ea2da958b3c5e8db8cb5badfd6b24c6342bbf4df9335e516d8094f14d9e41644cb4364569260f3465326ba4eb7f08df98992f158fba369e5b1f52fee6318c16a98099dc6db5ae60fcc1cfab5b418c76832c98d4a39ae36295370624093c91057559b3b073e6f1ae8b5dfa42d9e22bea0c7ea422a49a3bb2a95db8765f04933496c4ba8c0992dfc536e252bc7cc349554fb53e987dd1328a5a7732bada31fb68ce867d820807d785a52b3b0fcd097b5e2e564c27426944e257593aa71dc5d97d90c314e88792a0c309fd3026c4cf251106ea2821f9cbae3127991365ca893c4cd4b7ab242adac6330d5da6aaaa7da82bde128e835622fd604f12ae41910c4b73c1c59ba1be1929e29456051ca66ca85d5eb717f6dc10fc747b67486b5761d96138b701ec9fb4ef81c2acb45ded15af7c168577380b82f59f4cf9d1c67b022da79082feac7be40b51dd7eae87fef4b854a4ad5c0f9738189aa3711125fbec7098721e379da3b803d44a118f89ec5e4378eb6736d9d22d25328f71872edc20cbe04e6ac12e5ca6746827db427e877c2347bb6698ccc8993179e861cfce638d09f14707713c40f35473903df2b439756141e6225e44806889985649efd2e3b957eab20ef271dfeffeb8138b061b990d7f5ef9d4b843b538841cbba039cfd699667609de4b67e6f74fca137ef2b5395ab72f973ea0dba4643a237f273a28f1069e0dc9e542e1be8499d6081ce8b445847a9ac71ea097d0776148894feae8f67cea13f5ca25fec0907614882ad8e06ee98410d220adfd101224028f202af49267822bebe9203d56e30fc2d58801865b1d3e22d5de13882eb3df1284d17409b61c77d6f78f32e73be5c5c1560f2f0e8110a2b4c4316c30c102196164df12cd182dc2903d11ac900fe1618a64eb26729de4f064896d8050d89344cf778aca38b00382ccd84543067266fa3e3ba81d1b0fe0038d2ddfdc14d72455e9aaa6620bf0ca7ae6ab99d2d23b820704e6409cc9c50f9364696631a71c1b929815cc0165103c420613b450c1d6950dcb0f0e6cb6931feeb62b4866b9392971aa315639cce724b385a604c0a8d37be9ef5eaa36f7226c54bc64061c855af376e12f32c3f67a1f020b5dec07383a813a6b45b966afa82b9de10e1dfc1fba6ed19dbd9b90a3699b2658d88d44c8c7e655215025cad5723a93504e6a7c865044534ed583c9928296910fe8717fd19158a6636889fe2a765e69d68e1f761ef8286a3128ae6a76606a81eb6bd61e0be5a093dc1e192cffe2c7a9d925a449a822f580be8446b1a174cb8c90f77809fc34e3e5224e2602c92d6868377a3454da3e8b01adbf4cce08f78078759b556d8fccdaf8affb3a204e5a3443564de273b4ff50b496867d7f68ea90ffe1cf2a949e5d9083ca73584a88d14373fd7cbc71195b180ef63cceccc0439d1125bd9c74b7bc8d9d11d8340a6332487699a7f45951016d1430393e8d1ab08a5716cb6687fc7549ab8a7c354e6d03e96dfbd0163fcc70be9de61b7f893d391e9197cf4985d3170a28e51ca040c9fe10babd977958f93d0219c4588a4ecbdc00485d45814c2b1aea2a5b6bce380f26fd316", 0x1000, 0x7, 0x0, 0x0, r2}, &(0x7f0000000280)) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r4, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) write$P9_RMKDIR(r2, &(0x7f00000003c0)={0x14, 0x49, 0x2, {0x20, 0x0, 0x8}}, 0x14) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000340)="b541c19c33e1e09b3130c491dcf6774e385c255e1a09b22b8563685cd0cceb2ee626f0af038b003f67a03b23fc8e5a53f6fb6bd1b80cff45c67bcde5b5f29aa354ca6f7963e81d", 0x47) r6 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r6, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r6, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:40:16 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:40:16 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0xfffffff6, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:16 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:40:16 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000004801", 0x35, 0x1c0}]) [ 1807.768050] hfs: invalid session number or type of track [ 1807.777050] hfs: invalid session number or type of track [ 1807.788321] hfs: can't find a HFS filesystem on dev loop3 [ 1807.799173] hfs: can't find a HFS filesystem on dev loop5 [ 1807.805537] Dev loop4: unable to read RDB block 1 [ 1807.820496] loop4: unable to read partition table 03:40:16 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1807.853003] loop4: partition table beyond EOD, truncated [ 1807.859637] hfs: invalid session number or type of track [ 1807.877851] hfs: invalid session number or type of track [ 1807.878799] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1807.891594] hfs: can't find a HFS filesystem on dev loop5 [ 1807.892284] hfs: can't find a HFS filesystem on dev loop3 03:40:16 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:40:16 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:40:17 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:40:17 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0xc0ed0000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1808.063136] Dev loop4: unable to read RDB block 1 [ 1808.069341] loop4: unable to read partition table [ 1808.070767] hfs: invalid session number or type of track [ 1808.080525] hfs: can't find a HFS filesystem on dev loop3 [ 1808.086084] loop4: partition table beyond EOD, truncated [ 1808.086104] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:17 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000000901", 0x35, 0x1c0}]) [ 1808.184625] hfs: invalid session number or type of track [ 1808.199051] hfs: can't find a HFS filesystem on dev loop5 [ 1808.208104] hfs: invalid session number or type of track [ 1808.216732] hfs: can't find a HFS filesystem on dev loop3 [ 1808.258594] hfs: invalid session number or type of track [ 1808.264877] hfs: can't find a HFS filesystem on dev loop5 [ 1808.274075] Dev loop4: unable to read RDB block 1 [ 1808.279319] loop4: unable to read partition table [ 1808.285136] loop4: partition table beyond EOD, truncated [ 1808.291037] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1808.393600] Dev loop4: unable to read RDB block 1 [ 1808.399232] loop4: unable to read partition table [ 1808.405134] loop4: partition table beyond EOD, truncated [ 1808.410893] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:17 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vcs\x00', 0x400000, 0x0) connect$rds(r2, &(0x7f0000000200)={0x2, 0x4e21, @broadcast}, 