Warning: Permanently added '10.128.0.195' (ECDSA) to the list of known hosts. 2019/09/14 11:27:01 fuzzer started 2019/09/14 11:27:03 dialing manager at 10.128.0.26:32883 2019/09/14 11:27:03 syscalls: 2487 2019/09/14 11:27:03 code coverage: enabled 2019/09/14 11:27:03 comparison tracing: enabled 2019/09/14 11:27:03 extra coverage: extra coverage is not supported by the kernel 2019/09/14 11:27:03 setuid sandbox: enabled 2019/09/14 11:27:03 namespace sandbox: enabled 2019/09/14 11:27:03 Android sandbox: /sys/fs/selinux/policy does not exist 2019/09/14 11:27:03 fault injection: enabled 2019/09/14 11:27:03 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/09/14 11:27:03 net packet injection: enabled 2019/09/14 11:27:03 net device setup: enabled 11:28:18 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8, 0x4000000000000800, 0x1}, 0xe) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r0, &(0x7f0000000040), &(0x7f00000001c0)}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000100)={r0, &(0x7f0000000040), 0x0}, 0x18) syzkaller login: [ 140.310304][ T9151] IPVS: ftp: loaded support on port[0] = 21 11:28:18 executing program 1: r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000000)="1c00000011009b8a14e5f4070009042400000000fe02000500000000", 0xff9e) [ 140.382269][ T9151] chnl_net:caif_netlink_parms(): no params data found [ 140.413424][ T9151] bridge0: port 1(bridge_slave_0) entered blocking state [ 140.429857][ T9151] bridge0: port 1(bridge_slave_0) entered disabled state [ 140.456403][ T9151] device bridge_slave_0 entered promiscuous mode [ 140.463854][ T9151] bridge0: port 2(bridge_slave_1) entered blocking state [ 140.485403][ T9151] bridge0: port 2(bridge_slave_1) entered disabled state [ 140.493044][ T9151] device bridge_slave_1 entered promiscuous mode [ 140.511100][ T9151] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 140.522405][ T9151] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 140.540807][ T9151] team0: Port device team_slave_0 added [ 140.548713][ T9151] team0: Port device team_slave_1 added 11:28:19 executing program 2: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000012, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8, 0x4000000000000800, 0x1}, 0xe) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_sys\x00', 0x275a, 0x0) dup2(r1, r0) [ 140.565034][ T9154] IPVS: ftp: loaded support on port[0] = 21 [ 140.607366][ T9151] device hsr_slave_0 entered promiscuous mode 11:28:19 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) open(0x0, 0x0, 0x0) ioctl$UI_SET_RELBIT(0xffffffffffffffff, 0x40045566, 0x0) [ 140.656047][ T9151] device hsr_slave_1 entered promiscuous mode [ 140.731605][ T9156] IPVS: ftp: loaded support on port[0] = 21 [ 140.759271][ T9151] bridge0: port 2(bridge_slave_1) entered blocking state [ 140.766383][ T9151] bridge0: port 2(bridge_slave_1) entered forwarding state [ 140.773697][ T9151] bridge0: port 1(bridge_slave_0) entered blocking state [ 140.780771][ T9151] bridge0: port 1(bridge_slave_0) entered forwarding state [ 140.864286][ T9158] IPVS: ftp: loaded support on port[0] = 21 11:28:19 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) syz_open_dev$sndpcmp(0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f00000000c0)="240000001e005f0214fffffffffffff80700000000000000000000000800080000000000", 0x24) [ 140.953829][ T9154] chnl_net:caif_netlink_parms(): no params data found [ 141.002615][ T9156] chnl_net:caif_netlink_parms(): no params data found [ 141.030439][ T9151] 8021q: adding VLAN 0 to HW filter on device bond0 11:28:19 executing program 5: r0 = socket$inet6(0xa, 0x400000000001, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000000c0)={0x2, &(0x7f0000000080)=[{0x81}, {0x6}]}, 0x10) [ 141.090047][ T9151] 8021q: adding VLAN 0 to HW filter on device team0 [ 141.109121][ T3024] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 141.117616][ T3024] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.142312][ T3024] bridge0: port 2(bridge_slave_1) entered disabled state [ 141.151263][ T3024] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 141.188393][ T9154] bridge0: port 1(bridge_slave_0) entered blocking state [ 141.197370][ T9154] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.204877][ T9154] device bridge_slave_0 entered promiscuous mode [ 141.212263][ T9154] bridge0: port 2(bridge_slave_1) entered blocking state [ 141.219377][ T9154] bridge0: port 2(bridge_slave_1) entered disabled state [ 141.226964][ T9154] device bridge_slave_1 entered promiscuous mode [ 141.239641][ T9158] chnl_net:caif_netlink_parms(): no params data found [ 141.265566][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 141.269072][ T9164] IPVS: ftp: loaded support on port[0] = 21 [ 141.273941][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 141.286564][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 141.297468][ T9167] IPVS: ftp: loaded support on port[0] = 21 [ 141.313782][ T9154] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 141.323195][ T9156] bridge0: port 1(bridge_slave_0) entered blocking state [ 141.330381][ T9156] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.337902][ T9156] device bridge_slave_0 entered promiscuous mode [ 141.344969][ T9156] bridge0: port 2(bridge_slave_1) entered blocking state [ 141.352126][ T9156] bridge0: port 2(bridge_slave_1) entered disabled state [ 141.359876][ T9156] device bridge_slave_1 entered promiscuous mode [ 141.367646][ T9163] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 141.376041][ T9163] bridge0: port 2(bridge_slave_1) entered blocking state [ 141.383063][ T9163] bridge0: port 2(bridge_slave_1) entered forwarding state [ 141.391578][ T9163] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 141.400273][ T9163] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 141.408584][ T9163] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 141.416772][ T9163] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 141.424783][ T9163] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 141.438293][ T9158] bridge0: port 1(bridge_slave_0) entered blocking state [ 141.445431][ T9158] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.453015][ T9158] device bridge_slave_0 entered promiscuous mode [ 141.460934][ T9154] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 141.481714][ T9158] bridge0: port 2(bridge_slave_1) entered blocking state [ 141.489842][ T9158] bridge0: port 2(bridge_slave_1) entered disabled state [ 141.497371][ T9158] device bridge_slave_1 entered promiscuous mode [ 141.504552][ T9151] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 141.520080][ T9156] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 141.531847][ T9156] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 141.555712][ T9158] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 141.566739][ T9154] team0: Port device team_slave_0 added [ 141.573453][ T9158] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 141.590652][ T9158] team0: Port device team_slave_0 added [ 141.599804][ T9158] team0: Port device team_slave_1 added [ 141.617427][ T9154] team0: Port device team_slave_1 added [ 141.631058][ T9156] team0: Port device team_slave_0 added [ 141.637945][ T9156] team0: Port device team_slave_1 added [ 141.696729][ T9158] device hsr_slave_0 entered promiscuous mode [ 141.735872][ T9158] device hsr_slave_1 entered promiscuous mode [ 141.795515][ T9158] debugfs: Directory 'hsr0' with parent '/' already present! [ 141.813464][ T9151] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 141.856964][ T9156] device hsr_slave_0 entered promiscuous mode [ 141.896526][ T9156] device hsr_slave_1 entered promiscuous mode [ 141.935503][ T9156] debugfs: Directory 'hsr0' with parent '/' already present! [ 142.006671][ T9154] device hsr_slave_0 entered promiscuous mode [ 142.025597][ T9154] device hsr_slave_1 entered promiscuous mode [ 142.075475][ T9154] debugfs: Directory 'hsr0' with parent '/' already present! [ 142.124229][ T9158] bridge0: port 2(bridge_slave_1) entered blocking state [ 142.131312][ T9158] bridge0: port 2(bridge_slave_1) entered forwarding state [ 142.143799][ T9167] chnl_net:caif_netlink_parms(): no params data found 11:28:20 executing program 0: r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f00000000c0)={0x5}, 0x10) write(r0, &(0x7f0000000000)="1c0000001a009b8a14e5f4070009042400000000fe02000502000000", 0xff9e) [ 142.176884][ T9164] chnl_net:caif_netlink_parms(): no params data found 11:28:20 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 142.253824][ T9164] bridge0: port 1(bridge_slave_0) entered blocking state [ 142.271292][ T9164] bridge0: port 1(bridge_slave_0) entered disabled state [ 142.279811][ T9164] device bridge_slave_0 entered promiscuous mode [ 142.288711][ T9156] 8021q: adding VLAN 0 to HW filter on device bond0 [ 142.298947][ T9167] bridge0: port 1(bridge_slave_0) entered blocking state [ 142.306818][ T9167] bridge0: port 1(bridge_slave_0) entered disabled state [ 142.314333][ T9167] device bridge_slave_0 entered promiscuous mode [ 142.322036][ T9167] bridge0: port 2(bridge_slave_1) entered blocking state [ 142.329256][ T9167] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.337009][ T9167] device bridge_slave_1 entered promiscuous mode [ 142.347313][ T9164] bridge0: port 2(bridge_slave_1) entered blocking state [ 142.354395][ T9164] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.362427][ T9164] device bridge_slave_1 entered promiscuous mode [ 142.376182][ T9156] 8021q: adding VLAN 0 to HW filter on device team0 [ 142.389489][ T3024] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.397978][ T3024] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 142.409182][ T3024] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 142.417465][ T3024] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 142.434524][ T9167] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 142.452262][ T9154] 8021q: adding VLAN 0 to HW filter on device bond0 [ 142.460588][ T9164] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 142.471917][ T9164] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 142.482771][ T3633] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 142.491244][ T3633] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 142.499790][ T3633] bridge0: port 1(bridge_slave_0) entered blocking state [ 142.507037][ T3633] bridge0: port 1(bridge_slave_0) entered forwarding state [ 142.514443][ T3633] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 142.523214][ T3633] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 142.531554][ T3633] bridge0: port 2(bridge_slave_1) entered blocking state [ 142.538587][ T3633] bridge0: port 2(bridge_slave_1) entered forwarding state [ 142.546207][ T3633] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 142.554497][ T3633] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 142.563047][ T3633] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 142.571456][ T9167] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 142.592474][ T9164] team0: Port device team_slave_0 added [ 142.601302][ T9164] team0: Port device team_slave_1 added [ 142.607603][ T3633] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 142.616126][ T3633] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 142.624318][ T3633] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 142.634378][ T3633] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 142.642597][ T3633] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 142.650249][ T3633] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 142.658272][ T3633] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 142.673346][ T9158] 8021q: adding VLAN 0 to HW filter on device bond0 [ 142.684320][ T9154] 8021q: adding VLAN 0 to HW filter on device team0 [ 142.693057][ T9167] team0: Port device team_slave_0 added [ 142.702673][ T9167] team0: Port device team_slave_1 added [ 142.714490][ T9158] 8021q: adding VLAN 0 to HW filter on device team0 [ 142.767294][ T9164] device hsr_slave_0 entered promiscuous mode [ 142.805713][ T9164] device hsr_slave_1 entered promiscuous mode [ 142.865471][ T9164] debugfs: Directory 'hsr0' with parent '/' already present! [ 142.876966][ T9163] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 142.885107][ T9163] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 142.893236][ T9163] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 142.900797][ T9163] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 142.908663][ T9163] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 142.917604][ T9163] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 142.926459][ T9156] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 142.987513][ T9167] device hsr_slave_0 entered promiscuous mode [ 143.035591][ T9167] device hsr_slave_1 entered promiscuous mode [ 143.085393][ T9167] debugfs: Directory 'hsr0' with parent '/' already present! [ 143.106739][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 143.115259][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 143.124288][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 143.131371][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 143.139045][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 143.147571][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 143.155916][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 143.162953][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 143.170465][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 143.179064][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 143.187544][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 143.197100][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 143.204122][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 143.211720][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 143.220411][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 143.228695][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 143.235726][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 143.243138][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 143.251550][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 143.259970][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 143.268368][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 143.276764][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 143.285010][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 143.293329][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 143.301497][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 143.309833][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 143.317993][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 143.326177][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 143.334542][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 143.343021][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 143.351541][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 143.359429][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 143.367209][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 143.381869][ T9156] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 143.393985][ T9158] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 143.405283][ T9158] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 143.422695][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 143.431593][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 143.439743][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 143.448054][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 143.460111][ T9154] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 143.471193][ T9154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 143.480256][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 143.488922][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 143.510827][ T9154] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 143.557268][ T9158] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 143.586037][ T9167] 8021q: adding VLAN 0 to HW filter on device bond0 [ 143.604202][ T9164] 8021q: adding VLAN 0 to HW filter on device bond0 [ 143.637453][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 143.652387][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 143.671734][ T9167] 8021q: adding VLAN 0 to HW filter on device team0 11:28:22 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x400000001, 0x70, 0x2005, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8090, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x3f0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r2, 0x0, 0x10b, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) sendto$inet(r2, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x0) 11:28:22 executing program 1: socketpair$unix(0x1, 0x80000000003, 0x0, &(0x7f0000000100)={0x0, 0x0}) bind$unix(r0, &(0x7f0000000000)=@abs={0x1}, 0x6e) bind$unix(r0, &(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e) sendmmsg(r0, &(0x7f0000008600)=[{{0x0, 0x0, &(0x7f0000003140)}}, {{&(0x7f00000072c0)=@un=@file={0x1, './file0\x00'}, 0xa, &(0x7f0000007380), 0x0, &(0x7f0000000600)}}], 0x2, 0x0) [ 143.690604][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 143.699901][ T3631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 143.710386][ T9164] 8021q: adding VLAN 0 to HW filter on device team0 [ 143.714104][ T9207] __ntfs_error: 8 callbacks suppressed [ 143.714111][ T9207] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. [ 143.738696][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 143.759405][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 143.768234][ T9212] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 11:28:22 executing program 1: r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket(0x200000000000011, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', 0x0}) bind$packet(r1, &(0x7f0000000040)={0x11, 0x0, r2}, 0x14) sendto$inet6(r1, 0x0, 0x0, 0x0, 0x0, 0x0) [ 143.798447][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 143.805578][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 143.826737][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 143.835190][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready 11:28:22 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x8000001000008912, &(0x7f0000000000)="11f0a505ba583bcb7bf070") r1 = socket$inet(0x10, 0x2, 0x0) sendmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000001c0)="24000000180007041dfffd946f61050002000300fe02000000010800080012000200140e2800", 0x26}], 0x1}, 0x0) [ 143.844020][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 143.851116][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 143.864203][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 143.873697][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 143.882886][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready 11:28:22 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) open(0x0, 0x0, 0x0) ioctl$UI_SET_RELBIT(0xffffffffffffffff, 0x40045566, 0x0) [ 143.891697][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 143.901249][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 143.909286][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 143.923326][ T9167] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 143.934434][ T9167] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 143.963148][ T9163] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 143.978866][ T9163] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 143.990305][ T9163] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 144.000667][ T9163] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 144.009218][ T9163] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 144.017867][ T9163] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 144.026331][ T9163] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 144.034835][ T9163] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 144.043269][ T9163] bridge0: port 1(bridge_slave_0) entered blocking state [ 144.050357][ T9163] bridge0: port 1(bridge_slave_0) entered forwarding state [ 144.051584][ T9237] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. [ 144.059222][ T9163] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 144.075007][ T9163] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 144.083566][ T9163] bridge0: port 2(bridge_slave_1) entered blocking state [ 144.090744][ T9163] bridge0: port 2(bridge_slave_1) entered forwarding state [ 144.098867][ T9163] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 144.106472][ T9163] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 144.122909][ T9167] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 144.131085][ T3024] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 144.142904][ T3024] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 144.153031][ T3024] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 144.164648][ T3024] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready 11:28:22 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) open(0x0, 0x0, 0x0) ioctl$UI_SET_RELBIT(0xffffffffffffffff, 0x40045566, 0x0) [ 144.173529][ T3024] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 144.185908][ T3024] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 144.197798][ T9164] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 144.210767][ T9164] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network 11:28:22 executing program 1: openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$sndpcmp(0x0, 0x0, 0x400) ioctl$DRM_IOCTL_GEM_FLINK(0xffffffffffffffff, 0xc008640a, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000740)}, 0x0) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000000), 0x10) write(0xffffffffffffffff, 0x0, 0x0) r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f00000000c0)="240000001e005f0214fffffffffffff80700000000000000000000000800080000000000", 0x24) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f00000001c0)={0x0, @in={{0x2, 0x4e20, @loopback}}}, 0x0) poll(0x0, 0x0, 0x0) [ 144.239671][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 144.240972][ T9246] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. [ 144.254000][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 144.270037][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 144.281333][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 144.299669][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 144.325010][ T9164] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 144.343045][ T3024] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready 11:28:22 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) open(0x0, 0x0, 0x0) ioctl$UI_SET_RELBIT(0xffffffffffffffff, 0x40045566, 0x0) [ 144.420083][ T9261] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 11:28:23 executing program 4: setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x14, 0x0, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) listen(0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000040)=0x2000000000000074, 0x4) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f0000000640), 0x0, 0x0, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0x1da9, 0x4) sendto$inet(r0, &(0x7f0000000180)="20268a927f1f6588b967481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf9221a7511bf746bec66ba5c0fe3ac47b61db6b4c41bd1a5259e62506cda287b857aac", 0x8293, 0x4000002, 0x0, 0x27) socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000400)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000000), 0x10) 11:28:23 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) lgetxattr(0x0, 0x0, 0x0, 0x0) 11:28:23 executing program 5: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup3(r1, r0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket(0x10, 0x4000000000000002, 0xc) write(r3, &(0x7f0000000100)="1f0000000104ff00fd4354c007110000f30501000a000100010423dcffdf00", 0x1f) 11:28:23 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:28:23 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) open(0x0, 0x0, 0x0) 11:28:23 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000500)=0xa000000000000005) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) clone(0x4007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:28:23 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_cancel(0x0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, &(0x7f0000000400)) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) open(&(0x7f0000000040)='.\x00', 0x0, 0x0) shmget(0x2, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil) getrusage(0x0, &(0x7f00000001c0)) r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000000010000001809"], 0x46040) 11:28:23 executing program 2: perf_event_open(&(0x7f000025c000)={0x400000001, 0x70, 0x2005, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r0, 0x0, 0x10b, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) sendto$inet(r0, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x0) 11:28:23 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000000c0)={{0x3}}) 11:28:23 executing program 4: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x0, 0x0) ioctl$UI_GET_VERSION(r0, 0x8004552d, &(0x7f00000003c0)) [ 145.299496][ T9302] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 11:28:23 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_cancel(0x0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, &(0x7f0000000400)) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) open(&(0x7f0000000040)='.\x00', 0x0, 0x0) shmget(0x2, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil) getrusage(0x0, &(0x7f00000001c0)) r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000000010000001809"], 0x46040) [ 145.331021][ T26] audit: type=1800 audit(1568460503.836:31): pid=9305 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="/" dev="sda1" ino=2328 res=0 [ 145.351690][ T26] audit: type=1800 audit(1568460503.856:32): pid=9320 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="/" dev="sda1" ino=2328 res=0 11:28:23 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:28:23 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:28:23 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_cancel(0x0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, &(0x7f0000000400)) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) open(&(0x7f0000000040)='.\x00', 0x0, 0x0) shmget(0x2, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil) getrusage(0x0, &(0x7f00000001c0)) r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000000010000001809"], 0x46040) 11:28:24 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) [ 145.444212][ T26] audit: type=1800 audit(1568460503.946:33): pid=9330 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="/" dev="sda1" ino=2328 res=0 [ 145.482756][ T9335] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 11:28:26 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:28:26 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:28:26 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:28:26 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000500)=0xa000000000000005) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) clone(0x4007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:28:26 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_cancel(0x0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, &(0x7f0000000400)) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) open(&(0x7f0000000040)='.\x00', 0x0, 0x0) shmget(0x2, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil) getrusage(0x0, &(0x7f00000001c0)) r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000000010000001809"], 0x46040) 11:28:26 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") arch_prctl$ARCH_GET_GS(0x1004, &(0x7f0000000080)) 11:28:26 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:28:26 executing program 2: syz_emit_ethernet(0x72, &(0x7f0000000040)={@local, @empty, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x3c, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, {[@exp_fastopen={0xfe, 0xf, 0xf989, "35b9158a14f2e4e7260583"}, @md5sig={0x13, 0x12, "274f8a2f10d06947cb9ae211091b7b8a"}, @exp_smc={0xfe, 0x6}]}}}}}}}}, 0x0) 11:28:26 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_cancel(0x0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, &(0x7f0000000400)) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) open(&(0x7f0000000040)='.\x00', 0x0, 0x0) shmget(0x2, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil) getrusage(0x0, &(0x7f00000001c0)) open_by_handle_at(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000000010000001809"], 0x46040) 11:28:26 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:28:26 executing program 4: ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(0xffffffffffffffff, 0xc0145401, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) [ 148.425574][ T9386] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 11:28:27 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000008c0)='/gro<#\xfbW\xe6\xc6\x0f\x1fKE\xb7M\x99\x9a\x9a\x8c,\xe1[.\xf6\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+\x8d\xed\xa6\\\x1c\xc3\x97\x94\xf6\xe0.+\xe3\x89\xde\x139E\xa3\x85\xbd\x81\xe9\xbd\xee\xee\x03\x00\x00\x00\x00\x00\x00\x00[T\aE\xdfK\x1d\xeeH;\x15v$\xc5\xbcq\x9a\t\x9ej5\t\x00\x00\x009\x8c4\xc4\x88C\xa2B\x8b\x81\v\xea\t\xf0\x8fw\a\f\x15\xe2\xd0q\xbb\r\x17`s\xec\x85>\xcf\xab9(\xf6.\x15\xcd2-\xf2\xc4\xd8\x00a\xd5\xd9\xb5Z\xd7\xb4\xac\x1d_+k\xd6\x8ag\xdceHE\xd5\x1c\x8a\xbd#\xcc\x82\xca\xc2(\xb6\xe1\x99p\x9b\xa3D\xd2\x91\x96\xef\x05\fv\x16\x14\xcc\xea\x9d\x11w\x1e\xb5VG\x9ad\x9a`=^h\x8c8\xc9\"\x1eO\xb5vk\xc9\xcfi\x90\xd7\xd3H\xa1\xb4\xda\v\x17\x95\xf7\x19\x99\x99\x92\xc3\xc0\x8a\x18\xc7\"g\xd7B\x8f\x85\x18\xf3\x02\xa7\xb6\x83\x92\xefY\xef\x85\x92\x10E\x18\xbc\xacy\xd6\xa7Wh\xcd\xd0\xfa\xcc\xde\xeb\xdf\xad\xfd\xb0\xee\xfb\xc2(\x8cj\xd0uj{4\xb2\xe1p\x88u6\x9a;\xaa\x9f+J\x9e\xe3\xcc\xc7O\xad\x84\x8c;\x92~,\x15\xb2\x97\f~\xa0W\x16\x8b\a\x88\xaa\xe4C\xaf\x90\xdf\x7f\xe51\x00/n\xb5f\x1a\x8c+\xea<\xe3N@\x9e\xec\xbe{\x90x\xc6\x95!\xea\x11\xda\xe1I\x1d\xcbY\xe1\x01\xd2d\xae\xd1(>\xa3\xa9\x93\x16\xc6G\x94|', 0x2761, 0x0) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f00000000c0)=0x3) write$P9_RWSTAT(r0, 0x0, 0x0) ioctl$UI_SET_PROPBIT(0xffffffffffffffff, 0x4004556e, 0x1f) 11:28:29 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:28:29 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_cancel(0x0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, &(0x7f0000000400)) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) open(&(0x7f0000000040)='.\x00', 0x0, 0x0) shmget(0x2, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil) getrusage(0x0, &(0x7f00000001c0)) open_by_handle_at(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000000010000001809"], 0x46040) 11:28:29 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000500)=0xa000000000000005) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) clone(0x4007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:28:29 executing program 4: ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(0xffffffffffffffff, 0xc0145401, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:28:29 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:28:29 executing program 2: 11:28:29 executing program 2: 11:28:29 executing program 4: ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(0xffffffffffffffff, 0xc0145401, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) [ 151.356411][ T9412] __ntfs_error: 4 callbacks suppressed [ 151.356418][ T9412] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 11:28:29 executing program 2: 11:28:29 executing program 4: r0 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:28:29 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_cancel(0x0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, &(0x7f0000000400)) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) open(&(0x7f0000000040)='.\x00', 0x0, 0x0) shmget(0x2, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil) getrusage(0x0, &(0x7f00000001c0)) open_by_handle_at(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000000010000001809"], 0x46040) 11:28:30 executing program 3: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX]) [ 151.578618][ T9446] ntfs: (device loop3): parse_options(): Invalid gid option argument: 0xffffffffffffffff 11:28:32 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$cont(0x7, r0, 0x0, 0x0) 11:28:32 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000500)=0xa000000000000005) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) clone(0x4007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:28:32 executing program 2: 11:28:32 executing program 4: r0 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:28:32 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_cancel(0x0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, &(0x7f0000000400)) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) open(&(0x7f0000000040)='.\x00', 0x0, 0x0) shmget(0x2, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil) r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000000010000001809"], 0x46040) 11:28:32 executing program 3: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX]) 11:28:32 executing program 4: r0 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:28:32 executing program 2: 11:28:32 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_cancel(0x0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, &(0x7f0000000400)) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) open(&(0x7f0000000040)='.\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000000010000001809"], 0x46040) [ 154.400681][ T9459] ntfs: (device loop3): parse_options(): Invalid gid option argument: 0xffffffffffffffff [ 154.429571][ T26] audit: type=1800 audit(1568460512.936:36): pid=9460 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="/" dev="sda1" ino=2328 res=0 11:28:33 executing program 2: 11:28:33 executing program 3: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX]) 11:28:33 executing program 4: syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(0xffffffffffffffff, 0xc0145401, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) [ 154.568050][ T26] audit: type=1800 audit(1568460513.076:37): pid=9479 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="/" dev="sda1" ino=2328 res=0 [ 154.592160][ T9483] ntfs: (device loop3): parse_options(): Invalid gid option argument: 0xffffffffffffffff 11:28:35 executing program 2: 11:28:35 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$cont(0x7, r0, 0x0, 0x0) 11:28:35 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000500)=0xa000000000000005) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:28:35 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_cancel(0x0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, &(0x7f0000000400)) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000000010000001809"], 0x46040) 11:28:35 executing program 4: syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(0xffffffffffffffff, 0xc0145401, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:28:35 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:28:35 executing program 2: 11:28:35 executing program 4: syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(0xffffffffffffffff, 0xc0145401, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:28:36 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_cancel(0x0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, &(0x7f0000000400)) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000000010000001809"], 0x46040) [ 157.474871][ T9501] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. [ 157.493411][ T26] audit: type=1800 audit(1568460515.996:38): pid=9511 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="/" dev="sda1" ino=2328 res=0 11:28:36 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, 0x0) 11:28:36 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$cont(0x7, r0, 0x0, 0x0) 11:28:36 executing program 2: 11:28:36 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, 0x0) [ 157.603177][ T26] audit: type=1800 audit(1568460516.106:39): pid=9520 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="/" dev="sda1" ino=2328 res=0 11:28:36 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000500)=0xa000000000000005) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:28:36 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_cancel(0x0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, &(0x7f0000000400)) r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000000010000001809"], 0x46040) 11:28:36 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:28:36 executing program 2: 11:28:36 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, 0x0) [ 157.757131][ T26] audit: type=1800 audit(1568460516.266:40): pid=9541 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="/" dev="sda1" ino=2328 res=0 11:28:36 executing program 2: 11:28:36 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000000010000001809"], 0x46040) 11:28:36 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000500)=0xa000000000000005) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) [ 157.804595][ T9542] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 11:28:36 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x7fffffff}) [ 157.859338][ T26] audit: type=1800 audit(1568460516.366:41): pid=9555 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="/" dev="sda1" ino=2328 res=0 11:28:39 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:28:39 executing program 2: 11:28:39 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000000010000001809"], 0x46040) 11:28:39 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:28:39 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x7fffffff}) 11:28:39 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000500)=0xa000000000000005) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:28:39 executing program 2: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000240)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) fchdir(r0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee68, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='hugetlb.2MB.e_in_bytes\x00\x00\x00\x00\x00', 0x275a, 0x0) fallocate(r1, 0x0, 0x0, 0x110001) 11:28:39 executing program 1: r0 = open(0x0, 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000000010000001809"], 0x46040) 11:28:39 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x7fffffff}) 11:28:39 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2}) 11:28:39 executing program 1: r0 = open(0x0, 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000000010000001809"], 0x46040) [ 160.622126][ T26] audit: type=1800 audit(1568460519.126:42): pid=9570 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="/" dev="sda1" ino=2328 res=0 [ 160.652122][ T9574] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 11:28:39 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2}) [ 160.943596][ T26] audit: type=1800 audit(1568460519.446:43): pid=9584 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz-executor.2" name="hugetlb.2MB.e_in_bytes" dev="loop2" ino=22 res=0 11:28:42 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:28:42 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:28:42 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:28:42 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2}) 11:28:42 executing program 1: r0 = open(0x0, 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000000010000001809"], 0x46040) 11:28:42 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f00000024c0)={0x0, @initdev, @multicast1}, &(0x7f0000002500)=0xc) 11:28:42 executing program 1: open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000000010000001809"], 0x46040) 11:28:42 executing program 1: open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000000010000001809"], 0x46040) [ 163.770536][ T9617] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 11:28:42 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x0, 0x0) ioctl$UI_ABS_SETUP(r0, 0x401c5504, 0x0) 11:28:42 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:28:42 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) open_by_handle_at(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x46040) io_cancel(0x0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x5e6, 0x0, 0x2}, &(0x7f0000000400)) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)=',)\x00'}, 0x10) open(&(0x7f0000000040)='.\x00', 0x0, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) shmget(0x2, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil) setresgid(0x0, 0x0, 0x0) getrusage(0xffffffffffffffff, &(0x7f00000001c0)) getgroups(0x3, &(0x7f0000000140)=[0x0, 0xee01, 0xee00]) r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000000010000001809"], 0x46040) 11:28:42 executing program 5: open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) [ 163.904713][ T9638] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. [ 163.997274][ T26] audit: type=1800 audit(1568460522.506:44): pid=9645 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="/" dev="sda1" ino=2328 res=0 [ 164.073026][ T26] audit: type=1800 audit(1568460522.576:45): pid=9645 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="/" dev="sda1" ino=2328 res=0 11:28:45 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:28:45 executing program 2: write(0xffffffffffffffff, &(0x7f0000000340)="63d3a26420a9c66c3cb4d591b36e595b72c5c01c346ac14e80d66b0dbe1331ba505f8536ab406002a9c3c669afeabc105643604248d5aede56b868aa1dd7976fbff8eccebbb6ece3f8462a1887e52bcd962600205c392ac9f8e2bff87a5dec80b2c2885205916e5f2d6cf6c4bcaa449268f0a860a2289a967f19cfcd7bf71bcd3d3a6b30c30da5346bc7e133b108dbf1eee3176afd4df58d448f878e930e823358cd0ff859ff981dfdd7aea11ff9468d0009dab66297b594511baed49e01ba48d5d49fbf292a389cc72c02dfbb58d5e200ed39c41587cfaa466ca4ce7d2349acd80832bece65d99abf969c2222f15ee9a94ec96315dc05472260f603546afdf0f67408391bcb6406637261e8bac061783c21e8502e27e15873bdd7fdca54115ddc513d6195469068780744495a3f203ed73e7c9fa631e7df9a1a81d79ea9f4c51231c9de38520c09ef3d5c8f971d70d1214842ea5307b8a52583b94c3c4c57ba5ea284686b402328ebd9b3991d79277c40ea4bef176d61254dd1357f4ba24bfde119242c784c3026613f74d32ea391c063b41faf8dcc795bc3f0071a1693a2efe7f9646a9ebbf1ed069a8781ba09c5b630035e9db34061e7302f63e31f8a68028cc90ca27614f086889727c78752135c90c5eacccd423fb4a026184ffd5d4bb6641c0db6fe2d6e5b1806613482da4c43e4e03d27a314529426edcd029f2a37a31a995b5f0160878dde0db0b60c5858d05dd8e418a7de1a1c3ee72c4159b0b4c876a3e6884cc35e1fa47660e44256492f5cabc6366cffc09fb32023b8d381de9ef6716f1f94292aabc41d57be7abc49dcfc7dd478bae6319fa60de26a54348cd4a4c3ad62931a74f45afa156dbb96a8ca801fbfb8d32d8fa3fe57e671ac4e3378dcc521f72f78700be8143ae46a07b2a241425c6d02272b86dfcae992abc51250b95083db6679af72a2ee088fff41603816e71ac1a3c985e9cfc69302dea78a7878b956632e21a08e5326f31f8d631cd1f23529aecb10ab70a05864a3bfa2205096fcf5aed97276aa7c825ac958d94e3a9a7c860b04f3bab2ea9f95f442040da510f3d897263c324f6cd58eedfce5b738adf44fbef7b7f4d9a88de24fb7c7a02ea4fd980e42df7ae14840c7e7992f93b4b5b067fc0f1b6da48c4944de088b0322378f69959b46997f36504246aa316b88edc0d485fb9a714d0cba21ab2877ad405104b7ef441fed941108f59c2bb6acc8f58c13db8a7472e7b231f7e0c1ccf3841cbe8055fe649607aa43a041b1cc8c0bb65965c72917570a266aebd98d5eccc5d30a2094bf0e301ac33b5a81b01b973399fb3ad7e21e1ed5f65b3b44db57fcbfdb9a508602c7f171c3835fb07b0623ca62c4a86dd19046ed6088a53ec2d961feea1661a2fbfb370db0152b924651638405b6ab827b53ce3a9a849d715cfac93533ffe625c7f5e0c14d722150fe08bb3ea86f918bd88723627ecfb8ae7765e74402b997c5d2e83d7d70d05569a1ca2331f38fc9665082941b086090c544e5e5f8d1c366652a7e7686abed7dc6b854cee70275b60daaeedbc06d0353e170e2d58521481fd5e58327505abc712e0481470a19351d5ece5e3b2b7c3e494f4ddf7e226cdc14609fe894175d12163a360bfc4f2fe3f4ed54bf034927cefc74c28f6b837c2678faf153c21c287d286596d73bc842a783db7af1aed628a6a5aeb53cef3bf7465ecdf1561279d00bc8f6da83217cde9b5323b3926bf0c8a9f40cffaf7e008f84bbd8e5419b2f019b6c1046757ba240468364c9268116d899a7d65858a21cd4899111fb2ac67129a3139db2bd33df1d4ec18aee4cdfb087e07500f7888033f7ffd3bfad7816768872ef46129436da792c6862d67e59ded5d473140cc21bba2de83ea3d9c72d119e632ae99e931f807457ce6b58e531612641e2c0cbc6f9dfdbdb0ddd49dc3e4796fbf14fc7281a827a7006178cda5cd0dd3c0b28f5a5afec08b144603e4840846c4425e37ee09433d2d3d9247b0c8d2060a2f01ec5392d33de99789033ee3f3a996a14a6a62d17584350ac749463a0ced74a2851dd43178ccdfa97c7fa6786c0de1d43d0646205e5c70b21e841643ec4aac7ec8ac3cd083d3b5ef051874999163469eba6d98cba355af54be4f03d4cc199ed74fa6f123a4fad61db4372f9414551321b58f2ef8c3b180e6074301a00bccc64e7eff4ae7c0e7a6dd4c352e0bda233e791f1071b52e3f7a06da450f46676ff2eb1b120749221f0dace635d0d8b09f30167ba6670462171d96bb9f7a802c8953bd486e467c953805b7c966139a67fd34891e0c88604a24e6c67e5646c3ebd164faa69b4af6c1c3b1135d900ca57cda032a6adf319d6a27cd11894e2d26449e5fc096ac864d865f7393904a3f293380edd68a872942130a995a6237e0eaeac3eec4c85887bb238a1632692f7bcb3fb8b48782cd2254e30c2ea596526369303fe286d90b0e38471c2dc6bc0d1d57b9bd7c1022395bf1d37202f4b44118b93c1e430dead35440f365cd2ef3d38b259743fc1530ad1aadb7df7303c563521d069ecf7e0d094e22b838177db52cb4393d0c8955bc172162b5aa9ce918855bdd0864c28f491a0861be267b37953e6ec2368116c3ef8269b17d368743f988adf2364a39bd8c012088d1aaa03eb67e3bd192b6ba9d887441747e6a141e66ae240e92e604848886849bafca1212c145e7be2c62f0595bcfdeb89e548a4730b5759a82da21447b3700fd3048bba75f15c0fe302ac0fe6a7fde7e54dbcc5a592e9d453b979f09e346f6c73fd0bb672efffbc5544a82f3c13ada3fe2ca9a77bb26c548c913897716dd1811256e2064a97ae67bbff47240beb71441657459c01e6cd5ef6dc3dc7e0c75cc2f3fcd099c07f3250c52c2cf9d684db4d9d5387094783a1d88130be6713314de937a8778ef837bebbe1af872fc745329ac8f38fa25f1cb609083e98b41f1e8f7a5466b9991f18d2efd405ef37cecd1d5bbb76d7b398699032aebc558566ad0a60ebc43443b8b192cb257496bef3cab09f43a6290b771c82e37ae6905298cc35c025c2547505384ba0e31d16f13a50a4ba2cb29c0ec67c08c4f2e2f5e1b7b630900d79c01707d119e3639b2f09cead23b63045def6736c9a5ed7793d8196ca0fc63b65a9385b06cb905427020bd167bb730ec269729cd75b3e796c935299f1c219bf3a3ede817b7cc4212dc4df446586a8238e28fb9b2d6912b0a1fc508ed4504aa90d907fa0a4d9609704baa670535c7ef29c9177bd3f8de1fd0319787e5e008e853eb6ad9b3f3f54d40c793794e5569b1afa92d0f41e6e51bfdfd7f4bf7828b70c8bcffa6330f232a4df009ad7b4deadb2749605de31a465b1b835cde504122d921849c6f0d01beaa7ed7ea9903858e5dee2f5709aedd36235116b768f88addb23c41d045d425f15b3437bec140be2611acf90e5fd5bf61b2630450a83dad6c09c94651561ac692c2c044e33d9dd51476375eeffaf91b03c47073607cae1b5b0d1da48c95d572ab38943231608dae257addca68fa33e46b5beb4704a9439b07570b0e39687fa523e05a972290f97dc4bff08deb1ead9d524f2c3420b92b4745aadae499decf73d4d155db1e2f88cbc359866d3351189792c1a11f558dadfbfd07bfe520366bcfce326a533568c2c01febb2fe632600793cce60da3eba4666668f2fd01dd68a3852a500604e3e031bc3f0e5127d1e1308fe80ee2a7e0623477d1aa830e568411816992deb20b52c151af801921904a91a99d1b665591dadd22908e5571eda858a9b411bc4033bcc22275cfb2677d21134b67544cf89a0ba48636c7d468b0fecf4aca21166814d7a03692367447fe7ff2de17e9828ab5e1e43e3d0c97b9a6b1415dd5b1dec52ad27a81f956fbe5c0e5e03ba5991a95bce23e9b08190152acc7eede2ad3d4a6aa9b38f4dd270cbea91390be4520fa8b29df4027e9c5bf20e68203bd39c021cd11b9b66ba49f8ba5bc0a865615c752de47ad0753f79a419e2f3bdd19cd541c1cc6bf9553ce92e570eedac2fb764fb9f8cc474f46c138f90d67addcccb5f9aaece8502a0f8af71af89d0ad2b536cb4c5693b7317b664d9fd0c775ba9126edc8881833beb3696e3bfacc9512f27e6dac57316a524fd7ed37c6bccf8ae67eaa949dea7731793c8a2126650c16a96994e8b100abe4792e009fadcaad1345f04755e6cf4fe95238ab5dd947e1a235fc8356e44d18e9cdc8aa7f3a38ce9adc8604682c1aed3aca1c1f0108539484a392e71c5555b27f56a4bd74ff430245f6efe81506aac7c59fb5d7aae64f07bd0a055a18df298571f890718d2220557cbceb496e2e650631888b5fb4becf7733400540f72897f26f673d7fe8550314353ae058ea68e7228f5f00d341d0426e8293d882c467b000700bc37e757bf8e92d00001fc2e30763249b45ca16aaf8418301be793bb67f9dc485bc3940b8e595471fca947c2e4f1f746614cc21d5e251eee7ab37e22162f7f38e2e67c13f618891f61824a102e35e6c510a06d46926c46356cc8b4e804150de996c398cfe8f089240fa6f98cc92326823888027708efa3dfc54d2ee354804c6bbfcbcbab35e58630cc7da3562360f6a994ee1cc1085ca7838f7ec5af907f80fca587290eeb0ab3e38b54f28501117d5f4255725f121564ead4a3be0af114e4dfc678a3f5ae51f51872b1bc22db6cabb032e05b88ca1133493a56ed3230f49456e9423185b6f11d508f1e30621fa127468be3865a83be350dad4faeda64b26bd97780225ed97304cad66ad286f02e8f44d33d03d1f8e88a87221faabebc2488b0e6104eafc2dfcfebcc2df464c703609692548dffdc36beb5ce71d72c4db57726b01556b5011bf6bbc3bc853a9e1f84bc12114d8af1a23840746d21c6d4933a42e8903143c1603901950777736d06c6068918631290961bec80b46c62b83c3aece712850efe5488c63e91d5a066907b82f2937b78649714ae27a733167cd895e418685a889df0fb0f6e28c89447138714c557999f6fbc754a7cd9e0128fcf59103f5c404ef9f359c3ef49f21b0fefba186a8c463863c87554e0a81ff1046a09883aeae40f05a3cf0ba980d9bed114a13628d962b6beff4b567f00e385bd37a6819263238a8ab80d93fc2e901986e11c5736e23e875f4553b52087f8c52f474e185bec0f35e750a4494bc902910f2f4d1166d15c3ba74603d04fcb907de3fdf9d46e80d9ee211f8a6cbb4d1865ae66bb6733f4325adbf9452443eff3004a951030e3f968fd0994724842708b624d16dcee9f9a0ae0c7d9a054e928b2df7d395f11da2d13f17be5181895c8875154bf82ac29b92fd3241d42f379bcb3ebdfe5c95e697ea77180fda6763061b7515c539da68485beecf4e43667d81300dcb944fd2dd85e17828ff8d084e17666a935a64191a831d3493eadc31f011e3d56ab5c4b69d426378c2dfa0941c2940e4361fb039e6657bbec5bad374e7a7f207a2e621146bd41e85dc172e2c6ab7185e4a72a86e8d704b235afff92d247ba39813e7bb0d2cfd", 