0x10) write$binfmt_script(r1, &(0x7f00000014c0)=ANY=[@ANYRESOCT=r2, @ANYRES32=r0, @ANYBLOB="c0be9e0f9d15ed7a761922191af5bf92d5356b45c040c48488c01cee8bcdf186bd0e950b8f05a433a7643df7bb0c32bcee6e4e17485357bc17943725aaccbab2c12fc0d88d80bd211667cecc62d74c59b390642098f7dc44aa1e162dcaa928ac6be07a1eff3547c067b082fff629c6cd8960d0f99521ec99eaca8404e0a4c94f5ba77a8be6da8e5e7d0cd60cb7403e8e62e0319bb20f504ea8c59302cb66e2ec201a27f6f5e34f219167ab7256b4ba8f07f0ef1f14d704c2fd3d5167a27ee09313f416e8d226b4042fb9343027a2f9619cf4e6c052512bb2a6bc2a15dd55e5af980d7c13f1d25c8d15ebb988", @ANYRES32=r0, @ANYRESOCT=r2, @ANYRES32=r0, @ANYBLOB="f4543bc8dd95336c61d975c1fbcec7fec88eaf0461ff2fd76701f9f2be19974a5465097025a83a4665a72ff1808017fa727040c81fc5908518f8dc4508b1ad3d53c561a6975b1d020929523168ddc9c095dc63d596647636b9cfcffa96279cc1832bb4bb487846f1b3d948bd7e9e938c9a32dd86ecd8cf20b629a9bd44694bcf240df123fbba9a6d951bcf90c700fe3ad4e452a1022918b0b302603513d9fecafbbf581f574c1191144cf82fc65c607f3cff57b150f14caee2ed3cf67040179def544027ea8ad1d50a5534b0d30c9c7e8c43ec98bfb7b16e279ba36451932d4df393a725c959a8af92a7e0e7e35ce86f36ea818b55710e4ad29c69023570d05617440e6a5af868f0bb1100e283359b8e81fd966eb95212fcb3c17c372af2dfa6d4c405073b002a5b96617d2ea9ec6327125f9de5024d01190c573556bd994eb72db8072d0a7b3f806b6967a5c04a77e7212c1a3c0579a167940f678385d8f5df4b791452895a2a008c1ad177c3d99f9e2f2eb10f6d2c9571af226454f89a131a71e0d3aed684a149e6c3ed5e235b4dde5cc378dc86f7931b7fc74f69c9fb2c61629021e430af7af1cda0cf0b83d44eaa590b2e5811266857cfde1e24b13e785a21920461df960850d0aeccd269cf80de59a462955eaf33163d475b85393d0d67297486ba4da1a1f29a894fe36e82dbaec81a18d0ef9b74e92d054487f1d7d9308656d3955f8de82027f6b0bc03181be1f92907bb652b0e2f782a54b825caf90a5ff5e9a51f504fbacb2015eb547a86dbf2f840c35a64e5d778270f25a85535844d2f7157d8a97efd20c3cd454824e3459b839e82c06824cb1499dff382cc1d6c3c5df5f7d239e5024009d162524dd6be6dfb7d7652b8319201850c8f915a23f403399ed6b7a872fb18df13e4d51095858ab2a9f374660ab942c208f60fd099a1a4be6a0f38a4fa9c44d2f9b74793bcc13ec565b749a6e534c19c9a65332096d2d50dc676d157171b30179c9dc245cb138cfe18f03aaeb6be797a6b113bb49fa5ec4ac85d4ff81cc9320cd823863777e24c7c1688e4655154f4fabf63bc6c4dd76e2139701c012c893525350ae35257162fde082486ab3ccb0d64ed21fc1bb60b353950f14536001885acda28c5c248864d4b8da95cd1be76566e84677f82c8796e991d091d0313787e580ff28290c46c6ecebbc7c8e7f4519989c503b5187bfb8aa9edf97b2959dfdd157c62291e5b9f69d2cbae49e43599c3bd40fb5431f4ab837302b8777d14c8f37fb4b67cf4813553a01ea123b9c27f534d35d07e23c8c23e92dfb36fb4e77522a967c84187b7bbcdbefb7089d90b8eacab557e8f3d72083b5317ee1174a7714e92145d3fd2bec600871d34a267c8c73e946c9538d55f3cf360adef75dbf79d8166d88e6c8892fc6964274e55e3139c908176a11eb299d9726e6146385e571ef4c40642370b16a7e29c794b968458fc67544ae7495cac78a83340e7ba8efc0d79da3656f07df910b098cfaea0794d3e60e1321465d22a72fad406da4afdc35900a651f3ea5a309094876a0da591ed417ec2e001ca5bc04bc242631a55b1071b484a45c91bd1fa7424916553248959d10932cea12d2228ba945377ebff999f00b9d9a89576da0ce6a3c3365d1c5d548cef03a45c0cb179ce65c5f8f74ba2b6e24221937df562686345dd15a01b9380fb0f029dea955ef3f418c2b5cda96fdc4b977d0da7cc66fbdf03b8ca69a64306a9f75b21a5b762c6c2ff9f5dd4dc1562e1a6517941a5cd5be9ef9c5422567f943a608a5ce85e062937bad37460f24f7f576e8939be34db74d89ed726aaed1e9218bb8e2a3963ceddecb5a9134ba3aea0891303f10c2c146f3977c1247a95714d7587e5eb710b9022e65b78f61ea7bd42804a3804b84cdcb576ef115cea409b51b854bf090e5f38319fb1cef7860ed11b2266b3cdc4532172f029ca66eac6927c157f356b42e4d2dc30ae7482aa8a24a2de7ee45b936476a9760621fcd3bcbd10f66f3e4127173e547a80c1cd536130d5d2e5fef526edd11ee79c208dc1df3ff3506c08244896705df30d33d690ca74735d108b64c609f0fd5dc6e371ffb1df08a008d87962d9c1117e53057141e6bb0bfa28ac119d9a39981a631e40818d9e95b62edc22f8646d8f9a7bce50c3d63df4b7e4c7529d6f16c1f7f5b543fe3afddd2c03c408c8fca7e3af2bb5c6381e9490e1abcfeb690b2195de73d2ddb6b26c76de1e809829e28b51639a24b099568d0ecedc607358fa9e8c8c4b82c64b01ba5ad301c1d9236be6b627e55058944998ba457d5a02411976e0143c2b198d0b67cd8277b09b1721ff9a1a236ab12178c29ff6efb68c5cc0dee28cc87d232324d76202bfb0f9c1668ee8a44a0cfc47d08017109cc1312c8248cfe901eacf73e54e715395c5ffc082ad1ce02a003be372e75b3c9ab1d1401a90e482847286fa1923457d90de2d92e931ab91b13dce709850e0c27ab16def3de5a8b4428a638e9f3b47fbfdcc081e4f1307fde05c168c244481d8d7c25a175acdd1d577916e6b56563903b981b2e7fc630adabaab83ed6d164975a9116cd52ff887e668f51f6d7b253d873ccc74a3ccd2e4957dd1a7b9cc154d1d3098c13ef63e754000ee460618ebc76e583949d25e24d5475fbfe3b99b8112c95d3a800efee0be54ff0bfb45b3dcb175d3a7936510f66295bd4f76bc3cacf1e18668bdc72c913912dc48e54693c53827dbda2898ece3c53d05be9ccae16657ad3ac469459d1b05d7b5a7f73de221386bd0a5cf9164b4e781b7f971de440071d807628a53e2f49d46ab90ea0175effcdb7206f4b612f6c193f6071d101fbc01c462eb71910892a8b1b3ad118b2ea8474f01bcd9842e9260287610ddc5be740d2cfaf3f3f6ef6dfba41d6d1df6cb1794ede0fb0af188b8c0de084e2138e0cab4498e1d48bbd8fac0d1bd2baa34cd76b7524d237345964077daecd9370628871f65344e6a0fdc64ed48b4be52345861cb7cfa529026ac86d8f10f50b11d440da2ac36abd7b9e9201ccbfda3be1db778ad158d66037cb6e190e90ac5431ada43be5c44bf109f87a5d4d6689b062928b28b0f611e92a0537df4d4378de13bd4a29414884f322336796f10c0cc099d853b3a596f14e7d52b5442ea270d3c41d69d67b5c5d2e7e80844c924acd0877d451283e889a279ab537d0fc1b15cb263c415e5eb91fe62b495f5838910192b41e882bec1755bacd81ff036f2beaff5e20b45b9e31033e85cccfd7b62134583c31430c8a3f2fab375a40c4e25a558518fde27532f9fb23b25826d3a45518f483b5c26474528bbb031ed838b710f8c9c4385ad383203bb13b02a3ff5ba645067d6416f821c323d6db922e462cda4cb4a7678d939a33e546aebf37d5b50827ebc08737d115b2ee993d31cf4fad67680912b3400ee5726f93b33743dc8f8df2a32bf3f17cbfb29b963dd726b3a52a70f55d23e76d0bba8235d89dec9bef4c27e93fa269c11ed4ed12191470cc1cfd0a385a41f97049894ef23e5b5eaa842f62253ef1e87123b5d5937f7df6ada8673238dc32a37f30951466aa63c8c8fec0a96a34529fc3dc1c6b9964f975a338948ace40ca8402ff985dea14af324c8eb9ab5ecd70444b08989e0c54d11b47e325b8524c8c48509d0067c4d956a4153f9b68f5ac77fda02c53693694e1c4300314c6ea068f75eeaa9309a4db8c495343f1f2017cbecccfc3aeedd4041428b686cca4215264b4f9c7c0f25335d271d88803bc1c1168e0dc61a9f4945f2a4b45c649ea3b79cd228c6a07976a56bcdddc5b80221b55ea1eb523c7a9a3ed273ec18b4d217305b465f7dff4a93c83f425fb4ee10fa43ad340af2ca0e39490910b7bace44749bd808c9484799258a0ab164d7be728ec03c1dccad92fe986cd9c745d3b3073a3c2d32dce456fb6ef9bf9cb44142227a4db676b5475528e4e7be243060c679ebd178e7be11c510f8dccdc9066bf355524a6948e29a9f0d6cb3cd9f360ff0f9d6f7c3746bfa765b70c8cd92dad82b03e2036ada486e92728028a0137a03045668f31edc64c694c49947fe43a0cc104b77af88eab51f5f04dd726ca9fa88f2ee14022310a5b00c6dd7390d3fbeed7bb14e062a5713f38e77c39bd76a75432dd88c519f3ee23d65ccda6ec760dff9adf3e7df13c21a6def5c29a893ee594ed4459e653a0bda1e56f78e4b691169a67d043aed72cac97bb03cb74dea24a42d58ba5b71bc866dae301e78253c876c083d4c007d0f55192477312cf8a7feac3a4e3e04baf53d0c24d48c3acbe1178f3db3dd3af97c45fdd80d0f5e4b6b2bd706e851774c8c2c4670ef78856dc687e22523440de6f814f8ac5f97318924d98ad53b97daf769004d7a2e8e315269b7487805134cc5154a87a657d09367a8386d614c4f90a62da1ce51bfd9dd26642da2660d9afaae1c1b1a268c4d5be9df59762915bd2f8458c91aaea53ea628659171e623a8dbec0667c12e39ec32254ac1bef04801d516cbaf60e3f90ac4590619be6ff9bd3354d07a40a873f836298a0b6010451c944fd671adc39e8aa9e26d2923986ef45d6a510708140d3338d08ef47ad570c01a6138c266468bd66f157408ac2468197b7100ca4d884d7a646bc9f0e4d0a7e1039d4f371cb99eeed797c684c4653c70f3625