0xf5e) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) ioctl$RTC_PIE_ON(0xffffffffffffffff, 0x7005) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000240)=ANY=[@ANYBLOB="6d616e676c650000000000000000000000181b526bb5957004b38e0000000000000000000000000000001f00000006000000a005000058024f9f80a3306e074fd9ab0d7bd0d93c7d71c54c000000000000004000b004000000e8050000e82700cc30d04c87bb1af8499e0cd3b9cebe3b02000000e1771f61c1d9c352aa433c28337ce53f54ce3d5523599897408f5348e9caca560200000035fb843216ec6b83eb7a6a3e8f80497cce39afdfd6545993b918da07d9000000000000000000000000003875dbf4e9c2abeb7236086349441e51b06ca5fb4757630dc70000000000000000000000000000100040"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) tkill(r2, 0x17) 11:28:45 executing program 1: open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000000010000001809"], 0x46040) 11:28:45 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:28:45 executing program 5: open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:28:45 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) open_by_handle_at(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x46040) io_cancel(0x0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x5e6, 0x0, 0x2}, &(0x7f0000000400)) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)=',)\x00'}, 0x10) open(&(0x7f0000000040)='.\x00', 0x0, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) shmget(0x2, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil) setresgid(0x0, 0x0, 0x0) getrusage(0xffffffffffffffff, &(0x7f00000001c0)) getgroups(0x3, &(0x7f0000000140)=[0x0, 0xee01, 0xee00]) r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000000010000001809"], 0x46040) 11:28:45 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, 0x0, 0x46040) [ 166.835770][ T9668] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 11:28:45 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:28:45 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 166.883362][ T26] audit: type=1800 audit(1568460525.386:46): pid=9666 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="/" dev="sda1" ino=2328 res=0 [ 166.918877][ T9681] ptrace attach of "/root/syz-executor.2"[9680] was attempted by "/root/syz-executor.2"[9681] 11:28:45 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, 0x0, 0x46040) 11:28:45 executing program 5: open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:28:45 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, 0x0, 0x46040) 11:28:45 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000000010000001809"], 0x46040) [ 167.008997][ T9688] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 11:28:45 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_cancel(0x0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, &(0x7f0000000400)) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) open(&(0x7f0000000040)='.\x00', 0x0, 0x0) shmget(0x2, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil) r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000000010000001809"], 0x46040) 11:28:45 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[], 0x46040) 11:28:45 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:28:45 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) [ 167.134860][ T26] audit: type=1800 audit(1568460525.636:47): pid=9710 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="/" dev="sda1" ino=2328 res=0 11:28:45 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_cancel(0x0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, &(0x7f0000000400)) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) open(&(0x7f0000000040)='.\x00', 0x0, 0x0) shmget(0x2, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil) getrusage(0x0, &(0x7f00000001c0)) open_by_handle_at(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000000010000001809"], 0x46040) 11:28:45 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[], 0x46040) 11:28:45 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) [ 167.231277][ T26] audit: type=1800 audit(1568460525.726:48): pid=9717 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="/" dev="sda1" ino=2328 res=0 [ 167.257748][ T9724] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 11:28:48 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:28:48 executing program 4 (fault-call:1 fault-nth:0): r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:28:48 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:28:48 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:28:48 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[], 0x46040) 11:28:48 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:28:48 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x46040) [ 170.050160][ T9755] FAULT_INJECTION: forcing a failure. [ 170.050160][ T9755] name failslab, interval 1, probability 0, space 0, times 1 [ 170.067747][ T9750] __ntfs_error: 1 callbacks suppressed [ 170.067754][ T9750] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. [ 170.096658][ T9755] CPU: 1 PID: 9755 Comm: syz-executor.4 Not tainted 5.3.0-rc8+ #0 [ 170.104485][ T9755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 170.104489][ T9755] Call Trace: [ 170.104506][ T9755] dump_stack+0x1d8/0x2f8 [ 170.104524][ T9755] should_fail+0x555/0x770 [ 170.117852][ T9755] __should_failslab+0x11a/0x160 [ 170.117865][ T9755] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 170.117878][ T9755] should_failslab+0x9/0x20 [ 170.128465][ T9756] ntfs: (device loop2): ntfs_fill_super(): Unable to determine device size. [ 170.131516][ T9755] __kmalloc+0x7a/0x340 [ 170.131529][ T9755] ? tomoyo_realpath_from_path+0xca/0x7c0 [ 170.131537][ T9755] tomoyo_realpath_from_path+0xdc/0x7c0 [ 170.131550][ T9755] tomoyo_path_number_perm+0x166/0x640 [ 170.171460][ T9755] ? smack_file_ioctl+0x278/0x2e0 [ 170.176464][ T9755] ? __fget+0x4e1/0x510 [ 170.180599][ T9755] tomoyo_file_ioctl+0x23/0x30 [ 170.185345][ T9755] security_file_ioctl+0x6d/0xd0 [ 170.190263][ T9755] __x64_sys_ioctl+0xa3/0x120 [ 170.194923][ T9755] do_syscall_64+0xfe/0x140 [ 170.199414][ T9755] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 170.205285][ T9755] RIP: 0033:0x4598e9 [ 170.209426][ T9755] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 170.229007][ T9755] RSP: 002b:00007f37b1eaec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 170.237503][ T9755] RAX: ffffffffffffffda RBX: 00007f37b1eaec90 RCX: 00000000004598e9 11:28:48 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:28:48 executing program 4 (fault-call:1 fault-nth:1): r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) [ 170.245468][ T9755] RDX: 0000000020000000 RSI: 00000000c0145401 RDI: 0000000000000003 [ 170.253430][ T9755] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 170.261378][ T9755] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f37b1eaf6d4 [ 170.269329][ T9755] R13: 00000000004cdf18 R14: 00000000004d7e18 R15: 0000000000000004 [ 170.277481][ T9755] ERROR: Out of memory at tomoyo_realpath_from_path. 11:28:48 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x46040) [ 170.418166][ T9780] FAULT_INJECTION: forcing a failure. [ 170.418166][ T9780] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 170.431398][ T9780] CPU: 1 PID: 9780 Comm: syz-executor.4 Not tainted 5.3.0-rc8+ #0 [ 170.439196][ T9780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 170.449255][ T9780] Call Trace: [ 170.452545][ T9780] dump_stack+0x1d8/0x2f8 [ 170.456882][ T9780] should_fail+0x555/0x770 [ 170.461302][ T9780] should_fail_alloc_page+0x55/0x60 11:28:49 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) [ 170.466500][ T9780] prepare_alloc_pages+0x283/0x470 [ 170.466513][ T9780] __alloc_pages_nodemask+0xb2/0x5d0 [ 170.466522][ T9780] ? stack_trace_save+0x150/0x150 [ 170.466536][ T9780] kmem_getpages+0x56/0xa20 [ 170.466546][ T9780] cache_grow_begin+0x7e/0x2c0 [ 170.466558][ T9780] cache_alloc_refill+0x311/0x3f0 [ 170.496288][ T9780] ? check_preemption_disabled+0xb7/0x2a0 [ 170.502008][ T9780] __kmalloc+0x318/0x340 [ 170.506254][ T9780] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 170.511963][ T9780] tomoyo_realpath_from_path+0xdc/0x7c0 [ 170.511976][ T9780] tomoyo_path_number_perm+0x166/0x640 [ 170.511997][ T9780] ? smack_file_ioctl+0x278/0x2e0 [ 170.522967][ T9780] ? __fget+0x4e1/0x510 [ 170.522982][ T9780] tomoyo_file_ioctl+0x23/0x30 [ 170.522996][ T9780] security_file_ioctl+0x6d/0xd0 [ 170.533959][ T9787] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. [ 170.537882][ T9780] __x64_sys_ioctl+0xa3/0x120 [ 170.537894][ T9780] do_syscall_64+0xfe/0x140 [ 170.537906][ T9780] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 170.537917][ T9780] RIP: 0033:0x4598e9 [ 170.570520][ T9780] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 170.590369][ T9780] RSP: 002b:00007f37b1eaec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 170.598758][ T9780] RAX: ffffffffffffffda RBX: 00007f37b1eaec90 RCX: 00000000004598e9 [ 170.606717][ T9780] RDX: 0000000020000000 RSI: 00000000c0145401 RDI: 0000000000000003 11:28:49 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) [ 170.614700][ T9780] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 170.622867][ T9780] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f37b1eaf6d4 [ 170.630828][ T9780] R13: 00000000004cdf18 R14: 00000000004d7e18 R15: 0000000000000004 [ 170.716404][ T9793] ntfs: (device loop2): ntfs_fill_super(): Unable to determine device size. 11:28:51 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:28:51 executing program 5: perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:28:51 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x46040) 11:28:51 executing program 4 (fault-call:1 fault-nth:2): r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:28:51 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:28:51 executing program 2: syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX]) [ 173.093600][ T9807] FAULT_INJECTION: forcing a failure. [ 173.093600][ T9807] name failslab, interval 1, probability 0, space 0, times 0 [ 173.117987][ T9812] ntfs: (device loop2): parse_options(): Invalid gid option argument: 0xffffffffffffffff [ 173.128291][ T9811] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. [ 173.137488][ T9807] CPU: 1 PID: 9807 Comm: syz-executor.4 Not tainted 5.3.0-rc8+ #0 [ 173.145290][ T9807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 173.155339][ T9807] Call Trace: [ 173.158643][ T9807] dump_stack+0x1d8/0x2f8 [ 173.162981][ T9807] should_fail+0x555/0x770 [ 173.167402][ T9807] __should_failslab+0x11a/0x160 [ 173.172391][ T9807] ? tomoyo_encode2+0x273/0x5a0 [ 173.177239][ T9807] should_failslab+0x9/0x20 [ 173.181731][ T9807] __kmalloc+0x7a/0x340 [ 173.185864][ T9807] tomoyo_encode2+0x273/0x5a0 [ 173.190526][ T9807] tomoyo_realpath_from_path+0x769/0x7c0 [ 173.196249][ T9807] tomoyo_path_number_perm+0x166/0x640 [ 173.201691][ T9807] ? smack_file_ioctl+0x278/0x2e0 [ 173.206699][ T9807] ? __fget+0x4e1/0x510 [ 173.210836][ T9807] tomoyo_file_ioctl+0x23/0x30 [ 173.215575][ T9807] security_file_ioctl+0x6d/0xd0 [ 173.220488][ T9807] __x64_sys_ioctl+0xa3/0x120 [ 173.225142][ T9807] do_syscall_64+0xfe/0x140 [ 173.229620][ T9807] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 173.235483][ T9807] RIP: 0033:0x4598e9 [ 173.239361][ T9807] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 173.258952][ T9807] RSP: 002b:00007f37b1eaec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 173.267342][ T9807] RAX: ffffffffffffffda RBX: 00007f37b1eaec90 RCX: 00000000004598e9 [ 173.275296][ T9807] RDX: 0000000020000000 RSI: 00000000c0145401 RDI: 0000000000000003 [ 173.283249][ T9807] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 11:28:51 executing program 5: perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:28:51 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a00000001"], 0x46040) 11:28:51 executing program 4 (fault-call:1 fault-nth:3): r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) [ 173.291200][ T9807] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f37b1eaf6d4 [ 173.299154][ T9807] R13: 00000000004cdf18 R14: 00000000004d7e18 R15: 0000000000000004 [ 173.311333][ T9807] ERROR: Out of memory at tomoyo_realpath_from_path. 11:28:51 executing program 5: perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:28:51 executing program 2: syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX]) 11:28:51 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) [ 173.536428][ T9844] ntfs: (device loop2): parse_options(): Invalid gid option argument: 0xffffffffffffffff [ 173.551181][ T9843] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 11:28:54 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:28:54 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a00000001"], 0x46040) 11:28:54 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:28:54 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:28:54 executing program 2: syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX]) 11:28:54 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0b") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:28:54 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x2, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:28:54 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a00000001"], 0x46040) 11:28:54 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:28:54 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x10, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) [ 176.143791][ T9869] ntfs: (device loop2): parse_options(): Invalid gid option argument: 0xffffffffffffffff [ 176.163301][ T9864] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 11:28:54 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a00000001000000"], 0x46040) 11:28:54 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:28:54 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x4c01, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:28:54 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0b") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:28:54 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:28:54 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:28:54 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:28:54 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x5420, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:28:54 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a00000001000000"], 0x46040) 11:28:54 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:28:54 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x5421, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:28:54 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a00000001000000"], 0x46040) [ 176.427935][ T9908] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 11:28:55 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x5422, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:28:55 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:28:55 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0000000100000018"], 0x46040) 11:28:55 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x5423, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:28:55 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0b") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:28:55 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:28:55 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(0x0, 0x40, 0x1) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:28:55 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a00000001000000"], 0x46040) 11:28:55 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x5450, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) [ 176.653160][ T26] audit: type=1800 audit(1568460535.156:49): pid=9950 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="/" dev="sda1" ino=24 res=0 [ 176.690405][ T9955] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 11:28:58 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:28:58 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x5451, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:28:58 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47b") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:28:58 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a00000001000000"], 0x46040) 11:28:58 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(0x0, 0x40, 0x1) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:28:58 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:28:58 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a00000001000000"], 0x46040) 11:28:58 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x5452, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:28:58 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0000000100000018"], 0x0) [ 179.550114][ T9977] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 11:28:58 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:28:58 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:28:58 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(0x0, 0x40, 0x1) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:28:58 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47b") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:28:58 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:28:58 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:28:58 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x5460, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:28:58 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0000000100000018"], 0x0) 11:28:58 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) 11:28:58 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x1) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:28:58 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0000000100000018"], 0x0) 11:28:58 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) 11:28:58 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x54a0, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) [ 179.813167][T10019] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 11:28:58 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) 11:28:58 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:28:58 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47b") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:28:58 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x1) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:28:58 executing program 1 (fault-call:1 fault-nth:0): r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0000000100000018"], 0x46040) 11:28:58 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x54a1, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:28:58 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 180.094694][T10068] FAULT_INJECTION: forcing a failure. [ 180.094694][T10068] name failslab, interval 1, probability 0, space 0, times 0 [ 180.108197][T10068] CPU: 0 PID: 10068 Comm: syz-executor.1 Not tainted 5.3.0-rc8+ #0 [ 180.116091][T10068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 180.116095][T10068] Call Trace: [ 180.116111][T10068] dump_stack+0x1d8/0x2f8 [ 180.116124][T10068] should_fail+0x555/0x770 [ 180.116138][T10068] __should_failslab+0x11a/0x160 [ 180.116147][T10068] ? do_handle_open+0xfb/0x6e0 [ 180.116157][T10068] should_failslab+0x9/0x20 [ 180.116166][T10068] __kmalloc+0x7a/0x340 [ 180.116175][T10068] ? __kasan_check_write+0x14/0x20 [ 180.116183][T10068] ? _copy_from_user+0x11a/0x180 [ 180.116191][T10068] do_handle_open+0xfb/0x6e0 [ 180.116199][T10068] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 180.116206][T10068] ? trace_hardirqs_off_caller+0x58/0x80 [ 180.116215][T10068] __x64_sys_open_by_handle_at+0x7f/0x90 [ 180.116225][T10068] do_syscall_64+0xfe/0x140 11:28:58 executing program 1 (fault-call:1 fault-nth:1): r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0000000100000018"], 0x46040) 11:28:58 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:28:58 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x1) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:28:58 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x54a2, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) [ 180.116235][T10068] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 180.116243][T10068] RIP: 0033:0x4598e9 [ 180.116254][T10068] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 180.116259][T10068] RSP: 