be08f489f6fcb0d3fcd304310ca0e9540dbc3fc22a1d89e8dcbdfc617e3952481961e107e28c18f7e7e42b06997e0e5eec15c404584223c3b88b04948ca58171436aee079c7fb0a19ae8bfb8040507af7f22fdda1c5c953035d79af83c79c461ce2e8237aa3c09c4a958e69dff96c7295db2cdf36842a28b2e5c46a7e670798cd3b63b9bc12f273c79ca161e0f9a09e617261388aa9b500b8259aeaf32b043ff0131df3567932656c811cc2c662b052313541d46d0d40346d2ad8715bbdcc1d3a8b910dc87bfc168b67b2168782f7807af6b81482e46c450f4ce2f587bfc644b84cb5f4bd4f72467fea4bdafdf56a1bb0e208b25528e82ccca8e992c48fc0166069a50b15c8966a8620d398aadbd52e6e36ffe6402dba341fa874ad484ab7806009577338daeec3c231f83780725452abef454f2ff74dfe17ea8680fc6a14ef3a08e6d472717dc93be7c3ff884c844d54205b836cb392dc22a8ec3ed8ba39ccbff4ca3dedff10357eda636201fa1328726353d89c001186232cbab1adece064868e878c77680e4f023dbb0002595e70991ab59248ed655b2b0f14a7742dbeb5e9e818b8081e105e382586e73984d132e1bf65ddcc349f97920fe72a5dc010cd6d4b5bcd22c9f61f8ee453ed2e8a4224e6543a374b6ea462a8fc4ed5bf636ffee73c25f101b50ab707ce3d2bf75dd591f41930aeff82a8795f3d5a4597304a3b96f08b7cab8b5173372cb92fae59de96880d2d4396bfaa0393aab8418d08452636764b0c1978fe4829997ee56d63abf042c64fe34aa8ef63cb6e566151fbe4541df87792c9946317eefbbb2e610007642756c184c24909444dff4d006f7bafe02ee469faf237c0d2aa52ecfc09e65079a882f1ecdec69e9e005ea17a45971e95bf9174d1015d908f0466dd24498ed2ce26e3cecc1199a449d7b38703ca5a7073a747fa2f5943f87e09b60b94e7c4a7b6a819c6ba7ed27114bbb1d50aaed5caee14cae2df818cd0e92d2178c724ca32a6a89a2b91524df1a905524fd25435220f5f4a0df7493de26cfe495e2ece5f01d0704974b09bb7b5c2dca1b83056fc9dc6a4120c872732e715fa7c0020a8", @ANYRESDEC=r1], 0x113a) r3 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x10000) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r3, 0x10e, 0x1, &(0x7f0000000100)=0x1c, 0x4) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) 03:40:17 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r2 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000240)=0x8) r3 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r3, 0x1000000) sendfile(r2, r3, &(0x7f00000000c0)=0xf10001, 0x100000000) close(r2) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) getsockopt$inet_sctp6_SCTP_INITMSG(r2, 0x84, 0x2, &(0x7f0000000280), &(0x7f0000000340)=0x8) ioctl$EVIOCGSW(r3, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r4 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) openat(r1, &(0x7f0000000140)='./file0\x00', 0x0, 0x100) recvmmsg(r4, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) open$dir(&(0x7f0000000100)='./file0\x00', 0x4000, 0x30) 03:40:17 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:40:17 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:40:17 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff6000000000fff01", 0x35, 0x1c0}]) 03:40:17 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x60000000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:17 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000000200)="09efd8bbc6ca7a24e2a75ee0b815f0c6cca5e8c17f0b4ea3f2fccc9f2f9f5d6d5d50666463f57d31ba1a80a3338370fc42e08d83fb3dc4dcd236866279c59c7d6da6bb8eda354eaca85de084a1f7ad85c2a156570c25f85c79083bd99cb89e75fb0ff896f65d473a1d612500226be1946139e32126f59579f8036c98f2b1aa77d1e240d2b6", 0x85}, {&(0x7f00000002c0)="265be71dd1ee07c2fb97a9382d674aa235b948da96c2a4639890798948d3b0e07e9b228b002ed6a9fdfdbd9ea3beca6d14f2fecaa09a39ea9c5f357a582d084e9099596f2357bdcec639a4dc7023185af40c1bb486d3559d03fc383c9eaa74a76dc41dab9b254d0325443798de2da2c487a8d8970343be047f43804f40c0d19fbe6d37c77f16424967e971658cb0f79b9caacb28135fbe8bf25df836b32811a0f2c45101c23ffea77a559aa446d0f3c78fe9e9e0a404f3b971f27b4539be1a6694038d82003f69ae8af5cdee76ef30", 0xcf}, {&(0x7f0000000440)="0528071d68854abb2a4217cbc308fa8ef6b650b5dbb890f1ce8b6c2bc88cfb5d26aa88e288d0202e2a69de348aa108fea7a04056efa133de14fdc0247e6c1879b3a33465252c6dc7515cfa5c272230b67769f1fe9071c670ddd33dd837d078767767351e450374a6256a0a8339e96c4939bf32511d38e0c6260204b8fd01e4b186f359eddbc2ae6a02f437179da441ce9b793293aa6254433bc69f7fdb0f5a7d156c5361b950cf8c2723b9f95598b96bf7fa286aef305a34fd0f5630aff0b39572f9c5bc67aaebe6", 0xc8}, {&(0x7f0000000100)="80c6df6ec35ed058cd93eeb2955759d3a80fd2f343ef03a87e691484d03a493c544c07b8624577f690bd7cbbeec1275b27a67dee86b8b5b07ec4739e63b094b8f01312730aa9be3ef7e4342b337da94e656eb505c62e2655ad223808f6553280ea5d83a77c00592ef8dfcab1adb226a7a3115cd88f612165dc", 0x79}], 0x4, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1808.779679] hfs: invalid session number or type of track [ 1808.789282] hfs: invalid session number or type of track [ 1808.795338] hfs: can't find a HFS filesystem on dev loop3 [ 1808.804190] Dev loop4: unable to read RDB block 1 [ 1808.809259] loop4: unable to read partition table [ 1808.810735] hfs: can't find a HFS filesystem on dev loop5 03:40:17 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) [ 1808.852731] loop4: partition table beyond EOD, truncated [ 1808.858762] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1808.893884] hfs: invalid session number or type of track [ 1808.901985] hfs: invalid session number or type of track [ 1808.909755] hfs: can't find a HFS filesystem on dev loop3 [ 1808.912688] hfs: can't find a HFS filesystem on dev loop5 03:40:17 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\"', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:40:17 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x48) 03:40:18 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x300, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1809.030478] Dev loop4: unable to read RDB block 1 [ 1809.035650] loop4: unable to read partition table [ 1809.062862] loop4: partition table beyond EOD, truncated [ 1809.069355] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:18 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x200000d8) 03:40:18 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000000000", 0x35, 0x1c0}]) [ 1809.118257] hfs: invalid session number or type of track [ 1809.135848] hfs: can't find a HFS filesystem on dev loop5 [ 1809.194733] hfs: invalid session number or type of track [ 1809.213026] hfs: can't find a HFS filesystem on dev loop5 [ 1809.276083] Dev loop4: unable to read RDB block 1 [ 1809.292327] loop4: AHDI p1 p2 p3 p4 [ 1809.305223] loop4: partition table partially beyond EOD, truncated [ 1809.313827] loop4: p1 start 4278648842 is beyond EOD, truncated [ 1809.322575] loop4: p2 start 3813850810 is beyond EOD, truncated [ 1809.433400] Dev loop4: unable to read RDB block 1 [ 1809.438556] loop4: AHDI p1 p2 p3 p4 [ 1809.443001] loop4: partition table partially beyond EOD, truncated [ 1809.450062] loop4: p1 start 4278648842 is beyond EOD, truncated [ 1809.457047] loop4: p2 start 3813850810 is beyond EOD, truncated 03:40:18 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r2 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000000340)={{0x2, 0x1}, 'port1\x00', 0x80, 0x80005, 0x7909424, 0x3, 0x7fff, 0xfffffffffffffff8, 0x4, 0x0, 0x0, 0x3}) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r3 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f0000000240)=[@in6={0xa, 0x4e21, 0x100000000000, @remote, 0x5}, @in6={0xa, 0x4e21, 0x3, @mcast2, 0xffffffffffffffff}, @in6={0xa, 0x4e24, 0x35, @local}, @in6={0xa, 0x4, 0x8000, @empty, 0x5}], 0x70) lsetxattr$trusted_overlay_nlink(&(0x7f0000000140)='./file0\x00', &(0x7f0000000400)='trusted.overlay.nlink\x00', &(0x7f0000000440)={'L-', 0x54c}, 0x28, 0x1) ftruncate(r3, 0x1000000) sendfile(r2, r3, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r2) ioctl$VIDIOC_S_FREQUENCY(r2, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2}) ioctl$EVIOCGSW(r3, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r4 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r4, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:40:18 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={0xffffffffffffffff, &(0x7f0000000100)="7b92180db71662de77e283ce2fffc9a30373aab9858787b5005ada9384dcc1120713fae78f6094bdedd3c96060d8da53342af6b168d88f3d61c38826df0e483042a3804739952c1b89ca657120529b0b6c1134450010cab411d3523e7c7fd279bf54de07338a12138e1fae3e16d489687dcaabf9aae50d9874ca6b2308df5398becbf200a9040bee07ab50ba3d319ac5faf9be8ed09c9f634fb996339ab365ab2aec24f250c0b6bc6d39", &(0x7f00000002c0)="1830a3a150d978d298d0c3d378cdcfbddf4e52b67263d8b6abc5c7dfe41c211a06303b7b637dc3b652b543de0417b8a46eff353cce1a6df38fe211c864d6815b68390fbc0eaecbc9f9ebb866d5a282b90e03703e1ae5cb749c58303782ddac02c117ea0893b09594d3f021a1179eb02bfcf51cb6770701f41ef6fcae0af98a7d33a5905dcb23a51d78f714b0e27e2f2b82c9275642d296f3b4e0661f64def535ef19b2ba74711ac22a0579ca95516c86c87ae0eb82cb9e7e7960e6abe34ac757858008059c7ba982da99730d693ee223df07cee2144abd1174b4e8ce2a6cab8664ec9bae4e2a391e9dfe3b704da813a9cd12", 0x2}, 0x20) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000000), 0x0}, 0x18) 03:40:18 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x4000000000000000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:18 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:40:18 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000480001", 0x35, 0x1c0}]) 03:40:18 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) r2 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r2, 0x84, 0x12, &(0x7f0000000100), &(0x7f0000000140)=0x4) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1809.687532] hfs: invalid session number or type of track [ 1809.695897] hfs: invalid session number or type of track [ 1809.701371] hfs: can't find a HFS filesystem on dev loop3 [ 1809.720342] hfs: can't find a HFS filesystem on dev loop5 03:40:18 executing program 1: r0 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x1c, &(0x7f0000000100)=[@in6={0xa, 0x4e24, 0x1, @mcast1, 0x3}]}, &(0x7f0000000180)=0x10) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f00000001c0)={r1, 0x6}, 0x8) ioctl$SG_GET_ACCESS_COUNT(r0, 0x2289, &(0x7f0000000080)) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r2, &(0x7f0000000000), 0x0}, 0x18) [ 1809.743541] Dev loop4: unable to read RDB block 1 [ 1809.750217] loop4: unable to read partition table [ 1809.776050] hfs: invalid session number or type of track [ 1809.784006] loop4: partition table beyond EOD, truncated [ 1809.790261] hfs: can't find a HFS filesystem on dev loop3 [ 1809.800218] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1809.809048] hfs: invalid session number or type of track [ 1809.815917] hfs: can't find a HFS filesystem on dev loop5 03:40:18 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:40:18 executing program 1: getrusage(0xffffffffffffffff, &(0x7f0000000100)) r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x7, 0x80000) ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r0, 0x80045301, &(0x7f00000000c0)) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r2 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)={0x2, 0x76e9, 0x200004, 0x5d, 0x8}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={r2, &(0x7f0000000000), 0x0}, 0x18) 03:40:18 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x22000000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) [ 1809.972300] Dev loop4: unable to read RDB block 1 [ 1809.983199] loop4: unable to read partition table [ 1809.991176] hfs: invalid session number or type of track [ 1810.003623] loop4: partition table beyond EOD, truncated 03:40:19 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/mixer\x00', 0x88100, 0x0) ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, &(0x7f0000000400)="53bf37d0c315e7a1127d73e1583995ab454edaeb32227d6d27742bcd6869af18422c7dc2539f42e2669c5966ffff8dd3d17c8463e5bfe29f6f4d2ec300ea70d56d426a7f0a91359ddc9488bb5cccd6a69912ab1bbe94b72bf7fcd7e10d5f8f38565e0ba379eca4ec63c060df83593e9d3bd695fb3b96859d2cc76a193de4dd3f52af8773d75d67b3b50bb5dcde4a40e3c890ee35713a32fafa1661e5f6428aa60d659731820270bd053c128a6edcf73a14e8ec69f81ea26dab62d468c62124d87b7e965320d182d8ae94fd5e78593c4d26c295c40d6c25b5") r2 = syz_open_dev$cec(&(0x7f0000000300)='/dev/cec#\x00', 0x3, 0x2) ioctl$UI_SET_KEYBIT(r2, 0x40045565, 0x2fa) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000000080)={0x0, 0x100000001}) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000140)="f9d8c6b395a0b116ac57514cb9ce942e3e2f9564cf4bb98706d5bec86544d87f31623eec02e63bca9cdc36ca5b8a7e8a606db4d7640d848d4f506052f0d1b1aa4d96134b46930e1c7e9e4482f778d845bc9fefe8a8d996712c840e3ed80cea5559e536397e07391c99c55a79a7d4c98cf1d149dddabb91ff4151df2bfe4a7d4f0fb7bdb6d50f217ec8cb415dd27552114e2f03d519e2b16ae2f8fc28d463d94207f3056b9d9fdc6a56a86d7726b6b074488c953d181373487d45dd222823301babfc180060547b7b04f93cc00502b72f202e1fec0afd5ebb76cff92aa475c7a228f56816fb2146a995fafe907d616c22f65b972f6f1c02dd6b3a10f50249a9f5") getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000500)=@assoc_value={0x0}, &(0x7f0000000540)=0x8) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000580)={r3, 0x697}, 0x8) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) r5 = request_key(&(0x7f0000000000)='pkcs7_test\x00', &(0x7f0000000240)={'syz', 0x0}, &(0x7f00000002c0)='/dev/cec#\x00', 0xffffffffffffffff) keyctl$get_security(0x11, r5, &(0x7f0000000340)=""/37, 0x25) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r4, &(0x7f0000000000), 0x0}, 0x18) syz_open_dev$sndpcmc(&(0x7f0000000100)='/dev/snd/pcmC#D#c\x00', 0xffffffff00000001, 0x80) ioctl$VT_SETMODE(r2, 0x5602, &(0x7f0000000380)={0x9, 0x100000001, 0x8001, 0xffffffffffff8001, 0xec72}) [ 1810.017333] hfs: can't find a HFS filesystem on dev loop3 [ 1810.017616] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1810.038537] hfs: invalid session number or type of track [ 1810.049739] hfs: can't find a HFS filesystem on dev loop5 03:40:19 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000006c01", 0x35, 0x1c0}]) [ 1810.113842] hfs: invalid session number or type of track [ 1810.119372] hfs: can't find a HFS filesystem on dev loop3 [ 1810.151240] hfs: invalid session number or type of track [ 1810.156833] hfs: can't find a HFS filesystem on dev loop5 [ 1810.274661] Dev loop4: unable to read RDB block 1 [ 1810.279883] loop4: unable to read partition table [ 1810.285627] loop4: partition table beyond EOD, truncated [ 1810.291443] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1810.403070] Dev loop4: unable to read RDB block 1 [ 1810.408219] loop4: unable to read partition table [ 1810.414058] loop4: partition table beyond EOD, truncated [ 1810.419805] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1810.455955] vivid-000: kernel_thread() failed 03:40:19 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000002c0)={0x5, 0x4, 0x1140f3d4}) r1 = syz_open_dev$vbi(&(0x7f0000001280)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080), &(0x7f0000000100)=0x8) r2 = memfd_create(&(0x7f0000000000)='\xac\x00\x00', 0x4) ftruncate(r2, 0x1000000) sendfile(r1, r2, &(0x7f00000000c0)=0xf10001, 0xeffffdef) close(r1) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000200)={0x10000, 0x2, 0x5}) ioctl$EVIOCGSW(r2, 0x8040451b, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x683) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r3, &(0x7f0000008a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:40:19 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) 03:40:19 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/relabel\x00', 0x2, 0x0) r1 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x4, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffff9c, 0xc0206434, &(0x7f0000000080)={0x80000000, 0x0, 0x0, 0xffff}) ioctl$DRM_IOCTL_SG_ALLOC(r1, 0xc0106438, &(0x7f0000000100)={0x5, r2}) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r3, &(0x7f0000000000), 0x0}, 0x18) 03:40:19 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x7000000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:19 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="02005500000001000000ff07000a00fcffffa5dba960e352beba40ffffffffffffffee00000000000000fffffff600000000005501", 0x35, 0x1c0}]) 03:40:19 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f0000000200)=ANY=[@ANYRESOCT=r1, @ANYRESOCT=r0, @ANYPTR=&(0x7f0000000440)=ANY=[@ANYPTR, @ANYRESOCT=r1, @ANYRESOCT=0x0, @ANYRESOCT=r0, @ANYBLOB="0ab74d8c2acae283666a8bb836989462558c8f8fae553c5e7f3f8a0d049550828b2ee390c23a2791dbbb", @ANYRES32=0x0, @ANYBLOB="6a96ebead1f60347507d9710ef8b29f6828e58bc691977df19d3af91fa48bbb4943dbf3b3e01e72cc765eb264d37cbf3c72c5d0fc93d44af8cb0bc3f33bc1dfd83d692236931d16006607956c7f16554549d8ea39b9c0374b1ed6c915ca55d21b251bc2cf2ebe4c109a65f65116160cf8a5e5215dde3de62da7eefcf210572046835a4f805362845fbb32f2122e0c8fd49047d4f4b73fff8110fb25949fe7c5ae7d3d568c1a681e9410530947a2283607efccd2f1e5901b1c6a09d106f03bd078d1c9eaab49d8c82a4ea89d4f39b2fcd48bdb3d0a10a5cd120d8cf23e33e34e02e7e5d73f7344d1c6cd3b3c57768e9b29b3653b692b30e3a6063f110005e832c443a98e684fa52c5351d898703a9784d10bfda26b17075df57aafaac7c43ece346511a7fdf2212cc78d33ea78b23b3aae4ef71bc4b9432971d7afa5d1f12f4339db313271442bd0b8efa731b0f8b8ab1ec356ce97c3cd9e132f9a3695a706fcf68d96dc9ecd7f14f7b6a50b10852351b9e6d3f7d544e128b3ff82c171bc2e0254328c203a995d3f2754d89998e60fd5639936822a1549c97fa00795e47788deb3652fbd382cc5d5c7cb98cb3b278f75c249881878e694a9246199492b5e0fe58bdc6ec3a1e5168d2d890999b650be6a7f05be0bd0836904523d0561ae8152ca359c87cbaa3d28f6f26537746bdb655e7866bd625bf56d44a4e59ac96f2e845b2a1b657eb92c50c965ebd2fc068e2be32039d923c16df7c0c9893a633b840806e90038ea7a94bc0d439032702c2186df79a94de454ac2a57836048b753f20850936747f201287f3b1d7a788fff370957f618144d6613bd499c67a84eb00b239f448d71f3de08084295ec90a93f48366f25ec195d6e263b70a232bfc4afac306ca585da97d7f3c7ad9f02b1e7a4fe6b5a852a0388b40ee4560a2328cbc56ab5d802dcbb6d25373b4a2f77456414fadcce188c4f5966f85400f49e84ae8591099a9ade1c57473732a5338a57fa6f316b089b60fdcc91dfdb34350c860baa0d70f4edc9453e6f4317b8bf953f178fab01375a7d718c72ea3caa17fd9acc14439103dba5bd498cc414015507fed27b87549c4af6fe676459377d236fbcd9ec325ea4c4fa24847daa36221f622689acfe80dc82b44d330b2051de0ac08260b40f6f89b75f807d57998df124beac903dd29d3203f892a11d320c25414c8b8895e769dd9b9fa67c8d1b3000ab65001889578004ab322fed1ae5560dcd4587687d6e167ac44794175f8f4302fdd62d2886dae6debbaca1af412b1d49854eb883e8c441a535c66c74ccdfef9d45a164d9c48e05d49b599b5330f2d55e79c9bdeb0b1bf7c35bbf68de16e60d5bc7a999a533b8f2c3717ed5f1ac285fe6a4b65bd9a69d33cf3b17913855ef1ef2991d961ee1a9e2e49e145b6f53a91c8768b72b139f0879c49c7a2aa9b938cff465a0b8d5f393c9635d53ce3620116d3862fe411a307b6cd068a9baa05c7ae655063d09733aaa9cddba72f60507e6ae985f14d3c50b0fc8b6791a8fe770242754434244ee3c195dd7f074c1ec72c4ee22d6cf880bbeb23db75d79675bcd7e0b620114388216c1ca9a0774c367ea84dbf999d5d84bac816e7914d41caa81c6e2999dffb5b389f43d8024122be8b389e6c673369d711a8f3b7a46039eb2c7c0662ab3fddea7baf21c37bd4a03d2988a197bf4edf024e4f82d4a521d5d795b49457b3b0a72ed23417b1daf650cd6f45256bf8e876e4941641598595c16bde563d5fee956adf0c811f7c8e94ea045373a451925b1e96b79a781e5c1498180a69ef34bfeae1b401e6bd69250ebd391a21d49b492fa5f4e66fd3e543169bb056d52c6a0c2caf8b05b9b83f84166664c7027bf1b619c38a380bbaf7aa6ffa155481f9f6e2d8e3c53601c372333faa6f2d1acde3f51de0e5931dd1d398dadbe4eb086c6333ad5a20393134e78be4bd0cbb504eb2ed1cdfe24c475769f843bf9410210a6fb6bb06f853a2d6de12d520717cae3a4fd6a206079b2e97df4efa48f8382317b1b852fd6cb53b7c14f72e8a4bbe4c3f5a7674f86648f24cfb7d753c690edc89ab4e0f506797c64fcc87c720a686ea14702c0c272e04b49bc4f65337c6c5647655495abafe5243842d144fb0b67d902ad5b4da1ea86c509b72d8f55b37d1516c78aca8a9badf97f7c2d3f6cacc2838bed6d05bc89266c063f3241b9c9ea77bf69116e3c9f82f759b0afd3176