002b:00007f4b10b43c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000130 [ 180.116268][T10068] RAX: ffffffffffffffda RBX: 00007f4b10b43c90 RCX: 00000000004598e9 11:28:58 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) [ 180.116273][T10068] RDX: 0000000000046040 RSI: 00000000200000c0 RDI: 0000000000000003 [ 180.116279][T10068] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 180.116284][T10068] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4b10b446d4 [ 180.116288][T10068] R13: 00000000004c600d R14: 00000000004dad40 R15: 0000000000000004 11:28:58 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 180.302532][T10067] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. [ 180.318272][T10081] FAULT_INJECTION: forcing a failure. [ 180.318272][T10081] name failslab, interval 1, probability 0, space 0, times 0 11:28:58 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x54a3, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) [ 180.355713][T10081] CPU: 0 PID: 10081 Comm: syz-executor.1 Not tainted 5.3.0-rc8+ #0 [ 180.363723][T10081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 180.373774][T10081] Call Trace: [ 180.377068][T10081] dump_stack+0x1d8/0x2f8 [ 180.381402][T10081] should_fail+0x555/0x770 [ 180.385822][T10081] __should_failslab+0x11a/0x160 [ 180.390758][T10081] ? __d_alloc+0x2d/0x6e0 [ 180.395068][T10081] should_failslab+0x9/0x20 [ 180.399576][T10081] kmem_cache_alloc+0x56/0x2e0 [ 180.404326][T10081] __d_alloc+0x2d/0x6e0 [ 180.408466][T10081] ? do_raw_spin_unlock+0x49/0x260 [ 180.413553][T10081] d_obtain_alias+0x110/0x160 [ 180.418209][T10081] ? ext4_nfs_commit_metadata+0xa0/0xa0 [ 180.423725][T10081] generic_fh_to_dentry+0xa1/0xe0 [ 180.428722][T10081] ext4_fh_to_dentry+0x34/0x40 [ 180.433458][T10081] exportfs_decode_fh+0xdd/0x4c0 [ 180.438371][T10081] ? do_handle_open+0x6e0/0x6e0 [ 180.443271][T10081] ? rcu_lock_release+0x26/0x30 [ 180.448107][T10081] ? __fget+0x4e6/0x510 [ 180.452249][T10081] ? __kasan_check_write+0x14/0x20 [ 180.457344][T10081] ? fput_many+0x47/0x1a0 [ 180.461744][T10081] do_handle_open+0x3c7/0x6e0 [ 180.466393][T10081] ? trace_hardirqs_off_caller+0x58/0x80 [ 180.472000][T10081] __x64_sys_open_by_handle_at+0x7f/0x90 [ 180.477611][T10081] do_syscall_64+0xfe/0x140 [ 180.482091][T10081] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 180.487984][T10081] RIP: 0033:0x4598e9 [ 180.491936][T10081] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 180.511541][T10081] RSP: 002b:00007f4b10b43c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000130 [ 180.519928][T10081] RAX: ffffffffffffffda RBX: 00007f4b10b43c90 RCX: 00000000004598e9 [ 180.527901][T10081] RDX: 0000000000046040 RSI: 00000000200000c0 RDI: 0000000000000003 [ 180.535855][T10081] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 180.543856][T10081] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4b10b446d4 [ 180.551815][T10081] R13: 00000000004c600d R14: 00000000004dad40 R15: 0000000000000004 11:28:59 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf0") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:28:59 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x0) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:28:59 executing program 1 (fault-call:1 fault-nth:2): r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0000000100000018"], 0x46040) 11:28:59 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x6364, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:28:59 executing program 0: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:28:59 executing program 2: socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 180.692310][T10103] FAULT_INJECTION: forcing a failure. [ 180.692310][T10103] name failslab, interval 1, probability 0, space 0, times 0 [ 180.696130][T10110] ptrace attach of "/root/syz-executor.0"[10107] was attempted by "/root/syz-executor.0"[10110] 11:28:59 executing program 0: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:28:59 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x8912, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) [ 180.754280][T10114] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. [ 180.768901][T10103] CPU: 0 PID: 10103 Comm: syz-executor.1 Not tainted 5.3.0-rc8+ #0 [ 180.773418][T10118] ntfs: (device loop2): ntfs_fill_super(): Unable to determine device size. [ 180.776959][T10103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 180.776964][T10103] Call Trace: [ 180.776983][T10103] dump_stack+0x1d8/0x2f8 [ 180.776996][T10103] should_fail+0x555/0x770 [ 180.777009][T10103] __should_failslab+0x11a/0x160 [ 180.777019][T10103] ? getname_kernel+0x59/0x2f0 [ 180.777028][T10103] should_failslab+0x9/0x20 [ 180.777038][T10103] kmem_cache_alloc+0x56/0x2e0 [ 180.777048][T10103] getname_kernel+0x59/0x2f0 [ 180.777060][T10103] do_file_open_root+0x126/0x5f0 [ 180.836108][T10103] ? __alloc_fd+0x58f/0x630 [ 180.840588][T10103] ? __kasan_check_read+0x11/0x20 [ 180.845588][T10103] ? do_raw_spin_unlock+0x49/0x260 [ 180.850673][T10103] ? _raw_spin_unlock+0x2c/0x50 [ 180.855496][T10103] ? __alloc_fd+0x58f/0x630 [ 180.859975][T10103] file_open_root+0x275/0x380 [ 180.864712][T10103] do_handle_open+0x4d7/0x6e0 [ 180.869364][T10103] __x64_sys_open_by_handle_at+0x7f/0x90 [ 180.874971][T10103] do_syscall_64+0xfe/0x140 [ 180.879454][T10103] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 180.885318][T10103] RIP: 0033:0x4598e9 [ 180.889257][T10103] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 180.908864][T10103] RSP: 002b:00007f4b10b43c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000130 [ 180.917343][T10103] RAX: ffffffffffffffda RBX: 00007f4b10b43c90 RCX: 00000000004598e9 [ 180.925295][T10103] RDX: 0000000000046040 RSI: 00000000200000c0 RDI: 0000000000000003 [ 180.933243][T10103] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 180.941187][T10103] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4b10b446d4 11:28:59 executing program 1 (fault-call:1 fault-nth:3): r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0000000100000018"], 0x46040) 11:28:59 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x0) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) [ 180.949133][T10103] R13: 00000000004c600d R14: 00000000004dad40 R15: 0000000000000004 11:28:59 executing program 0: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 181.067067][T10134] FAULT_INJECTION: forcing a failure. [ 181.067067][T10134] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 181.080292][T10134] CPU: 1 PID: 10134 Comm: syz-executor.1 Not tainted 5.3.0-rc8+ #0 [ 181.080496][T10139] ptrace attach of "/root/syz-executor.0"[10138] was attempted by "/root/syz-executor.0"[10139] [ 181.088165][T10134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 181.088170][T10134] Call Trace: [ 181.088188][T10134] dump_stack+0x1d8/0x2f8 [ 181.088204][T10134] should_fail+0x555/0x770 [ 181.088218][T10134] should_fail_alloc_page+0x55/0x60 [ 181.125859][T10134] prepare_alloc_pages+0x283/0x470 [ 181.130974][T10134] __alloc_pages_nodemask+0xb2/0x5d0 [ 181.136259][T10134] ? debug_smp_processor_id+0x1c/0x20 [ 181.141636][T10134] kmem_getpages+0x56/0xa20 [ 181.146135][T10134] ? trace_lock_release+0x135/0x1a0 [ 181.151351][T10134] cache_grow_begin+0x7e/0x2c0 [ 181.156104][T10134] cache_alloc_refill+0x311/0x3f0 [ 181.161104][T10134] ? check_preemption_disabled+0xb7/0x2a0 [ 181.166802][T10134] kmem_cache_alloc+0x2b9/0x2e0 [ 181.171626][T10134] ? getname_kernel+0x59/0x2f0 [ 181.176374][T10134] getname_kernel+0x59/0x2f0 [ 181.180951][T10134] do_file_open_root+0x126/0x5f0 [ 181.185865][T10134] ? __alloc_fd+0x58f/0x630 [ 181.190349][T10134] ? __kasan_check_read+0x11/0x20 [ 181.195357][T10134] ? do_raw_spin_unlock+0x49/0x260 [ 181.200465][T10134] ? _raw_spin_unlock+0x2c/0x50 [ 181.205298][T10134] ? __alloc_fd+0x58f/0x630 [ 181.209783][T10134] file_open_root+0x275/0x380 [ 181.214452][T10134] do_handle_open+0x4d7/0x6e0 [ 181.219208][T10134] __x64_sys_open_by_handle_at+0x7f/0x90 [ 181.224820][T10134] do_syscall_64+0xfe/0x140 [ 181.229304][T10134] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 181.235181][T10134] RIP: 0033:0x4598e9 [ 181.239062][T10134] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 181.258649][T10134] RSP: 002b:00007f4b10b43c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000130 11:28:59 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf0") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:28:59 executing program 2: socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 11:28:59 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x8933, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:28:59 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 181.267046][T10134] RAX: ffffffffffffffda RBX: 00007f4b10b43c90 RCX: 00000000004598e9 [ 181.275004][T10134] RDX: 0000000000046040 RSI: 00000000200000c0 RDI: 0000000000000003 [ 181.282951][T10134] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 181.290899][T10134] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4b10b446d4 [ 181.298849][T10134] R13: 00000000004c600d R14: 00000000004dad40 R15: 0000000000000004 [ 181.345054][T10143] ntfs: (device loop2): ntfs_fill_super(): Unable to determine device size. 11:28:59 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x40045402, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:28:59 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 181.389440][T10147] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 11:28:59 executing program 1 (fault-call:1 fault-nth:4): r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0000000100000018"], 0x46040) 11:28:59 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x0) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:29:00 executing program 2: socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 11:29:00 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf0") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) [ 181.552279][T10165] FAULT_INJECTION: forcing a failure. [ 181.552279][T10165] name failslab, interval 1, probability 0, space 0, times 0 [ 181.588755][T10165] CPU: 0 PID: 10165 Comm: syz-executor.1 Not tainted 5.3.0-rc8+ #0 11:29:00 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 181.596682][T10165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 181.606739][T10165] Call Trace: [ 181.610031][T10165] dump_stack+0x1d8/0x2f8 [ 181.614363][T10165] should_fail+0x555/0x770 [ 181.618799][T10165] __should_failslab+0x11a/0x160 [ 181.623841][T10165] ? __alloc_file+0x2c/0x390 [ 181.628431][T10165] should_failslab+0x9/0x20 [ 181.632931][T10165] kmem_cache_alloc+0x56/0x2e0 [ 181.638052][T10165] __alloc_file+0x2c/0x390 [ 181.642464][T10165] ? __x64_sys_open_by_handle_at+0x7f/0x90 [ 181.648274][T10165] ? do_syscall_64+0xfe/0x140 11:29:00 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x400454ca, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) [ 181.652948][T10165] alloc_empty_file+0xac/0x1b0 [ 181.657716][T10165] path_openat+0x9e/0x4460 [ 181.662132][T10165] ? trace_lock_release+0x135/0x1a0 [ 181.667320][T10165] ? cache_grow_end+0x143/0x170 [ 181.672161][T10165] ? __kasan_check_read+0x11/0x20 [ 181.677172][T10165] ? do_raw_spin_unlock+0x49/0x260 [ 181.682271][T10165] ? _raw_spin_unlock+0x2c/0x50 [ 181.687110][T10165] ? cache_grow_end+0x143/0x170 [ 181.691962][T10165] ? kmem_cache_alloc+0x194/0x2e0 [ 181.696966][T10165] ? getname_kernel+0x59/0x2f0 [ 181.701722][T10165] ? trace_kmem_cache_alloc+0xbb/0x130 [ 181.707161][T10165] ? getname_kernel+0x15d/0x2f0 [ 181.712004][T10165] ? memcpy+0x49/0x60 [ 181.715968][T10165] do_file_open_root+0x280/0x5f0 [ 181.720891][T10165] ? __kasan_check_read+0x11/0x20 [ 181.725894][T10165] ? do_raw_spin_unlock+0x49/0x260 [ 181.730986][T10165] ? _raw_spin_unlock+0x2c/0x50 [ 181.735819][T10165] file_open_root+0x275/0x380 [ 181.740479][T10165] do_handle_open+0x4d7/0x6e0 [ 181.745137][T10165] __x64_sys_open_by_handle_at+0x7f/0x90 [ 181.750762][T10165] do_syscall_64+0xfe/0x140 [ 181.755250][T10165] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 181.761135][T10165] RIP: 0033:0x4598e9 [ 181.765017][T10165] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 181.785064][T10165] RSP: 002b:00007f4b10b43c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000130 [ 181.793469][T10165] RAX: ffffffffffffffda RBX: 00007f4b10b43c90 RCX: 00000000004598e9 [ 181.801433][T10165] RDX: 0000000000046040 RSI: 00000000200000c0 RDI: 0000000000000003 [ 181.809381][T10165] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 181.817339][T10165] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4b10b446d4 [ 181.825287][T10165] R13: 00000000004c600d R14: 00000000004dad40 R15: 0000000000000004 11:29:00 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:00 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x40049409, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) [ 181.857729][T10174] ntfs: (device loop2): ntfs_fill_super(): Unable to determine device size. [ 181.882662][T10176] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 11:29:00 executing program 1 (fault-call:1 fault-nth:5): r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0000000100000018"], 0x46040) 11:29:00 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:00 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:29:00 executing program 2: socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=']) 11:29:00 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) execve(0x0, &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:29:00 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x4020940d, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) [ 182.062085][T10202] FAULT_INJECTION: forcing a failure. [ 182.062085][T10202] name failslab, interval 1, probability 0, space 0, times 0 [ 182.108661][T10202] CPU: 0 PID: 10202 Comm: syz-executor.1 Not tainted 5.3.0-rc8+ #0 [ 182.116578][T10202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 182.119268][T10209] ntfs: (device loop2): parse_options(): The gid option requires an argument. [ 182.126648][T10202] Call Trace: [ 182.126665][T10202] dump_stack+0x1d8/0x2f8 [ 182.126679][T10202] should_fail+0x555/0x770 [ 182.126694][T10202] __should_failslab+0x11a/0x160 [ 182.126703][T10202] ? security_file_alloc+0x36/0x200 [ 182.126718][T10202] should_failslab+0x9/0x20 [ 182.152470][T10202] kmem_cache_alloc+0x56/0x2e0 [ 182.152484][T10202] security_file_alloc+0x36/0x200 [ 182.152498][T10202] __alloc_file+0xde/0x390 [ 182.162185][T10202] alloc_empty_file+0xac/0x1b0 [ 182.162195][T10202] path_openat+0x9e/0x4460 [ 182.162205][T10202] ? trace_lock_release+0x135/0x1a0 [ 182.162219][T10202] ? cache_grow_end+0x143/0x170 [ 182.190847][T10202] ? __kasan_check_read+0x11/0x20 [ 182.190859][T10202] ? do_raw_spin_unlock+0x49/0x260 11:29:00 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x40345410, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) [ 182.190869][T10202] ? _raw_spin_unlock+0x2c/0x50 [ 182.190880][T10202] ? cache_grow_end+0x143/0x170 [ 182.205810][T10202] ? kmem_cache_alloc+0x194/0x2e0 [ 182.205821][T10202] ? getname_kernel+0x59/0x2f0 [ 182.205831][T10202] ? trace_kmem_cache_alloc+0xbb/0x130 [ 182.205839][T10202] ? getname_kernel+0x15d/0x2f0 [ 182.205846][T10202] ? memcpy+0x49/0x60 [ 182.205856][T10202] do_file_open_root+0x280/0x5f0 [ 182.205868][T10202] ? __kasan_check_read+0x11/0x20 [ 182.205877][T10202] ? do_raw_spin_unlock+0x49/0x260 [ 182.205890][T10202] ? _raw_spin_unlock+0x2c/0x50 [ 182.259364][T10202] file_open_root+0x275/0x380 [ 182.264016][T10202] do_handle_open+0x4d7/0x6e0 [ 182.268677][T10202] __x64_sys_open_by_handle_at+0x7f/0x90 [ 182.274291][T10202] do_syscall_64+0xfe/0x140 [ 182.278846][T10202] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 182.284710][T10202] RIP: 0033:0x4598e9 [ 182.288630][T10202] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 11:29:00 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df7011", 0x134}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:00 executing program 1 (fault-call:1 fault-nth:6): r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0000000100000018"], 0x46040) [ 182.308561][T10202] RSP: 002b:00007f4b10b43c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000130 [ 182.316969][T10202] RAX: ffffffffffffffda RBX: 00007f4b10b43c90 RCX: 00000000004598e9 [ 182.324923][T10202] RDX: 0000000000046040 RSI: 00000000200000c0 RDI: 0000000000000003 [ 182.332875][T10202] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 182.340827][T10202] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4b10b446d4 [ 182.348781][T10202] R13: 00000000004c600d R14: 00000000004dad40 R15: 0000000000000004 11:29:00 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) execve(0x0, &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:29:00 executing program 2: socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=']) 11:29:01 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:29:01 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 182.497851][T10230] FAULT_INJECTION: forcing a failure. [ 182.497851][T10230] name failslab, interval 1, probability 0, space 0, times 0 11:29:01 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x40485404, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) [ 182.553345][T10230] CPU: 0 PID: 10230 Comm: syz-executor.1 Not tainted 5.3.0-rc8+ #0 [ 182.561305][T10230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 182.571471][T10230] Call Trace: [ 182.574852][T10230] dump_stack+0x1d8/0x2f8 [ 182.579196][T10230] should_fail+0x555/0x770 [ 182.583613][T10230] __should_failslab+0x11a/0x160 [ 182.588540][T10230] ? tomoyo_encode2+0x273/0x5a0 [ 182.588553][T10230] should_failslab+0x9/0x20 [ 182.588563][T10230] __kmalloc+0x7a/0x340 [ 182.588571][T10230] ? tomoyo_get_local_path+0x4f9/0x6f0 [ 182.588580][T10230] tomoyo_encode2+0x273/0x5a0 [ 182.588593][T10230] tomoyo_realpath_from_path+0x769/0x7c0 [ 182.588605][T10230] tomoyo_check_open_permission+0x1ce/0x9d0 [ 182.588630][T10230] tomoyo_file_open+0x141/0x190 [ 182.628528][T10230] security_file_open+0x65/0x2f0 [ 182.633536][T10230] do_dentry_open+0x34e/0xf90 [ 182.638203][T10230] vfs_open+0x73/0x80 [ 182.642167][T10230] path_openat+0x1397/0x4460 [ 182.646765][T10230] ? trace_kmem_cache_alloc+0xbb/0x130 [ 182.652210][T10230] ? getname_kernel+0x15d/0x2f0 [ 182.657044][T10230] ? memcpy+0x49/0x60 [ 182.661053][T10230] do_file_open_root+0x280/0x5f0 [ 182.665973][T10230] ? __kasan_check_read+0x11/0x20 [ 182.671101][T10230] ? do_raw_spin_unlock+0x49/0x260 [ 182.676548][T10230] ? _raw_spin_unlock+0x2c/0x50 [ 182.681456][T10230] file_open_root+0x275/0x380 [ 182.686117][T10230] do_handle_open+0x4d7/0x6e0 [ 182.690792][T10230] __x64_sys_open_by_handle_at+0x7f/0x90 [ 182.696534][T10230] do_syscall_64+0xfe/0x140 [ 182.701033][T10230] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 182.707023][T10230] RIP: 0033:0x4598e9 [ 182.710902][T10230] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 182.730578][T10230] RSP: 002b:00007f4b10b43c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000130 [ 182.738973][T10230] RAX: ffffffffffffffda RBX: 00007f4b10b43c90 RCX: 00000000004598e9 11:29:01 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) execve(0x0, &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:29:01 executing program 1 (fault-call:1 fault-nth:7): r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0000000100000018"], 0x46040) [ 182.746924][T10230] RDX: 0000000000046040 RSI: 00000000200000c0 RDI: 0000000000000003 [ 182.754886][T10230] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 182.762844][T10230] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4b10b446d4 [ 182.770890][T10230] R13: 00000000004c600d R14: 00000000004dad40 R15: 0000000000000004 [ 182.779733][T10230] ERROR: Out of memory at tomoyo_realpath_from_path. 11:29:01 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x40505412, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:29:01 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:29:01 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) execve(&(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) [ 182.844656][T10234] ntfs: (device loop2): parse_options(): The gid option requires an argument. 11:29:01 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x80045400, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) [ 182.906684][T10257] FAULT_INJECTION: forcing a failure. [ 182.906684][T10257] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 182.919936][T10257] CPU: 1 PID: 10257 Comm: syz-executor.1 Not tainted 5.3.0-rc8+ #0 [ 182.927822][T10257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 182.937877][T10257] Call Trace: [ 182.941174][T10257] dump_stack+0x1d8/0x2f8 [ 182.945549][T10257] should_fail+0x555/0x770 [ 182.949957][T10257] should_fail_alloc_page+0x55/0x60 [ 182.955143][T10257] prepare_alloc_pages+0x283/0x470 [ 182.960239][T10257] __alloc_pages_nodemask+0xb2/0x5d0 [ 182.965509][T10257] ? rcu_lock_release+0x26/0x30 [ 182.970342][T10257] ? is_bpf_text_address+0x398/0x3b0 [ 182.975620][T10257] kmem_getpages+0x56/0xa20 [ 182.980100][T10257] cache_grow_begin+0x7e/0x2c0 [ 182.984851][T10257] cache_alloc_refill+0x311/0x3f0 [ 182.989863][T10257] ? check_preemption_disabled+0xb7/0x2a0 [ 182.995582][T10257] __kmalloc+0x318/0x340 [ 182.999806][T10257] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 183.005510][T10257] tomoyo_realpath_from_path+0xdc/0x7c0 [ 183.011049][T10257] tomoyo_check_open_permission+0x1ce/0x9d0 [ 183.016951][T10257] tomoyo_file_open+0x141/0x190 [ 183.021785][T10257] security_file_open+0x65/0x2f0 [ 183.026709][T10257] do_dentry_open+0x34e/0xf90 [ 183.031382][T10257] vfs_open+0x73/0x80 [ 183.035343][T10257] path_openat+0x1397/0x4460 [ 183.039916][T10257] ? trace_lock_release+0x135/0x1a0 [ 183.045104][T10257] ? _raw_spin_unlock+0x2c/0x50 [ 183.049944][T10257] ? trace_kmem_cache_alloc+0xbb/0x130 [ 183.055397][T10257] ? getname_kernel+0x15d/0x2f0 [ 183.060224][T10257] ? memcpy+0x49/0x60 [ 183.064182][T10257] do_file_open_root+0x280/0x5f0 [ 183.069100][T10257] ? __kasan_check_read+0x11/0x20 [ 183.074111][T10257] ? do_raw_spin_unlock+0x49/0x260 [ 183.079199][T10257] ? _raw_spin_unlock+0x2c/0x50 [ 183.084130][T10257] file_open_root+0x275/0x380 [ 183.088786][T10257] do_handle_open+0x4d7/0x6e0 [ 183.093475][T10257] __x64_sys_open_by_handle_at+0x7f/0x90 [ 183.099084][T10257] do_syscall_64+0xfe/0x140 [ 183.103569][T10257] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 183.109454][T10257] RIP: 0033:0x4598e9 [ 183.113323][T10257] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 183.132929][T10257] RSP: 002b:00007f4b10b43c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000130 [ 183.141335][T10257] RAX: ffffffffffffffda RBX: 00007f4b10b43c90 RCX: 00000000004598e9 [ 183.149295][T10257] RDX: 0000000000046040 RSI: 00000000200000c0 RDI: 0000000000000003 [ 183.157253][T10257] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 183.165243][T10257] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4b10b446d4 [ 183.173208][T10257] R13: 00000000004c600d R14: 00000000004dad40 R15: 0000000000000004 11:29:01 executing program 2: socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=']) 11:29:01 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x800454d2, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:29:01 executing program 1 (fault-call:1 fault-nth:8): r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0000000100000018"], 0x46040) 11:29:01 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x8004552d, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) [ 183.313386][T10280] FAULT_INJECTION: forcing a failure. [ 183.313386][T10280] name failslab, interval 1, probability 0, space 0, times 0 [ 183.330551][T10280] CPU: 0 PID: 10280 Comm: syz-executor.1 Not tainted 5.3.0-rc8+ #0 [ 183.338476][T10280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 183.348523][T10280] Call Trace: [ 183.351985][T10280] dump_stack+0x1d8/0x2f8 [ 183.356477][T10280] should_fail+0x555/0x770 [ 183.360881][T10280] __should_failslab+0x11a/0x160 [ 183.365816][T10280] ? tomoyo_encode2+0x273/0x5a0 [ 183.370659][T10280] should_failslab+0x9/0x20 [ 183.375149][T10280] __kmalloc+0x7a/0x340 [ 183.379294][T10280] ? tomoyo_get_local_path+0x4f9/0x6f0 [ 183.384861][T10280] tomoyo_encode2+0x273/0x5a0 [ 183.389530][T10280] tomoyo_realpath_from_path+0x769/0x7c0 [ 183.395157][T10280] tomoyo_check_open_permission+0x1ce/0x9d0 [ 183.401038][T10280] tomoyo_file_open+0x141/0x190 [ 183.405985][T10280] security_file_open+0x65/0x2f0 [ 183.410915][T10280] do_dentry_open+0x34e/0xf90 [ 183.415609][T10280] vfs_open+0x73/0x80 [ 183.419581][T10280] path_openat+0x1397/0x4460 [ 183.424161][T10280] ? cache_grow_end+0x143/0x170 [ 183.429009][T10280] ? trace_lock_release+0x135/0x1a0 [ 183.434189][T10280] ? _raw_spin_unlock+0x2c/0x50 [ 183.439020][T10280] ? trace_kmem_cache_alloc+0xbb/0x130 [ 183.444455][T10280] ? getname_kernel+0x15d/0x2f0 [ 183.449295][T10280] ? memcpy+0x49/0x60 [ 183.453254][T10280] do_file_open_root+0x280/0x5f0 [ 183.458177][T10280] ? __kasan_check_read+0x11/0x20 [ 183.463180][T10280] ? do_raw_spin_unlock+0x49/0x260 [ 183.468716][T10280] ? _raw_spin_unlock+0x2c/0x50 [ 183.473544][T10280] file_open_root+0x275/0x380 [ 183.478213][T10280] do_handle_open+0x4d7/0x6e0 [ 183.482873][T10280] __x64_sys_open_by_handle_at+0x7f/0x90 [ 183.488574][T10280] do_syscall_64+0xfe/0x140 [ 183.493071][T10280] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 183.498939][T10280] RIP: 0033:0x4598e9 [ 183.502812][T10280] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 183.522414][T10280] RSP: 002b:00007f4b10b43c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000130 [ 183.530820][T10280] RAX: ffffffffffffffda RBX: 00007f4b10b43c90 RCX: 00000000004598e9 [ 183.538772][T10280] RDX: 0000000000046040 RSI: 00000000200000c0 RDI: 0000000000000003 [ 183.546730][T10280] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 183.554694][T10280] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4b10b446d4 [ 183.562657][T10280] R13: 00000000004c600d R14: 00000000004dad40 R15: 0000000000000004 [ 183.572031][T10280] ERROR: Out of memory at tomoyo_realpath_from_path. [ 183.581361][T10276] ntfs: (device loop2): parse_options(): The gid option requires an argument. 