b572dcd496b671e94af4d9f6abf1fd29ecc3b9f1a4828f7ab1a5d63a03d9f026ef50e64a6f81558a1cb6be9e0d3ad6e94502b91a143e00ab3f1ecfb307a9d4be3ee601dcf39318bffd28efff3b72278fc2d369b59f16bdb3128df514321028a30f127b0a906003f857a84f2e3d70bad49873bf237e83faf1e9c8310c16e79a1910248605451db1d3b958d817f1ec8da447229e035f6bbafd19d3659bed72caacba115c9c2249ac930b30adade119c991c8c3f514ad5027675fce488c9e051912c3fe64d0dd89b232cca745fb298d4d3bdc3383f2d61592c59a578e141747783284c073e92cc68cabf709616c9ce3a9ce5f80bc8f718678899bc67e723eea75e80be4cce6ef798cc75e0e70cf21a0be9c540baf3cc32c2050f6cb1355843fdc017c60680b8400a126324b1df49618710831583f1a095a630a8b037427c31cf70f0466d7556343e3f591aff1b5f61d44851413126ce81f42a3c4b7e02f8351d98b57c54f5b6cb8d948eb1d47edbfa20a3ef8910c71ed6944c92f596cc2627d1a2a01b240a2199c63e084069a04a4f1c37f041991ea39f378d10cea8dbfa2d5a99a5f987151f17b4b9d49612ace9430315fbddb1ccb52de50a4e7ad068cc0b63a3b0e76fd44ea4f562f038e6628da994e114ae616168930861fe707235af2571899f92972de694a0df90d8ca489928d83e24061491f383c17f342be592ef4640450544a942dbb7daea68e4f62436892223bae6f5a21304a338b19a1939ee37150741ae43685f19d4ac9bc4767862d7a9b14d3cecde0b82da95b05ca42dfc88ce23d30691715eb6523f5704b66674bdeb896b67f5d686c470cdc24064bfcb22794faf8f1e8a92259088c989dad8b21817bc64f10b7f3defc328beec2584bc6afc8fa8ededb7cf343f3607fedf77afc3867602dbbcd54e11a47a3fe54b9a1ae79b0016506f5847d51b275f9fceac832c9656c6ec94d1067af2f5d2a3f755cdfbcd3417239e6ac2c56d6a74c37dc44fc7b8ad3aecd9a7cc8e54040f7359b7d1074b25f36d1ec5b333a034077bf1e144680fc5fbb982dd249244827cc732892fc5d3a3df49dfd6c69e5d02224ef6c3a47bdf5cd13495e427de3e50e74d7db004881a4e53a134038abe37cff325f9cbc2b31ac2da79ed70c9a8362e4214a5b7ecda6ac20d447b8f9a744d8a1656636dfc3715b41beedf9889c63eebebceebea552c1c7c47a83664de1f80e6bea95d66c9d71c4e806a82eabd543aafe57abf232cbfd83f826b71b3bf37f2265d60cb6ee6338b8fa53cef8e5d6564d7f64f414bb96f3486bc704113098c40fd852f009b0bff2ffc5157872dea4bff4762dd92c6d1a0b55bc32bd24bac841f81b7b722c35fee9fbccd27eaad415701f0601b9f93ec117a68c86ef70b4182cc5c547923a406fd3f4b678c8bb254eab0c102b047fc0eaf01a5bf72dea1e4d95c19188f642bcc22dbcf7191068504ab989b8d02a7c2df182f80443118e4992d413e89cdbffb69a9792efcb5029ca693102630656ba8f1443caa5571a7c4057a87c7071c5d4ee0c5088ed811d66f136be371a60bf942a43c7c1af8b531ab5064a097d0e1e31263774fc7533d5a597981583280c7e33b9ddeee5decd3c2d1f48200c6646bf3120ac671157c6f398d3689ddb272f19ec7f7b4576e9636ae3e34af94cbdcbcb5c60994f89feeb246d7d77a5a033df9decbcd853ecf7b6fd219538ac4b8c14db654def95d1a5cce9b102b6fbcce6ddd3bdf3e5c7e48aaaaefa9e1709d19ff3f833f5762877d348534451ce60cfc4190034e8b91fd559bc6e4c38760121050c15ccb18a4f5d8925453d52ce7df3ecd1fe532179966f2e3100bc95a62161d6efac6f78a97c56a7d2de8e562ed3150b1d3858102b4cf6c9c0b7ac5d056c727923256a010f11a3853e84ecc6659fd049e39958d04c468e7c8a7e8acfd606e15c0accfadce83994d5f9ea969899eb587e54ea1f7aa7dc593789740e507a1414b688a93b5eea891b8d7ca549c8a3aa052db1a23efec65987e69e7fed3f18413f408e66f9aff1d68734d65cf2804739b809ac8970ae216113048151724e7686108bc8b5098a2d9d3cf29fe5a8f7d8e2aba338070d314b728df85de825a581d860a3f394c2212b9ec13758a394d1f56488359308b3cae9bf943ed75a84dc16dd3922b423b1f4dab8e4ead22f4df0f86b774edf3983e7bddf0b8f4749000693c6986e5efd33520b746342addbd4d205c527628fe9eb318f4f08dc964392a783f3995c9d5778c7e31f036f917bdcfa09117d9d7ea2e555f22a6d9bb329a33a5b2631584026551bfd083ea78df2ced5885fbeb18686f9eb5fe03dd8e78733286dacd4f55a54a0b9123acb2587b23e77827c781b0c433850a1b42f72a8f9e6a070201a76f385904a4f4f460803047023fd4f5b9f0023913c77b2861388f112f9cb50b7c627ddafa7221ed746da27e80a64faaf1c0afc6fe778137b0a2fcc04f117e548f1636a27ba985dc954ebf5bc8d435c0090bcdf133e66a18725a13c86dfcb41225400f0684d1973bd7f6344d8fc82b71018bfa1df8a48c7b09be8f3c4859d44f78c2a4487727c8f85d878f84bb6015fad76421cf1191aeffe0df0a87aecdcd6651b5bc3df62590722512fdb95610752b8b35cd23f32e6b879bfdedeb453fb2a168ab24a5470a44fb392e0f07b71b74e1202579448ceb26d376fa84a8775f6e936ae5ef6ffa368b58710b775de61fc82b7f12db264cb0609048cdc330f43e4f4f69c4077444761443a6ef694bf4b3f4069fe104c55dc90ddccd0878ed3472adfab666cfa0079750c887ffd1e89abe524cf0bb1475757847c5660bbe877621f79b038c6455a5a7093a0f8af7895a89b1d12fa93a169ee131f4368d4d834d4ce829d8ff7b68f0414eed65e8294bccd18844acedd709e8aaf2c773fd0d5934e829243d9cec92b0d2784ba4f8091eb9c6749e830933776d2e50a87e2c19d9ecc8f6202a10a053d1cb7dc2756b084796f50650cf9230f8dc821ed45faabb3b8ab3e40746cd60ec61aebcba34bef2bcfadbe7379f6c335321250b0dffbdbe1f60e384fbd71008be6544315afe54b7c1c8d3a1e4cc69749278ff271921e534a1d615595de5549a57a48eb09789508b92e18556191743f26cc3671cedfed979ace1a717099aa25656753e5ce8559c355635ca7e99132ed66e66059b3e570063046f657b91a2a6052016a924fa1dd12fa60f9df9894bd7bfe95fc0ea00649f1951805c8b693067f24ebb83d5a28476c44fc32242a229db388f207b79a015e50948e881ecf4b72ab8d18c1a986735266b9dff74832af4dd53eb0a320a28fe91c85820381b03b4b9bbaf20f30af5e72d87e2be1298ff2bf801e43a4be3f02c893376445b172b90ce98b5da63bde6da83e83af3a634f59340db6980ee19b678c3fb3b16df1b600a33a4aa8aea1d58958f42697f86ee6c5008df1a4014441229f8dc569f964a03aa88976ac819614c2c1f9e8ab24b40d483b2788d7610164c95774bd0d2a436beb43bf9397718625", @ANYRESDEC=r0, @ANYRESDEC=r0, @ANYPTR64=&(0x7f0000000280)=ANY=[@ANYRES64=r1]], @ANYRES64, @ANYPTR64=&(0x7f0000000080)=ANY=[@ANYRESOCT=r1, @ANYRES16=r0, @ANYRESDEC, @ANYPTR=&(0x7f0000000100)=ANY=[@ANYRES32=r0, @ANYPTR64, @ANYRESHEX=r0, @ANYPTR64, @ANYPTR64, @ANYRESHEX=r0, @ANYRESDEC=r1]], @ANYPTR64], 0x4e) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1810.527900] hfs: invalid session number or type of track [ 1810.538667] hfs: invalid session number or type of track [ 1810.549588] hfs: can't find a HFS filesystem on dev loop5 [ 1810.562757] hfs: can't find a HFS filesystem on dev loop3 03:40:19 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x3ad843, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffff9c, 0x84, 0x6d, &(0x7f0000000100)={0x0, 0xe2, "2a427a27f0c41c450d657f8a6b442d01bed913712eb35c14b71d8700dd3393ad7290a0ac2031e949ddf18bf1ca7fcbdeda6bbc2a246bdf7dfcdb0437b2b71754231e467c91f25a8b0761e112357c3f30c307f342aa9dfbe4451147a7e0c818cc11202a7691bb893bd49cc440e81bcf125610011f54d4f16bbc42c57330477c1ab89150ddb6f0284d6b227a92ee8e6eb64e73a7eeb266dc3fb45eca428cb3821d72d71ac9b503ff83da7d1ec14c731ec12ddc22a86b5a7c49993f07e1b05444db01d8317f251fdc251e0ed4635fc9b606005599bb95b353a1ba5a5318e02b3caeabbd"}, &(0x7f0000000080)=0xea) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000200)={r2}, &(0x7f0000000240)=0x8) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r3, &(0x7f0000000000), 0x0}, 0x18) [ 1810.642687] hfs: invalid session number or type of track [ 1810.656425] hfs: can't find a HFS filesystem on dev loop3 [ 1810.682064] Dev loop4: unable to read RDB block 1 03:40:19 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000240)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x264) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) recvmmsg(r0, &(0x7f0000002900)=[{{&(0x7f0000000180)=@nfc_llcp, 0x80, &(0x7f00000003c0)=[{&(0x7f00000002c0)=""/179, 0xb3}, {&(0x7f0000000380)=""/20, 0x14}], 0x2, &(0x7f0000000440)=""/124, 0x7c}, 0x10001}, {{&(0x7f00000004c0)=@vsock={0x28, 0x0, 0x0, @host}, 0x80, &(0x7f0000002700)=[{&(0x7f0000000540)=""/4096, 0x1000}, {&(0x7f0000001540)=""/4096, 0x1000}, {&(0x7f0000002540)=""/249, 0xf9}, {&(0x7f0000002640)=""/147, 0x93}], 0x4, &(0x7f0000002740)=""/54, 0x36}, 0xfba}, {{&(0x7f0000002780)=@un=@abs, 0x80, &(0x7f0000002840)=[{&(0x7f0000002800)=""/46, 0x2e}], 0x1, &(0x7f0000002880)=""/75, 0x4b}, 0x6}], 0x3, 0x10020, 0x0) r2 = accept(r0, &(0x7f0000000100), &(0x7f0000000080)=0x80) ioctl$PPPIOCGMRU(r2, 0x80047453, &(0x7f0000000200)) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) accept$alg(r2, 0x0, 0x0) 03:40:19 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") syz_mount_image$hfs(&(0x7f0000000040)='hfs\x02', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='session=0x0']) [ 1810.687764] hfs: invalid session number or type of track [ 1810.694674] hfs: can't find a HFS filesystem on dev loop5 [ 1810.701788] loop4: unable to read partition table [ 1810.715748] loop4: partition table beyond EOD, truncated [ 1810.730343] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) 03:40:19 executing program 5: syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0xe000000000000, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='session=0x0']) 03:40:19 executing program 1: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x40000, 0x0) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000100), 0x4) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070") r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x200004, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r2, &(0x7f0000000000), 0x0}, 0x18) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'teql0\x00', 0x800}) 03:40:19 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x403) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[], 0xfffffe0f) recvmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/48, 0x20000030}], 0x1}}], 0x1, 0x0, 0x0) [ 1810.823143] Dev loop4: unable to read RDB block 1 [ 1810.829118] loop4: unable to read partition table [ 1810.848480] loop4: partition table beyond EOD, truncated [ 1810.859163] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 1810.912916] hfs: invalid session number or type of track [ 1810.918388] hfs: can't find a HFS filesystem on dev loop5 [ 1811.008482] hfs: invalid session number or type of track [ 1811.022482] hfs: can't find a HFS filesystem on dev loop5 [ 1811.370198] ================================================================== [ 1811.377865] BUG: KASAN: null-ptr-deref in kthread_stop+0x10d/0x900 [ 1811.384193] Write of size 4 at addr 000000000000001c by task syz-executor2/14257 [ 1811.391725] [ 1811.393365] CPU: 0 PID: 14257 Comm: syz-executor2 Not tainted 4.20.0 #167 [ 1811.400296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1811.409652] Call Trace: [ 1811.412254] dump_stack+0x1d3/0x2c6 [ 1811.415897] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1811.421100] ? vprintk_func+0x85/0x181 [ 1811.425003] kasan_report.cold.9+0x6d/0x309 [ 1811.429343] ? kthread_stop+0x10d/0x900 [ 1811.433331] check_memory_region+0x13e/0x1b0 [ 1811.437752] kasan_check_write+0x14/0x20 [ 1811.441835] kthread_stop+0x10d/0x900 [ 1811.445641] ? kthread_unpark+0x160/0x160 [ 1811.449803] ? __lock_is_held+0xb5/0x140 [ 1811.453952] vivid_stop_generating_vid_out+0x2bb/0x9ae [ 1811.459248] ? vivid_start_generating_vid_out+0x490/0x490 [ 1811.464795] ? __mutex_lock+0x85e/0x1700 [ 1811.468918] ? _vb2_fop_release+0x3f/0x2b0 [ 1811.473176] ? mutex_trylock+0x2b0/0x2b0 [ 1811.477241] ? vivid_fop_release+0x66/0x440 [ 1811.481585] vbi_out_stop_streaming+0x91/0x150 [ 1811.486177] ? vbi_out_buf_queue+0x310/0x310 [ 1811.490591] __vb2_queue_cancel+0x14f/0xd50 [ 1811.494924] ? vivid_fop_release+0x96/0x440 [ 1811.499258] ? lock_downgrade+0x900/0x900 [ 1811.503421] ? vb2_buffer_done+0xbb0/0xbb0 [ 1811.507675] ? find_held_lock+0x36/0x1c0 [ 1811.511766] ? mark_held_locks+0xc7/0x130 [ 1811.515952] ? kasan_check_write+0x14/0x20 [ 1811.520206] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 1811.525143] ? kasan_check_read+0x11/0x20 [ 1811.529300] ? wait_for_completion+0x8a0/0x8a0 [ 1811.533893] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1811.539356] vb2_core_streamoff+0x60/0x140 [ 1811.543635] __vb2_cleanup_fileio+0x73/0x160 [ 1811.548052] vb2_core_queue_release+0x1e/0x80 [ 1811.552556] _vb2_fop_release+0x1d2/0x2b0 [ 1811.556745] vb2_fop_release+0x77/0xc0 [ 1811.560646] vivid_fop_release+0x18e/0x440 [ 1811.564890] ? vivid_remove+0x460/0x460 [ 1811.568908] v4l2_release+0x224/0x3a0 [ 1811.572735] ? dev_debug_store+0x140/0x140 [ 1811.576980] __fput+0x385/0xa30 [ 1811.580269] ? get_max_files+0x20/0x20 [ 1811.584179] ? trace_hardirqs_on+0xbd/0x310 [ 1811.588532] ? ___might_sleep+0x1ed/0x300 [ 1811.592686] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1811.598169] ? arch_local_save_flags+0x40/0x40 [ 1811.602769] ____fput+0x15/0x20 [ 1811.606060] task_work_run+0x1e8/0x2a0 [ 1811.609960] ? task_work_cancel+0x240/0x240 [ 1811.614308] ? touch_atime+0x103/0x320 [ 1811.618201] ? file_remove_privs+0x540/0x540 [ 1811.622611] ? file_remove_privs+0x540/0x540 [ 1811.627026] ? atime_needs_update+0x710/0x710 [ 1811.631531] get_signal+0x1558/0x1980 [ 1811.635348] ? splice_direct_to_actor+0x502/0x9d0 [ 1811.640197] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1811.645745] ? ptrace_notify+0x130/0x130 [ 1811.649822] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1811.655371] ? check_preemption_disabled+0x48/0x280 [ 1811.660409] ? graph_lock+0x270/0x270 [ 1811.664224] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1811.669771] ? task_work_add+0x123/0x1f0 [ 1811.673883] do_signal+0x9c/0x21c0 [ 1811.677436] ? find_held_lock+0x36/0x1c0 [ 1811.681513] ? setup_sigcontext+0x7d0/0x7d0 [ 1811.685841] ? lock_downgrade+0x900/0x900 [ 1811.690011] ? exit_to_usermode_loop+0x8c/0x380 [ 1811.694691] ? exit_to_usermode_loop+0x8c/0x380 [ 1811.699382] ? lockdep_hardirqs_on+0x421/0x5c0 [ 1811.703981] ? trace_hardirqs_on+0xbd/0x310 [ 1811.708313] ? do_syscall_64+0x6be/0x820 [ 1811.712384] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1811.717853] exit_to_usermode_loop+0x2e5/0x380 [ 1811.722447] ? syscall_trace_enter+0x1260/0x1260 [ 1811.727251] do_syscall_64+0x6be/0x820 [ 1811.731147] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1811.736527] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1811.741461] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1811.746315] ? trace_hardirqs_on_caller+0x310/0x310 [ 1811.751346] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1811.756373] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1811.761226] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1811.766415] RIP: 0033:0x457759 [ 1811.769626] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1811.788532] RSP: 002b:00007f7a2db54c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1811.796274] RAX: 0000000000019500 RBX: 0000000000000004 RCX: 0000000000457759 [ 1811.803579] RDX: 00000000200000c0 RSI: 0000000000000006 RDI: 0000000000000005 [ 1811.810862] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1811.818130] R10: 00000000effffdef R11: 0000000000000246 R12: 00007f7a2db556d4 [ 1811.825402] R13: 00000000004c4361 R14: 00000000004d7890 R15: 00000000ffffffff [ 1811.832686] ================================================================== [ 1811.840060] Disabling lock debugging due to kernel taint [ 1811.849074] Kernel panic - not syncing: panic_on_warn set ... [ 1811.854979] CPU: 0 PID: 14257 Comm: syz-executor2 Tainted: G B 4.20.0 #167 [ 1811.863290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1811.872637] Call Trace: [ 1811.875228] dump_stack+0x1d3/0x2c6 [ 1811.878904] ? dump_stack_print_info.cold.1+0x20/0x20 [ 1811.884114] panic+0x2ad/0x55c [ 1811.887311] ? add_taint.cold.5+0x16/0x16 [ 1811.891467] ? preempt_schedule+0x4d/0x60 [ 1811.895622] ? ___preempt_schedule+0x16/0x18 [ 1811.900040] ? trace_hardirqs_on+0xb4/0x310 [ 1811.904372] kasan_end_report+0x47/0x4f [ 1811.908355] kasan_report.cold.9+0x76/0x309 [ 1811.912676] ? kthread_stop+0x10d/0x900 [ 1811.916682] check_memory_region+0x13e/0x1b0 [ 1811.921120] kasan_check_write+0x14/0x20 [ 1811.925218] kthread_stop+0x10d/0x900 [ 1811.929038] ? kthread_unpark+0x160/0x160 [ 1811.933312] ? __lock_is_held+0xb5/0x140 [ 1811.937390] vivid_stop_generating_vid_out+0x2bb/0x9ae [ 1811.942671] ? vivid_start_generating_vid_out+0x490/0x490 [ 1811.948221] ? __mutex_lock+0x85e/0x1700 [ 1811.952286] ? _vb2_fop_release+0x3f/0x2b0 [ 1811.956561] ? mutex_trylock+0x2b0/0x2b0 [ 1811.960624] ? vivid_fop_release+0x66/0x440 [ 1811.964961] vbi_out_stop_streaming+0x91/0x150 [ 1811.969576] ? vbi_out_buf_queue+0x310/0x310 [ 1811.973988] __vb2_queue_cancel+0x14f/0xd50 [ 1811.978314] ? vivid_fop_release+0x96/0x440 [ 1811.982655] ? lock_downgrade+0x900/0x900 [ 1811.986808] ? vb2_buffer_done+0xbb0/0xbb0 [ 1811.991046] ? find_held_lock+0x36/0x1c0 [ 1811.995120] ? mark_held_locks+0xc7/0x130 [ 1811.999271] ? kasan_check_write+0x14/0x20 [ 1812.003509] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 1812.008443] ? kasan_check_read+0x11/0x20 [ 1812.012594] ? wait_for_completion+0x8a0/0x8a0 [ 1812.017178] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1812.022639] vb2_core_streamoff+0x60/0x140 [ 1812.026877] __vb2_cleanup_fileio+0x73/0x160 [ 1812.031287] vb2_core_queue_release+0x1e/0x80 [ 1812.035792] _vb2_fop_release+0x1d2/0x2b0 [ 1812.039946] vb2_fop_release+0x77/0xc0 [ 1812.043843] vivid_fop_release+0x18e/0x440 [ 1812.048098] ? vivid_remove+0x460/0x460 [ 1812.052078] v4l2_release+0x224/0x3a0 [ 1812.055900] ? dev_debug_store+0x140/0x140 [ 1812.060135] __fput+0x385/0xa30 [ 1812.063423] ? get_max_files+0x20/0x20 [ 1812.067327] ? trace_hardirqs_on+0xbd/0x310 [ 1812.071647] ? ___might_sleep+0x1ed/0x300 [ 1812.075800] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1812.081249] ? arch_local_save_flags+0x40/0x40 [ 1812.085833] ____fput+0x15/0x20 [ 1812.089114] task_work_run+0x1e8/0x2a0 [ 1812.093007] ? task_work_cancel+0x240/0x240 [ 1812.097333] ? touch_atime+0x103/0x320 [ 1812.101218] ? file_remove_privs+0x540/0x540 [ 1812.105629] ? file_remove_privs+0x540/0x540 [ 1812.110040] ? atime_needs_update+0x710/0x710 [ 1812.114573] get_signal+0x1558/0x1980 [ 1812.118412] ? splice_direct_to_actor+0x502/0x9d0 [ 1812.123272] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1812.128811] ? ptrace_notify+0x130/0x130 [ 1812.132877] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1812.138435] ? check_preemption_disabled+0x48/0x280 [ 1812.143461] ? graph_lock+0x270/0x270 [ 1812.147274] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1812.152813] ? task_work_add+0x123/0x1f0 [ 1812.156881] do_signal+0x9c/0x21c0 [ 1812.160448] ? find_held_lock+0x36/0x1c0 [ 1812.164517] ? setup_sigcontext+0x7d0/0x7d0 [ 1812.168843] ? lock_downgrade+0x900/0x900 [ 1812.172998] ? exit_to_usermode_loop+0x8c/0x380 [ 1812.177670] ? exit_to_usermode_loop+0x8c/0x380 [ 1812.182355] ? lockdep_hardirqs_on+0x421/0x5c0 [ 1812.186946] ? trace_hardirqs_on+0xbd/0x310 [ 1812.191272] ? do_syscall_64+0x6be/0x820 [ 1812.195341] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 1812.200800] exit_to_usermode_loop+0x2e5/0x380 [ 1812.205391] ? syscall_trace_enter+0x1260/0x1260 [ 1812.210170] do_syscall_64+0x6be/0x820 [ 1812.214057] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 1812.219437] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1812.224397] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1812.229256] ? trace_hardirqs_on_caller+0x310/0x310 [ 1812.234280] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1812.239300] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1812.244147] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1812.249347] RIP: 0033:0x457759 [ 1812.252544] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1812.271445] RSP: 002b:00007f7a2db54c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1812.279158] RAX: 0000000000019500 RBX: 0000000000000004 RCX: 0000000000457759 [ 1812.286428] RDX: 00000000200000c0 RSI: 0000000000000006 RDI: 0000000000000005 [ 1812.293712] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1812.300980] R10: 00000000effffdef R11: 0000000000000246 R12: 00007f7a2db556d4 [ 1812.308294] R13: 00000000004c4361 R14: 00000000004d7890 R15: 00000000ffffffff [ 1812.316616] Kernel Offset: disabled [ 1812.320237] Rebooting in 86400 seconds..