11:29:04 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:04 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:29:04 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) execve(&(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:29:04 executing program 1 (fault-call:1 fault-nth:9): r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0000000100000018"], 0x46040) 11:29:04 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x80086301, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:29:04 executing program 2: socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX]) 11:29:04 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x80605414, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:29:04 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0000000100000018"], 0x46040) [ 185.637844][T10299] ntfs: (device loop2): parse_options(): Invalid gid option argument: 0xffffffffffffffff 11:29:04 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) execve(&(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:29:04 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:29:04 executing program 2: socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX]) 11:29:04 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x80e85411, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) [ 185.917291][T10340] ntfs: (device loop2): parse_options(): Invalid gid option argument: 0xffffffffffffffff 11:29:07 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:07 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="080000000100000018"], 0x46040) 11:29:07 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:29:07 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680), &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:29:07 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0045878, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:29:07 executing program 2: socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX]) 11:29:07 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0045878, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:29:07 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="250000000100000018"], 0x46040) [ 188.687681][T10352] ntfs: (device loop2): parse_options(): Invalid gid option argument: 0xffffffffffffffff 11:29:07 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYRESHEX=r0]) 11:29:07 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="d20000200100000018"], 0x46040) 11:29:07 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680), &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:29:07 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145402, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:29:07 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:07 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 188.881911][T10381] ntfs: (device loop2): parse_options(): Unrecognized mount option 0x0000000000000003. 11:29:07 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0200000100000018"], 0x46040) 11:29:07 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145403, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) [ 188.922408][T10394] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 11:29:07 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680), &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:29:07 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYRESHEX=r0]) 11:29:07 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0300000100000018"], 0x46040) 11:29:07 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145405, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:29:07 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 11:29:07 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0400000100000018"], 0x46040) 11:29:07 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0189436, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) [ 189.110748][T10413] ntfs: (device loop2): parse_options(): Unrecognized mount option 0x0000000000000003. 11:29:07 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYRESHEX=r0]) [ 189.227221][T10425] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. [ 189.313360][T10437] ntfs: (device loop2): parse_options(): Unrecognized mount option 0x0000000000000003. 11:29:10 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:10 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[0x0], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:29:10 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0500000100000018"], 0x46040) 11:29:10 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc020660b, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:29:10 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB, @ANYRESHEX=r0]) 11:29:10 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 11:29:10 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0505405, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:29:10 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0600000100000018"], 0x46040) [ 191.960502][T10455] ntfs: (device loop2): parse_options(): Unrecognized mount option 0x0000000000000003. 11:29:10 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB, @ANYRESHEX=r0]) 11:29:10 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0f85403, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x7fffffff}) 11:29:10 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0700000100000018"], 0x46040) [ 192.015188][T10457] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 11:29:10 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[0x0], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) [ 192.118765][T10477] ntfs: (device loop2): parse_options(): Unrecognized mount option 0x0000000000000003. 11:29:13 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:13 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=']) 11:29:13 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x3, 0x0, 0x0, 0x0, 0x7fffffff}) 11:29:13 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0800000100000018"], 0x46040) 11:29:13 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[0x0], &(0x7f0000000780)=[&(0x7f0000000640)='proc\x00', &(0x7f0000000740)='!\x00']) 11:29:13 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB, @ANYRESHEX=r0]) 11:29:13 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0900000100000018"], 0x46040) 11:29:13 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x4, 0x0, 0x0, 0x0, 0x7fffffff}) [ 194.951398][T10498] ntfs: (device loop3): parse_options(): The gid option requires an argument. [ 194.967789][T10501] ntfs: (device loop2): parse_options(): Unrecognized mount option 0x0000000000000003. 11:29:13 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) execve(&(0x7f0000000440)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000580)='wlan1\x00'], 0x0) 11:29:13 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=']) 11:29:13 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensiti', @ANYRESHEX=r0]) 11:29:13 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x5, 0x0, 0x0, 0x0, 0x7fffffff}) [ 195.179726][T10529] ntfs: (device loop2): parse_options(): Unrecognized mount option case_sensiti0x0000000000000003. [ 195.210384][T10532] ntfs: (device loop3): parse_options(): The gid option requires an argument. 11:29:16 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:16 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0a00000100000018"], 0x46040) 11:29:16 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x2, 0x0, 0x0, 0x7fffffff}) 11:29:16 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") removexattr(0x0, 0x0) 11:29:16 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=']) 11:29:16 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensiti', @ANYRESHEX=r0]) 11:29:16 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x3, 0x0, 0x0, 0x7fffffff}) 11:29:16 executing program 5: [ 198.026868][T10550] ntfs: (device loop2): parse_options(): Unrecognized mount option case_sensiti0x0000000000000003. [ 198.028608][T10555] ntfs: (device loop3): parse_options(): The gid option requires an argument. 11:29:16 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0b00000100000018"], 0x46040) 11:29:16 executing program 5: 11:29:16 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:16 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x4, 0x0, 0x0, 0x7fffffff}) 11:29:16 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensiti', @ANYRESHEX=r0]) 11:29:16 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:16 executing program 5: 11:29:16 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX]) 11:29:16 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x5, 0x0, 0x0, 0x7fffffff}) 11:29:16 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0c00000100000018"], 0x46040) 11:29:16 executing program 5: [ 198.316007][T10586] ntfs: (device loop2): parse_options(): Unrecognized mount option case_sensiti0x0000000000000003. 11:29:16 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0d00000100000018"], 0x46040) 11:29:16 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x6, 0x0, 0x0, 0x7fffffff}) 11:29:16 executing program 5: [ 198.357423][T10594] ntfs: (device loop3): parse_options(): Invalid gid option argument: 0xffffffffffffffff 11:29:16 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0e00000100000018"], 0x46040) 11:29:17 executing program 5: 11:29:17 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_', @ANYRESHEX=r0]) [ 198.604692][T10621] ntfs: (device loop2): parse_options(): Unrecognized mount option disable_0x0000000000000003. 11:29:19 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:19 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX]) 11:29:19 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a1000000100000018"], 0x46040) 11:29:19 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 11:29:19 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x7, 0x0, 0x0, 0x7fffffff}) 11:29:19 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_', @ANYRESHEX=r0]) 11:29:19 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x8, 0x0, 0x0, 0x7fffffff}) 11:29:19 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a1100000100000018"], 0x46040) [ 201.295904][ T26] audit: type=1326 audit(1568460559.806:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10627 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45c72a code=0x0 11:29:19 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a1200000100000018"], 0x46040) 11:29:19 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x9, 0x0, 0x0, 0x7fffffff}) 11:29:19 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 201.367252][T10633] ntfs: (device loop3): parse_options(): Invalid gid option argument: 0xffffffffffffffff [ 201.390157][T10631] ntfs: (device loop2): parse_options(): Unrecognized mount option disable_0x0000000000000003. 11:29:19 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX]) 11:29:19 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a2500000100000018"], 0x46040) 11:29:20 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0xa, 0x0, 0x0, 0x7fffffff}) 11:29:20 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_', @ANYRESHEX=r0]) [ 201.543653][T10664] ntfs: (device loop3): parse_options(): Invalid gid option argument: 0xffffffffffffffff [ 201.605168][T10673] ntfs: (device loop2): parse_options(): Unrecognized mount option disable_0x0000000000000003. 11:29:20 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) prctl$PR_CAP_AMBIENT(0x2f, 0x2, 0x0) 11:29:20 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0xb, 0x0, 0x0, 0x7fffffff}) 11:29:20 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYRESHEX=r0]) 11:29:20 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a2f00000100000018"], 0x46040) 11:29:20 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=y', @ANYRESHEX=r0]) 11:29:20 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0xc, 0x0, 0x0, 0x7fffffff}) [ 202.081488][ T26] audit: type=1326 audit(1568460560.586:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10627 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45c72a code=0x0 11:29:20 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a4800000100000018"], 0x46040) [ 202.158132][T10688] ntfs: (device loop2): parse_options(): The disable_sparse option requires a boolean argument. [ 202.160945][T10691] ntfs: (device loop3): parse_options(): Unrecognized mount option 0x0000000000000003. 11:29:22 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:22 executing program 5: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r1, 0x6612) 11:29:22 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a4c00000100000018"], 0x46040) 11:29:22 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0xd, 0x0, 0x0, 0x7fffffff}) 11:29:22 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYRESHEX=r0]) 11:29:22 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=y', @ANYRESHEX=r0]) 11:29:23 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0xe, 0x0, 0x0, 0x7fffffff}) 11:29:23 executing program 5: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.cpu\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x6100) truncate(&(0x7f00000000c0)='./bus\x00', 0x1000) r2 = open(&(0x7f0000000100)='./bus\x00', 0x0, 0x0) lseek(r1, 0x0, 0x2) sendfile(r1, r2, 0x0, 0x20008) r3 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = creat(&(0x7f0000000300)='./file0\x00', 0x0) write$P9_RREMOVE(r5, &(0x7f0000000280)={0x7}, 0xffc6) ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f0000000200)={0x0, r5}) 11:29:23 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a5c00000100000018"], 0x46040) [ 204.478249][T10718] ntfs: (device loop2): parse_options(): The disable_sparse option requires a boolean argument. [ 204.512610][T10719] ntfs: (device loop3): parse_options(): Unrecognized mount option 0x0000000000000003. 11:29:23 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x10, 0x0, 0x0, 0x7fffffff}) 11:29:23 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a6800000100000018"], 0x46040) 11:29:23 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYRESHEX=r0]) 11:29:26 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1", 0x9a}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:26 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) open_by_handle_at(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x0) io_cancel(0x0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x5e6, 0x0, 0x2}, &(0x7f0000000400)) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) open(&(0x7f0000000040)='.\x00', 0x0, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) shmget(0x2, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil) getrusage(0xffffffffffffffff, &(0x7f00000001c0)) getgroups(0x0, 0x0) r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000000010000001809"], 0x46040) 11:29:26 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x7fffffff}) 11:29:26 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=y', @ANYRESHEX=r0]) 11:29:26 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a6c00000100000018"], 0x46040) 11:29:26 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB, @ANYRESHEX=r0]) 11:29:26 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a7400000100000018"], 0x46040) [ 207.527868][T10761] __ntfs_error: 1 callbacks suppressed [ 207.527876][T10761] ntfs: (device loop3): parse_options(): Unrecognized mount option 0x0000000000000003. 11:29:26 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x12, 0x0, 0x0, 0x7fffffff}) 11:29:26 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a7a00000100000018"], 0x46040) [ 207.568417][ T26] audit: type=1800 audit(1568460566.076:52): pid=10762 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="/" dev="sda1" ino=2328 res=0 [ 207.636340][T10765] ntfs: (device loop2): parse_options(): The disable_sparse option requires a boolean argument. [ 207.659873][ T26] audit: type=1800 audit(1568460566.166:53): pid=10762 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.5" name="/" dev="sda1" ino=2328 res=0 11:29:26 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x25, 0x0, 0x0, 0x7fffffff}) 11:29:26 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0003000100000018"], 0x46040) 11:29:26 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB, @ANYRESHEX=r0]) [ 207.807966][T10792] ntfs: (device loop3): parse_options(): Unrecognized mount option 0x0000000000000003. 11:29:29 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1", 0x9a}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:29 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0005000100000018"], 0x46040) 11:29:29 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x5c, 0x0, 0x0, 0x7fffffff}) 11:29:29 executing program 5: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x3, 0x0, 0x0, 0x0, 0x7fffffff}) 11:29:29 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,g', @ANYRESHEX=r0]) 11:29:29 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB, @ANYRESHEX=r0]) 11:29:29 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x300, 0x0, 0x0, 0x7fffffff}) 11:29:29 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0006000100000018"], 0x46040) 11:29:29 executing program 5: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x3, 0x0, 0x0, 0x0, 0x7fffffff}) [ 210.625055][T10804] ntfs: (device loop2): parse_options(): Unrecognized mount option g0x0000000000000003. [ 210.636262][T10810] ntfs: (device loop3): parse_options(): Unrecognized mount option 0x0000000000000003. 11:29:29 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x500, 0x0, 0x0, 0x7fffffff}) 11:29:29 executing program 5: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x3, 0x0, 0x0, 0x0, 0x7fffffff}) 11:29:29 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0007000100000018"], 0x46040) 11:29:32 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1", 0x9a}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:32 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,g', @ANYRESHEX=r0]) 11:29:32 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x600, 0x0, 0x0, 0x7fffffff}) 11:29:32 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensiti', @ANYRESHEX=r0]) 11:29:32 executing program 5: ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(0xffffffffffffffff, 0xc0145401, &(0x7f0000000000)={0x3, 0x0, 0x0, 0x0, 0x7fffffff}) 11:29:32 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0009000100000018"], 0x46040) 11:29:32 executing program 5: ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(0xffffffffffffffff, 0xc0145401, &(0x7f0000000000)={0x3, 0x0, 0x0, 0x0, 0x7fffffff}) 11:29:32 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000a000100000018"], 0x46040) 11:29:32 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x700, 0x0, 0x0, 0x7fffffff}) 11:29:32 executing program 5: ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(0xffffffffffffffff, 0xc0145401, &(0x7f0000000000)={0x3, 0x0, 0x0, 0x0, 0x7fffffff}) [ 213.695126][T10848] ntfs: (device loop3): parse_options(): Unrecognized mount option case_sensiti0x0000000000000003. [ 213.711962][T10851] ntfs: (device loop2): parse_options(): Unrecognized mount option g0x0000000000000003. 11:29:32 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x900, 0x0, 0x0, 0x7fffffff}) 11:29:32 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000b000100000018"], 0x46040) 11:29:35 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd385", 0xe7}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:35 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,g', @ANYRESHEX=r0]) 11:29:35 executing program 5: r0 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x3, 0x0, 0x0, 0x0, 0x7fffffff}) 11:29:35 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000c000100000018"], 0x46040) 11:29:35 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensiti', @ANYRESHEX=r0]) 11:29:35 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0xa00, 0x0, 0x0, 0x7fffffff}) 11:29:35 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0xb00, 0x0, 0x0, 0x7fffffff}) 11:29:35 executing program 5: r0 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x3, 0x0, 0x0, 0x0, 0x7fffffff}) 11:29:35 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000d000100000018"], 0x46040) 11:29:35 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensiti', @ANYRESHEX=r0]) [ 216.720902][T10895] ntfs: (device loop2): parse_options(): Unrecognized mount option g0x0000000000000003. [ 216.746076][T10887] ntfs: (device loop3): parse_options(): Unrecognized mount option case_sensiti0x0000000000000003. 11:29:35 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid', @ANYRESHEX=r0]) 11:29:35 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0xc00, 0x0, 0x0, 0x7fffffff}) [ 216.890295][T10914] ntfs: (device loop3): parse_options(): Unrecognized mount option case_sensiti0x0000000000000003. [ 216.944872][T10924] ntfs: (device loop2): parse_options(): Unrecognized mount option gid0x0000000000000003. 11:29:38 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd385", 0xe7}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:38 executing program 5: r0 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x3, 0x0, 0x0, 0x0, 0x7fffffff}) 11:29:38 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000e000100000018"], 0x46040) 11:29:38 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0xd00, 0x0, 0x0, 0x7fffffff}) 11:29:38 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_', @ANYRESHEX=r0]) 11:29:38 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid', @ANYRESHEX=r0]) 11:29:38 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0011000100000018"], 0x46040) 11:29:38 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0xe00, 0x0, 0x0, 0x7fffffff}) [ 219.738773][T10940] ntfs: (device loop2): parse_options(): Unrecognized mount option gid0x0000000000000003. [ 219.749517][T10938] ntfs: (device loop3): parse_options(): Unrecognized mount option disable_0x0000000000000003. 11:29:38 executing program 5: syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(0xffffffffffffffff, 0xc0145401, &(0x7f0000000000)={0x3, 0x0, 0x0, 0x0, 0x7fffffff}) 11:29:38 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_', @ANYRESHEX=r0]) 11:29:38 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0012000100000018"], 0x46040) 11:29:38 executing program 5: syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(0xffffffffffffffff, 0xc0145401, &(0x7f0000000000)={0x3, 0x0, 0x0, 0x0, 0x7fffffff}) [ 219.921923][T10965] ntfs: (device loop3): parse_options(): Unrecognized mount option disable_0x0000000000000003. 11:29:41 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd385", 0xe7}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:41 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x1100, 0x0, 0x0, 0x7fffffff}) 11:29:41 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid', @ANYRESHEX=r0]) 11:29:41 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0020000100000018"], 0x46040) 11:29:41 executing program 5: syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(0xffffffffffffffff, 0xc0145401, &(0x7f0000000000)={0x3, 0x0, 0x0, 0x0, 0x7fffffff}) 11:29:41 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_', @ANYRESHEX=r0]) 11:29:41 executing program 5: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, 0x0) 11:29:41 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0025000100000018"], 0x46040) 11:29:41 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x1200, 0x0, 0x0, 0x7fffffff}) [ 222.795280][T10983] ntfs: (device loop3): parse_options(): Unrecognized mount option disable_0x0000000000000003. [ 222.799195][T10984] ntfs: (device loop2): parse_options(): Unrecognized mount option gid0x0000000000000003. 11:29:41 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e9", 0x10e}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:41 executing program 5: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, 0x0) 11:29:41 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=y', @ANYRESHEX=r0]) 11:29:41 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x2500, 0x0, 0x0, 0x7fffffff}) 11:29:41 executing program 5: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, 0x0) 11:29:41 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a002f000100000018"], 0x46040) 11:29:41 executing program 2 (fault-call:1 fault-nth:0): r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:29:41 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x4000, 0x0, 0x0, 0x7fffffff}) 11:29:41 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0040000100000018"], 0x46040) [ 223.012337][T11013] ntfs: (device loop3): parse_options(): The disable_sparse option requires a boolean argument. [ 223.023715][T11022] FAULT_INJECTION: forcing a failure. [ 223.023715][T11022] name failslab, interval 1, probability 0, space 0, times 0 [ 223.045599][T11022] CPU: 0 PID: 11022 Comm: syz-executor.2 Not tainted 5.3.0-rc8+ #0 [ 223.053611][T11022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 223.063645][T11022] Call Trace: [ 223.066920][T11022] dump_stack+0x1d8/0x2f8 [ 223.071237][T11022] should_fail+0x555/0x770 [ 223.075637][T11022] __should_failslab+0x11a/0x160 [ 223.080555][T11022] ? __se_sys_memfd_create+0x10a/0x4b0 [ 223.086004][T11022] should_failslab+0x9/0x20 [ 223.090486][T11022] __kmalloc+0x7a/0x340 [ 223.094624][T11022] __se_sys_memfd_create+0x10a/0x4b0 [ 223.099964][T11022] ? do_syscall_64+0x1d/0x140 [ 223.104611][T11022] __x64_sys_memfd_create+0x5b/0x70 [ 223.109784][T11022] do_syscall_64+0xfe/0x140 [ 223.114265][T11022] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 223.120156][T11022] RIP: 0033:0x4598e9 [ 223.124031][T11022] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 223.143609][T11022] RSP: 002b:00007fab42080a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 223.151994][T11022] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004598e9 11:29:41 executing program 5: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x7fffffff}) 11:29:41 executing program 2 (fault-call:1 fault-nth:1): r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) [ 223.159941][T11022] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 00000000004be808 [ 223.167900][T11022] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 223.175844][T11022] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab420816d4 [ 223.185967][T11022] R13: 00000000004c8afb R14: 00000000004dfa80 R15: 0000000000000004 11:29:41 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=y', @ANYRESHEX=r0]) [ 223.233503][T11035] FAULT_INJECTION: forcing a failure. [ 223.233503][T11035] name failslab, interval 1, probability 0, space 0, times 0 [ 223.273580][T11035] CPU: 1 PID: 11035 Comm: syz-executor.2 Not tainted 5.3.0-rc8+ #0 [ 223.281515][T11035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 223.291566][T11035] Call Trace: [ 223.294858][T11035] dump_stack+0x1d8/0x2f8 [ 223.299189][T11035] should_fail+0x555/0x770 [ 223.303605][T11035] __should_failslab+0x11a/0x160 [ 223.308549][T11035] ? shmem_alloc_inode+0x1b/0x40 [ 223.313492][T11035] should_failslab+0x9/0x20 [ 223.317994][T11035] kmem_cache_alloc+0x56/0x2e0 [ 223.322738][T11035] ? shmem_fallocate+0xc90/0xc90 [ 223.327677][T11035] shmem_alloc_inode+0x1b/0x40 [ 223.327685][T11035] ? shmem_fallocate+0xc90/0xc90 [ 223.327692][T11035] new_inode_pseudo+0x68/0x240 [ 223.327704][T11035] new_inode+0x28/0x1c0 [ 223.327714][T11035] ? __kasan_check_read+0x11/0x20 [ 223.327722][T11035] shmem_get_inode+0x11b/0x700 [ 223.327729][T11035] ? __alloc_fd+0x58f/0x630 [ 223.327738][T11035] __shmem_file_setup+0x129/0x280 [ 223.327747][T11035] shmem_file_setup+0x2f/0x40 [ 223.327756][T11035] __se_sys_memfd_create+0x28e/0x4b0 [ 223.327768][T11035] ? do_syscall_64+0x1d/0x140 [ 223.337431][T11035] __x64_sys_memfd_create+0x5b/0x70 [ 223.337442][T11035] do_syscall_64+0xfe/0x140 [ 223.337453][T11035] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 223.337465][T11035] RIP: 0033:0x4598e9 [ 223.365582][T11035] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 223.365588][T11035] RSP: 002b:00007fab42080a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 223.365596][T11035] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004598e9 [ 223.365600][T11035] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 00000000004be808 [ 223.365605][T11035] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 223.365610][T11035] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab420816d4 [ 223.365614][T11035] R13: 00000000004c8afb R14: 00000000004dfa80 R15: 0000000000000004 [ 223.473304][T11042] ntfs: (device loop3): parse_options(): The disable_sparse option requires a boolean argument. 11:29:44 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e9", 0x10e}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:44 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x5c00, 0x0, 0x0, 0x7fffffff}) 11:29:44 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0048000100000018"], 0x46040) 11:29:44 executing program 5: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x7fffffff}) 11:29:44 executing program 2 (fault-call:1 fault-nth:2): r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:29:44 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=y', @ANYRESHEX=r0]) [ 225.953662][T11055] FAULT_INJECTION: forcing a failure. [ 225.953662][T11055] name failslab, interval 1, probability 0, space 0, times 0 [ 225.969328][T11055] CPU: 1 PID: 11055 Comm: syz-executor.2 Not tainted 5.3.0-rc8+ #0 [ 225.977238][T11055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 225.987281][T11055] Call Trace: [ 225.987297][T11055] dump_stack+0x1d8/0x2f8 [ 225.987310][T11055] should_fail+0x555/0x770 [ 225.987324][T11055] __should_failslab+0x11a/0x160 [ 225.999328][T11055] ? security_inode_alloc+0x36/0x1e0 [ 226.009498][T11055] should_failslab+0x9/0x20 [ 226.009508][T11055] kmem_cache_alloc+0x56/0x2e0 [ 226.009518][T11055] security_inode_alloc+0x36/0x1e0 [ 226.009527][T11055] inode_init_always+0x3b5/0x8d0 [ 226.009543][T11055] ? shmem_fallocate+0xc90/0xc90 [ 226.009555][T11055] new_inode_pseudo+0x7f/0x240 [ 226.023863][T11055] new_inode+0x28/0x1c0 [ 226.030274][T11056] ntfs: (device loop3): parse_options(): The disable_sparse option requires a boolean argument. 11:29:44 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x1000000, 0x0, 0x0, 0x7fffffff}) 11:29:44 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x2000000, 0x0, 0x0, 0x7fffffff}) [ 226.033695][T11055] ? __kasan_check_read+0x11/0x20 [ 226.033711][T11055] shmem_get_inode+0x11b/0x700 [ 226.042575][T11055] ? __alloc_fd+0x58f/0x630 [ 226.042591][T11055] __shmem_file_setup+0x129/0x280 [ 226.072211][T11055] shmem_file_setup+0x2f/0x40 [ 226.076887][T11055] __se_sys_memfd_create+0x28e/0x4b0 [ 226.082165][T11055] ? do_syscall_64+0x1d/0x140 [ 226.086841][T11055] __x64_sys_memfd_create+0x5b/0x70 [ 226.092031][T11055] do_syscall_64+0xfe/0x140 [ 226.096532][T11055] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 226.102418][T11055] RIP: 0033:0x4598e9 [ 226.106296][T11055] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 226.125874][T11055] RSP: 002b:00007fab42080a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 226.134343][T11055] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004598e9 [ 226.142291][T11055] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 00000000004be808 11:29:44 executing program 5: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x7fffffff}) 11:29:44 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a004c000100000018"], 0x46040) 11:29:44 executing program 2 (fault-call:1 fault-nth:3): r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) [ 226.150243][T11055] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 226.158193][T11055] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab420816d4 [ 226.166166][T11055] R13: 00000000004c8afb R14: 00000000004dfa80 R15: 0000000000000004 11:29:44 executing program 5: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x3}) [ 226.310321][T11079] FAULT_INJECTION: forcing a failure. [ 226.310321][T11079] name failslab, interval 1, probability 0, space 0, times 0 [ 226.363682][T11079] CPU: 1 PID: 11079 Comm: syz-executor.2 Not tainted 5.3.0-rc8+ #0 [ 226.371613][T11079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 226.381657][T11079] Call Trace: [ 226.387967][T11079] dump_stack+0x1d8/0x2f8 [ 226.392323][T11079] should_fail+0x555/0x770 [ 226.396848][T11079] __should_failslab+0x11a/0x160 [ 226.401772][T11079] ? __d_alloc+0x2d/0x6e0 [ 226.406122][T11079] should_failslab+0x9/0x20 [ 226.410606][T11079] kmem_cache_alloc+0x56/0x2e0 [ 226.415353][T11079] __d_alloc+0x2d/0x6e0 [ 226.419510][T11079] ? lockdep_init_map+0x2a/0x680 [ 226.424439][T11079] d_alloc_pseudo+0x1d/0x70 [ 226.428924][T11079] alloc_file_pseudo+0xc3/0x260 [ 226.433759][T11079] __shmem_file_setup+0x1a2/0x280 [ 226.438755][T11079] shmem_file_setup+0x2f/0x40 [ 226.443411][T11079] __se_sys_memfd_create+0x28e/0x4b0 [ 226.448667][T11079] ? do_syscall_64+0x1d/0x140 [ 226.453314][T11079] __x64_sys_memfd_create+0x5b/0x70 [ 226.458482][T11079] do_syscall_64+0xfe/0x140 [ 226.462955][T11079] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 226.468847][T11079] RIP: 0033:0x4598e9 [ 226.472711][T11079] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 226.492295][T11079] RSP: 002b:00007fab42080a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 226.500673][T11079] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004598e9 [ 226.508615][T11079] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 00000000004be808 [ 226.516555][T11079] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 226.524513][T11079] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab420816d4 [ 226.532463][T11079] R13: 00000000004c8afb R14: 00000000004dfa80 R15: 0000000000000004 11:29:47 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e9", 0x10e}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:47 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,g', @ANYRESHEX=r0]) 11:29:47 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a005c000100000018"], 0x46040) 11:29:47 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x3000000, 0x0, 0x0, 0x7fffffff}) 11:29:47 executing program 5: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x3}) 11:29:47 executing program 2 (fault-call:1 fault-nth:4): r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:29:47 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x4000000, 0x0, 0x0, 0x7fffffff}) [ 229.048128][T11094] FAULT_INJECTION: forcing a failure. [ 229.048128][T11094] name failslab, interval 1, probability 0, space 0, times 0 [ 229.074500][T11093] ntfs: (device loop3): parse_options(): Unrecognized mount option g0x0000000000000003. 11:29:47 executing program 5: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x3}) [ 229.092592][T11094] CPU: 0 PID: 11094 Comm: syz-executor.2 Not tainted 5.3.0-rc8+ #0 [ 229.100500][T11094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 229.110548][T11094] Call Trace: [ 229.113837][T11094] dump_stack+0x1d8/0x2f8 [ 229.118159][T11094] should_fail+0x555/0x770 [ 229.122571][T11094] __should_failslab+0x11a/0x160 [ 229.127487][T11094] ? __alloc_file+0x2c/0x390 [ 229.132055][T11094] should_failslab+0x9/0x20 [ 229.136530][T11094] kmem_cache_alloc+0x56/0x2e0 [ 229.141268][T11094] ? trace_lock_release+0x135/0x1a0 [ 229.146441][T11094] __alloc_file+0x2c/0x390 [ 229.150829][T11094] alloc_empty_file+0xac/0x1b0 [ 229.155565][T11094] alloc_file+0x60/0x4c0 [ 229.159780][T11094] alloc_file_pseudo+0x1d4/0x260 [ 229.164730][T11094] __shmem_file_setup+0x1a2/0x280 [ 229.169757][T11094] shmem_file_setup+0x2f/0x40 [ 229.174434][T11094] __se_sys_memfd_create+0x28e/0x4b0 [ 229.179711][T11094] ? do_syscall_64+0x1d/0x140 [ 229.184378][T11094] __x64_sys_memfd_create+0x5b/0x70 [ 229.189570][T11094] do_syscall_64+0xfe/0x140 [ 229.194058][T11094] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 229.199923][T11094] RIP: 0033:0x4598e9 [ 229.203790][T11094] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 229.223365][T11094] RSP: 002b:00007fab42080a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 229.231748][T11094] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004598e9 [ 229.239698][T11094] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 00000000004be808 11:29:47 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0068000100000018"], 0x46040) 11:29:47 executing program 2 (fault-call:1 fault-nth:5): r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) [ 229.247642][T11094] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 229.255589][T11094] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab420816d4 [ 229.263541][T11094] R13: 00000000004c8afb R14: 00000000004dfa80 R15: 0000000000000004 11:29:47 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,g', @ANYRESHEX=r0]) 11:29:47 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x5000000, 0x0, 0x0, 0x7fffffff}) [ 229.367526][T11115] FAULT_INJECTION: forcing a failure. [ 229.367526][T11115] name failslab, interval 1, probability 0, space 0, times 0 [ 229.395077][T11115] CPU: 1 PID: 11115 Comm: syz-executor.2 Not tainted 5.3.0-rc8+ #0 [ 229.402993][T11115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 229.413035][T11115] Call Trace: [ 229.413053][T11115] dump_stack+0x1d8/0x2f8 [ 229.413067][T11115] should_fail+0x555/0x770 [ 229.413080][T11115] __should_failslab+0x11a/0x160 [ 229.413089][T11115] ? __alloc_file+0x2c/0x390 [ 229.413102][T11115] should_failslab+0x9/0x20 [ 229.427441][T11118] ntfs: (device loop3): parse_options(): Unrecognized mount option g0x0000000000000003. [ 229.430022][T11115] kmem_cache_alloc+0x56/0x2e0 [ 229.430032][T11115] ? trace_lock_release+0x135/0x1a0 [ 229.430046][T11115] __alloc_file+0x2c/0x390 [ 229.439106][T11115] alloc_empty_file+0xac/0x1b0 [ 229.453542][T11115] alloc_file+0x60/0x4c0 [ 229.453555][T11115] alloc_file_pseudo+0x1d4/0x260 [ 229.453570][T11115] __shmem_file_setup+0x1a2/0x280 [ 229.463131][T11115] shmem_file_setup+0x2f/0x40 [ 229.463141][T11115] __se_sys_memfd_create+0x28e/0x4b0 [ 229.463151][T11115] ? do_syscall_64+0x1d/0x140 [ 229.463166][T11115] __x64_sys_memfd_create+0x5b/0x70 [ 229.472132][T11115] do_syscall_64+0xfe/0x140 [ 229.472145][T11115] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 229.472156][T11115] RIP: 0033:0x4598e9 [ 229.516049][T11115] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 229.537339][T11115] RSP: 002b:00007fab42080a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 229.545724][T11115] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004598e9 [ 229.553672][T11115] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 00000000004be808 [ 229.561620][T11115] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 229.569572][T11115] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab420816d4 [ 229.577522][T11115] R13: 00000000004c8afb R14: 00000000004dfa80 R15: 0000000000000004 11:29:50 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f", 0x121}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:50 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e9", 0x10e}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:50 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x6000000, 0x0, 0x0, 0x7fffffff}) 11:29:50 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a006c000100000018"], 0x46040) 11:29:50 executing program 2 (fault-call:1 fault-nth:6): r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:29:50 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,g', @ANYRESHEX=r0]) [ 232.085091][T11136] FAULT_INJECTION: forcing a failure. [ 232.085091][T11136] name failslab, interval 1, probability 0, space 0, times 0 [ 232.086322][T11132] ntfs: (device loop3): parse_options(): Unrecognized mount option g0x0000000000000003. 11:29:50 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x7000000, 0x0, 0x0, 0x7fffffff}) 11:29:50 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0074000100000018"], 0x46040) 11:29:50 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f", 0x121}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:50 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x8000000, 0x0, 0x0, 0x7fffffff}) [ 232.140363][T11136] CPU: 0 PID: 11136 Comm: syz-executor.2 Not tainted 5.3.0-rc8+ #0 [ 232.148281][T11136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 232.158326][T11136] Call Trace: [ 232.161615][T11136] dump_stack+0x1d8/0x2f8 [ 232.165950][T11136] should_fail+0x555/0x770 [ 232.170368][T11136] __should_failslab+0x11a/0x160 [ 232.175322][T11136] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 232.181123][T11136] should_failslab+0x9/0x20 [ 232.185636][T11136] __kmalloc+0x7a/0x340 [ 232.189786][T11136] ? tomoyo_realpath_from_path+0xca/0x7c0 [ 232.195506][T11136] tomoyo_realpath_from_path+0xdc/0x7c0 [ 232.201046][T11136] tomoyo_path_perm+0x192/0x850 [ 232.205881][T11136] ? trace_lock_release+0x135/0x1a0 [ 232.205902][T11136] tomoyo_path_truncate+0x1c/0x20 [ 232.205911][T11136] security_path_truncate+0xd5/0x150 [ 232.205925][T11136] do_sys_ftruncate+0x493/0x710 [ 232.205936][T11136] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 232.205945][T11136] ? trace_hardirqs_on_thunk+0x1a/0x20 11:29:50 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a007a000100000018"], 0x46040) [ 232.205951][T11136] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 232.205957][T11136] ? trace_hardirqs_off_caller+0x58/0x80 [ 232.205963][T11136] ? do_syscall_64+0x1d/0x140 [ 232.205971][T11136] __x64_sys_ftruncate+0x60/0x70 [ 232.205979][T11136] do_syscall_64+0xfe/0x140 [ 232.205995][T11136] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 232.221439][T11136] RIP: 0033:0x4598b7 [ 232.221449][T11136] Code: 24 29 d7 48 69 ff e8 03 00 00 48 89 7c 24 08 48 89 e7 e8 dc e4 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 b8 4d 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 232.221454][T11136] RSP: 002b:00007fab42080a88 EFLAGS: 00000217 ORIG_RAX: 000000000000004d [ 232.221462][T11136] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004598b7 [ 232.221470][T11136] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000005 [ 232.231994][T11136] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 232.231999][T11136] R10: 0000000000000000 R11: 0000000000000217 R12: 0000000000000005 [ 232.232004][T11136] R13: 00000000004c8afb R14: 00000000004dfa80 R15: 0000000000000004 [ 232.232963][T11136] ERROR: Out of memory at tomoyo_realpath_from_path. 11:29:50 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid', @ANYRESHEX=r0]) 11:29:50 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x9000000, 0x0, 0x0, 0x7fffffff}) [ 232.389496][T11136] ntfs: (device loop2): ntfs_fill_super(): Unable to determine device size. [ 232.466572][T11167] ntfs: (device loop3): parse_options(): Unrecognized mount option gid0x0000000000000003. 11:29:53 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e9", 0x10e}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:53 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0000000200000018"], 0x46040) 11:29:53 executing program 2 (fault-call:1 fault-nth:7): r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:29:53 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0xa000000, 0x0, 0x0, 0x7fffffff}) 11:29:53 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid', @ANYRESHEX=r0]) 11:29:53 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0xb000000, 0x0, 0x0, 0x7fffffff}) [ 235.094435][T11183] FAULT_INJECTION: forcing a failure. [ 235.094435][T11183] name failslab, interval 1, probability 0, space 0, times 0 [ 235.116722][T11182] ntfs: (device loop3): parse_options(): Unrecognized mount option gid0x0000000000000003. [ 235.137864][T11183] CPU: 0 PID: 11183 Comm: syz-executor.2 Not tainted 5.3.0-rc8+ #0 [ 235.145786][T11183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 235.155838][T11183] Call Trace: [ 235.159130][T11183] dump_stack+0x1d8/0x2f8 [ 235.163459][T11183] should_fail+0x555/0x770 [ 235.168567][T11183] __should_failslab+0x11a/0x160 [ 235.173490][T11183] ? tomoyo_encode2+0x273/0x5a0 [ 235.178316][T11183] should_failslab+0x9/0x20 [ 235.182791][T11183] __kmalloc+0x7a/0x340 [ 235.186934][T11183] ? tomoyo_realpath_from_path+0xdc/0x7c0 11:29:53 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f", 0x121}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 235.192648][T11183] tomoyo_encode2+0x273/0x5a0 [ 235.197326][T11183] ? dynamic_dname+0xf0/0xf0 [ 235.201900][T11183] tomoyo_realpath_from_path+0x769/0x7c0 [ 235.207509][T11183] tomoyo_path_perm+0x192/0x850 [ 235.212453][T11183] ? trace_lock_release+0x135/0x1a0 [ 235.217632][T11183] tomoyo_path_truncate+0x1c/0x20 [ 235.222628][T11183] security_path_truncate+0xd5/0x150 [ 235.227888][T11183] do_sys_ftruncate+0x493/0x710 [ 235.232713][T11183] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 235.238404][T11183] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 235.243833][T11183] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 235.249531][T11183] ? trace_hardirqs_off_caller+0x58/0x80 [ 235.255157][T11183] ? do_syscall_64+0x1d/0x140 [ 235.259808][T11183] __x64_sys_ftruncate+0x60/0x70 [ 235.264727][T11183] do_syscall_64+0xfe/0x140 [ 235.269210][T11183] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 235.275073][T11183] RIP: 0033:0x4598b7 [ 235.278961][T11183] Code: 24 29 d7 48 69 ff e8 03 00 00 48 89 7c 24 08 48 89 e7 e8 dc e4 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 b8 4d 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 235.298899][T11183] RSP: 002b:00007fab42080a88 EFLAGS: 00000217 ORIG_RAX: 000000000000004d [ 235.307289][T11183] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004598b7 [ 235.315258][T11183] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000005 [ 235.323209][T11183] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 235.331174][T11183] R10: 0000000000000000 R11: 0000000000000217 R12: 0000000000000005 11:29:53 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0xc000000, 0x0, 0x0, 0x7fffffff}) 11:29:53 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0000000300000018"], 0x46040) [ 235.339125][T11183] R13: 00000000004c8afb R14: 00000000004dfa80 R15: 0000000000000004 [ 235.347401][T11183] ERROR: Out of memory at tomoyo_realpath_from_path. 11:29:53 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid', @ANYRESHEX=r0]) 11:29:53 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0xd000000, 0x0, 0x0, 0x7fffffff}) 11:29:53 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0000000500000018"], 0x46040) [ 235.423079][T11183] ntfs: (device loop2): ntfs_fill_super(): Unable to determine device size. [ 235.466666][T11206] ntfs: (device loop3): parse_options(): Unrecognized mount option gid0x0000000000000003. 11:29:56 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e9", 0x10e}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:56 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0xe000000, 0x0, 0x0, 0x7fffffff}) 11:29:56 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0000000a00000018"], 0x46040) 11:29:56 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f", 0x121}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:56 executing program 2 (fault-call:1 fault-nth:8): r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) [ 238.141141][T11224] FAULT_INJECTION: forcing a failure. [ 238.141141][T11224] name failslab, interval 1, probability 0, space 0, times 0 [ 238.159446][T11224] CPU: 0 PID: 11224 Comm: syz-executor.2 Not tainted 5.3.0-rc8+ #0 [ 238.167367][T11224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 238.177418][T11224] Call Trace: [ 238.180704][T11224] dump_stack+0x1d8/0x2f8 [ 238.185112][T11224] should_fail+0x555/0x770 [ 238.189583][T11224] __should_failslab+0x11a/0x160 [ 238.194512][T11224] ? tomoyo_encode2+0x273/0x5a0 [ 238.199470][T11224] should_failslab+0x9/0x20 [ 238.203959][T11224] __kmalloc+0x7a/0x340 [ 238.208135][T11224] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 238.213830][T11224] tomoyo_encode2+0x273/0x5a0 [ 238.218482][T11224] ? dynamic_dname+0xf0/0xf0 [ 238.223046][T11224] tomoyo_realpath_from_path+0x769/0x7c0 [ 238.228665][T11224] tomoyo_path_perm+0x192/0x850 [ 238.233489][T11224] ? trace_lock_release+0x135/0x1a0 [ 238.238668][T11224] tomoyo_path_truncate+0x1c/0x20 [ 238.243670][T11224] security_path_truncate+0xd5/0x150 [ 238.248944][T11224] do_sys_ftruncate+0x493/0x710 [ 238.253771][T11224] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 238.259472][T11224] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 238.264911][T11224] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 238.270600][T11224] ? trace_hardirqs_off_caller+0x58/0x80 [ 238.276201][T11224] ? do_syscall_64+0x1d/0x140 [ 238.280853][T11224] __x64_sys_ftruncate+0x60/0x70 [ 238.285761][T11224] do_syscall_64+0xfe/0x140 [ 238.290240][T11224] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 238.296110][T11224] RIP: 0033:0x4598b7 [ 238.300001][T11224] Code: 24 29 d7 48 69 ff e8 03 00 00 48 89 7c 24 08 48 89 e7 e8 dc e4 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 b8 4d 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 238.319601][T11224] RSP: 002b:00007fab42080a88 EFLAGS: 00000217 ORIG_RAX: 000000000000004d [ 238.328016][T11224] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004598b7 11:29:56 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0000000b00000018"], 0x46040) [ 238.335977][T11224] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000005 [ 238.343940][T11224] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 238.351890][T11224] R10: 0000000000000000 R11: 0000000000000217 R12: 0000000000000005 [ 238.359834][T11224] R13: 00000000004c8afb R14: 00000000004dfa80 R15: 0000000000000004 [ 238.375783][T11224] ERROR: Out of memory at tomoyo_realpath_from_path. 11:29:56 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa5323", 0x12b}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:56 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x10000000, 0x0, 0x0, 0x7fffffff}) 11:29:56 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0affffff1f00000018"], 0x46040) 11:29:56 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x11000000, 0x0, 0x0, 0x7fffffff}) [ 238.384703][T11224] ntfs: (device loop2): ntfs_fill_super(): Unable to determine device size. 11:29:56 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x12000000, 0x0, 0x0, 0x7fffffff}) 11:29:57 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0000003a00000018"], 0x46040) 11:29:59 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e9", 0x10e}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$cont(0x7, r0, 0x0, 0x0) 11:29:59 executing program 2 (fault-call:1 fault-nth:9): r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:29:59 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x25000000, 0x0, 0x0, 0x7fffffff}) 11:29:59 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0000004000000018"], 0x46040) 11:29:59 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f", 0x121}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 241.182803][T11265] FAULT_INJECTION: forcing a failure. [ 241.182803][T11265] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 241.196122][T11265] CPU: 0 PID: 11265 Comm: syz-executor.2 Not tainted 5.3.0-rc8+ #0 [ 241.204007][T11265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 241.214051][T11265] Call Trace: [ 241.217331][T11265] dump_stack+0x1d8/0x2f8 [ 241.217344][T11265] should_fail+0x555/0x770 [ 241.217357][T11265] should_fail_alloc_page+0x55/0x60 11:29:59 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x40000000, 0x0, 0x0, 0x7fffffff}) [ 241.217366][T11265] prepare_alloc_pages+0x283/0x470 [ 241.217379][T11265] __alloc_pages_nodemask+0xb2/0x5d0 [ 241.241656][T11265] ? trace_lock_release+0x135/0x1a0 [ 241.246849][T11265] ? shmem_setattr+0x870/0x950 [ 241.251638][T11265] kmem_getpages+0x56/0xa20 [ 241.256325][T11265] ? trace_lock_release+0x135/0x1a0 [ 241.261519][T11265] cache_grow_begin+0x7e/0x2c0 [ 241.261537][T11265] cache_alloc_refill+0x311/0x3f0 [ 241.261547][T11265] ? check_preemption_disabled+0xb7/0x2a0 [ 241.261558][T11265] kmem_cache_alloc+0x2b9/0x2e0 [ 241.281934][T11265] ? getname_flags+0xba/0x640 [ 241.286602][T11265] getname_flags+0xba/0x640 [ 241.291105][T11265] getname+0x19/0x20 [ 241.295001][T11265] do_sys_open+0x261/0x560 [ 241.299419][T11265] __x64_sys_open+0x87/0x90 [ 241.303918][T11265] do_syscall_64+0xfe/0x140 [ 241.308415][T11265] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 241.314314][T11265] RIP: 0033:0x4137d1 [ 241.318184][T11265] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 241.337877][T11265] RSP: 002b:00007fab42080a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 241.346266][T11265] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004137d1 [ 241.354216][T11265] RDX: 00007fab42080b0a RSI: 0000000000000002 RDI: 00007fab42080b00 [ 241.362167][T11265] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 241.370135][T11265] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000005 [ 241.378094][T11265] R13: 00000000004c8afb R14: 00000000004dfa80 R15: 0000000000000004 [ 241.389059][T11265] ntfs: (device loop2): ntfs_fill_super(): Unable to determine device size. 11:30:00 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa5323", 0x12b}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:30:00 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a00000fe100000018"], 0x46040) 11:30:00 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x5c000000, 0x0, 0x0, 0x7fffffff}) 11:30:00 executing program 2 (fault-call:1 fault-nth:10): r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) [ 241.513400][T11284] FAULT_INJECTION: forcing a failure. [ 241.513400][T11284] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 241.526641][T11284] CPU: 1 PID: 11284 Comm: syz-executor.2 Not tainted 5.3.0-rc8+ #0 [ 241.534512][T11284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 241.544560][T11284] Call Trace: [ 241.547861][T11284] dump_stack+0x1d8/0x2f8 [ 241.552191][T11284] should_fail+0x555/0x770 [ 241.556616][T11284] should_fail_alloc_page+0x55/0x60 [ 241.561821][T11284] prepare_alloc_pages+0x283/0x470 [ 241.566931][T11284] __alloc_pages_nodemask+0xb2/0x5d0 [ 241.566942][T11284] ? trace_lock_release+0x135/0x1a0 [ 241.566952][T11284] ? shmem_setattr+0x870/0x950 [ 241.566967][T11284] kmem_getpages+0x56/0xa20 [ 241.566974][T11284] ? trace_lock_release+0x135/0x1a0 [ 241.566987][T11284] cache_grow_begin+0x7e/0x2c0 [ 241.586789][T11284] cache_alloc_refill+0x311/0x3f0 [ 241.586800][T11284] ? check_preemption_disabled+0xb7/0x2a0 [ 241.586810][T11284] kmem_cache_alloc+0x2b9/0x2e0 11:30:00 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a7fffffff00000018"], 0x46040) 11:30:00 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0xfdfdffff, 0x0, 0x0, 0x7fffffff}) [ 241.586819][T11284] ? getname_flags+0xba/0x640 [ 241.586827][T11284] getname_flags+0xba/0x640 [ 241.586837][T11284] getname+0x19/0x20 [ 241.586850][T11284] do_sys_open+0x261/0x560 [ 241.596778][T11284] __x64_sys_open+0x87/0x90 [ 241.596788][T11284] do_syscall_64+0xfe/0x140 [ 241.596800][T11284] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 241.596808][T11284] RIP: 0033:0x4137d1 [ 241.596818][T11284] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 241.596827][T11284] RSP: 002b:00007fab42080a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 241.629854][T11284] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004137d1 [ 241.638814][T11284] RDX: 00007fab42080b0a RSI: 0000000000000002 RDI: 00007fab42080b00 [ 241.638818][T11284] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 241.638822][T11284] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000005 [ 241.638827][T11284] R13: 00000000004c8afb R14: 00000000004dfa80 R15: 0000000000000004 [ 241.720890][T11284] ntfs: (device loop2): ntfs_fill_super(): Unable to determine device size. 11:30:02 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e9", 0x10e}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$cont(0x7, r0, 0x0, 0x0) 11:30:02 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0002000100000018"], 0x46040) 11:30:02 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0xfffffdfd, 0x0, 0x0, 0x7fffffff}) 11:30:02 executing program 2 (fault-call:1 fault-nth:11): r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) [ 244.196270][T11306] FAULT_INJECTION: forcing a failure. [ 244.196270][T11306] name failslab, interval 1, probability 0, space 0, times 0 [ 244.215918][T11306] CPU: 0 PID: 11306 Comm: syz-executor.2 Not tainted 5.3.0-rc8+ #0 [ 244.223833][T11306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 244.233882][T11306] Call Trace: [ 244.237177][T11306] dump_stack+0x1d8/0x2f8 [ 244.241523][T11306] should_fail+0x555/0x770 [ 244.245921][T11306] __should_failslab+0x11a/0x160 [ 244.245932][T11306] ? __alloc_file+0x2c/0x390 [ 244.245942][T11306] should_failslab+0x9/0x20 [ 244.245951][T11306] kmem_cache_alloc+0x56/0x2e0 [ 244.245961][T11306] __alloc_file+0x2c/0x390 [ 244.245972][T11306] alloc_empty_file+0xac/0x1b0 [ 244.245980][T11306] path_openat+0x9e/0x4460 [ 244.245987][T11306] ? __kasan_kmalloc+0x178/0x1b0 [ 244.245995][T11306] ? __kasan_kmalloc+0x11c/0x1b0 [ 244.246000][T11306] ? kasan_slab_alloc+0xf/0x20 [ 244.246010][T11306] ? kmem_cache_alloc+0x1f5/0x2e0 [ 244.259987][T11306] ? getname+0x19/0x20 [ 244.259996][T11306] ? do_sys_open+0x261/0x560 [ 244.260004][T11306] ? do_syscall_64+0xfe/0x140 [ 244.260019][T11306] ? trace_mm_page_alloc+0x17a/0x1f0 [ 244.269160][T11306] ? cache_grow_end+0x143/0x170 [ 244.269171][T11306] ? trace_lock_release+0x135/0x1a0 [ 244.269178][T11306] ? cache_grow_end+0x143/0x170 [ 244.269190][T11306] ? trace_lock_release+0x135/0x1a0 [ 244.269198][T11306] ? __alloc_fd+0x58f/0x630 [ 244.269207][T11306] do_filp_open+0x192/0x3d0 [ 244.269218][T11306] ? _raw_spin_unlock+0x2c/0x50 [ 244.269235][T11306] do_sys_open+0x29f/0x560 [ 244.269245][T11306] __x64_sys_open+0x87/0x90 [ 244.269253][T11306] do_syscall_64+0xfe/0x140 [ 244.269265][T11306] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 244.369601][T11306] RIP: 0033:0x4137d1 [ 244.373467][T11306] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 11:30:02 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f", 0x121}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:30:02 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x100000000000000, 0x0, 0x0, 0x7fffffff}) [ 244.393050][T11306] RSP: 002b:00007fab42080a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 244.401436][T11306] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004137d1 [ 244.409384][T11306] RDX: 00007fab42080b0a RSI: 0000000000000002 RDI: 00007fab42080b00 [ 244.417332][T11306] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 244.425277][T11306] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000005 [ 244.433224][T11306] R13: 00000000004c8afb R14: 00000000004dfa80 R15: 0000000000000004 11:30:03 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa5323", 0x12b}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:30:03 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0003000100000018"], 0x46040) 11:30:03 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e9", 0x10e}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$cont(0x7, r0, 0x0, 0x0) 11:30:03 executing program 2 (fault-call:1 fault-nth:12): r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:30:03 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x200000000000000, 0x0, 0x0, 0x7fffffff}) 11:30:03 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x300000000000000, 0x0, 0x0, 0x7fffffff}) [ 244.534118][T11326] FAULT_INJECTION: forcing a failure. [ 244.534118][T11326] name failslab, interval 1, probability 0, space 0, times 0 [ 244.551728][T11326] CPU: 0 PID: 11326 Comm: syz-executor.2 Not tainted 5.3.0-rc8+ #0 [ 244.559635][T11326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 244.569684][T11326] Call Trace: [ 244.572978][T11326] dump_stack+0x1d8/0x2f8 [ 244.577313][T11326] should_fail+0x555/0x770 11:30:03 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x400000000000000, 0x0, 0x0, 0x7fffffff}) 11:30:03 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x500000000000000, 0x0, 0x0, 0x7fffffff}) [ 244.581732][T11326] __should_failslab+0x11a/0x160 [ 244.586669][T11326] ? __alloc_file+0x2c/0x390 [ 244.591259][T11326] should_failslab+0x9/0x20 [ 244.595878][T11326] kmem_cache_alloc+0x56/0x2e0 [ 244.600647][T11326] __alloc_file+0x2c/0x390 [ 244.605067][T11326] alloc_empty_file+0xac/0x1b0 [ 244.609824][T11326] path_openat+0x9e/0x4460 [ 244.614239][T11326] ? __kasan_kmalloc+0x178/0x1b0 [ 244.619174][T11326] ? __kasan_kmalloc+0x11c/0x1b0 [ 244.624216][T11326] ? kasan_slab_alloc+0xf/0x20 11:30:03 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x600000000000000, 0x0, 0x0, 0x7fffffff}) [ 244.628978][T11326] ? kmem_cache_alloc+0x1f5/0x2e0 [ 244.635035][T11326] ? getname+0x19/0x20 [ 244.639108][T11326] ? do_sys_open+0x261/0x560 [ 244.643805][T11326] ? do_syscall_64+0xfe/0x140 [ 244.648480][T11326] ? trace_mm_page_alloc+0x17a/0x1f0 [ 244.653758][T11326] ? cache_grow_end+0x143/0x170 [ 244.658603][T11326] ? trace_lock_release+0x135/0x1a0 [ 244.663796][T11326] ? cache_grow_end+0x143/0x170 [ 244.668645][T11326] ? trace_lock_release+0x135/0x1a0 [ 244.673835][T11326] ? __alloc_fd+0x58f/0x630 [ 244.678323][T11326] do_filp_open+0x192/0x3d0 [ 244.678335][T11326] ? _raw_spin_unlock+0x2c/0x50 [ 244.678351][T11326] do_sys_open+0x29f/0x560 [ 244.678362][T11326] __x64_sys_open+0x87/0x90 [ 244.687689][T11326] do_syscall_64+0xfe/0x140 [ 244.687702][T11326] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 244.687709][T11326] RIP: 0033:0x4137d1 [ 244.687718][T11326] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 11:30:03 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0004000100000018"], 0x46040) [ 244.687723][T11326] RSP: 002b:00007fab42080a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 244.687731][T11326] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004137d1 [ 244.687735][T11326] RDX: 00007fab42080b0a RSI: 0000000000000002 RDI: 00007fab42080b00 [ 244.687739][T11326] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 244.687747][T11326] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000005 [ 244.770791][T11326] R13: 00000000004c8afb R14: 00000000004dfa80 R15: 0000000000000004 11:30:05 executing program 3: r0 = openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f0000000c80)='/proc/thread-self/attr/current\x00', 0x2, 0x0) write(r0, &(0x7f0000000cc0)="973f49f9ff8af3ef9b764ab0099ab430c39d84339532af2e2821d9f44bf2dd88da1670889acbdfd7c50a9dd374ee4284324e3c888c47a86d5762d86062faa912db582294b00c0d545bbcf9c032a7f85fd9e563d7916f27ea3f0bb4bf5843fa14ebdbbe2004", 0x65) ioctl$KDGETMODE(0xffffffffffffffff, 0x4b3b, 0x0) openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0) 11:30:05 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x700000000000000, 0x0, 0x0, 0x7fffffff}) 11:30:06 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e3344", 0x130}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:30:06 executing program 2 (fault-call:1 fault-nth:13): r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:30:06 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0005000100000018"], 0x46040) 11:30:06 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x800000000000000, 0x0, 0x0, 0x7fffffff}) 11:30:06 executing program 3: 11:30:06 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e9", 0x10e}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:30:06 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0006000100000018"], 0x46040) 11:30:06 executing program 3: [ 247.573422][T11365] FAULT_INJECTION: forcing a failure. [ 247.573422][T11365] name failslab, interval 1, probability 0, space 0, times 0 [ 247.622122][T11365] CPU: 1 PID: 11365 Comm: syz-executor.2 Not tainted 5.3.0-rc8+ #0 [ 247.630059][T11365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 247.640109][T11365] Call Trace: [ 247.643399][T11365] dump_stack+0x1d8/0x2f8 [ 247.647747][T11365] should_fail+0x555/0x770 [ 247.652180][T11365] __should_failslab+0x11a/0x160 [ 247.657112][T11365] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 247.662829][T11365] should_failslab+0x9/0x20 [ 247.667328][T11365] __kmalloc+0x7a/0x340 11:30:06 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x900000000000000, 0x0, 0x0, 0x7fffffff}) 11:30:06 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0xa00000000000000, 0x0, 0x0, 0x7fffffff}) 11:30:06 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0xb00000000000000, 0x0, 0x0, 0x7fffffff}) [ 247.671479][T11365] ? tomoyo_realpath_from_path+0xca/0x7c0 [ 247.677187][T11365] tomoyo_realpath_from_path+0xdc/0x7c0 [ 247.682716][T11365] tomoyo_check_open_permission+0x1ce/0x9d0 [ 247.688607][T11365] tomoyo_file_open+0x141/0x190 [ 247.688620][T11365] security_file_open+0x65/0x2f0 [ 247.698382][T11365] do_dentry_open+0x34e/0xf90 [ 247.703064][T11365] vfs_open+0x73/0x80 [ 247.707043][T11365] path_openat+0x1397/0x4460 [ 247.711630][T11365] ? getname+0x19/0x20 [ 247.715694][T11365] ? cache_grow_end+0x143/0x170 11:30:06 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0xc00000000000000, 0x0, 0x0, 0x7fffffff}) [ 247.720540][T11365] ? trace_lock_release+0x135/0x1a0 [ 247.725723][T11365] ? __alloc_fd+0x58f/0x630 [ 247.725733][T11365] do_filp_open+0x192/0x3d0 [ 247.725752][T11365] do_sys_open+0x29f/0x560 [ 247.725763][T11365] __x64_sys_open+0x87/0x90 [ 247.743615][T11365] do_syscall_64+0xfe/0x140 [ 247.748122][T11365] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 247.754009][T11365] RIP: 0033:0x4137d1 [ 247.757905][T11365] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 247.777605][T11365] RSP: 002b:00007fab42080a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 247.786017][T11365] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004137d1 [ 247.793989][T11365] RDX: 00007fab42080b0a RSI: 0000000000000002 RDI: 00007fab42080b00 [ 247.801954][T11365] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 247.809904][T11365] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000005 [ 247.818291][T11365] R13: 00000000004c8afb R14: 00000000004dfa80 R15: 0000000000000004 [ 247.834993][T11365] ERROR: Out of memory at tomoyo_realpath_from_path. [ 247.846823][T11365] ntfs: (device loop2): ntfs_fill_super(): Unable to determine device size. 11:30:09 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0007000100000018"], 0x46040) 11:30:09 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0xd00000000000000, 0x0, 0x0, 0x7fffffff}) 11:30:09 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e3344", 0x130}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:30:09 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e9", 0x10e}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:30:09 executing program 2 (fault-call:1 fault-nth:14): r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:30:09 executing program 3: 11:30:09 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0008000100000018"], 0x46040) 11:30:09 executing program 3: [ 250.646030][T11406] FAULT_INJECTION: forcing a failure. [ 250.646030][T11406] name failslab, interval 1, probability 0, space 0, times 0 11:30:09 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0xe00000000000000, 0x0, 0x0, 0x7fffffff}) 11:30:09 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0009000100000018"], 0x46040) 11:30:09 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e3344", 0x130}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 250.701995][T11406] CPU: 1 PID: 11406 Comm: syz-executor.2 Not tainted 5.3.0-rc8+ #0 [ 250.709918][T11406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 250.719976][T11406] Call Trace: [ 250.723268][T11406] dump_stack+0x1d8/0x2f8 [ 250.727613][T11406] should_fail+0x555/0x770 [ 250.732040][T11406] __should_failslab+0x11a/0x160 [ 250.736980][T11406] ? tomoyo_encode2+0x273/0x5a0 [ 250.741830][T11406] should_failslab+0x9/0x20 [ 250.746327][T11406] __kmalloc+0x7a/0x340 11:30:09 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x1000000000000000, 0x0, 0x0, 0x7fffffff}) 11:30:09 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000a000100000018"], 0x46040) [ 250.750478][T11406] tomoyo_encode2+0x273/0x5a0 [ 250.755157][T11406] tomoyo_realpath_from_path+0x769/0x7c0 [ 250.760796][T11406] tomoyo_check_open_permission+0x1ce/0x9d0 [ 250.766708][T11406] tomoyo_file_open+0x141/0x190 [ 250.771575][T11406] security_file_open+0x65/0x2f0 [ 250.776511][T11406] do_dentry_open+0x34e/0xf90 [ 250.781187][T11406] vfs_open+0x73/0x80 [ 250.785161][T11406] path_openat+0x1397/0x4460 [ 250.789747][T11406] ? getname+0x19/0x20 [ 250.793816][T11406] ? shmem_setattr+0x870/0x950 11:30:09 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000b000100000018"], 0x46040) 11:30:09 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x1100000000000000, 0x0, 0x0, 0x7fffffff}) [ 250.798583][T11406] ? trace_lock_release+0x135/0x1a0 [ 250.803776][T11406] ? __alloc_fd+0x58f/0x630 [ 250.808275][T11406] do_filp_open+0x192/0x3d0 [ 250.812798][T11406] do_sys_open+0x29f/0x560 [ 250.817212][T11406] __x64_sys_open+0x87/0x90 [ 250.821718][T11406] do_syscall_64+0xfe/0x140 [ 250.826223][T11406] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 250.832106][T11406] RIP: 0033:0x4137d1 [ 250.835987][T11406] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 250.855974][T11406] RSP: 002b:00007fab42080a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 250.864387][T11406] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004137d1 [ 250.872364][T11406] RDX: 00007fab42080b0a RSI: 0000000000000002 RDI: 00007fab42080b00 [ 250.880328][T11406] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 250.888281][T11406] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000005 [ 250.888286][T11406] R13: 00000000004c8afb R14: 00000000004dfa80 R15: 0000000000000004 [ 250.899180][T11406] ERROR: Out of memory at tomoyo_realpath_from_path. [ 250.919670][T11406] ntfs: (device loop2): ntfs_fill_super(): Unable to determine device size. 11:30:12 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000600)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newqdisc={0x38, 0x24, 0x507, 0x0, 0x0, {0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8, 0x1, 'hhf\x00'}, {0xc, 0x2, [@TCA_HHF_QUANTUM={0x8}]}}]}, 0x38}}, 0x0) 11:30:12 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e9", 0x10e}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:30:12 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000c000100000018"], 0x46040) 11:30:12 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x1200000000000000, 0x0, 0x0, 0x7fffffff}) 11:30:12 executing program 2 (fault-call:1 fault-nth:15): r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:30:12 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0x4}, 0x10) write(r0, &(0x7f00000000c0)="240000001e005f0214fffffffffffff8070000000000000000000000080009000c000000", 0x24) 11:30:12 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x2500000000000000, 0x0, 0x0, 0x7fffffff}) [ 253.638374][T11441] FAULT_INJECTION: forcing a failure. [ 253.638374][T11441] name failslab, interval 1, probability 0, space 0, times 0 [ 253.705707][T11441] CPU: 0 PID: 11441 Comm: syz-executor.2 Not tainted 5.3.0-rc8+ #0 [ 253.713634][T11441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 253.723716][T11441] Call Trace: [ 253.727004][T11441] dump_stack+0x1d8/0x2f8 [ 253.731333][T11441] should_fail+0x555/0x770 [ 253.735737][T11441] __should_failslab+0x11a/0x160 [ 253.740658][T11441] ? tomoyo_encode2+0x273/0x5a0 [ 253.745487][T11441] should_failslab+0x9/0x20 [ 253.749987][T11441] __kmalloc+0x7a/0x340 [ 253.754141][T11441] tomoyo_encode2+0x273/0x5a0 [ 253.758799][T11441] tomoyo_realpath_from_path+0x769/0x7c0 [ 253.764420][T11441] tomoyo_path_number_perm+0x166/0x640 [ 253.769875][T11441] ? smack_file_ioctl+0x226/0x2e0 [ 253.774876][T11441] ? __fget+0x4e1/0x510 [ 253.779020][T11441] tomoyo_file_ioctl+0x23/0x30 [ 253.783778][T11441] security_file_ioctl+0x6d/0xd0 [ 253.788718][T11441] __x64_sys_ioctl+0xa3/0x120 [ 253.793391][T11441] do_syscall_64+0xfe/0x140 [ 253.797889][T11441] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 253.803758][T11441] RIP: 0033:0x459757 [ 253.807627][T11441] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 253.827202][T11441] RSP: 002b:00007fab42080a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 253.835729][T11441] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000459757 [ 253.843688][T11441] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 11:30:12 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df", 0x132}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:30:12 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e9", 0x10e}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:30:12 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000d000100000018"], 0x46040) [ 253.851644][T11441] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 253.859592][T11441] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 253.867538][T11441] R13: 00000000004c8afb R14: 00000000004dfa80 R15: 0000000000000004 11:30:12 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x4000000000000000, 0x0, 0x0, 0x7fffffff}) 11:30:12 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df", 0x132}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:30:12 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000e000100000018"], 0x46040) 11:30:12 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x5c00000000000000, 0x0, 0x0, 0x7fffffff}) 11:30:12 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0xfdfdffff00000000, 0x0, 0x0, 0x7fffffff}) [ 253.970541][T11441] ERROR: Out of memory at tomoyo_realpath_from_path. 11:30:12 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0010000100000018"], 0x46040) [ 254.020366][T11441] ntfs: (device loop2): ntfs_fill_super(): Unable to determine device size. 11:30:12 executing program 2 (fault-call:1 fault-nth:16): r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:30:12 executing program 3: r0 = socket(0x10, 0x3, 0x0) perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000080)={'ip_vti0\x00', @ifru_data=&(0x7f0000000000)="b06f31673d3da2b793d4f9a507e3c9133ba7ce8f5e6e538ecf8829b08f7f4aae"}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'all\x00\x19\x00\x00!C\x19\xb2d\xb4\xa0\xb4v', 0x420000015001}) ioctl$sock_ifreq(r0, 0x89f1, &(0x7f0000000080)={'ip_vti0\x00', @ifru_flags}) 11:30:12 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0xffffffff00000000, 0x0, 0x0, 0x7fffffff}) 11:30:12 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0011000100000018"], 0x46040) [ 254.169416][T11499] FAULT_INJECTION: forcing a failure. [ 254.169416][T11499] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 254.182646][T11499] CPU: 1 PID: 11499 Comm: syz-executor.2 Not tainted 5.3.0-rc8+ #0 [ 254.190519][T11499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 254.200561][T11499] Call Trace: [ 254.200580][T11499] dump_stack+0x1d8/0x2f8 [ 254.200595][T11499] should_fail+0x555/0x770 [ 254.200607][T11499] should_fail_alloc_page+0x55/0x60 [ 254.200620][T11499] prepare_alloc_pages+0x283/0x470 [ 254.222869][T11499] __alloc_pages_nodemask+0xb2/0x5d0 [ 254.228130][T11499] ? stack_trace_save+0x150/0x150 [ 254.233132][T11499] kmem_getpages+0x56/0xa20 [ 254.237611][T11499] cache_grow_begin+0x7e/0x2c0 [ 254.242405][T11499] cache_alloc_refill+0x311/0x3f0 [ 254.247409][T11499] ? check_preemption_disabled+0xb7/0x2a0 [ 254.253155][T11499] __kmalloc+0x318/0x340 [ 254.257378][T11499] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 254.263081][T11499] tomoyo_realpath_from_path+0xdc/0x7c0 [ 254.268692][T11499] tomoyo_path_number_perm+0x166/0x640 [ 254.274131][T11499] ? smack_file_ioctl+0x226/0x2e0 [ 254.279128][T11499] ? __fget+0x4e1/0x510 [ 254.283260][T11499] tomoyo_file_ioctl+0x23/0x30 [ 254.288000][T11499] security_file_ioctl+0x6d/0xd0 [ 254.292910][T11499] __x64_sys_ioctl+0xa3/0x120 [ 254.297646][T11499] do_syscall_64+0xfe/0x140 [ 254.302176][T11499] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 254.308041][T11499] RIP: 0033:0x459757 [ 254.311916][T11499] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 254.332120][T11499] RSP: 002b:00007fab42080a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 254.340520][T11499] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000459757 [ 254.348480][T11499] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 254.356426][T11499] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 254.364373][T11499] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 254.372335][T11499] R13: 00000000004c8afb R14: 00000000004dfa80 R15: 0000000000000004 [ 254.386537][T11499] ntfs: (device loop2): ntfs_fill_super(): Unable to determine device size. 11:30:15 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e9", 0x10e}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:30:15 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x0, 0x2, 0x0, 0x7fffffff}) 11:30:15 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0012000100000018"], 0x46040) 11:30:15 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df", 0x132}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:30:15 executing program 2 (fault-call:1 fault-nth:17): r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:30:15 executing program 3: r0 = socket(0x10, 0x3, 0x0) perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000080)={'ip_vti0\x00', @ifru_data=&(0x7f0000000000)="b06f31673d3da2b793d4f9a507e3c9133ba7ce8f5e6e538ecf8829b08f7f4aae"}) 11:30:15 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0025000100000018"], 0x46040) 11:30:15 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x0, 0x3, 0x0, 0x7fffffff}) 11:30:15 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e9", 0x10e}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:30:15 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e9", 0x10e}], 0x4, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:30:15 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a002f000100000018"], 0x46040) [ 257.017077][T11525] FAULT_INJECTION: forcing a failure. [ 257.017077][T11525] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 257.030831][T11525] CPU: 1 PID: 11525 Comm: syz-executor.2 Not tainted 5.3.0-rc8+ #0 [ 257.038722][T11525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 257.048771][T11525] Call Trace: [ 257.052061][T11525] dump_stack+0x1d8/0x2f8 [ 257.056396][T11525] should_fail+0x555/0x770 [ 257.060808][T11525] should_fail_alloc_page+0x55/0x60 11:30:15 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x0, 0x4, 0x0, 0x7fffffff}) [ 257.060818][T11525] prepare_alloc_pages+0x283/0x470 [ 257.060830][T11525] __alloc_pages_nodemask+0xb2/0x5d0 [ 257.076370][T11525] ? stack_trace_save+0x150/0x150 [ 257.081393][T11525] kmem_getpages+0x56/0xa20 [ 257.085889][T11525] cache_grow_begin+0x7e/0x2c0 [ 257.085901][T11525] cache_alloc_refill+0x311/0x3f0 [ 257.085910][T11525] ? check_preemption_disabled+0xb7/0x2a0 [ 257.085919][T11525] __kmalloc+0x318/0x340 [ 257.085933][T11525] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 257.111299][T11525] tomoyo_realpath_from_path+0xdc/0x7c0 [ 257.111313][T11525] tomoyo_path_number_perm+0x166/0x640 [ 257.111333][T11525] ? smack_file_ioctl+0x226/0x2e0 [ 257.127297][T11525] ? __fget+0x4e1/0x510 [ 257.131453][T11525] tomoyo_file_ioctl+0x23/0x30 [ 257.136208][T11525] security_file_ioctl+0x6d/0xd0 [ 257.136221][T11525] __x64_sys_ioctl+0xa3/0x120 [ 257.136233][T11525] do_syscall_64+0xfe/0x140 [ 257.136244][T11525] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 257.136252][T11525] RIP: 0033:0x459757 11:30:15 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0048000100000018"], 0x46040) 11:30:15 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x0, 0x5, 0x0, 0x7fffffff}) [ 257.136262][T11525] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 257.136266][T11525] RSP: 002b:00007fab42080a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 257.136273][T11525] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000459757 [ 257.136278][T11525] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 257.136283][T11525] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a 11:30:15 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e9", 0x10e}], 0x4, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 257.136287][T11525] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 257.136292][T11525] R13: 00000000004c8afb R14: 00000000004dfa80 R15: 0000000000000004 [ 257.246839][T11525] ntfs: (device loop2): ntfs_fill_super(): Unable to determine device size. 11:30:18 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e953e001e7f2abecdb8a9cbdb5a8ced09891a40f3f460feb4a5cd4fa53235a844e334467df70", 0x133}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:30:18 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="a4ab12f728db4b2b4d2f2fba4fad0b3a47006db763e3a227deb6999d32772cf2eebb1fb054d54ac45a333c28785d630f38ba0fd5e2d5fb109aa4d1a2d25799eb00ea36a133349cce8d7986f5f3a2518643b1287105afeb7e56476dd2c8cb575a0fad7e0b6f6355077e72904a4153389ea6ccd595d94ee538bc7bf15b304003d1048ac70caa5064492916d98251883c182f2ec07ed91d53e745a1b28530915018508b8d9d2e61860cf64cf10f6aeee77bfa0a8b59b471db757c2688031c4c9aed23aa465965f1b7ea71edcd4e5535300574d16539766ddfaf61160d7c0a9b82b0dc6fc2483bd3859df044603d030c6c7e5756a8fc1b170258a4be18a53214c892b4f884d208a9ff3df9e9d08a12e9", 0x10e}], 0x4, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:30:18 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a004c000100000018"], 0x46040) 11:30:18 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x0, 0x6, 0x0, 0x7fffffff}) 11:30:18 executing program 3: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0) write$cgroup_int(r0, &(0x7f0000000000)=0x8007ffffffc, 0x12) 11:30:18 executing program 2 (fault-call:1 fault-nth:18): r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='show_sys_files=yes,case_sensitive=yes,disable_sparse=yes,gid=', @ANYRESHEX=r0]) 11:30:18 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 11:30:18 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a005c000100000018"], 0x46040) [ 260.055086][T11564] FAULT_INJECTION: forcing a failure. [ 260.055086][T11564] name failslab, interval 1, probability 0, space 0, times 0 [ 260.082579][T11564] CPU: 1 PID: 11564 Comm: syz-executor.2 Not tainted 5.3.0-rc8+ #0 [ 260.090502][T11564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 260.100552][T11564] Call Trace: 11:30:18 executing program 3: syz_open_dev$sndmidi(&(0x7f0000000680)='/dev/snd/midiC#D#\x00', 0x200, 0x2003) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0) memfd_create(&(0x7f0000000140)='lotrusted\x1a\x00', 0x0) r0 = syz_open_dev$sndseq(&(0x7f00000003c0)='/dev/snd/seq\x00', 0x0, 0x1) r1 = dup2(r0, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0) r2 = getpid() ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, 0x0) sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r3, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) recvmmsg(r3, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0) sendto$inet6(r3, 0x0, 0x0, 0x0, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @mcast1}, 0x18) pipe(&(0x7f0000000700)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, 0x0) socket$inet6(0xa, 0x1, 0x8010000000000084) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f00000004c0)=ANY=[@ANYBLOB="0000e1fc5ef71a11ea7c5ef2462214e72339d2287ab0ea6b4e953772efda351b9e31c9d46e5da3f4c04e2222df0f124b779587222400729c26df96e87d77a1258f5ab1cf3442094480f9f5833a0c73e7dcaab017e955d1f29158b452518d536ab3430189d3cbbdc3d9bab578bf01dbff24854c979a40c87496bd99b5e9e8e38fad1ae3a0dcc6814f238c2accf7124b67855a154f437dbc3d7479a6569fbabc20d438a1236617e7bf36c5f713018806", @ANYRES32=0x0], &(0x7f000095dffc)=0x8) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x7b453da) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x0, &(0x7f0000000140)={0x1b8, 0x0, 0xfffffffffffffff9}, &(0x7f0000000200)={0x0, r6+30000000}, 0x0) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) [ 260.103847][T11564] dump_stack+0x1d8/0x2f8 [ 260.108178][T11564] should_fail+0x555/0x770 [ 260.112598][T11564] __should_failslab+0x11a/0x160 [ 260.117536][T11564] ? tomoyo_encode2+0x273/0x5a0 [ 260.122391][T11564] should_failslab+0x9/0x20 [ 260.126893][T11564] __kmalloc+0x7a/0x340 [ 260.131049][T11564] tomoyo_encode2+0x273/0x5a0 [ 260.135724][T11564] tomoyo_realpath_from_path+0x769/0x7c0 [ 260.141358][T11564] tomoyo_path_number_perm+0x166/0x640 [ 260.146824][T11564] ? smack_file_ioctl+0x226/0x2e0 11:30:18 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a0068000100000018"], 0x46040) 11:30:18 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a006c000100000018"], 0x46040) [ 260.151850][T11564] ? __fget+0x4e1/0x510 [ 260.155999][T11564] tomoyo_file_ioctl+0x23/0x30 [ 260.156009][T11564] security_file_ioctl+0x6d/0xd0 [ 260.156018][T11564] __x64_sys_ioctl+0xa3/0x120 [ 260.156028][T11564] do_syscall_64+0xfe/0x140 [ 260.156042][T11564] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 260.180721][T11564] RIP: 0033:0x459757 [ 260.184633][T11564] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 260.204235][T11564] RSP: 002b:00007fab42080a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 260.212637][T11564] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000459757 [ 260.220595][T11564] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 260.220599][T11564] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 260.220603][T11564] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 260.220607][T11564] R13: 00000000004c8afb R14: 00000000004dfa80 R15: 0000000000000004 [ 260.221406][T11585] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 260.228944][T11564] ERROR: Out of memory at tomoyo_realpath_from_path. 11:30:18 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000001980)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x0, 0x7, 0x0, 0x7fffffff}) [ 260.399756][T11564] ntfs: (device loop2): ntfs_fill_super(): Unable to determine device size. [ 365.075322][ C1] rcu: INFO: rcu_preempt self-detected stall on CPU [ 365.081948][ C1] rcu: 1-...!: (10486 ticks this GP) idle=b02/1/0x4000000000000002 softirq=14181/14181 fqs=274 [ 365.092411][ C1] (t=10500 jiffies g=13841 q=672) [ 365.097493][ C1] rcu: rcu_preempt kthread starved for 9926 jiffies! g13841 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0 [ 365.108735][ C1] rcu: RCU grace-period kthread stack dump: [ 365.114596][ C1] rcu_preempt I29080 10 2 0x80004000 [ 365.120909][ C1] Call Trace: [ 365.124192][ C1] __schedule+0x877/0xc50 [ 365.128499][ C1] schedule+0x131/0x1e0 [ 365.132627][ C1] schedule_timeout+0x14f/0x240 [ 365.137462][ C1] ? run_local_timers+0x120/0x120 [ 365.142461][ C1] rcu_gp_kthread+0xef8/0x1790 [ 365.147200][ C1] kthread+0x332/0x350 [ 365.151242][ C1] ? rcu_report_qs_rsp+0x150/0x150 [ 365.156327][ C1] ? kthread_blkcg+0xe0/0xe0 [ 365.160978][ C1] ret_from_fork+0x24/0x30 [ 365.165394][ C1] NMI backtrace for cpu 1 [ 365.169699][ C1] CPU: 1 PID: 3631 Comm: kworker/1:2 Not tainted 5.3.0-rc8+ #0 [ 365.177225][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 365.187263][ C1] Workqueue: events rt6_probe_deferred [ 365.192695][ C1] Call Trace: [ 365.195953][ C1] [ 365.198783][ C1] dump_stack+0x1d8/0x2f8 [ 365.203098][ C1] nmi_cpu_backtrace+0xaf/0x1a0 [ 365.207921][ C1] ? nmi_trigger_cpumask_backtrace+0x16d/0x290 [ 365.214055][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 365.220103][ C1] nmi_trigger_cpumask_backtrace+0x174/0x290 [ 365.226054][ C1] arch_trigger_cpumask_backtrace+0x10/0x20 [ 365.231926][ C1] rcu_dump_cpu_stacks+0x15a/0x220 [ 365.237009][ C1] rcu_sched_clock_irq+0xb95/0x16d0 [ 365.242180][ C1] ? trace_hardirqs_off+0x74/0x80 [ 365.247179][ C1] update_process_times+0x134/0x190 [ 365.252363][ C1] tick_sched_timer+0x263/0x420 [ 365.257200][ C1] ? tick_setup_sched_timer+0x2c0/0x2c0 [ 365.262716][ C1] __hrtimer_run_queues+0x403/0x850 [ 365.267902][ C1] hrtimer_interrupt+0x38c/0xda0 [ 365.272837][ C1] smp_apic_timer_interrupt+0x109/0x280 [ 365.278357][ C1] apic_timer_interrupt+0xf/0x20 [ 365.283262][ C1] [ 365.286183][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0x48/0x50 [ 365.292311][ C1] Code: f0 12 00 00 83 fa 02 75 21 48 8b 91 f8 12 00 00 48 8b 32 48 8d 7e 01 8b 89 f4 12 00 00 48 39 cf 73 08 48 89 44 f2 08 48 89 3a 0f 1f 80 00 00 00 00 4c 8b 04 24 65 48 8b 04 25 c0 fd 01 00 65 [ 365.311888][ C1] RSP: 0018:ffff88809b84f5d0 EFLAGS: 00000293 ORIG_RAX: ffffffffffffff13 [ 365.320272][ C1] RAX: ffffffff860c614e RBX: 1ffff110121f7abb RCX: ffff88809b82e1c0 [ 365.328217][ C1] RDX: 0000000000000000 RSI: ffff888090fbd5d0 RDI: ffff888090fbd538 [ 365.336161][ C1] RBP: ffff88809b84f680 R08: ffffffff860c5d6a R09: 0000000000000000 [ 365.344106][ C1] R10: fffffbfff117be8d R11: 0000000000000000 R12: dffffc0000000000 [ 365.352053][ C1] R13: ffff888090fbd240 R14: ffff888090fbd5d0 R15: ffff888090fbd5c0 [ 365.360004][ C1] ? hhf_dequeue+0x15a/0xaa0 [ 365.364567][ C1] ? hhf_dequeue+0x53e/0xaa0 [ 365.369133][ C1] ? hhf_dequeue+0x53e/0xaa0 [ 365.373696][ C1] ? hhf_enqueue+0x19dc/0x2110 [ 365.378434][ C1] __qdisc_run+0x217/0x1b30 [ 365.382914][ C1] ? dev_queue_xmit+0x17/0x20 [ 365.387564][ C1] __dev_queue_xmit+0x1161/0x3020 [ 365.392568][ C1] dev_queue_xmit+0x17/0x20 [ 365.397048][ C1] neigh_resolve_output+0x60c/0x6b0 [ 365.402221][ C1] ip6_finish_output2+0x102c/0x13d0 [ 365.407411][ C1] __ip6_finish_output+0x693/0x910 [ 365.412503][ C1] ip6_finish_output+0x52/0x1e0 [ 365.417340][ C1] ? ip6_output+0x25a/0x390 [ 365.421815][ C1] ip6_output+0x26f/0x390 [ 365.426119][ C1] ndisc_send_skb+0xa35/0xe40 [ 365.430775][ C1] ndisc_send_ns+0x5ce/0x7b0 [ 365.435342][ C1] rt6_probe_deferred+0xe1/0x1a0 [ 365.440254][ C1] process_one_work+0x7ef/0x10e0 [ 365.445186][ C1] worker_thread+0xc01/0x1630 [ 365.449847][ C1] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 365.455459][ C1] kthread+0x332/0x350 [ 365.459497][ C1] ? rcu_lock_release+0x30/0x30 [ 365.464318][ C1] ? kthread_blkcg+0xe0/0xe0 [ 365.468897][ C1] ret_from_fork+0x24/0x30